urlscan.io logo urlscan.io
SecurityTrails logo

gstarreturns.com Open in urlscan Pro
172.67.167.156  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://gstarreturns.support/
Effective URL: https://gstarreturns.com/refunds/
Submission: On June 14 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 10 domains to perform 46 HTTP transactions. The main IP is 172.67.167.156, located in United States and belongs to CLOUDFLARENET, US. The main domain is gstarreturns.com.
TLS certificate: Issued by WE1 on June 6th 2024. Valid for: 3 months.
This is the only time gstarreturns.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 162.255.119.45 22612 (NAMECHEAP...)
17 172.67.167.156 13335 (CLOUDFLAR...)
2 104.16.224.240 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:310... 20940 (AKAMAI-ASN1)
3 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:264... 16509 (AMAZON-02)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 95.100.146.26 20940 (AKAMAI-ASN1)
1 54.81.184.157 14618 (AMAZON-AES)
5 34.225.5.197 14618 (AMAZON-AES)
3 2600:9000:266... 16509 (AMAZON-02)
1 13.225.78.57 16509 (AMAZON-02)
46 14
1    162.255.119.45 (United States)

ASN22612 (NAMECHEAP-NET, US)
gstarreturns.support
17    172.67.167.156 (United States)

ASN13335 (CLOUDFLARENET, US)
gstarreturns.com
2    104.16.224.240 (None, )

ASN13335 (CLOUDFLARENET, US)
static.getclicky.com
in.getclicky.com
1    2606:4700:3037::ac43:8ef5 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a02:26f0:3100:795::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.go-mpulse.net
3    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2600:9000:2644:f400:f:1b37:e600:93a1 (United States)

ASN16509 (AMAZON-02, US)
53cf1150aff2.cdn4.forter.com
1    2a02:26f0:3500:991::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
c.go-mpulse.net
1    95.100.146.26 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-100-146-26.deploy.static.akamaitechnologies.com
www.g-star.com
1    54.81.184.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-184-157.compute-1.amazonaws.com
995803c58101408cbd3fd74a33fcfc67-53cf1150aff2.cdn.forter.com
5    34.225.5.197 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-5-197.compute-1.amazonaws.com
cdn0.forter.com
3    2600:9000:266e:7a00:7:bffe:c3c0:21 (United States)

ASN16509 (AMAZON-02, US)
d3nocrch4qti4v.cloudfront.net
1    13.225.78.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-57.fra2.r.cloudfront.net
cdn3.forter.com
Apex Domain
Subdomains		 Transfer
17 gstarreturns.com
gstarreturns.com
479 KB
8 forter.com
53cf1150aff2.cdn4.forter.com
995803c58101408cbd3fd74a33fcfc67-53cf1150aff2.cdn.forter.com
cdn0.forter.com — Cisco Umbrella Rank: 4640
cdn3.forter.com — Cisco Umbrella Rank: 4159
161 KB
3 cloudfront.net
d3nocrch4qti4v.cloudfront.net
842 B
3 gstatic.com
fonts.gstatic.com
47 KB
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1524
c.go-mpulse.net — Cisco Umbrella Rank: 661
30 KB
2 getclicky.com
static.getclicky.com — Cisco Umbrella Rank: 14011
in.getclicky.com — Cisco Umbrella Rank: 12083
6 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 77
1 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1380
13 KB
1 g-star.com
www.g-star.com — Cisco Umbrella Rank: 691817 Failed
1 KB
1 gstarreturns.support
gstarreturns.support
249 B
46 10
Domain Requested by
17 gstarreturns.com gstarreturns.com
5 cdn0.forter.com
3 d3nocrch4qti4v.cloudfront.net
3 fonts.gstatic.com fonts.googleapis.com
1 cdn3.forter.com
1 995803c58101408cbd3fd74a33fcfc67-53cf1150aff2.cdn.forter.com
1 c.go-mpulse.net s.go-mpulse.net
1 53cf1150aff2.cdn4.forter.com gstarreturns.com
1 s.go-mpulse.net gstarreturns.com
1 in.getclicky.com static.getclicky.com
1 fonts.googleapis.com gstarreturns.com
1 use.fontawesome.com gstarreturns.com
1 www.g-star.com gstarreturns.com
1 static.getclicky.com gstarreturns.com
1 gstarreturns.support 1 redirects
46 15
Subject Issuer Validity Valid
gstarreturns.com
WE1		 2024-06-06 -
2024-09-04		 3 months crt.sh
*.getclicky.com
E1		 2024-05-28 -
2024-08-26		 3 months crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
upload.video.google.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
akstat.io
DigiCert TLS RSA SHA256 2020 CA1		 2024-03-06 -
2025-03-06		 a year crt.sh
*.gstatic.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.cdn4.forter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-28 -
2024-12-15		 a year crt.sh
*.g-star.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-05-11 -
2025-05-14		 a year crt.sh
*.cdn.forter.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2023-11-23 -
2024-07-22		 8 months crt.sh
cdn0.forter.com
GeoTrust TLS RSA CA G1		 2023-06-22 -
2024-07-22		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
cdn3.forter.com
GeoTrust TLS RSA CA G1		 2023-06-22 -
2024-07-03		 a year crt.sh

This page contains 1 frames:

Primary Page: https://gstarreturns.com/refunds/
Frame ID: 4DE27577BE9E68B68D753D00408B4B19
Requests: 46 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Refund Confirmation Page | G-Star RAW®

Page URL History Show full URLs

  1. http://gstarreturns.support/ HTTP 307
    https://gstarreturns.support/ HTTP 307
    http://gstarreturns.support/ HTTP 302
    https://gstarreturns.com/refunds/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • static\.getclicky\.com
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • forter\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

46
Requests

83 %
HTTPS

50 %
IPv6

10
Domains

15
Subdomains

14
IPs

4
Countries

739 kB
Transfer

2451 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://gstarreturns.support/ HTTP 307
    https://gstarreturns.support/ HTTP 307
    http://gstarreturns.support/ HTTP 302
    https://gstarreturns.com/refunds/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
gstarreturns.com/refunds/
Redirect Chain
  • http://gstarreturns.support/
  • https://gstarreturns.support/
  • http://gstarreturns.support/
  • https://gstarreturns.com/refunds/
217 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gstarreturns.com/refunds/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1658492b6cde6550a815661c0c16af4a049a8fa7ad88718641b81eda2c66333c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
893b357ab90b8f5c-CPH
content-encoding
br
content-type
text/html
date
Fri, 14 Jun 2024 15:03:45 GMT
last-modified
Wed, 12 Jun 2024 16:42:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hVXRmsGy2PQu10%2FFEN55V9pTqmOamv5pMndJBri9NDWidsbrl5bOjYvJcxN18y1D1Syi10AsuY%2B0DKXrcm1Nk%2F2bAFtrrHPugdmj%2B2VzF9EBALWkJ1X9mCfwjGveAaAIJL7A"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-robots-tag
noindex, nofollow
x-turbo-charged-by
LiteSpeed

Redirect headers

Connection
keep-alive
Content-Length
56
Content-Type
text/html; charset=utf-8
Date
Fri, 14 Jun 2024 15:03:44 GMT
Location
https://gstarreturns.com/refunds/
Server
namecheap-nginx
X-Served-By
Namecheap URL Forward
js
static.getclicky.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.getclicky.com/js
Requested by
Host: gstarreturns.com
URL: https://gstarreturns.com/refunds/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.224.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1ff344c29dfe132c4d5663981d939562a86bed8413984f812c02a6a3bae80a4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gstarreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 15:03:45 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 12 Jun 2024 00:23:26 GMT
server
cloudflare
age
225586
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
893b357e6d179306-CPH
alt-svc
h3=":443"; ma=86400
x-proxy-cache
HIT
main.min.js
gstarreturns.com/client.px-cloud.net/PXTNnBmqF5/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://gstarreturns.com/client.px-cloud.net/PXTNnBmqF5/main.min.js
Requested by
Host: gstarreturns.com
URL: https://gstarreturns.com/refunds/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gstarreturns.com/refunds/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 15:03:46 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gp4%2BEB6FBD5mvnWQWYf%2FSoUz1Ds7DwNCHx%2BnlvcBqw%2BsT1%2B4uMBtH4xnca5D1Q2Qocb3hD72OQ5g0miIqZ6GIhCM3OtL3gUTczPKFBi7MACGd6zJrPP6Ev97vHaun8zrXBSl"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
x-robots-tag
noindex, nofollow
cf-ray
893b357e0ec88f5c-CPH
alt-svc
h3=":443"; ma=86400
jquery-3.5.1.min.js
gstarreturns.com/_ui/g-star/js/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gstarreturns.com/_ui/g-star/js/jquery-3.5.1.min.js
Requested by
Host: gstarreturns.com
URL: https://gstarreturns.com/refunds/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a182ea131fba138b5b58b63050743b8a27dcca925d02063a8650984a19f09bed

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gstarreturns.com/refunds/
Origin
https://gstarreturns.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 15:03:46 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 04 Feb 2024 16:44:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cr060T94q15euTLJsGtZEHIL%2Fq4y%2BZX3g1bsc72xMoLfwvyF0WZQ9%2FBGd%2FBwFhIxuWm7CF3fg6DtWKelV6Gu8c1zumgSURaMb8u%2B8rwzRFz42qFLia2v8wLXlRGNwiqEQpbY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
x-robots-tag
noindex, nofollow
cf-ray
893b357e0ecd8f5c-CPH
alt-svc
h3=":443"; ma=86400
expires
Fri, 21 Jun 2024 15:03:45 GMT
GothamSSm-Book_Web.woff2
www.g-star.com/_ui/g-star/fonts/ 		0
0
GothamSSm-Bold_Web.woff2
www.g-star.com/_ui/g-star/fonts/ 		0
0
Gotham-Bold_Web.woff2
www.g-star.com/_ui/g-star/fonts/ 		0
0
Gotham-Ultra_Web.woff2
www.g-star.com/_ui/g-star/fonts/ 		0
0
base.1e6251e559b49ab2b27c.css
gstarreturns.com/_ui/g-star/css/ 		275 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gstarreturns.com/_ui/g-star/css/base.1e6251e559b49ab2b27c.css
Requested by
Host: gstarreturns.com
URL: https://gstarreturns.com/refunds/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cbe980b37e3a0a2891c6199f7b2d2e8a58b17d18c08b69963fdc7fa27f8fefd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gstarreturns.com/refunds/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 15:03:46 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 21 May 2024 12:49:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7Gj7OcFZl8fHiqptIhLV%2FzYSb58yHuG7cDL4aWOvSKD9T0tbegU1pB8VjqN4Hr7%2BSEWdihpwYpElc8zhMbGJxk4PRigRxh8gRTzOv%2BEu52E8phAzFu0Qzb1JfetLzzfL8c5z"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
x-robots-tag
noindex, nofollow
cf-ray
893b357e0ed08f5c-CPH
alt-svc
h3=":443"; ma=86400
expires
Fri, 21 Jun 2024 15:03:45 GMT
contentPages.cd274385ed214f20bf75.css
gstarreturns.com/_ui/g-star/css/ 		90 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gstarreturns.com/_ui/g-star/css/contentPages.cd274385ed214f20bf75.css
Requested by
Host: gstarreturns.com
URL: https://gstarreturns.com/refunds/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c04726ab30595f43090f84465afc24bdc98179f0faa7068a4d6bab9925e217cc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gstarreturns.com/refunds/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 15:03:46 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 26 Mar 2024 12:46:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L0qIdglVvngh%2BRbgE90PY7eVcza1euG1LYxJwNqK8wki2HYdGkHrIIfQ7hv4CoAR2PrfKJaZJa3M54oxkaaRr6GfdCV79sfuCDK%2BeNGAnBVdbUyT5Ty8QJDqvHp7tc4jhjWJ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
x-robots-tag
noindex, nofollow
cf-ray
893b357e0ed18f5c-CPH
alt-svc
h3=":443"; ma=86400
expires
Fri, 21 Jun 2024 15:03:45 GMT
gsrdRuntime.3d614e120744d70dda58.js
gstarreturns.com/_ui/g-star/js/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gstarreturns.com/_ui/g-star/js/gsrdRuntime.3d614e120744d70dda58.js
Requested by
Host: gstarreturns.com
URL: https://gstarreturns.com/refunds/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bc96c96bb6bb2572b1b22a8321f19bd12a9c3efcc6387fe75e40a4806be6015

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gstarreturns.com/refunds/
Origin
https://gstarreturns.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 15:03:46 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 04 Jun 2024 13:03:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O3mCXg5VMKR5PXAXmDwDM4R3DEpFSf84vXbOB%2F9j7lC46sZRcfuAWr8yGA1HAcvG%2Frvl6viua3vBS5nbmQwLKLgwupzasNdY%2BmsEEYfsztVENaxYnL%2FSwMN1FTwrFYUckJys"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
x-robots-tag
noindex, nofollow
cf-ray
893b357e0ed28f5c-CPH
alt-svc
h3=":443"; ma=86400
expires
Fri, 21 Jun 2024 15:03:45 GMT
vendor.14c0633fe84b00996871.js
gstarreturns.com/_ui/g-star/js/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gstarreturns.com/_ui/g-star/js/vendor.14c0633fe84b00996871.js
Requested by
Host: gstarreturns.com
URL: https://gstarreturns.com/refunds/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7183e9e4eb5314eaff3c731c6905e929b71f5bd64895dd273a257a05b1bcf40

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gstarreturns.com/refunds/
Origin
https://gstarreturns.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 15:03:46 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 21 Sep 2023 12:49:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dh0OHLd89NFx3ozTKrXD8wIDg3jf814tzWjyI%2Fx8tAj2mOT5A6TrY2k2%2BHTqTtTD5BldxWfdnDfIbsKUsZuEjPi9wKgLu9SppxJ2KZ4oFSFuowNpfjO4AFNbSLfUKvFHH2wR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
x-robots-tag
noindex, nofollow
cf-ray
893b357e0ed48f5c-CPH
alt-svc
h3=":443"; ma=86400
expires
Fri, 21 Jun 2024 15:03:45 GMT
base.5769a148eee606a32b03.js
gstarreturns.com/_ui/g-star/js/ 		363 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gstarreturns.com/_ui/g-star/js/base.5769a148eee606a32b03.js
Requested by
Host: gstarreturns.com
URL: https://gstarreturns.com/refunds/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0bdb6e800c5c34db91753e65879f236c96e6aa6f179fabebe45a60ec86d8be

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gstarreturns.com/refunds/
Origin
https://gstarreturns.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 15:03:46 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 28 May 2024 10:23:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zcpIC99XrEMOMQE8EN44RtEl%2FQujuHRoaotVexH7rpRMvqqr7hkOJqoZwEmZjQFnFCFoHtPXFituyoQsgkbBDG9%2F15s%2BhuVHvwn6WcsuXhdqI9DaCj93AGTP2FtSRaEu559m"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
x-robots-tag
noindex, nofollow
cf-ray
893b357e0ed78f5c-CPH
alt-svc
h3=":443"; ma=86400
expires
Fri, 21 Jun 2024 15:03:45 GMT
reactSupport.389510079091dcdf7696.js
gstarreturns.com/_ui/g-star/js/ 		312 B
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gstarreturns.com/_ui/g-star/js/reactSupport.389510079091dcdf7696.js
Requested by
Host: gstarreturns.com
URL: https://gstarreturns.com/refunds/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6eba83351b8b406944ba6249da7690718b54c5c7f394ff196a482d8c08863efb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gstarreturns.com/refunds/
Origin
https://gstarreturns.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 15:03:46 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 01 May 2024 16:05:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ObTYt8EAHRA3IciZb13oQkHIn9KsxSN2ybsfD0quLqlfKeILCDapGIx3Ts6abcAGtJq9vCDmApbtmA62Oz9c5mb4H6qFDDgEqMeYFCxuLt0EKBmNuJKyq4wtLA2E2L4OPIEH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
x-robots-tag
noindex, nofollow
cf-ray
893b357e0ed88f5c-CPH
alt-svc
h3=":443"; ma=86400
expires
Fri, 21 Jun 2024 15:03:45 GMT
track-my-order.ebdc442487658c6bbca8.js
gstarreturns.com/_ui/g-star/js/react/ 		284 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gstarreturns.com/_ui/g-star/js/react/track-my-order.ebdc442487658c6bbca8.js
Requested by
Host: gstarreturns.com
URL: https://gstarreturns.com/refunds/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09e712bd7c7a59486c3fb4480ce0dedb035294ef00cc02e74fb3072568b8b95a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gstarreturns.com/refunds/
Origin
https://gstarreturns.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 15:03:46 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 01 Apr 2024 03:32:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ou4s8BQNxKNXGRq8Q2BvZ82RAMr75EVcBwYSae2wHMAwG9MQkpnyKBIRunS0DJtwmTPt9K35O7XJTxdojYJDcM6yfWrucHGr9myQAZ8fj7TGm6%2FCq2dXZCgofTuDqKXYMTuF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
x-robots-tag
noindex, nofollow
cf-ray
893b357e0eda8f5c-CPH
alt-svc
h3=":443"; ma=86400
expires
Fri, 21 Jun 2024 15:03:45 GMT
all.css
use.fontawesome.com/releases/v5.15.2/css/ 		58 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.15.2/css/all.css
Requested by
Host: gstarreturns.com
URL: https://gstarreturns.com/refunds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gstarreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 15:03:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 01:45:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1114961
etag
W/"c4af24ce595437830af0a401897698b2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eLIbuyVOnrg9cY6t7WQAaucUvjT73Cq1UW2ZdkWNpDhOgMcveLzFXl8cLdPtS8wTvqgsrq7TqBkoUBGOOlXiwI9pZn6Y1ABzzaE%2FfYWlVbFVYfl%2Bf9%2BL5np6mDxvukt%2ByApM7qvbcbOH06y7VGwYhK%2Fs"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
893b3580cf9aabde-CPH
alt-svc
h3=":443"; ma=86400
css2
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700;900&display=swap
Requested by
Host: gstarreturns.com
URL: https://gstarreturns.com/refunds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
42d83450e41e8f068fa4afb9194a54a18715aea5923bb7a8e7381c4554abccb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gstarreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 14 Jun 2024 15:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 14 Jun 2024 13:33:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 14 Jun 2024 15:03:46 GMT
bootstrap-credit-card.min.css
gstarreturns.com/refunds/css/ 		265 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gstarreturns.com/refunds/css/bootstrap-credit-card.min.css
Requested by
Host: gstarreturns.com
URL: https://gstarreturns.com/refunds/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
992bdd3fe31d7a811809a0ca860bac1269705190b37d85a8adf5f9de9e7fa2fe

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gstarreturns.com/refunds/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 15:03:46 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 27 Jan 2022 20:33:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mQ4fmapxXpFhg7IMo0OrYEMTQq0%2FQ0wxi13gdSlqH%2FgZJtiKZWC96ugaYYF%2BrDtJrcV%2FyJoIvIMjo4UI%2BugtNf%2FwnIJQf%2FYCb5M%2Bb75UsvJwgNevg8PvmR3yfszghsc62yA4"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
x-robots-tag
noindex, nofollow
cf-ray
893b357fb9768f5c-CPH
alt-svc
h3=":443"; ma=86400
expires
Fri, 21 Jun 2024 15:03:46 GMT
in.php
in.getclicky.com/ 		131 B
340 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.getclicky.com/in.php?site_id=101455950&href=%2Frefunds%2F&title=Refund%20Confirmation%20Page%20%7C%20G-Star%20RAW%C2%AE&res=1600x1200&lang=de-DE&tz=Europe%2FBerlin&tc=&ck=1&x=az21dh
Requested by
Host: static.getclicky.com
URL: https://static.getclicky.com/js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.224.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d6c2aa0a446364169fba9251e31da41e2f618a09e3cceae2fccd617508e372f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gstarreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 15:03:46 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate, no-cache, no-store, private
cf-ray
893b3584f8299306-CPH
alt-svc
h3=":443"; ma=86400
expires
Mon, 26 Jul 1997 05:00:00 GMT
mdb.min.js
gstarreturns.com/refunds/js/ 		149 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gstarreturns.com/refunds/js/mdb.min.js
Requested by
Host: gstarreturns.com
URL: https://gstarreturns.com/refunds/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4026918dd39e7e8354ea1e0396d7277f1878dd9119c57ae866c48bc15f5002dd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gstarreturns.com/refunds/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 15:03:46 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 27 Jan 2022 20:33:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PYOKansE9j52807Z2WX6L7zIy5G2zHWHGro%2BYE%2FwqXUKEIGsVqdOdccn%2FJt0CeeS9tdp8eTGWekQ7mEOK%2F4ob7CG%2FLpLsbk1ges2PG9rMO70V8RIBx6D26LJNRi53Vd1RPJ5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
x-robots-tag
noindex, nofollow
cf-ray
893b3580daf28f5c-CPH
alt-svc
h3=":443"; ma=86400
expires
Fri, 21 Jun 2024 15:03:46 GMT
gtm5445.html
gstarreturns.com/www.googletagmanager.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://gstarreturns.com/www.googletagmanager.com/gtm5445.html?id=GTM-PPGBGR8
Requested by
Host: gstarreturns.com
URL: https://gstarreturns.com/refunds/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gstarreturns.com/refunds/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 15:03:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wjt8ZBuiwucgxjiMJRbLj4GD2g%2FtdipjI6pH7jtMOuDeftfP2%2FYQbySn2V49wrDof7dXaX0VLr4u6uAS5hwn7xGoy3tw3438KvWm81x3Ka%2BizzaiWvfF%2FsUKCZ3oKID3wxEF"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
x-robots-tag
noindex, nofollow
cf-ray
893b3584e8e08f5c-CPH
alt-svc
h3=":443"; ma=86400
MG5PW-JZEKF-L9CWN-C3S6B-ER743
s.go-mpulse.net/boomerang/ 		114 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/MG5PW-JZEKF-L9CWN-C3S6B-ER743
Requested by
Host: gstarreturns.com
URL: https://gstarreturns.com/refunds/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:795::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
df8667e5dce4aaec9b5f8b9d64dfd4e59eed766840954467cc81028359c0a560

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gstarreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 15:03:46 GMT
content-encoding
br
customappheader
mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified
Mon, 06 May 2024 05:42:26 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
29837
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f89fd6fa4baa038ec02be82ef6fabb11c3dbe1cfcd896ff4d590cc7e6b124fb6

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://gstarreturns.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 05:20:49 GMT
x-content-type-options
nosniff
age
121377
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 05:20:49 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://gstarreturns.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 20:32:44 GMT
x-content-type-options
nosniff
age
66662
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 20:32:44 GMT
gstar-icons-e4e23f496e6cf5edf01087a4fdf86700.woff2
www.g-star.com/_ui/g-star/fonts/ 		0
0
us.png
gstarreturns.com/_ui/g-star/img/flags%402x/ 		216 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gstarreturns.com/_ui/g-star/img/flags%402x/us.png
Requested by
Host: gstarreturns.com
URL: https://gstarreturns.com/refunds/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac8be86a3ab94b39540dbc24159b7c4e5a199c0c9d71bbe55c065e457985e78f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gstarreturns.com/refunds/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 15:03:47 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
216
last-modified
Fri, 12 Jan 2024 07:58:42 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TB472UziDmRwQ099hyRSGj2TnLuPJqdE%2Be2wNnqWn9ZCh36PhXgK51io%2Bb2xXT2zQm6mxB71tcbVdyYLSa6SOdii9P3ZaRPUOasQF2M5wbR%2FkZ1%2BIok4zibWfYr6nBFTlXRO"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
x-robots-tag
noindex, nofollow
cf-ray
893b3585091a8f5c-CPH
expires
Fri, 21 Jun 2024 15:03:47 GMT
script.js
53cf1150aff2.cdn4.forter.com/sn/53cf1150aff2/ 		343 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://53cf1150aff2.cdn4.forter.com/sn/53cf1150aff2/script.js
Requested by
Host: gstarreturns.com
URL: https://gstarreturns.com/refunds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:f400:f:1b37:e600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0310b69ad99e74cceeb2153f04e9e7438fd808db9e3993747d815a3754c8d26c
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gstarreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 15:03:46 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
via
1.1 146c0f4d7da9f5b3108ac41c3becbb82.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 14 Jun 2024 14:31:56 GMT
x-sourcemap
https://cdn4.forter.com/map/suid/53cf1150aff2/47007098398
etag
W/"6b2da2753755ff724596f3028d63d5b4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, immutable, max-age=600
timing-allow-origin
*
x-amz-cf-id
OerOm_k1R8Vc-m4pUkaC9dqOrh8_lzhDDp71oCIl-TmngsGfV6ofsA==
gstar-icons-e4e23f496e6cf5edf01087a4fdf86700.ttf
www.g-star.com/_ui/g-star/fonts/ 		0
0
config.json
c.go-mpulse.net/api/ 		112 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=MG5PW-JZEKF-L9CWN-C3S6B-ER743&d=gstarreturns.com&t=5727925&v=1.737.20&sl=0&si=0c007660-befa-44cb-8cde-daf6742ac65b-sf2si6&plugins=AK,ConfigOverride,PageParams,RT,PaintTiming,NavigationTiming,ResourceTiming,Memory,Akamai,EventTiming,LOGN&acao=&ak.ai=346980
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/MG5PW-JZEKF-L9CWN-C3S6B-ER743
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:991::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9c18624a536a84d0aef289c0c163538e1f1651cd9f54a9c460bace2d85f3a3f3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gstarreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Fri, 14 Jun 2024 15:03:47 GMT
cache-control
public, max-age=300, stale-while-revalidate=60, stale-if-error=120
timing-allow-origin
*
alt-svc
h3=":443"; ma=93600
content-length
112
content-type
application/json
7d75f655-5322-47dc-af1c-e6bedb5d2f24
https://gstarreturns.com/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://gstarreturns.com/7d75f655-5322-47dc-af1c-e6bedb5d2f24
Requested by
Host: gstarreturns.com
URL: https://gstarreturns.com/refunds/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3483b5d39b2ac79d6cba4102cfbd28f88188e79df8098c90b7642a7911fadc02

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
5318
Content-Type
application/javascript
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://gstarreturns.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 00:47:46 GMT
x-content-type-options
nosniff
age
137761
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 00:47:46 GMT
by-bundle
gstarreturns.com/apiocc/v2/gstarSite_US/sbmessages/ 		1 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gstarreturns.com/apiocc/v2/gstarSite_US/sbmessages/by-bundle?groups=track.my.order.page&
Requested by
Host: gstarreturns.com
URL: https://gstarreturns.com/_ui/g-star/js/react/track-my-order.ebdc442487658c6bbca8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gstarreturns.com/refunds/
X-Accept-Language
en_US
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 15:03:47 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e23ihlC4FANK8aiqJ4Cug%2F899d01y17tBMebOkdo1ohOvkLojj88Yjy4i2zi0HlO6lmy7dV%2FWU%2F7WFO5az6JSfu%2Fu72s8LqprfjpYUrz7rijdGsk9Zi1yOhC5blRwn3XehtY"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
x-robots-tag
noindex, nofollow
cf-ray
893b3587cd208f5c-CPH
alt-svc
h3=":443"; ma=86400
2514b8a3-6a68-4d37-ae23-4c33528e0ded
https://gstarreturns.com/ 		17 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://gstarreturns.com/2514b8a3-6a68-4d37-ae23-4c33528e0ded
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2afafe2ef4186296dc0aa120aef0c44539a49a5e900cdaf6f36d16cb268ef0e7

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
17388
Content-Type
application/javascript
favicon.ico
www.g-star.com/ 		2 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.g-star.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
95.100.146.26 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-146-26.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e632cb43f45ac98989e6b4c5f6f3e0397f2cc35aec861d2b21c5c41697ac4220
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gstarreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

quic-version
0x00000001
date
Fri, 14 Jun 2024 15:03:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000 ; preload
mpulse_origin_time
0
server-timing
ak_p; desc="1718377427270_1600426518_2422656382_37_12756_-_-_-";dur=1
alt-svc
h3=":443"; ma=93600
content-length
1166
x-xss-protection
1; mode=block
last-modified
Wed, 08 Nov 2023 08:51:36 GMT
mpulse_cdn_cache
HIT
etag
W/"1743-1699433496000-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/vnd.microsoft.icon
cache-control
max-age=8726400
accept-ranges
bytes
x-cache-hits
2
prop.json
995803c58101408cbd3fd74a33fcfc67-53cf1150aff2.cdn.forter.com/ 		2 B
624 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://995803c58101408cbd3fd74a33fcfc67-53cf1150aff2.cdn.forter.com/prop.json
Requested by
Host:
URL: (program):2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.81.184.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-184-157.compute-1.amazonaws.com
Software
Apache /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://gstarreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 14 Jun 2024 15:03:47 GMT
Connection
close
Content-Length
2
Pragma
no-cache
Last-Modified
Thu, 13 Jun 2024 11:07:42 GMT
Server
Apache
ETag
"2-61ac3820737c9"
Access-Control-Allow-Methods
PUT, GET, POST, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://gstarreturns.com
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
origin, x-requested-with, content-type, x-csrf-token
Expires
Wed, 11 Jan 1984 05:00:00 GMT
prop.json
cdn0.forter.com/53cf1150aff2/995803c58101408cbd3fd74a33fcfc67/ 		20 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn0.forter.com/53cf1150aff2/995803c58101408cbd3fd74a33fcfc67/prop.json?_=1718377427298
Requested by
Host:
URL: (program):2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.225.5.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-5-197.compute-1.amazonaws.com
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gstarreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Fri, 14 Jun 2024 15:03:47 GMT
Vary
Origin
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://gstarreturns.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Expires
-1
favicon-32x32.png
gstarreturns.com/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://gstarreturns.com/favicon-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gstarreturns.com/refunds/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 15:03:47 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BRri7f7dIaw8QvaE5bo7Cuq7FprpOqkayMKkCbwkebNrxFzq9eAibEbxaXaqCNIkF6UaTJBpdvIWPy9%2Bn885phaCnDc0MicfBjfw9cSJOJEVnHi8MlG5g576e1q0gsdtYCEl"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
x-robots-tag
noindex, nofollow
cf-ray
893b3588eeb58f5c-CPH
alt-svc
h3=":443"; ma=86400
prop.json
cdn0.forter.com/53cf1150aff2/995803c58101408cbd3fd74a33fcfc67/ 		20 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn0.forter.com/53cf1150aff2/995803c58101408cbd3fd74a33fcfc67/prop.json?_=1718377427797
Requested by
Host:
URL: (program):2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.225.5.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-5-197.compute-1.amazonaws.com
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gstarreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Fri, 14 Jun 2024 15:03:47 GMT
Vary
Origin
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://gstarreturns.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Expires
-1
favicon-16x16.png
gstarreturns.com/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://gstarreturns.com/favicon-16x16.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gstarreturns.com/refunds/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 15:03:48 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0%2BPcojkg4QgSLReQJuv%2F1Cxte33D2UxS1BJP02ip4MCnh6F2JaH8Is5sErZMefv6MclbexY851dyQu%2F2w5UviOVf%2BersylmQYN6S6VhtgbQUwWmNyoD57r9OY7rcGXCyZ4cI"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
x-robots-tag
noindex, nofollow
cf-ray
893b358c1bee8f5c-CPH
alt-svc
h3=":443"; ma=86400
prop.json
cdn0.forter.com/53cf1150aff2/995803c58101408cbd3fd74a33fcfc67/ 		20 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn0.forter.com/53cf1150aff2/995803c58101408cbd3fd74a33fcfc67/prop.json?_=1718377428036
Requested by
Host:
URL: (program):2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.225.5.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-5-197.compute-1.amazonaws.com
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gstarreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Fri, 14 Jun 2024 15:03:48 GMT
Vary
Origin
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://gstarreturns.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Expires
-1
logo_small.gif
d3nocrch4qti4v.cloudfront.net/ 		48 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3nocrch4qti4v.cloudfront.net/logo_small.gif?dfpadname=&check=1718377428183
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:7a00:7:bffe:c3c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gstarreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 15:03:48 GMT
via
1.1 964525de46241eae6ff9f5fb91498662.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P8
x-cache
FunctionGeneratedResponse from cloudfront
content-type
image/gif
content-length
48
x-amz-cf-id
OAD7yj6oFQ0boimZH_qIfVGT1dUfSlnnPAyeK-Wsc28Ja1P7OTCPFQ==
logo_medium.gif
d3nocrch4qti4v.cloudfront.net/ 		48 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3nocrch4qti4v.cloudfront.net/logo_medium.gif?check=1718377428183&refererPageDetail=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:7a00:7:bffe:c3c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gstarreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 15:03:48 GMT
via
1.1 964525de46241eae6ff9f5fb91498662.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P8
x-cache
FunctionGeneratedResponse from cloudfront
content-type
image/gif
content-length
48
x-amz-cf-id
JAjtYPMuWLoKUziqAnE5UlhYHCU1MQaPcrayexNoqI1ZyGhZQf3IlA==
logo_large.gif
d3nocrch4qti4v.cloudfront.net/ 		48 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3nocrch4qti4v.cloudfront.net/logo_large.gif?1718377428183&-linkd-32.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:7a00:7:bffe:c3c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gstarreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 15:03:48 GMT
via
1.1 964525de46241eae6ff9f5fb91498662.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P8
x-cache
FunctionGeneratedResponse from cloudfront
content-type
image/gif
content-length
48
x-amz-cf-id
SKKqToSaNVZvj3x4oTMO7kOVreEPmrBB-nWhTugQ_OK8dI_PksbH4A==
events
cdn3.forter.com/ 		0
414 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn3.forter.com/events
Requested by
Host:
URL: (program):2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-57.fra2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://gstarreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain; charset=gzip+enc

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 15:03:48 GMT
strict-transport-security
max-age=86400; includeSubDomains
via
1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
vary
Origin
x-cache
Miss from cloudfront
access-control-allow-origin
https://gstarreturns.com
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
u1gyBfWD0544wDxi7VmzFT2CKAN4vFT5V_-nOyLVyRyyPZchmQOb7A==
expires
-1
wpt.json
cdn0.forter.com/53cf1150aff2/995803c58101408cbd3fd74a33fcfc67/ 		20 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn0.forter.com/53cf1150aff2/995803c58101408cbd3fd74a33fcfc67/wpt.json
Requested by
Host:
URL: (program):2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.225.5.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-5-197.compute-1.amazonaws.com
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://gstarreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 14 Jun 2024 15:03:48 GMT
ETag
W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://gstarreturns.com
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Keep-Alive
timeout=10
Content-Length
20
Expires
-1
wpt.json
cdn0.forter.com/53cf1150aff2/995803c58101408cbd3fd74a33fcfc67/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn0.forter.com/53cf1150aff2/995803c58101408cbd3fd74a33fcfc67/wpt.json
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.225.5.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-5-197.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gstarreturns.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
0
Date
Fri, 14 Jun 2024 15:03:48 GMT
Keep-Alive
timeout=10
Vary
Access-Control-Request-Headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.g-star.com
URL
https://www.g-star.com/_ui/g-star/fonts/GothamSSm-Book_Web.woff2
Domain
www.g-star.com
URL
https://www.g-star.com/_ui/g-star/fonts/GothamSSm-Bold_Web.woff2
Domain
www.g-star.com
URL
https://www.g-star.com/_ui/g-star/fonts/Gotham-Bold_Web.woff2
Domain
www.g-star.com
URL
https://www.g-star.com/_ui/g-star/fonts/Gotham-Ultra_Web.woff2
Domain
www.g-star.com
URL
https://www.g-star.com/_ui/g-star/fonts/gstar-icons-e4e23f496e6cf5edf01087a4fdf86700.woff2
Domain
www.g-star.com
URL
https://www.g-star.com/_ui/g-star/fonts/gstar-icons-e4e23f496e6cf5edf01087a4fdf86700.ttf

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| updateDocumentElement object| clicky_obj object| clicky object| clicky_custom undefined| test object| clicky_site_ids string| cs object| _cgen object| _cgen_custom function| $ function| jQuery number| __startTime object| AppState object| GSRD object| uv object| qubitIntegration object| dataLayer object| gsDataLayer object| dataLayerCache object| ftr__config number| ftr__startScriptLoad function| ftr__fdad undefined| a object| BOOMR_mq string| BOOMR_API_key object| BOOMR function| BOOMR_check_doc_domain function| N5mm function| O544 function| s4JJ function| K7FF object| ftr__ext object| ftr__bufferW function| ftr__ object| ftr__scriptLoadOptions number| uidEvent object| mdb object| labels function| initializeExponea object| webpackChunkg_star_raw_frontend function| logTimings object| gsapVersions string| AlgoliaAnalyticsObject function| ec26f077-ad34-46ed-8d0f-770cdc530d12 function| EvEmitter function| imagesLoaded function| _AutofillCallbackHandler object| _uxa object| ftr__JSON3 number| BOOMR_onload

2 Cookies

Domain/Path Name / Value
.gstarreturns.com/refunds/ Name: forterToken
Value: 995803c58101408cbd3fd74a33fcfc67_1718377426678__UDF4_20ck
.gstarreturns.com/ Name: forterToken
Value: 995803c58101408cbd3fd74a33fcfc67_1718377426678__UDF43-m4_20ck_

18 Console Messages

Source Level URL
Text
javascript error URL: https://gstarreturns.com/refunds/
Message:
Access to font at 'https://www.g-star.com/_ui/g-star/fonts/Gotham-Ultra_Web.woff2' from origin 'https://gstarreturns.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.g-star.com/_ui/g-star/fonts/Gotham-Ultra_Web.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://gstarreturns.com/refunds/
Message:
Access to font at 'https://www.g-star.com/_ui/g-star/fonts/Gotham-Bold_Web.woff2' from origin 'https://gstarreturns.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.g-star.com/_ui/g-star/fonts/Gotham-Bold_Web.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://gstarreturns.com/refunds/
Message:
Access to font at 'https://www.g-star.com/_ui/g-star/fonts/GothamSSm-Bold_Web.woff2' from origin 'https://gstarreturns.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.g-star.com/_ui/g-star/fonts/GothamSSm-Bold_Web.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://gstarreturns.com/refunds/
Message:
Access to font at 'https://www.g-star.com/_ui/g-star/fonts/GothamSSm-Book_Web.woff2' from origin 'https://gstarreturns.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.g-star.com/_ui/g-star/fonts/GothamSSm-Book_Web.woff2
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://gstarreturns.com/client.px-cloud.net/PXTNnBmqF5/main.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://gstarreturns.com/refunds/
Message:
Access to font at 'https://www.g-star.com/_ui/g-star/fonts/gstar-icons-e4e23f496e6cf5edf01087a4fdf86700.woff2' from origin 'https://gstarreturns.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.g-star.com/_ui/g-star/fonts/gstar-icons-e4e23f496e6cf5edf01087a4fdf86700.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://gstarreturns.com/refunds/
Message:
Access to font at 'https://www.g-star.com/_ui/g-star/fonts/gstar-icons-e4e23f496e6cf5edf01087a4fdf86700.ttf' from origin 'https://gstarreturns.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.g-star.com/_ui/g-star/fonts/gstar-icons-e4e23f496e6cf5edf01087a4fdf86700.ttf
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://gstarreturns.com/www.googletagmanager.com/gtm5445.html?id=GTM-PPGBGR8
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://c.go-mpulse.net/api/config.json?key=MG5PW-JZEKF-L9CWN-C3S6B-ER743&d=gstarreturns.com&t=5727925&v=1.737.20&sl=0&si=0c007660-befa-44cb-8cde-daf6742ac65b-sf2si6&plugins=AK,ConfigOverride,PageParams,RT,PaintTiming,NavigationTiming,ResourceTiming,Memory,Akamai,EventTiming,LOGN&acao=&ak.ai=346980
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://gstarreturns.com/apiocc/v2/gstarSite_US/sbmessages/by-bundle?groups=track.my.order.page&
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://gstarreturns.com/favicon-32x32.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://gstarreturns.com/favicon-16x16.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

53cf1150aff2.cdn4.forter.com
995803c58101408cbd3fd74a33fcfc67-53cf1150aff2.cdn.forter.com
c.go-mpulse.net
cdn0.forter.com
cdn3.forter.com
d3nocrch4qti4v.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
gstarreturns.com
gstarreturns.support
in.getclicky.com
s.go-mpulse.net
static.getclicky.com
use.fontawesome.com
www.g-star.com
www.g-star.com
104.16.224.240
13.225.78.57
162.255.119.45
172.67.167.156
2600:9000:2644:f400:f:1b37:e600:93a1
2600:9000:266e:7a00:7:bffe:c3c0:21
2606:4700:3037::ac43:8ef5
2a00:1450:4001:827::2003
2a00:1450:4001:82b::200a
2a02:26f0:3100:795::11a6
2a02:26f0:3500:991::11a6
34.225.5.197
54.81.184.157
95.100.146.26
0310b69ad99e74cceeb2153f04e9e7438fd808db9e3993747d815a3754c8d26c
09e712bd7c7a59486c3fb4480ce0dedb035294ef00cc02e74fb3072568b8b95a
0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5
0d6c2aa0a446364169fba9251e31da41e2f618a09e3cceae2fccd617508e372f
1658492b6cde6550a815661c0c16af4a049a8fa7ad88718641b81eda2c66333c
2afafe2ef4186296dc0aa120aef0c44539a49a5e900cdaf6f36d16cb268ef0e7
3483b5d39b2ac79d6cba4102cfbd28f88188e79df8098c90b7642a7911fadc02
4026918dd39e7e8354ea1e0396d7277f1878dd9119c57ae866c48bc15f5002dd
42d83450e41e8f068fa4afb9194a54a18715aea5923bb7a8e7381c4554abccb7
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
6eba83351b8b406944ba6249da7690718b54c5c7f394ff196a482d8c08863efb
7bc96c96bb6bb2572b1b22a8321f19bd12a9c3efcc6387fe75e40a4806be6015
7cbe980b37e3a0a2891c6199f7b2d2e8a58b17d18c08b69963fdc7fa27f8fefd
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
992bdd3fe31d7a811809a0ca860bac1269705190b37d85a8adf5f9de9e7fa2fe
9c18624a536a84d0aef289c0c163538e1f1651cd9f54a9c460bace2d85f3a3f3
a182ea131fba138b5b58b63050743b8a27dcca925d02063a8650984a19f09bed
ac8be86a3ab94b39540dbc24159b7c4e5a199c0c9d71bbe55c065e457985e78f
b1ff344c29dfe132c4d5663981d939562a86bed8413984f812c02a6a3bae80a4
b7183e9e4eb5314eaff3c731c6905e929b71f5bd64895dd273a257a05b1bcf40
c04726ab30595f43090f84465afc24bdc98179f0faa7068a4d6bab9925e217cc
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
df8667e5dce4aaec9b5f8b9d64dfd4e59eed766840954467cc81028359c0a560
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e632cb43f45ac98989e6b4c5f6f3e0397f2cc35aec861d2b21c5c41697ac4220
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f89fd6fa4baa038ec02be82ef6fabb11c3dbe1cfcd896ff4d590cc7e6b124fb6
fe0bdb6e800c5c34db91753e65879f236c96e6aa6f179fabebe45a60ec86d8be