mycovidrefund.com Open in urlscan Pro
52.223.52.2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.mycovidrefund.com/
Effective URL:
https://mycovidrefund.com/
Submission: On December 08 via automatic, source certstream-suspicious (December 8th 2023, 10:08:49 am UTC) — Scanned from DE

Summary HTTP 26 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 26 HTTP transactions. The main IP is 52.223.52.2, located in United States and belongs to AMAZON-02, US. The main domain is mycovidrefund.com.
TLS certificate: Issued by R3 on December 8th 2023. Valid for: 3 months.

This is the only time mycovidrefund.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	52.223.52.2 52.223.52.2	16509 (AMAZON-02) (AMAZON-02)
20	2600:9000:21c... 2600:9000:21c7:9c00:d:ada1:a280:93a1	16509 (AMAZON-02) (AMAZON-02)
3	13.32.99.20 13.32.99.20	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:210... 2600:9000:2104:7000:d:6b42:4ec0:93a1	16509 (AMAZON-02) (AMAZON-02)
26	5

2 52.223.52.2 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0b1d980e1f2226c6.awsglobalaccelerator.com

www.mycovidrefund.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mycovidrefund.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2600:9000:21c7:9c00:d:ada1:a280:93a1 (United States)

ASN16509 (AMAZON-02, US)

framerusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.99.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-20.fra60.r.cloudfront.net

events.framer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:7000:d:6b42:4ec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.framerstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	framerusercontent.com framerusercontent.com — Cisco Umbrella Rank: 63857	497 KB
3	framer.com events.framer.com — Cisco Umbrella Rank: 74558	16 KB
2	mycovidrefund.com 1 redirects www.mycovidrefund.com mycovidrefund.com	17 KB
1	framerstatic.com app.framerstatic.com — Cisco Umbrella Rank: 109993	19 KB
1	gstatic.com fonts.gstatic.com	31 KB
26	5

	Domain	Requested by
20	framerusercontent.com	mycovidrefund.com
3	events.framer.com	mycovidrefund.com events.framer.com
1	app.framerstatic.com	mycovidrefund.com
1	fonts.gstatic.com	mycovidrefund.com
1	mycovidrefund.com
1	www.mycovidrefund.com	1 redirects
26	6

This site contains no links.

Subject Issuer	Validity	Valid
mycovidrefund.com R3	`2023-12-08` - `2024-03-07`	3 months	crt.sh
framerusercontent.com Amazon RSA 2048 M02	`2023-02-23` - `2024-02-15`	a year	crt.sh
events.framer.com Amazon RSA 2048 M01	`2023-04-26` - `2024-05-23`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
framerstatic.com Amazon RSA 2048 M02	`2023-10-23` - `2024-11-20`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://mycovidrefund.com/
Frame ID: B3CA51C2CA010AEF9BCB1C0E5820AA11
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Claim Up To $32,220 SETC

Page URL History Show full URLs

https://www.mycovidrefund.com/ HTTP 308
https://mycovidrefund.com/ Page URL

Page Statistics

26
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

6
Subdomains

5
IPs

2
Countries

579 kB
Transfer

1206 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.mycovidrefund.com/ HTTP 308
https://mycovidrefund.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
mycovidrefund.com/
Redirect Chain

https://www.mycovidrefund.com/
https://mycovidrefund.com/

190 KB
16 KB

122ms
38ms

Document
text/html

52.223.52.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mycovidrefund.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.223.52.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a0b1d980e1f2226c6.awsglobalaccelerator.com

Software

Framer/3b5e5b1 /

Resource Hash

bb8b6b732bee238566595b8fcab2aeff0cb28b1df663d7071a84236fd13ca5a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-length: 16386
content-type: text/html
date: Fri, 08 Dec 2023 10:08:44 GMT
etag: "fbe86e087ee63a304b3a183cf3f8027f"
last-modified: Fri, 08 Dec 2023 10:05:31 GMT
link: <https://framerusercontent.com>; rel="preconnect", <https://framerusercontent.com>; rel="preconnect"; crossorigin=""
server: Framer/3b5e5b1
server-timing: region;desc="eu-west-1", cache;desc="cached", ssg-status;desc="optimized", version;desc="3b5e5b1"
strict-transport-security: max-age=31536000
vary: Accept-Encoding

Redirect headers

cache-control: public, max-age=0, must-revalidate
content-length: 62
content-type: text/html; charset=utf-8
date: Fri, 08 Dec 2023 10:08:43 GMT
link: <https://framerusercontent.com>; rel="preconnect", <https://framerusercontent.com>; rel="preconnect"; crossorigin=""
location: https://mycovidrefund.com/
server: Framer/3b5e5b1
strict-transport-security: max-age=31536000

GET
H2 200 chunk-HPJKKZDZ.mjs Show response
framerusercontent.com/sites/Z3r71wtNb9rABNhV1FKm4/ 237 B
984 B 498ms
471ms Script
text/javascript 2600:9000:21c7:9c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/Z3r71wtNb9rABNhV1FKm4/chunk-HPJKKZDZ.mjs

Requested by

Host: mycovidrefund.com
URL: https://mycovidrefund.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

5798061211ab39f60c1f90f3a0ccb3e15b8916e94ade372aad7398ce627ede53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mycovidrefund.com/
Origin: https://mycovidrefund.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:08:45 GMT
x-amz-version-id: ZluVb.7NN1hIaIf16z1QKH8PPZFlmNnH
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 c149c6b8a4d6f497cac6f2d9e9e6be40.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 237
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 08 Dec 2023 10:05:30 GMT
server: CloudFront
etag: "1d2ca32a74c142ff77e520b7533fd6d9"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Origin
accept-ranges: bytes
x-amz-cf-id: jrsRhrR3Rn6im1RW20lPIngqOlEvNSK1hlqlfa_6Jt0NFkYalU5GSg==

GET
H2 200 chunk-ZPFQM64G.mjs Show response
framerusercontent.com/sites/Z3r71wtNb9rABNhV1FKm4/ 495 KB
146 KB 513ms
485ms Script
text/javascript 2600:9000:21c7:9c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/Z3r71wtNb9rABNhV1FKm4/chunk-ZPFQM64G.mjs

Requested by

Host: mycovidrefund.com
URL: https://mycovidrefund.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

9af99d2cf73bfa52deaf258fa138aef00cca68e987efeb562b0e29ec7487eb3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mycovidrefund.com/
Origin: https://mycovidrefund.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:08:45 GMT
x-amz-version-id: 68dnRA6jLBxj3p1FkgdcfkSBXKutkzAt
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
via: 1.1 c149c6b8a4d6f497cac6f2d9e9e6be40.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 08 Dec 2023 10:05:30 GMT
server: CloudFront
etag: W/"9a5cb776b09aef2afeff2a6ea54ed2aa"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Accept-Encoding,Origin
x-amz-cf-id: fJQ1Sp36pkh1o-JcbP9ThOJLyTZAtAZK6tGV6tGw5bfHtmbCsqmsnA==

GET
H2 200 chunk-ELYU6EKT.mjs Show response
framerusercontent.com/sites/Z3r71wtNb9rABNhV1FKm4/ 447 B
1 KB 499ms
471ms Script
text/javascript 2600:9000:21c7:9c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/Z3r71wtNb9rABNhV1FKm4/chunk-ELYU6EKT.mjs

Requested by

Host: mycovidrefund.com
URL: https://mycovidrefund.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

4e0ea1029eab3b7c0bb3183eaa684b29064f2de371720317b8a35519fe26589e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mycovidrefund.com/
Origin: https://mycovidrefund.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:08:45 GMT
x-amz-version-id: eSsF8G8eXHiQujN_MT9hrqXUGIhldm4s
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 c149c6b8a4d6f497cac6f2d9e9e6be40.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 447
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 08 Dec 2023 10:05:30 GMT
server: CloudFront
etag: "bac0d5b5f6a61029b51079932ccda746"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Origin
accept-ranges: bytes
x-amz-cf-id: uXcHsg9U_1NT6hj_PGsJVduyOPijJsklJcr2tq4aSqHsEGipKp51lA==

GET
H2 200 17rpP5VcEWZZMl2k33NnfCkMVPQkutCKNcLE00Q_Qfc.S6SRJO6J.mjs Show response
framerusercontent.com/sites/Z3r71wtNb9rABNhV1FKm4/ 129 KB
12 KB 533ms
506ms Script
text/javascript 2600:9000:21c7:9c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/Z3r71wtNb9rABNhV1FKm4/17rpP5VcEWZZMl2k33NnfCkMVPQkutCKNcLE00Q_Qfc.S6SRJO6J.mjs

Requested by

Host: mycovidrefund.com
URL: https://mycovidrefund.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

9ae364692abcecca2ab67bac87644e688220241680689ca466dfd8135c4e8321

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mycovidrefund.com/
Origin: https://mycovidrefund.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:08:45 GMT
x-amz-version-id: SiTCuPMid20tt87gAh9WD07FHqn_Aehw
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
via: 1.1 c149c6b8a4d6f497cac6f2d9e9e6be40.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 08 Dec 2023 10:05:30 GMT
server: CloudFront
etag: W/"e927271d1606f1ec06eb4358114bcffe"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Accept-Encoding,Origin
x-amz-cf-id: 8-aaptuBrNZ-GU3z3evF9suzBNRpvuZeXWo-OxEvIbdlJE9UhA-VsA==

GET
H2 200 chunk-RR6SS3KP.mjs Show response
framerusercontent.com/sites/Z3r71wtNb9rABNhV1FKm4/ 940 B
2 KB 499ms
472ms Script
text/javascript 2600:9000:21c7:9c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/Z3r71wtNb9rABNhV1FKm4/chunk-RR6SS3KP.mjs

Requested by

Host: mycovidrefund.com
URL: https://mycovidrefund.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

487a6611a5fdd50a7f1b331b18b6e470a2dd40421a9fa594dcaa1cda278082d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mycovidrefund.com/
Origin: https://mycovidrefund.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:08:45 GMT
x-amz-version-id: gEAMOe8m0E_wBZawUjUXyx.8MGOo78Oz
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 c149c6b8a4d6f497cac6f2d9e9e6be40.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 940
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 08 Dec 2023 10:05:30 GMT
server: CloudFront
etag: "fcae6739d9d72f7f2c5aa9de64fb1897"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Origin
accept-ranges: bytes
x-amz-cf-id: t54ThIZCXksyWmrLQGAeclZYYsnjpE7uHxw4Hp44wiUZem-DtP0ycw==

GET
H2 200 chunk-LDRGY2PI.mjs Show response
framerusercontent.com/sites/Z3r71wtNb9rABNhV1FKm4/ 736 B
1 KB 513ms
486ms Script
text/javascript 2600:9000:21c7:9c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/Z3r71wtNb9rABNhV1FKm4/chunk-LDRGY2PI.mjs

Requested by

Host: mycovidrefund.com
URL: https://mycovidrefund.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

cee817228d9bd320168b7ccad1ce84f685799f978d9e82500faedec10d83c4bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mycovidrefund.com/
Origin: https://mycovidrefund.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:08:45 GMT
x-amz-version-id: PTYWZ1bOHtEEJkfH6HAv9x.FZeiGEdkF
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 c149c6b8a4d6f497cac6f2d9e9e6be40.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 736
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 08 Dec 2023 10:05:30 GMT
server: CloudFront
etag: "f95d16929e4f48d96761c6dedc2b59eb"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Origin
accept-ranges: bytes
x-amz-cf-id: m_oVzUX0CHfula-qLtDULPuU_g1BuRpG81-WCC86IUxbyfQeR0xtzg==

GET
H2 200 script Show response
events.framer.com/ 15 KB
16 KB 403ms
362ms Script
text/javascript 13.32.99.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.framer.com/script
Requested by: Host: mycovidrefund.com
URL: https://mycovidrefund.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-20.fra60.r.cloudfront.net
Software: /
Resource Hash: 1ead087aefba734350a34fc18289ab83b03ab93901970edaaf19b14cec96fb3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mycovidrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:08:44 GMT
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 15617
x-amz-cf-pop: FRA60-P3
x-amzn-trace-id: Root=1-6572eb2c-65f5c01e7cfbfbf037fc042a
x-amzn-requestid: 52eed117-260c-4b7a-89ab-5da0bd884514
x-cache: Miss from cloudfront
content-type: text/javascript
timestamp: Fri, 08 Dec 2023 10:04:54 GMT
x-amz-apigw-id: Pnmu_GjIoAMEp9w=
content-length: 15617
x-amz-cf-id: LGOupnUVUeTlQoQ_RJW_lp6bDykCCs1cUOH673ZeDyn-ch_NKKReZw==

GET
H2 200 oHRLm2ZlOmDoqTA9uh6pabmV4.png
framerusercontent.com/images/ 16 KB
16 KB 132ms
132ms Image
image/webp 2600:9000:21c7:9c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/oHRLm2ZlOmDoqTA9uh6pabmV4.png?scale-down-to=512

Requested by

Host: mycovidrefund.com
URL: https://mycovidrefund.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

fb86fe37407fe6fc737facb0ec868a6bddff73439084daa25eb4c116c4c9c651

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mycovidrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 06:06:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 3649c20f8adf8628b43dbef00864e392.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 14511
x-amzn-requestid: d2a30fac-0a09-4142-910f-783159afbeb1
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6572b27d-71e1d62d138afb2852dea9ae;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: 4pzAAQMUHikax24fTElMnGATAgL-3OyQVeLJEcXZ1W8j_QZQU_qscg==

GET
H2 200 tM1Ki3wZOdEFninUPgEN2OSCAs.png
framerusercontent.com/images/ 22 KB
22 KB 134ms
134ms Image
image/webp 2600:9000:21c7:9c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/tM1Ki3wZOdEFninUPgEN2OSCAs.png?scale-down-to=512

Requested by

Host: mycovidrefund.com
URL: https://mycovidrefund.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

29991b5b7c1a2cbdb926153c997aa29e9a214e342ba0851fe44d94813a6cf170

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mycovidrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 07:32:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 3649c20f8adf8628b43dbef00864e392.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 9394
x-amzn-requestid: e392a8da-723d-423b-af8e-0e873d68bb24
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6572c67a-3db8e998723926cd5efa69f0;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: Mp8GGY6BTLTQAo-Eq0_ibIayVPQkBNOIDR4nUp-vqPeJb6JO-NjDBg==

GET
H2 200 Q4ZIGCrvuZ6n2n3oWcFI91EeI.png
framerusercontent.com/images/ 33 KB
34 KB 119ms
119ms Image
image/webp 2600:9000:21c7:9c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/Q4ZIGCrvuZ6n2n3oWcFI91EeI.png

Requested by

Host: mycovidrefund.com
URL: https://mycovidrefund.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

597cf6b068d4df231fa2c4b579ab8ec8c2482b9176927adef502b41f57889bc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mycovidrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 06:06:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 3649c20f8adf8628b43dbef00864e392.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 14511
x-amzn-requestid: f118dc9c-220d-4fd8-8d79-9121f38a8489
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6572b27d-66d3904d33bbbd79794c4f32;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: Kwa8dGa9421Ssb-RvGOIWsZWSX79PPMxkr5ClFu8h5_uUVza-V5R1g==

GET
H2 200 default_script0.GMCZLDIX.mjs Show response
framerusercontent.com/sites/Z3r71wtNb9rABNhV1FKm4/ 1 KB
2 KB 419ms
416ms Script
text/javascript 2600:9000:21c7:9c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/Z3r71wtNb9rABNhV1FKm4/default_script0.GMCZLDIX.mjs

Requested by

Host: mycovidrefund.com
URL: https://mycovidrefund.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

fdce4e4cac7588c4e168e940a88aae17aa09b31db2817c4353f2562bb9021dbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mycovidrefund.com/
Origin: https://mycovidrefund.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:08:45 GMT
x-amz-version-id: NjxWqS4hRPJJDsAaAGYkr2GghymLAxtQ
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
via: 1.1 c149c6b8a4d6f497cac6f2d9e9e6be40.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 08 Dec 2023 10:05:30 GMT
server: CloudFront
etag: W/"43057ac9896a236388a37bd3fb88d9dc"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Accept-Encoding,Origin
x-amz-cf-id: 0CFjCeT-ZptkRIC4eVY92rbBcPdEbVb-EIDd7MgsOSbIg60ou-cJSw==

GET
H2 200 c4mw1n92AsfhuCq6tVsaoIx1LQICk0boNoq0ShNPVo0.woff2
fonts.gstatic.com/s/kumbhsans/v20/ 30 KB
31 KB 29ms
9ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kumbhsans/v20/c4mw1n92AsfhuCq6tVsaoIx1LQICk0boNoq0ShNPVo0.woff2

Requested by

Host: mycovidrefund.com
URL: https://mycovidrefund.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dec328ab39c0f84d7ff319c4e46e2a490a7b31c5ea73f1ad1f5bb76e7d4b861d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mycovidrefund.com/
Origin: https://mycovidrefund.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 12:33:22 GMT
x-content-type-options: nosniff
age: 509722
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31044
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 22:38:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 12:33:22 GMT

GET
H2 200 Inter-Regular.latin-JLQMKCHE.woff2
app.framerstatic.com/ 19 KB
19 KB 82ms
18ms Font
font/woff2 2600:9000:2104:7000:d:6b42:4ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.framerstatic.com/Inter-Regular.latin-JLQMKCHE.woff2

Requested by

Host: mycovidrefund.com
URL: https://mycovidrefund.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:7000:d:6b42:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

c68a6f081906c9d9be0fc4f3dd09a212d53039747f676fa524692af4c7c170d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mycovidrefund.com/
Origin: https://mycovidrefund.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:13:20 GMT
x-amz-version-id: null
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 bdba42cf1410fb617eeb4ffd3e0b9cb6.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
age: 10828525
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 19024
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 04 Aug 2023 22:42:08 GMT
server: CloudFront
etag: "e8e69f41b1da2a7b6e6fcb959e00e736"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: VKvDMXMKgwbuNHOEoX4Jvk3ZNgmqwCMCT2NhsadptDlvYa1EoLRlWQ==

GET
H2 200 DgBa8c8f9s6rf69TD5JaOdhM.png
framerusercontent.com/images/ 32 KB
33 KB 137ms
136ms Image
image/webp 2600:9000:21c7:9c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/DgBa8c8f9s6rf69TD5JaOdhM.png

Requested by

Host: mycovidrefund.com
URL: https://mycovidrefund.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

71576526032f19f5eef4ea886ba6a7d0a787036af0f11aff203ace77236f38d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mycovidrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 06:06:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 3649c20f8adf8628b43dbef00864e392.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 14511
x-amzn-requestid: d9749dcb-e86e-4769-a90a-ba4e7c2d391e
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6572b27d-71fb604b418d14c87327b408;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: 2LA-g_8ynvaMyvQre158gvwCoYsxrP5U4s1VpO8EsBWWnw2GTB9v0A==

GET
H2 200 mtDgyyf4cSWKKqrY36Jn3vPUM.png
framerusercontent.com/images/ 39 KB
40 KB 150ms
149ms Image
image/webp 2600:9000:21c7:9c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/mtDgyyf4cSWKKqrY36Jn3vPUM.png

Requested by

Host: mycovidrefund.com
URL: https://mycovidrefund.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

e519fbdc45f8fd0a449188c6db98df1e84948a168aa18161a287d8d2b77cd2ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mycovidrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 06:06:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 3649c20f8adf8628b43dbef00864e392.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 14511
x-amzn-requestid: 75275a1b-15be-48b3-9164-49a23d61e2ab
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6572b27d-4c7187417c7df4dc2209a69a;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: mgvnY17O5AMVgauQia2ZQica5q82ULkkB3oUmHfE_WENv6LVzTC4ng==

GET
H2 200 VJ2OTQSXaN76r7NIaFTOBNiips.png
framerusercontent.com/images/ 25 KB
25 KB 149ms
148ms Image
image/webp 2600:9000:21c7:9c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/VJ2OTQSXaN76r7NIaFTOBNiips.png

Requested by

Host: mycovidrefund.com
URL: https://mycovidrefund.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

5e5812f919ca566a669b2c46996d4ebad61d5513ac4c7805ba3cea13bdda730f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mycovidrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 06:06:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 3649c20f8adf8628b43dbef00864e392.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 14511
x-amzn-requestid: a202fcc4-0901-41f8-9cf5-605b2e242a7d
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6572b27d-1778a6f139554ffb109e2d72;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: j_HaRcZbcGGCQnioFs4qiWyaiCFn45zlQFbjk8jkFqTFfHq5hQmweg==

GET
H2 200 gdX9vIzKpmxTfDsdAFxMmjrLK4.png
framerusercontent.com/images/ 31 KB
32 KB 303ms
302ms Image
image/webp 2600:9000:21c7:9c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/gdX9vIzKpmxTfDsdAFxMmjrLK4.png

Requested by

Host: mycovidrefund.com
URL: https://mycovidrefund.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

c200f41bc854e0aed0680237c535055b23451dc857bbf42db72423a94c6b43be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mycovidrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:08:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 3649c20f8adf8628b43dbef00864e392.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amzn-requestid: 4c5dbada-8240-4d68-883f-e35f5c756da0
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6572eb2c-0cd22a8125246b7b7a71dc31;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: 2gt3_sGjZT25V_V3s1fkvAq_4QtNytUPrbnVfBcgc96lT1sEQGkgeQ==

GET
H2 200 ghnjZYrjJbzGEJl0Jw7sYJdaxo.png
framerusercontent.com/images/ 4 KB
5 KB 147ms
147ms Image
image/webp 2600:9000:21c7:9c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/ghnjZYrjJbzGEJl0Jw7sYJdaxo.png?scale-down-to=512

Requested by

Host: mycovidrefund.com
URL: https://mycovidrefund.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

3c49e051944aee719d1083502c6a8912d51210d81c4026b2c7bdb8456fca9649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mycovidrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 07:09:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 3649c20f8adf8628b43dbef00864e392.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 10740
x-amzn-requestid: fca199b3-05a4-4a55-b409-28811e7ccf1c
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6572c138-664dfa372a50b3f1714d419e;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: s-J5Us0IjLvAl0I-kDJgM2ZN7p8D9BpyAL58-elItejKAE7Ph0WYMQ==

GET
H2 200 nSTbcSDjmI4QFpiBxiNNvcDUe0.png
framerusercontent.com/images/ 29 KB
30 KB 160ms
159ms Image
image/webp 2600:9000:21c7:9c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/nSTbcSDjmI4QFpiBxiNNvcDUe0.png

Requested by

Host: mycovidrefund.com
URL: https://mycovidrefund.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

fc37cd8ae5b9e56875e6eb6183482a3b078005f87e710f31556c57de8f58303c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mycovidrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 06:06:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 3649c20f8adf8628b43dbef00864e392.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 14509
x-amzn-requestid: c2942091-df18-4610-9636-c2f5662a3284
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6572b27f-5fe36b7a462a928f67d434c9;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: QLHf7kXfTFrgkDHLY-_F_hW_90kVagb4qbwZdAa207y_etJA4X0QrQ==

GET
H2 200 7bLAYt8Ps8IkvvuKyzvWyr0hINc.png
framerusercontent.com/images/ 35 KB
35 KB 151ms
151ms Image
image/webp 2600:9000:21c7:9c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/7bLAYt8Ps8IkvvuKyzvWyr0hINc.png

Requested by

Host: mycovidrefund.com
URL: https://mycovidrefund.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

657d3c521368e23ba700dac8ade1239da5caf9165c765c345d13920d51333100

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mycovidrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 06:06:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 3649c20f8adf8628b43dbef00864e392.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 14509
x-amzn-requestid: 85f191f5-0407-417e-857e-2971eefed030
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6572b27f-1576424d519f8d5870950c3e;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: _qXTAfj9abvOx5XEazoYtZn9JNoV76MR1956Sxd6uarcRzBqckhE0w==

POST
H2 200 anonymous
events.framer.com/ 0
0 341ms
341ms Fetch
application/json 13.32.99.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.framer.com/anonymous
Requested by: Host: events.framer.com
URL: https://events.framer.com/script
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-20.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://mycovidrefund.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 08 Dec 2023 10:08:45 GMT
via: 1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amzn-trace-id: Root=1-6572eb2c-00adc60322603b766fe2a92f;Sampled=1;lineage=c457ad49:0
x-amzn-requestid: 5d967d39-fcb0-446c-9e80-419717b19d1c
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: PnmvEHmvoAMEqTA=
content-length: 0
x-amz-cf-id: CrYtznaXjYNX6nhcwmj0wF94fRdqhcx-wZWhOLb3xmIN0GQmu9UtHQ==

OPTIONS
H2 200 anonymous
events.framer.com/ 0
0 126ms
106ms Preflight
application/json 13.32.99.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.framer.com/anonymous
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-20.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://mycovidrefund.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Fri, 08 Dec 2023 10:08:44 GMT
via: 1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
x-amz-apigw-id: PnmvBHWvoAMEi4A=
x-amz-cf-id: O3sFk3tX4jnCzEcHpt5JRpM56P74E5qiTLaEPIwD2JzxwYoo0n9eWA==
x-amz-cf-pop: FRA60-P3
x-amzn-requestid: 379f4e45-d527-4fb4-b520-c5af76fa7769
x-cache: Miss from cloudfront

GET
H2 200 tM1Ki3wZOdEFninUPgEN2OSCAs.png
framerusercontent.com/images/ 22 KB
22 KB 18ms
16ms Image
image/webp 2600:9000:21c7:9c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/tM1Ki3wZOdEFninUPgEN2OSCAs.png?scale-down-to=512

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

29991b5b7c1a2cbdb926153c997aa29e9a214e342ba0851fe44d94813a6cf170

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mycovidrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 07:32:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 3649c20f8adf8628b43dbef00864e392.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 9395
x-amzn-requestid: e392a8da-723d-423b-af8e-0e873d68bb24
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6572c67a-3db8e998723926cd5efa69f0;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: 8q4Z15Y3SvLR3ZQAxkHV3iFOqRi_5HU_JgJGOeFyfjcZLKdU-hBgVw==

GET
H2 200 ghnjZYrjJbzGEJl0Jw7sYJdaxo.png
framerusercontent.com/images/ 4 KB
5 KB 18ms
16ms Image
image/webp 2600:9000:21c7:9c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/ghnjZYrjJbzGEJl0Jw7sYJdaxo.png?scale-down-to=512

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

3c49e051944aee719d1083502c6a8912d51210d81c4026b2c7bdb8456fca9649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mycovidrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 07:09:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 3649c20f8adf8628b43dbef00864e392.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 10741
x-amzn-requestid: fca199b3-05a4-4a55-b409-28811e7ccf1c
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6572c138-664dfa372a50b3f1714d419e;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: F6cnx6GT-lfGFQ9tNdyDkG7doOmUa_kov84w1CEqKhGhP6BIwmeaWg==

GET
H2 200 Q4ZIGCrvuZ6n2n3oWcFI91EeI.png
framerusercontent.com/images/ 33 KB
34 KB 20ms
19ms Image
image/webp 2600:9000:21c7:9c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/Q4ZIGCrvuZ6n2n3oWcFI91EeI.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

597cf6b068d4df231fa2c4b579ab8ec8c2482b9176927adef502b41f57889bc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mycovidrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 06:06:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 3649c20f8adf8628b43dbef00864e392.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 14512
x-amzn-requestid: f118dc9c-220d-4fd8-8d79-9121f38a8489
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6572b27d-66d3904d33bbbd79794c4f32;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: ZZFX0Ih6YLjAGi5zs1Mpk-u6Xk30kGUGDhQkFQUhwdFJkTJp6_oS4g==

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| __send_framer_event function| __framer_importFromPackage object| process

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.framerstatic.com
events.framer.com
fonts.gstatic.com
framerusercontent.com
mycovidrefund.com
www.mycovidrefund.com
13.32.99.20
2600:9000:2104:7000:d:6b42:4ec0:93a1
2600:9000:21c7:9c00:d:ada1:a280:93a1
2a00:1450:4001:80f::2003
52.223.52.2
1ead087aefba734350a34fc18289ab83b03ab93901970edaaf19b14cec96fb3b
29991b5b7c1a2cbdb926153c997aa29e9a214e342ba0851fe44d94813a6cf170
3c49e051944aee719d1083502c6a8912d51210d81c4026b2c7bdb8456fca9649
487a6611a5fdd50a7f1b331b18b6e470a2dd40421a9fa594dcaa1cda278082d0
4e0ea1029eab3b7c0bb3183eaa684b29064f2de371720317b8a35519fe26589e
5798061211ab39f60c1f90f3a0ccb3e15b8916e94ade372aad7398ce627ede53
597cf6b068d4df231fa2c4b579ab8ec8c2482b9176927adef502b41f57889bc7
5e5812f919ca566a669b2c46996d4ebad61d5513ac4c7805ba3cea13bdda730f
657d3c521368e23ba700dac8ade1239da5caf9165c765c345d13920d51333100
71576526032f19f5eef4ea886ba6a7d0a787036af0f11aff203ace77236f38d2
9ae364692abcecca2ab67bac87644e688220241680689ca466dfd8135c4e8321
9af99d2cf73bfa52deaf258fa138aef00cca68e987efeb562b0e29ec7487eb3a
bb8b6b732bee238566595b8fcab2aeff0cb28b1df663d7071a84236fd13ca5a3
c200f41bc854e0aed0680237c535055b23451dc857bbf42db72423a94c6b43be
c68a6f081906c9d9be0fc4f3dd09a212d53039747f676fa524692af4c7c170d5
cee817228d9bd320168b7ccad1ce84f685799f978d9e82500faedec10d83c4bb
dec328ab39c0f84d7ff319c4e46e2a490a7b31c5ea73f1ad1f5bb76e7d4b861d
e519fbdc45f8fd0a449188c6db98df1e84948a168aa18161a287d8d2b77cd2ab
fb86fe37407fe6fc737facb0ec868a6bddff73439084daa25eb4c116c4c9c651
fc37cd8ae5b9e56875e6eb6183482a3b078005f87e710f31556c57de8f58303c
fdce4e4cac7588c4e168e940a88aae17aa09b31db2817c4353f2562bb9021dbd

mycovidrefund.com Open in urlscan Pro 52.223.52.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

26 Requests

100 %HTTPS

60 %IPv6

5 Domains

6 Subdomains

5 IPs

2 Countries

579 kBTransfer

1206 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

mycovidrefund.com Open in urlscan Pro
52.223.52.2 Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

6
Subdomains

5
IPs

2
Countries

579 kB
Transfer

1206 kB
Size

0
Cookies

26 HTTP transactions
0 data transactions