saveyourrefund.aarpfoundation.org Open in urlscan Pro
34.68.126.183 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://saveyourrefund.aarpfoundation.org/
Submission: On March 03 via automatic, source certstream-suspicious (March 3rd 2022, 2:31:49 pm UTC) — Scanned from DE

Summary HTTP 59 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 17 IPs in 2 countries across 13 domains to perform 59 HTTP transactions. The main IP is 34.68.126.183, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is saveyourrefund.aarpfoundation.org.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on February 22nd 2021. Valid for: a year.

This is the only time saveyourrefund.aarpfoundation.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
28	34.68.126.183 34.68.126.183	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.112.111 18.66.112.111	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	89.187.169.47 89.187.169.47	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:8200:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.198.109.212 18.198.109.212	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	18.66.112.92 18.66.112.92	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	178.128.135.232 178.128.135.232	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
59	17

28 34.68.126.183 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 183.126.68.34.bc.googleusercontent.com

saveyourrefund.aarpfoundation.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-111.fra56.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com

a.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:8200:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.109.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-109-212.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-92.fra56.r.cloudfront.net

api.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

4652332.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.128.135.232 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

z.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	aarpfoundation.org saveyourrefund.aarpfoundation.org	774 KB
6	gstatic.com fonts.gstatic.com	163 KB
5	omappapi.com a.omappapi.com — Cisco Umbrella Rank: 5002 api.omappapi.com — Cisco Umbrella Rank: 4464 z.omappapi.com — Cisco Umbrella Rank: 11222	71 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	29 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 124	167 KB
3	sharethis.com platform-api.sharethis.com — Cisco Umbrella Rank: 4644 buttons-config.sharethis.com — Cisco Umbrella Rank: 5510 l.sharethis.com — Cisco Umbrella Rank: 4230	43 KB
2	doubleclick.net 1 redirects 4652332.fls.doubleclick.net — Cisco Umbrella Rank: 75422	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	101 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8832	870 B
1	google.com adservice.google.com — Cisco Umbrella Rank: 57	876 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	360 B
0	cookiebot.com Failed consent.cookiebot.com Failed
59	13

	Domain	Requested by
28	saveyourrefund.aarpfoundation.org	saveyourrefund.aarpfoundation.org
6	fonts.gstatic.com	fonts.googleapis.com
4	cdnjs.cloudflare.com	saveyourrefund.aarpfoundation.org
3	a.omappapi.com	saveyourrefund.aarpfoundation.org a.omappapi.com
3	connect.facebook.net	saveyourrefund.aarpfoundation.org connect.facebook.net
2	4652332.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	fonts.googleapis.com	saveyourrefund.aarpfoundation.org a.omappapi.com
2	www.googletagmanager.com	saveyourrefund.aarpfoundation.org www.googletagmanager.com
1	z.omappapi.com	a.omappapi.com
1	adservice.google.de	adservice.google.com
1	adservice.google.com	4652332.fls.doubleclick.net
1	www.google-analytics.com	www.googletagmanager.com
1	api.omappapi.com	a.omappapi.com
1	l.sharethis.com	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	platform-api.sharethis.com	saveyourrefund.aarpfoundation.org
0	consent.cookiebot.com Failed	saveyourrefund.aarpfoundation.org
59	17

This site contains links to these domains. Also see Links.

Domain
secure.aarp.org
aarp.org
www.aarp.org
twitter.com
www.facebook.com

Subject Issuer	Validity	Valid
aarpfoundation.org DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
sharethis.com Amazon	`2021-07-19` - `2022-08-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-10` - `2022-03-10`	3 months	crt.sh
a.omappapi.com R3	`2022-02-07` - `2022-05-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
api.opmnstr.com Amazon	`2022-02-09` - `2023-03-10`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
z.omappapi.com R3	`2022-01-08` - `2022-04-08`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://saveyourrefund.aarpfoundation.org/
Frame ID: A22330678CD7FEBC5230609F6E3D8A3C
Requests: 56 HTTP requests in this frame

Frame: https://4652332.fls.doubleclick.net/activityi;dc_pre=CJzygIuUqvYCFU5FHQkdlesJ2Q;src=4652332;type=conne0;cat=dfaun0;ord=5346692355205;gtm=2od2s0;auiddc=1150912913.1646317896;u1=%5Bpage_type%5D;~oref=https%3A%2F%2Fsaveyourrefund.aarpfoundation.org%2F
Frame ID: B8C259F3AC12C8C70B80BACED62E00A9
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CJzygIuUqvYCFU5FHQkdlesJ2Q;src=4652332;type=conne0;cat=dfaun0;ord=5346692355205;gtm=2od2s0;auiddc=1150912913.1646317896;u1=%5Bpage_type%5D;~oref=https%3A%2F%2Fsaveyourrefund.aarpfoundation.org%2F
Frame ID: A36F9B77460C1014188A79BED90C7407
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CJzygIuUqvYCFU5FHQkdlesJ2Q;src=4652332;type=conne0;cat=dfaun0;ord=5346692355205;gtm=2od2s0;auiddc=1150912913.1646317896;u1=%5Bpage_type%5D;~oref=https%3A%2F%2Fsaveyourrefund.aarpfoundation.org%2F
Frame ID: AA6B03912F53256B619A1B67FFC00CFF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SaveYourRefund – Save Your Tax Refund and Win!

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+foundation[^>"]+css

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

59
Requests

49 %
HTTPS

56 %
IPv6

13
Domains

17
Subdomains

17
IPs

2
Countries

1351 kB
Transfer

2802 kB
Size

26
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://secure.aarp.org/applications/VMISLocator/searchTaxAideLocations.action
Title: Get Help

Search URL Search Domain Scan URL

URL: https://aarp.org/foundation

Search URL Search Domain Scan URL

URL: https://www.aarp.org/about-aarp/privacy-policy/
Title: Your Privacy Rights – Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.aarp.org/about-aarp/terms-of-service/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://twitter.com/aarpfoundation

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AARPFoundation

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://4652332.fls.doubleclick.net/activityi;src=4652332;type=conne0;cat=dfaun0;ord=5346692355205;gtm=2od2s0;auiddc=1150912913.1646317896;u1=%5Bpage_type%5D;~oref=https%3A%2F%2Fsaveyourrefund.aarpfoundation.org%2F HTTP 302
https://4652332.fls.doubleclick.net/activityi;dc_pre=CJzygIuUqvYCFU5FHQkdlesJ2Q;src=4652332;type=conne0;cat=dfaun0;ord=5346692355205;gtm=2od2s0;auiddc=1150912913.1646317896;u1=%5Bpage_type%5D;~oref=https%3A%2F%2Fsaveyourrefund.aarpfoundation.org%2F

59 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
saveyourrefund.aarpfoundation.org/ 70 KB
17 KB 950ms
330ms Document
text/html 34.68.126.183
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://saveyourrefund.aarpfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.126.183 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 183.126.68.34.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: f76d5f17c1ca07e823006ff699e4e145498a1f66fd75e466f3f8b7d787e0bb17

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Thu, 03 Mar 2022 14:31:34 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
link: <https://saveyourrefund.aarpfoundation.org/wp-json/>; rel="https://api.w.org/" <https://saveyourrefund.aarpfoundation.org/wp-json/wp/v2/pages/10954>; rel="alternate"; type="application/json" <https://saveyourrefund.aarpfoundation.org/>; rel=shortlink
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 7
x-cache-group: normal
content-encoding: br

GET uc.js
consent.cookiebot.com/ 0
0

GET
H2 200 style.min.css
saveyourrefund.aarpfoundation.org/wp-includes/css/dist/block-library/ 79 KB
11 KB 166ms
165ms Stylesheet
text/css 34.68.126.183
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://saveyourrefund.aarpfoundation.org/wp-includes/css/dist/block-library/style.min.css?ver=5.8.3
Requested by: Host: saveyourrefund.aarpfoundation.org
URL: https://saveyourrefund.aarpfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.126.183 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 183.126.68.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saveyourrefund.aarpfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:31:34 GMT
content-encoding: br
last-modified: Wed, 01 Sep 2021 04:05:58 GMT
server: nginx
etag: W/"612efc26-13abe"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 mu-style.css
saveyourrefund.aarpfoundation.org/wp-content/plugins/sharethis-share-buttons/css/ 26 B
240 B 166ms
165ms Stylesheet
text/css 34.68.126.183
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://saveyourrefund.aarpfoundation.org/wp-content/plugins/sharethis-share-buttons/css/mu-style.css?ver=5.8.3
Requested by: Host: saveyourrefund.aarpfoundation.org
URL: https://saveyourrefund.aarpfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.126.183 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 183.126.68.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: f85e538e44687fc0feaa2f66a67831ec9f9b03446f115dec74b996da4a0a4a52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saveyourrefund.aarpfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:31:34 GMT
content-encoding: br
last-modified: Mon, 04 Oct 2021 18:29:13 GMT
server: nginx
etag: W/"615b47f9-1a"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.fancybox.min.css
cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/ 12 KB
3 KB 75ms
32ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css?ver=5.8.3

Requested by

Host: saveyourrefund.aarpfoundation.org
URL: https://saveyourrefund.aarpfoundation.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saveyourrefund.aarpfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:31:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2393488
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2695
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e58-31fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ifw1W4Q5mB8QOW0JQPmcZgdtQTv1n%2FvtSQxk1MfIatob7JAPD2FfyC9LAkpbD%2Bj6Bf4ebtZ40MGrGbfchGTgp0VXFUbLkJfVStN%2BkHMMQT4AePoIB32%2BiCeqBLae1BZV%2BoMD5QXdO%2BcqkNyLT3WVgp2W"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e63139b7caf9944-FRA
expires: Tue, 21 Feb 2023 14:31:34 GMT

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.2/ 57 KB
4 KB 75ms
32ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.2/animate.min.css?ver=5.8.3

Requested by

Host: saveyourrefund.aarpfoundation.org
URL: https://saveyourrefund.aarpfoundation.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c770e90f98eb21b0c042fafb49755af93306fbaf42e449524f94fae9fc83295

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saveyourrefund.aarpfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:31:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 493186
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3511
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d2a-e311"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F8NkdM0c6a80PQ6%2BL3u7kp1MU1mXMOjz4132Aq%2B3dULbG%2FFVF81dTYWUXiEL%2BuT3jfFQJBtkLy8u8IdBb%2BJSMOJ%2F27HrvuvMHMt7%2FIZHKvbrWqHlJCWLGJ%2BDxQKA5r4b0PhXqGb5MEB4s1%2F1xfFVCa0D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e63139b7cb29944-FRA
expires: Tue, 21 Feb 2023 14:31:34 GMT

GET
H2 200 style.css
saveyourrefund.aarpfoundation.org/wp-content/themes/connect2affectcom/ 182 KB
26 KB 203ms
201ms Stylesheet
text/css 34.68.126.183
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://saveyourrefund.aarpfoundation.org/wp-content/themes/connect2affectcom/style.css?ver=5.8.3
Requested by: Host: saveyourrefund.aarpfoundation.org
URL: https://saveyourrefund.aarpfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.126.183 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 183.126.68.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5e87d5c071fcc2a384b837ae2d187426643195fa82b368ab63ebff5a974f039a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saveyourrefund.aarpfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:31:34 GMT
content-encoding: br
last-modified: Fri, 07 May 2021 13:25:32 GMT
server: nginx
etag: W/"60953fcc-2d7cd"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 theme.css
saveyourrefund.aarpfoundation.org/wp-content/themes/connect2affectcom/ 87 B
249 B 203ms
201ms Stylesheet
text/css 34.68.126.183
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://saveyourrefund.aarpfoundation.org/wp-content/themes/connect2affectcom/theme.css?ver=5.8.3
Requested by: Host: saveyourrefund.aarpfoundation.org
URL: https://saveyourrefund.aarpfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.126.183 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 183.126.68.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 30743b9da465ff4cef1a9bec80243e1d62f34860b80e43538fe9bff4c0ef5708

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saveyourrefund.aarpfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:31:34 GMT
content-encoding: br
last-modified: Mon, 28 Dec 2020 08:55:49 GMT
server: nginx
etag: W/"5fe99d95-57"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.min.js Show response
saveyourrefund.aarpfoundation.org/wp-includes/js/jquery/ 87 KB
31 KB 352ms
350ms Script
application/javascript 34.68.126.183
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://saveyourrefund.aarpfoundation.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: saveyourrefund.aarpfoundation.org
URL: https://saveyourrefund.aarpfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.126.183 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 183.126.68.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saveyourrefund.aarpfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:31:34 GMT
content-encoding: br
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
server: nginx
etag: W/"6048e0ac-15db1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery-migrate.min.js Show response
saveyourrefund.aarpfoundation.org/wp-includes/js/jquery/ 11 KB
4 KB 352ms
351ms Script
application/javascript 34.68.126.183
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://saveyourrefund.aarpfoundation.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: saveyourrefund.aarpfoundation.org
URL: https://saveyourrefund.aarpfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.126.183 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 183.126.68.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saveyourrefund.aarpfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:31:34 GMT
content-encoding: br
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: nginx
etag: W/"5fb4e3fe-2bd8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 apbct-public--functions.min.js Show response
saveyourrefund.aarpfoundation.org/wp-content/plugins/cleantalk-spam-protect/js/ 3 KB
1 KB 386ms
384ms Script
application/javascript 34.68.126.183
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://saveyourrefund.aarpfoundation.org/wp-content/plugins/cleantalk-spam-protect/js/apbct-public--functions.min.js?ver=5.169.1
Requested by: Host: saveyourrefund.aarpfoundation.org
URL: https://saveyourrefund.aarpfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.126.183 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 183.126.68.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 140b8a5ffe7434e9217d3838352af59b45c7d11fd75acee3898220b388c4c24d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saveyourrefund.aarpfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:31:34 GMT
content-encoding: br
last-modified: Fri, 07 Jan 2022 07:11:19 GMT
server: nginx
etag: W/"61d7e797-c84"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 apbct-public.min.js Show response
saveyourrefund.aarpfoundation.org/wp-content/plugins/cleantalk-spam-protect/js/ 6 KB
3 KB 386ms
385ms Script
application/javascript 34.68.126.183
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://saveyourrefund.aarpfoundation.org/wp-content/plugins/cleantalk-spam-protect/js/apbct-public.min.js?ver=5.169.1
Requested by: Host: saveyourrefund.aarpfoundation.org
URL: https://saveyourrefund.aarpfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.126.183 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 183.126.68.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: b1b595b17620a0ed61f58b015ed793da8a58835757a74b06fdae296f410282c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saveyourrefund.aarpfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:31:34 GMT
content-encoding: br
last-modified: Fri, 07 Jan 2022 07:11:19 GMT
server: nginx
etag: W/"61d7e797-19ff"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 cleantalk-modal.min.js Show response
saveyourrefund.aarpfoundation.org/wp-content/plugins/cleantalk-spam-protect/js/ 3 KB
1 KB 386ms
385ms Script
application/javascript 34.68.126.183
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://saveyourrefund.aarpfoundation.org/wp-content/plugins/cleantalk-spam-protect/js/cleantalk-modal.min.js?ver=5.169.1
Requested by: Host: saveyourrefund.aarpfoundation.org
URL: https://saveyourrefund.aarpfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.126.183 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 183.126.68.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5cad62070b3313384046f00788d7567351713f093beddfd015f1da141c7c4583

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saveyourrefund.aarpfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:31:34 GMT
content-encoding: br
last-modified: Fri, 07 Jan 2022 07:11:19 GMT
server: nginx
etag: W/"61d7e797-c3a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 js.cookie.js Show response
saveyourrefund.aarpfoundation.org/wp-content/plugins/handl-utm-grabber/js/ 3 KB
2 KB 386ms
385ms Script
application/javascript 34.68.126.183
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://saveyourrefund.aarpfoundation.org/wp-content/plugins/handl-utm-grabber/js/js.cookie.js?ver=5.8.3
Requested by: Host: saveyourrefund.aarpfoundation.org
URL: https://saveyourrefund.aarpfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.126.183 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 183.126.68.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: be9fd8fcea458eae07d70cfbb97851f8aaffa032eb02faafe871b30b2df13d60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saveyourrefund.aarpfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:31:34 GMT
content-encoding: br
last-modified: Tue, 07 Dec 2021 06:01:07 GMT
server: nginx
etag: W/"61aef8a3-df1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 handl-utm-grabber.js Show response
saveyourrefund.aarpfoundation.org/wp-content/plugins/handl-utm-grabber/js/ 1 KB
906 B 386ms
385ms Script
application/javascript 34.68.126.183
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://saveyourrefund.aarpfoundation.org/wp-content/plugins/handl-utm-grabber/js/handl-utm-grabber.js?ver=5.8.3
Requested by: Host: saveyourrefund.aarpfoundation.org
URL: https://saveyourrefund.aarpfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.126.183 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 183.126.68.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e8a932b4e6e3de688605f22fa40537286b71813bce3fcfee7879f1390de88a62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saveyourrefund.aarpfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:31:35 GMT
content-encoding: br
last-modified: Tue, 07 Dec 2021 06:01:07 GMT
server: nginx
etag: W/"61aef8a3-5f5"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 184 KB
41 KB 72ms
24ms Script
text/javascript 18.66.112.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js

Requested by

Host: saveyourrefund.aarpfoundation.org
URL: https://saveyourrefund.aarpfoundation.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-111.fra56.r.cloudfront.net

Software

Resource Hash

444ee2a405e57ede9ef10e17bb58c0351c39e9d21203f242b55a77fd07d30784

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saveyourrefund.aarpfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:23:52 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 462
etag: W/"2df1b-sQ5Sn/JpfKxrQLYebTQ3d0yXV0s"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-amz-cf-pop: FRA56-P5
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: R6L2MEwwnGelM1x3ew-PXk56K4qkkpcrswA-XPHCwon_QyJhLSemdQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 174 KB
64 KB 122ms
49ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CPHWJ127BK

Requested by

Host: saveyourrefund.aarpfoundation.org
URL: https://saveyourrefund.aarpfoundation.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6f14f34445c8cf5937cd36cdf0941cbb2c3d90ca3fd408a9a7e8b6787f60e654

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saveyourrefund.aarpfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:31:35 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65379
x-xss-protection: 0
expires: Thu, 03 Mar 2022 14:31:35 GMT

GET
H2 200 SYR_logo_website_header.png
saveyourrefund.aarpfoundation.org/wp-content/uploads/2020/10/ 5 KB
6 KB 241ms
233ms Image
image/png 34.68.126.183
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saveyourrefund.aarpfoundation.org/wp-content/uploads/2020/10/SYR_logo_website_header.png
Requested by: Host: saveyourrefund.aarpfoundation.org
URL: https://saveyourrefund.aarpfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.126.183 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 183.126.68.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2d8f3f893d5e217c2ae1ae96feace76ca1dd921840c63cb28246bbcae590e3c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saveyourrefund.aarpfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:31:35 GMT
last-modified: Mon, 28 Dec 2020 08:55:48 GMT
server: nginx
etag: "5fe99d94-15f8"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 5624

GET
H2 200 Homepage-Hero-Darkened-iStock-1163982506.jpg
saveyourrefund.aarpfoundation.org/wp-content/uploads/2020/11/ 200 KB
201 KB 264ms
256ms Image
image/jpeg 34.68.126.183
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saveyourrefund.aarpfoundation.org/wp-content/uploads/2020/11/Homepage-Hero-Darkened-iStock-1163982506.jpg
Requested by: Host: saveyourrefund.aarpfoundation.org
URL: https://saveyourrefund.aarpfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.126.183 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 183.126.68.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: b084e3077ac597d0cc0ef985faa48330bc9bcf889379d73097a10333ee77c7e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saveyourrefund.aarpfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:31:35 GMT
last-modified: Mon, 28 Dec 2020 08:55:48 GMT
server: nginx
etag: "5fe99d94-3215b"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 205147

GET
H2 200 Homepage2-iStock-1172587205-1024x683.jpg
saveyourrefund.aarpfoundation.org/wp-content/uploads/2020/10/ 90 KB
91 KB 264ms
256ms Image
image/jpeg 34.68.126.183
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saveyourrefund.aarpfoundation.org/wp-content/uploads/2020/10/Homepage2-iStock-1172587205-1024x683.jpg
Requested by: Host: saveyourrefund.aarpfoundation.org
URL: https://saveyourrefund.aarpfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.126.183 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 183.126.68.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6f0d4bb7875d99613347c3e64f4abf97ae04007c5f00b0d40f6413575aaa67c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saveyourrefund.aarpfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:31:35 GMT
last-modified: Mon, 28 Dec 2020 08:55:48 GMT
server: nginx
etag: "5fe99d94-1698b"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 92555

GET
H2 200 Homepage3-iStock-1137722864-1024x611.jpg
saveyourrefund.aarpfoundation.org/wp-content/uploads/2020/10/ 123 KB
123 KB 264ms
256ms Image
image/jpeg 34.68.126.183
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saveyourrefund.aarpfoundation.org/wp-content/uploads/2020/10/Homepage3-iStock-1137722864-1024x611.jpg
Requested by: Host: saveyourrefund.aarpfoundation.org
URL: https://saveyourrefund.aarpfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.126.183 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 183.126.68.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 702b4446f78dae8cd7a7e80489ab7b95fcaf6aee86b057e3228e248722c248a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saveyourrefund.aarpfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:31:35 GMT
last-modified: Mon, 28 Dec 2020 08:55:48 GMT
server: nginx
etag: "5fe99d94-1eb2c"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 125740

GET
H2 200 Homepage4-iStock-1185358443-1024x683.jpg
saveyourrefund.aarpfoundation.org/wp-content/uploads/2020/10/ 94 KB
94 KB 264ms
257ms Image
image/jpeg 34.68.126.183
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saveyourrefund.aarpfoundation.org/wp-content/uploads/2020/10/Homepage4-iStock-1185358443-1024x683.jpg
Requested by: Host: saveyourrefund.aarpfoundation.org
URL: https://saveyourrefund.aarpfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.126.183 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 183.126.68.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: cc5d31acd4430e041147910f4d6707c7f3b894c9d08760bbdbe3005e86d52b80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saveyourrefund.aarpfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:31:35 GMT
last-modified: Mon, 28 Dec 2020 08:55:48 GMT
server: nginx
etag: "5fe99d94-17649"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 95817

GET
H2 200 Homepage5-iStock-494146669-1024x683.jpg
saveyourrefund.aarpfoundation.org/wp-content/uploads/2020/10/ 118 KB
118 KB 264ms
257ms Image
image/jpeg 34.68.126.183
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saveyourrefund.aarpfoundation.org/wp-content/uploads/2020/10/Homepage5-iStock-494146669-1024x683.jpg
Requested by: Host: saveyourrefund.aarpfoundation.org
URL: https://saveyourrefund.aarpfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.126.183 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 183.126.68.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8584ef158debcff113ba8af97780aededc37e34b44e3a23f13ef43dc55fb7322

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saveyourrefund.aarpfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:31:35 GMT
last-modified: Mon, 28 Dec 2020 08:55:48 GMT
server: nginx
etag: "5fe99d94-1d79d"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 120733

GET
H2 200 AARPF-Logo-with-tag-white-300x51.png
saveyourrefund.aarpfoundation.org/wp-content/uploads/2020/10/ 7 KB
7 KB 194ms
185ms Image
image/png 34.68.126.183
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saveyourrefund.aarpfoundation.org/wp-content/uploads/2020/10/AARPF-Logo-with-tag-white-300x51.png
Requested by: Host: saveyourrefund.aarpfoundation.org
URL: https://saveyourrefund.aarpfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.126.183 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 183.126.68.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: a600b5eba9ca0b4f2be80be94657693ce54829693abc47371c06a402bfa43aeb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saveyourrefund.aarpfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:31:35 GMT
last-modified: Mon, 28 Dec 2020 08:55:48 GMT
server: nginx
etag: "5fe99d94-1ba6"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 7078

GET
H2 200 jquery.fancybox.min.js Show response
cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/ 67 KB
19 KB 27ms
27ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js?ver=5.8.3

Requested by

Host: saveyourrefund.aarpfoundation.org
URL: https://saveyourrefund.aarpfoundation.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saveyourrefund.aarpfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 141068
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19249
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e58-10a9d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ln9JwAqk9tbSm%2B6TWMKg5fpZWQ1zBHlJxLkzAAMFSrmxBJTGmcXoNf8Aw8Se53rtDhp0g3%2BI5O0wyfGF0ywaQRZdlbaCCz59OJidztrhM8dn4huy209SKLrKGBqT3X5zSsj21Ih5M4Qf%2FwCgmDD1Lu21"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e63139e3abe9944-FRA
expires: Tue, 21 Feb 2023 14:31:35 GMT

GET
H2 200 wow.min.js Show response
cdnjs.cloudflare.com/ajax/libs/wow/1.1.2/ 8 KB
3 KB 66ms
57ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/wow/1.1.2/wow.min.js?ver=5.8.3

Requested by

Host: saveyourrefund.aarpfoundation.org
URL: https://saveyourrefund.aarpfoundation.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfa1739ee346d63a3d3cfdff8c18cbe8fdedbcb32d4b0895028c193ce828e7a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saveyourrefund.aarpfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 603292
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2346
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:55 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04033-1ff6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FaIXFmskxv2MaMwnCHdXW%2FHvz3a6vS7dFl%2FO7b8qQ2h%2BIQSqImPxCrtWN%2Bge4obr1PhNi0k07b5j9IYY1AoEQHnanRigLbSO9QuGZHBCxUWe61JFuyDwDzHjBJZdRD7%2BJMfoBfQ7rgDux0lXeYu9%2FyuJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e63139e5b449944-FRA
expires: Tue, 21 Feb 2023 14:31:35 GMT

GET
H2 200 jquery.main.js Show response
saveyourrefund.aarpfoundation.org/wp-content/themes/connect2affectcom/js/ 42 KB
9 KB 186ms
176ms Script
application/javascript 34.68.126.183
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://saveyourrefund.aarpfoundation.org/wp-content/themes/connect2affectcom/js/jquery.main.js?ver=5.8.3
Requested by: Host: saveyourrefund.aarpfoundation.org
URL: https://saveyourrefund.aarpfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.126.183 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 183.126.68.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: a2a7e9517201090809c2b6f440b89ebf5536f5278531dde28308e375645fa19a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saveyourrefund.aarpfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:31:35 GMT
content-encoding: br
last-modified: Thu, 06 May 2021 16:24:25 GMT
server: nginx
etag: W/"60941839-a711"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 pagescroll2id.min.js Show response
saveyourrefund.aarpfoundation.org/wp-content/themes/connect2affectcom/js/ 13 KB
4 KB 209ms
199ms Script
application/javascript 34.68.126.183
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://saveyourrefund.aarpfoundation.org/wp-content/themes/connect2affectcom/js/pagescroll2id.min.js?ver=5.8.3
Requested by: Host: saveyourrefund.aarpfoundation.org
URL: https://saveyourrefund.aarpfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.126.183 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 183.126.68.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: b102b20101ecc68ed0ebc3d23e6fb8ae789d8787e0444c8f219b4a89bd8cf0b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saveyourrefund.aarpfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:31:35 GMT
content-encoding: br
last-modified: Mon, 28 Dec 2020 08:55:49 GMT
server: nginx
etag: W/"5fe99d95-3301"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 cookie.js Show response
saveyourrefund.aarpfoundation.org/wp-content/themes/connect2affectcom/js/ 633 B
568 B 212ms
202ms Script
application/javascript 34.68.126.183
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://saveyourrefund.aarpfoundation.org/wp-content/themes/connect2affectcom/js/cookie.js?ver=5.8.3
Requested by: Host: saveyourrefund.aarpfoundation.org
URL: https://saveyourrefund.aarpfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.126.183 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 183.126.68.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7e2e710b0f9b846625ce951eca33c9d2fd2f05a399c94898dd85fb9d387ed92b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saveyourrefund.aarpfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:31:35 GMT
content-encoding: br
last-modified: Mon, 28 Dec 2020 08:55:49 GMT
server: nginx
etag: W/"5fe99d95-279"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.validate.js Show response
saveyourrefund.aarpfoundation.org/wp-content/themes/connect2affectcom/js/ 50 KB
14 KB 234ms
225ms Script
application/javascript 34.68.126.183
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://saveyourrefund.aarpfoundation.org/wp-content/themes/connect2affectcom/js/jquery.validate.js?ver=5.8.3
Requested by: Host: saveyourrefund.aarpfoundation.org
URL: https://saveyourrefund.aarpfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.126.183 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 183.126.68.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: a546cce815cd3fc8aaffb1fed884476e7aa21cccdd65985be9504ba518b154ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saveyourrefund.aarpfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:31:35 GMT
content-encoding: br
last-modified: Wed, 17 Feb 2021 16:37:16 GMT
server: nginx
etag: W/"602d463c-c713"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wp-embed.min.js Show response
saveyourrefund.aarpfoundation.org/wp-includes/js/ 1 KB
947 B 235ms
226ms Script
application/javascript 34.68.126.183
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://saveyourrefund.aarpfoundation.org/wp-includes/js/wp-embed.min.js?ver=5.8.3
Requested by: Host: saveyourrefund.aarpfoundation.org
URL: https://saveyourrefund.aarpfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.126.183 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 183.126.68.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saveyourrefund.aarpfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:31:35 GMT
content-encoding: br
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: nginx
etag: W/"5ff5d754-592"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 helper.js Show response
saveyourrefund.aarpfoundation.org/wp-content/plugins/optinmonster/assets/js/ 653 B
538 B 235ms
226ms Script
application/javascript 34.68.126.183
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://saveyourrefund.aarpfoundation.org/wp-content/plugins/optinmonster/assets/js/helper.js?ver=2.6.9
Requested by: Host: saveyourrefund.aarpfoundation.org
URL: https://saveyourrefund.aarpfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.126.183 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 183.126.68.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0a904bdffeaa6adf503ebd227303a2c0e8e534789a39376f602727bfab444c00

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saveyourrefund.aarpfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:31:35 GMT
content-encoding: br
last-modified: Tue, 07 Dec 2021 06:01:08 GMT
server: nginx
etag: W/"61aef8a4-28d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET cd.js
consent.cookiebot.com/e5a6254f-c646-4673-a380-bea7cc0a797a/ 0
0

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 92ms
24ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: saveyourrefund.aarpfoundation.org
URL: https://saveyourrefund.aarpfoundation.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a41cc09d8b3da302428484c4f1a3b75972ea7f7a8788390314a2c0b603cd52ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://saveyourrefund.aarpfoundation.org/
Origin: https://saveyourrefund.aarpfoundation.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: u2oPXj/UZ89TfuXDC+ulJg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Thu, 03 Mar 2022 14:38:53 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: IcZTWTbCCkjFs+48hbC6j9ozgxx8FfRqStAe6gl33EkJlPWNNxnftsmc6MBGRZayafvfTCwJJdqg30TZS746VQ==
x-fb-trip-id: 2050670934
x-fb-content-md5: 98539adffdbe4ff4049ef36e20fe44e1
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 03 Mar 2022 14:31:35 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "bcb4fe02d15f7ca02dcda6273e617756"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 api.min.js Show response
a.omappapi.com/app/js/ 205 KB
57 KB 122ms
27ms Script
application/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.js
Requested by: Host: saveyourrefund.aarpfoundation.org
URL: https://saveyourrefund.aarpfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 507ce7426c190c3d954909e634c514914c57d3f311fc022b560260614b596196

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saveyourrefund.aarpfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:31:35 GMT
content-encoding: br
cdn-edgestorageid: 756
perma-cache: HIT
cdn-storageserver: DE-198
cdn-cachedat: 02/25/2022 19:06:14
cdn-pullzone: 293267
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
server: BunnyCDN-DE1-756
access-control-allow-origin: *
last-modified: Fri, 25 Feb 2022 19:06:14 GMT
cdn-proxyver: 1.02
cdn-fileserver: 300
etag: W/"621928a6-33287"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: 8a201ecd988037615d066d503d5a2901
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 wp-emoji-release.min.js Show response
saveyourrefund.aarpfoundation.org/wp-includes/js/ 18 KB
5 KB 206ms
201ms Script
application/javascript 34.68.126.183
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://saveyourrefund.aarpfoundation.org/wp-includes/js/wp-emoji-release.min.js?ver=5.8.3
Requested by: Host: saveyourrefund.aarpfoundation.org
URL: https://saveyourrefund.aarpfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.126.183 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 183.126.68.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saveyourrefund.aarpfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:31:35 GMT
content-encoding: br
last-modified: Tue, 08 Jun 2021 22:15:12 GMT
server: nginx
etag: W/"60bfebf0-4705"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 92ms
31ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700|Merriweather:400,400i&display=swap

Requested by

Host: saveyourrefund.aarpfoundation.org
URL: https://saveyourrefund.aarpfoundation.org/wp-content/themes/connect2affectcom/style.css?ver=5.8.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dad9aec34b331360703ffcf22b1260f037f02c61e8ab6e82d2e5992d699cc8f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saveyourrefund.aarpfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 14:31:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 03 Mar 2022 14:31:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 03 Mar 2022 14:31:35 GMT

GET
H2 200 5e022ed2b784b90012810d90.js Show response
buttons-config.sharethis.com/js/ 1021 B
890 B 536ms
432ms Script
text/javascript 2600:9000:223c:8200:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/5e022ed2b784b90012810d90.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:8200:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a2979be853b5ff6af8a3e02b94a5f446249aca84fd4c908e8b9bfc763dec7c12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saveyourrefund.aarpfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 03 Mar 2022 14:31:36 GMT
content-encoding: gzip
last-modified: Fri, 30 Apr 2021 15:59:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
etag: W/"9cd8deca5565413370a4efd91b15687b"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
cache-control: public, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: _5Yz7YalYKiPrKxCD0oHaAdS9tfjKK6Cd1dOdbIlZLs-5ZBifFNUsw==

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
420 B 112ms
20ms XHR
text/plain 18.198.109.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&hostname=saveyourrefund.aarpfoundation.org&location=%2F&product=unknown&url=https%3A%2F%2Fsaveyourrefund.aarpfoundation.org%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=SaveYourRefund%20%E2%80%93%20Save%20Your%20Tax%20Refund%20and%20Win!&cms=unknown&publisher=5e022ed2b784b90012810d90&sop=true&version=st_sop.js&lang=en&description=AARP%20Foundation%27s%20SaveYourRefund%20can%20help%20you%20reach%20your%20financial%20goals%20and%20build%20liquid%20savings%20this%20tax%20season.%20Enter%20to%20win%20today!

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.198.109.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-198-109-212.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saveyourrefund.aarpfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 14:31:35 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Allow-Origin: https://saveyourrefund.aarpfoundation.org
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 social-twitter.png
saveyourrefund.aarpfoundation.org/wp-content/themes/connect2affectcom/images/ 936 B
1 KB 356ms
355ms Image
image/png 34.68.126.183
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saveyourrefund.aarpfoundation.org/wp-content/themes/connect2affectcom/images/social-twitter.png
Requested by: Host: saveyourrefund.aarpfoundation.org
URL: https://saveyourrefund.aarpfoundation.org/wp-content/themes/connect2affectcom/style.css?ver=5.8.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.126.183 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 183.126.68.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 702e7af9d75971b680b58fc3a6b93a69d0f8b7de3298ae01ba5f4ca2829e70e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saveyourrefund.aarpfoundation.org/wp-content/themes/connect2affectcom/style.css?ver=5.8.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:31:35 GMT
last-modified: Mon, 28 Dec 2020 08:55:49 GMT
server: nginx
etag: "5fe99d95-3a8"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 936

GET
H2 200 social-facebook.png
saveyourrefund.aarpfoundation.org/wp-content/themes/connect2affectcom/images/ 368 B
570 B 356ms
355ms Image
image/png 34.68.126.183
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saveyourrefund.aarpfoundation.org/wp-content/themes/connect2affectcom/images/social-facebook.png
Requested by: Host: saveyourrefund.aarpfoundation.org
URL: https://saveyourrefund.aarpfoundation.org/wp-content/themes/connect2affectcom/style.css?ver=5.8.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.126.183 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 183.126.68.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5d75b4b3ff857c4686361e8f677a3ffd5c9ce51e42dfe5a0667a3bd6635f388f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saveyourrefund.aarpfoundation.org/wp-content/themes/connect2affectcom/style.css?ver=5.8.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:31:35 GMT
last-modified: Mon, 28 Dec 2020 08:55:49 GMT
server: nginx
etag: "5fe99d95-170"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 368

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
24 KB 108ms
19ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700|Merriweather:400,400i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://saveyourrefund.aarpfoundation.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 19:30:55 GMT
x-content-type-options: nosniff
age: 68440
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Mar 2023 19:30:55 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 146ms
57ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700|Merriweather:400,400i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://saveyourrefund.aarpfoundation.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 19:31:18 GMT
x-content-type-options: nosniff
age: 68417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:21:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Mar 2023 19:31:18 GMT

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v28/ 20 KB
20 KB 127ms
38ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v28/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700|Merriweather:400,400i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://saveyourrefund.aarpfoundation.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 21:28:42 GMT
x-content-type-options: nosniff
age: 61373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20028
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 02:22:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Mar 2023 21:28:42 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 160ms
72ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700|Merriweather:400,400i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://saveyourrefund.aarpfoundation.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 19:31:18 GMT
x-content-type-options: nosniff
age: 68417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23236
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:18:07 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Mar 2023 19:31:18 GMT

GET
H2 200 pxjxibnh8jfxigbodjux Show response
api.omappapi.com/v2/embed/16404/ 2 KB
2 KB 155ms
109ms XHR
application/json 18.66.112.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/16404/pxjxibnh8jfxigbodjux
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-92.fra56.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: 66f93cd2e61c8121c2ebc7d523339eae2f3fc179fe099b35845c5b9bcc400e86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saveyourrefund.aarpfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:31:35 GMT
content-encoding: gzip
x-cache-config: 0 0
x-amz-cf-pop: FRA56-P5
x-cache-status: HIT
x-cache: Miss from cloudfront
access-control-allow-headers: X-CSRF-Token
x-optinmonster-campaign: pxjxibnh8jfxigbodjux
x-user-agent: standard--
last-modified: Sat, 17 Jul 2021 04:03:08 GMT
server: Pagely Gateway/1.5.1
etag: W/"166586bf8f8aea18f7ca3851e677e872"
vary: Accept-Encoding, User-Agent
content-type: application/json
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
access-control-expose-headers: X-OptinMonster-Campaign, X-User-Agent
cache-control: public, max-age=30, stale-while-revalidate=1800
access-control-allow-origin: *
x-amz-cf-id: K5D5FB2HgnLExX34VKJ-ZcGVBJKp695VN8SUxCCS3c-Y5dqgYrwUWQ==
expires: Thu, 03 Mar 2022 14:29:32 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
360 B 79ms
28ms Ping
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-CPHWJ127BK&gtm=2oe2s0&_p=314610967&_z=ccd.B&cid=1136577405.1646317896&ul=en-us&sr=1600x1200&_s=1&sid=1646317895&sct=1&seg=0&dl=https%3A%2F%2Fsaveyourrefund.aarpfoundation.org%2F&dt=SaveYourRefund%20%E2%80%93%20Save%20Your%20Tax%20Refund%20and%20Win!&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CPHWJ127BK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saveyourrefund.aarpfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Mar 2022 14:31:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://saveyourrefund.aarpfoundation.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 91 KB
37 KB 62ms
32ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-4652332&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CPHWJ127BK

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5850701bfb5890be00abf69a32beee0c3e7b6c185163f78c5beca81f006409ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saveyourrefund.aarpfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:31:35 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37346
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 03 Mar 2022 14:31:35 GMT

GET
H3 200 xfbml.customerchat.js Show response
connect.facebook.net/en_US/sdk/ 295 KB
84 KB 42ms
20ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js

Requested by

Host: saveyourrefund.aarpfoundation.org
URL: https://saveyourrefund.aarpfoundation.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

abcd9d84501c368bcf25d442249dce60275a96ad5bb6fdba8f57387b9c15e691

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saveyourrefund.aarpfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: FOXXlTKfGW0+uHwjh0lQmA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Thu, 03 Mar 2022 14:40:01 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 86097
x-fb-rlafr: 0
x-fb-debug: Ti5oQwtNwaACgPpe0mgMlmRGiPvhu27AjQKcURDyh7klMzU4qdtny9JgKM4E+owAdt5Qqr+RORsmLJgYFyAegQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: fdce2c7f25b7ec49e2814f0499fd7e41
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 03 Mar 2022 14:31:35 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "eaef5da825b79bf4b1895e9e14962fe3"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 281 KB
80 KB 43ms
21ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=0ab6991106271ec1f0076d1e02752163

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d6006d684dc9ec193c01db9634337128c4e20cc56db9e5078b431413fe4dc8a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://saveyourrefund.aarpfoundation.org/
Origin: https://saveyourrefund.aarpfoundation.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: EKcrBBfsQzLE/k/DEJFdWA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Fri, 03 Mar 2023 12:53:13 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 82124
x-fb-rlafr: 0
x-fb-debug: otyhHG1oOa2U9tvDqUJF3uh1SxiVW/BGWeW4diU8L1LZEqR3IsBzvGY8S1qdHtkoJbG8GBI9zzGLKDG5++CE1g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 0cc1571bf86087144fe4d92f9e0a8041
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 03 Mar 2022 14:31:35 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "64b16cf1b2306ca1043927195e9af9da"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H3

200

activityi;dc_pre=CJzygIuUqvYCFU5FHQkdlesJ2Q;src=4652332;type=conne0;cat=dfaun0;ord=5346692355205;gtm=2od2s0;auiddc=1150912913.1646317896;u1=%5Bpage_type%5D;~oref=https%3A%2F%2Fsaveyourrefund.aarpfo... Show response
4652332.fls.doubleclick.net/ Frame B8C2
Redirect Chain

https://4652332.fls.doubleclick.net/activityi;src=4652332;type=conne0;cat=dfaun0;ord=5346692355205;gtm=2od2s0;auiddc=1150912913.1646317896;u1=%5Bpage_type%5D;~oref=https%3A%2F%2Fsaveyourrefund.aarp...
https://4652332.fls.doubleclick.net/activityi;dc_pre=CJzygIuUqvYCFU5FHQkdlesJ2Q;src=4652332;type=conne0;cat=dfaun0;ord=5346692355205;gtm=2od2s0;auiddc=1150912913.1646317896;u1=%5Bpage_type%5D;~oref...

517 B
434 B

57ms
30ms

Document
text/html

142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4652332.fls.doubleclick.net/activityi;dc_pre=CJzygIuUqvYCFU5FHQkdlesJ2Q;src=4652332;type=conne0;cat=dfaun0;ord=5346692355205;gtm=2od2s0;auiddc=1150912913.1646317896;u1=%5Bpage_type%5D;~oref=https%3A%2F%2Fsaveyourrefund.aarpfoundation.org%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-4652332&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

5a3dff303dde8aed1ea51c37853322ad66491e5eef0662711ded5582a60a8325

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 03 Mar 2022 14:31:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 409
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 03 Mar 2022 14:31:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://4652332.fls.doubleclick.net/activityi;dc_pre=CJzygIuUqvYCFU5FHQkdlesJ2Q;src=4652332;type=conne0;cat=dfaun0;ord=5346692355205;gtm=2od2s0;auiddc=1150912913.1646317896;u1=%5Bpage_type%5D;~oref=https%3A%2F%2Fsaveyourrefund.aarpfoundation.org%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 webfont.js Show response
a.omappapi.com/app/js/webfont/1.5.18/ 16 KB
7 KB 22ms
22ms Script
application/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/webfont/1.5.18/webfont.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saveyourrefund.aarpfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:31:35 GMT
content-encoding: br
cdn-edgestorageid: 756
perma-cache: HIT
cdn-storageserver: DE-164
cdn-cachedat: 02/21/2022 14:17:46
cdn-pullzone: 293267
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
server: BunnyCDN-DE1-756
access-control-allow-origin: *
last-modified: Wed, 12 Jan 2022 21:27:42 GMT
cdn-proxyver: 1.02
cdn-fileserver: 278
etag: W/"61df47ce-40cb"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: 0f2cefaf6a7d842d4fbd18eb7d720f45
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 dc_pre=CJzygIuUqvYCFU5FHQkdlesJ2Q;src=4652332;type=conne0;cat=dfaun0;ord=5346692355205;gtm=2od2s0;auiddc=1150912913.1646317896;u1=%5Bpage_type%5D;~oref=https%3A%2F%2Fsaveyourrefund.aarpfoundation.o... Show response
adservice.google.com/ddm/fls/i/ Frame A36F 516 B
876 B 134ms
75ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CJzygIuUqvYCFU5FHQkdlesJ2Q;src=4652332;type=conne0;cat=dfaun0;ord=5346692355205;gtm=2od2s0;auiddc=1150912913.1646317896;u1=%5Bpage_type%5D;~oref=https%3A%2F%2Fsaveyourrefund.aarpfoundation.org%2F

Requested by

Host: 4652332.fls.doubleclick.net
URL: https://4652332.fls.doubleclick.net/activityi;dc_pre=CJzygIuUqvYCFU5FHQkdlesJ2Q;src=4652332;type=conne0;cat=dfaun0;ord=5346692355205;gtm=2od2s0;auiddc=1150912913.1646317896;u1=%5Bpage_type%5D;~oref=https%3A%2F%2Fsaveyourrefund.aarpfoundation.org%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b97f62f2b6b263212b1478a77109b35822cbd9b51331e306d01dd4ddb8f4ead7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://4652332.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 03 Mar 2022 14:31:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 407
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dc_pre=CJzygIuUqvYCFU5FHQkdlesJ2Q;src=4652332;type=conne0;cat=dfaun0;ord=5346692355205;gtm=2od2s0;auiddc=1150912913.1646317896;u1=%5Bpage_type%5D;~oref=https%3A%2F%2Fsaveyourrefund.aarpfoundation.o... Show response
adservice.google.de/ddm/fls/i/ Frame AA6B 194 B
870 B 117ms
58ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CJzygIuUqvYCFU5FHQkdlesJ2Q;src=4652332;type=conne0;cat=dfaun0;ord=5346692355205;gtm=2od2s0;auiddc=1150912913.1646317896;u1=%5Bpage_type%5D;~oref=https%3A%2F%2Fsaveyourrefund.aarpfoundation.org%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CJzygIuUqvYCFU5FHQkdlesJ2Q;src=4652332;type=conne0;cat=dfaun0;ord=5346692355205;gtm=2od2s0;auiddc=1150912913.1646317896;u1=%5Bpage_type%5D;~oref=https%3A%2F%2Fsaveyourrefund.aarpfoundation.org%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 03 Mar 2022 14:31:36 GMT
expires: Thu, 03 Mar 2022 14:31:36 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css
fonts.googleapis.com/ 9 KB
820 B 66ms
37ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:600,400%7CLato:600,400%7CSlack-Lato,+appleLogo,+sans-serif:400%7COpen+Sans:600,400

Requested by

Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/webfont/1.5.18/webfont.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

09b662097107fe8c5f3fbdd01c24439ab99fc6969e707a158a39282319b8aa76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saveyourrefund.aarpfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 14:31:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 03 Mar 2022 14:31:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 03 Mar 2022 14:31:37 GMT

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v23/ 30 KB
30 KB 50ms
22ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v23/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:600,400%7CLato:600,400%7CSlack-Lato,+appleLogo,+sans-serif:400%7COpen+Sans:600,400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://saveyourrefund.aarpfoundation.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 08:55:44 GMT
x-content-type-options: nosniff
age: 106553
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30876
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:11:59 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Mar 2023 08:55:44 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 44 KB
44 KB 46ms
19ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:600,400%7CLato:600,400%7CSlack-Lato,+appleLogo,+sans-serif:400%7COpen+Sans:600,400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://saveyourrefund.aarpfoundation.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 22:45:30 GMT
x-content-type-options: nosniff
age: 143167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Mar 2023 22:45:30 GMT

GET
H2 200 c6035fab5f6d8a605ac711cf5da60fcb-optin.json Show response
a.omappapi.com/app/campaign-views/f8239751b8ae/pxjxibnh8jfxigbodjux/ 18 KB
4 KB 97ms
49ms XHR
application/json 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/campaign-views/f8239751b8ae/pxjxibnh8jfxigbodjux/c6035fab5f6d8a605ac711cf5da60fcb-optin.json
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: e504931626c69b8ba6dba73d00a7747da4b4c1fad521c2f10f2fd6d11fd8bb48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saveyourrefund.aarpfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:31:38 GMT
content-encoding: br
cdn-edgestorageid: 756
perma-cache: HIT
cdn-storageserver: DE-200
cdn-cachedat: 03/03/2022 14:31:38
cdn-pullzone: 293267
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
server: BunnyCDN-DE1-756
access-control-allow-origin: *
last-modified: Sat, 17 Jul 2021 04:03:39 GMT
cdn-proxyver: 1.02
cdn-fileserver: 182
etag: W/"60f2569b-4777"
vary: Accept-Encoding
content-type: application/json
cdn-cache: MISS
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: 115a47cba9ff937d231d2c9c5517620c
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 204
No Content i Show response
z.omappapi.com/v3/ 0
221 B 592ms
118ms XHR
text/plain 178.128.135.232
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://z.omappapi.com/v3/i?aid=16404&cid=pxjxibnh8jfxigbodjux&sid=5fc57c84b7aab&rt=false&dv=desktop&cty=floating&url=&v=5
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.128.135.232 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: kong/0.14.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://saveyourrefund.aarpfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://saveyourrefund.aarpfoundation.org
Date: Thu, 03 Mar 2022 14:31:38 GMT
Access-Control-Allow-Credentials: true
Server: kong/0.14.1
Connection: keep-alive

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Domain: consent.cookiebot.com
URL: https://consent.cookiebot.com/e5a6254f-c646-4673-a380-bea7cc0a797a/cd.js

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
saveyourrefund.aarpfoundation.org/	1969-12-31 23:59:59	Name: apbct_timestamp Value: 1646317595
saveyourrefund.aarpfoundation.org/	1969-12-31 23:59:59	Name: apbct_site_landing_ts Value: 1646317595
saveyourrefund.aarpfoundation.org/	1969-12-31 23:59:59	Name: apbct_page_hits Value: 1
saveyourrefund.aarpfoundation.org/	1969-12-31 23:59:59	Name: apbct_cookies_test Value: %257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%252238860b242a625e354d3ee5aee17226b4%2522%257D
.saveyourrefund.aarpfoundation.org/	1970-01-20 01:22:57	Name: apbct_urls Value: %7B%22saveyourrefund.aarpfoundation.org%5C%2F%22%3A%5B1646317595%5D%7D
.saveyourrefund.aarpfoundation.org/	1970-01-20 01:22:57	Name: apbct_site_referer Value: UNKNOWN
saveyourrefund.aarpfoundation.org/	1970-01-20 02:01:49	Name: ct_sfw_pass_key Value: c829e9e01c7e117013bcd91da31ee9880
.saveyourrefund.aarpfoundation.org/	1970-01-20 02:01:49	Name: handl_landing_page Value: https%3A%2F%2Fsaveyourrefund.aarpfoundation.org%2F
.saveyourrefund.aarpfoundation.org/	1970-01-20 02:01:49	Name: handl_ip Value: 23.105.12.80
.saveyourrefund.aarpfoundation.org/	1970-01-20 02:01:49	Name: handl_url Value: https%3A%2F%2Fsaveyourrefund.aarpfoundation.org%2F
saveyourrefund.aarpfoundation.org/	1970-01-24 01:17:11	Name: _omappvp Value: 8DwQRJGSlmQkMWo7l4eGzxWZUvERuXDJIXH8ycKrnhTIWpVjFEyTEUegpyyNyHYpAhAFOfAtGXi5nycqPQf8SyYjOG8Bum1B
saveyourrefund.aarpfoundation.org/	1970-01-20 01:18:39	Name: _omappvs Value: 1646317895649
.aarpfoundation.org/	1970-01-20 18:49:49	Name: _ga_CPHWJ127BK Value: GS1.1.1646317895.1.0.1646317895.0
.aarpfoundation.org/	1970-01-20 18:49:49	Name: _ga Value: GA1.1.1136577405.1646317896
saveyourrefund.aarpfoundation.org/	1969-12-31 23:59:59	Name: ct_ps_timestamp Value: 1646317895
saveyourrefund.aarpfoundation.org/	1969-12-31 23:59:59	Name: ct_fkp_timestamp Value: 0
saveyourrefund.aarpfoundation.org/	1969-12-31 23:59:59	Name: ct_timezone Value: 0
saveyourrefund.aarpfoundation.org/	1969-12-31 23:59:59	Name: ct_screen_info Value: %7B%22fullWidth%22%3A1600%2C%22fullHeight%22%3A2979%2C%22visibleWidth%22%3A1600%2C%22visibleHeight%22%3A1200%7D
saveyourrefund.aarpfoundation.org/	1969-12-31 23:59:59	Name: ct_has_scrolled Value: false
saveyourrefund.aarpfoundation.org/	1969-12-31 23:59:59	Name: ct_mouse_moved Value: false
saveyourrefund.aarpfoundation.org/	1969-12-31 23:59:59	Name: ct_checked_emails Value: 0
.aarpfoundation.org/	1970-01-20 03:28:13	Name: _gcl_au Value: 1.1.1150912913.1646317896
.doubleclick.net/	1970-01-20 01:18:38	Name: test_cookie Value: CheckForPermission
saveyourrefund.aarpfoundation.org/	1969-12-31 23:59:59	Name: ct_pointer_data Value: %5B%5D
saveyourrefund.aarpfoundation.org/	1969-12-31 23:59:59	Name: apbct_visible_fields_0 Value: %7B%22visible_fields%22%3A%22s%22%2C%22visible_fields_count%22%3A1%2C%22invisible_fields%22%3A%22%22%2C%22invisible_fields_count%22%3A0%7D
saveyourrefund.aarpfoundation.org/	1970-01-20 01:18:39	Name: omSeen-pxjxibnh8jfxigbodjux Value: 1646317898196

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.googletagmanager.com/gtag/js?id=DC-4652332&l=dataLayer&cx=c(Line 40) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4652332.fls.doubleclick.net
a.omappapi.com
adservice.google.com
adservice.google.de
api.omappapi.com
buttons-config.sharethis.com
cdnjs.cloudflare.com
connect.facebook.net
consent.cookiebot.com
fonts.googleapis.com
fonts.gstatic.com
l.sharethis.com
platform-api.sharethis.com
saveyourrefund.aarpfoundation.org
www.google-analytics.com
www.googletagmanager.com
z.omappapi.com
consent.cookiebot.com
142.250.185.230
178.128.135.232
18.198.109.212
18.66.112.111
18.66.112.92
2600:9000:223c:8200:c:abe:f440:93a1
2606:4700::6810:125e
2a00:1450:4001:802::200e
2a00:1450:4001:809::2002
2a00:1450:4001:813::200a
2a00:1450:4001:827::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2008
2a03:2880:f02d:12:face:b00c:0:3
34.68.126.183
89.187.169.47
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
09b662097107fe8c5f3fbdd01c24439ab99fc6969e707a158a39282319b8aa76
0a904bdffeaa6adf503ebd227303a2c0e8e534789a39376f602727bfab444c00
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
140b8a5ffe7434e9217d3838352af59b45c7d11fd75acee3898220b388c4c24d
2d8f3f893d5e217c2ae1ae96feace76ca1dd921840c63cb28246bbcae590e3c7
30743b9da465ff4cef1a9bec80243e1d62f34860b80e43538fe9bff4c0ef5708
3c770e90f98eb21b0c042fafb49755af93306fbaf42e449524f94fae9fc83295
444ee2a405e57ede9ef10e17bb58c0351c39e9d21203f242b55a77fd07d30784
507ce7426c190c3d954909e634c514914c57d3f311fc022b560260614b596196
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
5850701bfb5890be00abf69a32beee0c3e7b6c185163f78c5beca81f006409ae
5a3dff303dde8aed1ea51c37853322ad66491e5eef0662711ded5582a60a8325
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
5cad62070b3313384046f00788d7567351713f093beddfd015f1da141c7c4583
5d75b4b3ff857c4686361e8f677a3ffd5c9ce51e42dfe5a0667a3bd6635f388f
5e87d5c071fcc2a384b837ae2d187426643195fa82b368ab63ebff5a974f039a
66f93cd2e61c8121c2ebc7d523339eae2f3fc179fe099b35845c5b9bcc400e86
6f0d4bb7875d99613347c3e64f4abf97ae04007c5f00b0d40f6413575aaa67c2
6f14f34445c8cf5937cd36cdf0941cbb2c3d90ca3fd408a9a7e8b6787f60e654
702b4446f78dae8cd7a7e80489ab7b95fcaf6aee86b057e3228e248722c248a6
702e7af9d75971b680b58fc3a6b93a69d0f8b7de3298ae01ba5f4ca2829e70e5
7e2e710b0f9b846625ce951eca33c9d2fd2f05a399c94898dd85fb9d387ed92b
8584ef158debcff113ba8af97780aededc37e34b44e3a23f13ef43dc55fb7322
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a2979be853b5ff6af8a3e02b94a5f446249aca84fd4c908e8b9bfc763dec7c12
a2a7e9517201090809c2b6f440b89ebf5536f5278531dde28308e375645fa19a
a41cc09d8b3da302428484c4f1a3b75972ea7f7a8788390314a2c0b603cd52ce
a546cce815cd3fc8aaffb1fed884476e7aa21cccdd65985be9504ba518b154ba
a600b5eba9ca0b4f2be80be94657693ce54829693abc47371c06a402bfa43aeb
abcd9d84501c368bcf25d442249dce60275a96ad5bb6fdba8f57387b9c15e691
b084e3077ac597d0cc0ef985faa48330bc9bcf889379d73097a10333ee77c7e0
b102b20101ecc68ed0ebc3d23e6fb8ae789d8787e0444c8f219b4a89bd8cf0b7
b1b595b17620a0ed61f58b015ed793da8a58835757a74b06fdae296f410282c3
b97f62f2b6b263212b1478a77109b35822cbd9b51331e306d01dd4ddb8f4ead7
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
be9fd8fcea458eae07d70cfbb97851f8aaffa032eb02faafe871b30b2df13d60
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
cc5d31acd4430e041147910f4d6707c7f3b894c9d08760bbdbe3005e86d52b80
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4
cfa1739ee346d63a3d3cfdff8c18cbe8fdedbcb32d4b0895028c193ce828e7a5
d6006d684dc9ec193c01db9634337128c4e20cc56db9e5078b431413fe4dc8a7
dad9aec34b331360703ffcf22b1260f037f02c61e8ab6e82d2e5992d699cc8f4
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e504931626c69b8ba6dba73d00a7747da4b4c1fad521c2f10f2fd6d11fd8bb48
e8a932b4e6e3de688605f22fa40537286b71813bce3fcfee7879f1390de88a62
f76d5f17c1ca07e823006ff699e4e145498a1f66fd75e466f3f8b7d787e0bb17
f85e538e44687fc0feaa2f66a67831ec9f9b03446f115dec74b996da4a0a4a52

saveyourrefund.aarpfoundation.org Open in urlscan Pro 34.68.126.183 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

59 Requests

49 %HTTPS

56 %IPv6

13 Domains

17 Subdomains

17 IPs

2 Countries

1351 kBTransfer

2802 kBSize

26 Cookies

6 Outgoing links

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

saveyourrefund.aarpfoundation.org Open in urlscan Pro
34.68.126.183 Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

49 %
HTTPS

56 %
IPv6

13
Domains

17
Subdomains

17
IPs

2
Countries

1351 kB
Transfer

2802 kB
Size

26
Cookies

59 HTTP transactions
0 data transactions