Submitted URL: http://globalrefundgroup.com/
Effective URL: https://globalrefundgroup.com/
Submission: On July 30 via api from PH

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 70 HTTP transactions. The main IP is 2606:4700:3034::6815:5449, located in United States and belongs to CLOUDFLARENET, US. The main domain is globalrefundgroup.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 29th 2021. Valid for: a year.
This is the only time globalrefundgroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
60 globalrefundgroup.com 1 redirects globalrefundgroup.com
5 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com globalrefundgroup.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 www.googletagmanager.com globalrefundgroup.com
70 5

This site contains links to these domains. Also see Links.

Domain
www.vwthemes.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-04-29 -
2022-04-28
a year crt.sh
upload.video.google.com
GTS CA 1O1
2021-07-05 -
2021-09-27
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-06-28 -
2021-09-20
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-06-28 -
2021-09-20
3 months crt.sh

This page contains 1 frames:

Primary Page: https://globalrefundgroup.com/
Frame ID: D3101781C971EB64B01193B4A9A566F2
Requests: 70 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://globalrefundgroup.com/ HTTP 301
    https://globalrefundgroup.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

70
Requests

100 %
HTTPS

100 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

1922 kB
Transfer

3447 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://globalrefundgroup.com/ HTTP 301
    https://globalrefundgroup.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

70 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
globalrefundgroup.com/
Redirect Chain
  • http://globalrefundgroup.com/
  • https://globalrefundgroup.com/
64 KB
15 KB
Document
General
Full URL
https://globalrefundgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.29
Resource Hash
8384e9c53eb3693f059050f90cc8ec99a8e2fe2758671393f13ea9f0a4635933

Request headers

:method
GET
:authority
globalrefundgroup.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.3.29
link
<https://globalrefundgroup.com/wp-json/>; rel="https://api.w.org/" <https://globalrefundgroup.com/wp-json/wp/v2/pages/14>; rel="alternate"; type="application/json" <https://globalrefundgroup.com/>; rel=shortlink
vary
Accept-Encoding
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-turbo-charged-by
LiteSpeed
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rw4xf6skKrOYGGzywb%2FwVqNSSYn5%2FMEAz0kygXIKZ2nk7uAwgmW30X9tvgXwtbcXZz%2FxRZUDObZiR2sDn%2B5v7O04OjtooJG3gpjwZ9%2B0UcDwzw%2BC8OCQIHusSNm6ipELmhP%2BF%2FJVCBamtWgBz2VvQ5eeGsU%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
676b216dba9205d0-FRA
content-encoding
br

Redirect headers

Date
Fri, 30 Jul 2021 02:24:25 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Fri, 30 Jul 2021 03:24:25 GMT
Location
https://globalrefundgroup.com/
cf-request-id
0b96d338730000969e1d93d000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L4DNrdgrmEF5a2TMC8nNTBqgPj0W9BLeiXoHBKErNJk8cuCOK30rpkiom0VSdNkCSR6565JUWwipJ4K8zs7jvDdO9r1l6GJQqq1r3bHd1ndV5ky7kmN5uQFDwDobmxgAEAJ6uYY8K6OzqTuBBKmbrRusVP0%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
676b216d89c4969e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
style.min.css
globalrefundgroup.com/wp-includes/css/dist/block-library/
57 KB
9 KB
Stylesheet
General
Full URL
https://globalrefundgroup.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

:path
/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1770786
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Wed, 07 Apr 2021 02:20:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BCJArI65W6RZUPDxLBFSMv6Ry9%2FVDBkVUMBxkbPVNwUIobbOF3UxsgTLb32SUIaG0dX5IRCq0Ld5CU1CcLa5O9W889zawccCRVKeBKkzzp0YU4jzGfqx4YBbr%2F9KhEkfW6z3YiSdHml1ruLwYnsed7gxeKw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
676b217e0ae34eb0-FRA
expires
Fri, 16 Jul 2021 14:31:19 GMT
bbpress.min.css
globalrefundgroup.com/wp-content/plugins/bbpress/templates/default/css/
29 KB
6 KB
Stylesheet
General
Full URL
https://globalrefundgroup.com/wp-content/plugins/bbpress/templates/default/css/bbpress.min.css?ver=2.6.5
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481bfa4292798eb15d056ff461dc1e90bbe9795fd99299b59c02970a0e710207

Request headers

:path
/wp-content/plugins/bbpress/templates/default/css/bbpress.min.css?ver=2.6.5
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1770786
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Mon, 27 Jul 2020 09:21:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9QjIHACBdWEjWhJnli4%2BaUg0F6HkXWQ1vFogLwOgT%2BNY5tJKyJhgP6HJfbowVluAFb4FwYk31U%2BT%2FKGNFIFBTUlSX83nk%2F6obBRxand08q25T9aRmb9aNuq1lKOyP9X%2FcXxQRw4qxNb40Mnr53Ax%2BCekKPw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
676b217e0ae14eb0-FRA
expires
Fri, 16 Jul 2021 14:31:19 GMT
styles.css
globalrefundgroup.com/wp-content/plugins/contact-form-7/includes/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://globalrefundgroup.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.2
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ddc2daa3935e81bec0daa5effbf1861f60ed8ddea3c348c95c5302912233858

Request headers

:path
/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1770786
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Mon, 27 Jul 2020 09:29:01 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o6SM%2BfEC1uptXsHY3U1OqVFeMc09FNuezmCIxA2rFJNtw12rcFA7zROtBnU4ifMH6QD3XIwizgz8AuLjdU5gvF8FWzC1YtvG6LtMCJDfBPMvsFf7Np9e2EQaAxjqYfcOtIlWZ0obbCIqVzieZhlmvWZA1SM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
676b217e0aee4eb0-FRA
expires
Fri, 16 Jul 2021 14:31:19 GMT
all.css
globalrefundgroup.com/wp-content/plugins/simple-floating-menu/assets/css/
60 KB
11 KB
Stylesheet
General
Full URL
https://globalrefundgroup.com/wp-content/plugins/simple-floating-menu/assets/css/all.css?ver=1.0.0
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9991f67d7243acd284a6df9c6a74e49a83dd2a21d20ed72dd69603d1e914c77

Request headers

:path
/wp-content/plugins/simple-floating-menu/assets/css/all.css?ver=1.0.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1770786
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Sun, 26 Jul 2020 19:21:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KcK%2Bvry1fsD4NXZa%2F%2FXHKytrcSPZMkKtlwTRuKJxJJ2LPH9wmclet8AG8zUlzn9NxZHc8PqlzLahZVt%2F70jgcnkRpmyFNWHK456d4NdGGiVAYGsbpP%2FWxBaQZeFmArNzdGI17bnA8Jz%2BpHMU5uwHya2EBvk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
676b217e0aed4eb0-FRA
expires
Fri, 16 Jul 2021 14:31:19 GMT
eleganticons.css
globalrefundgroup.com/wp-content/plugins/simple-floating-menu/assets/css/
25 KB
5 KB
Stylesheet
General
Full URL
https://globalrefundgroup.com/wp-content/plugins/simple-floating-menu/assets/css/eleganticons.css?ver=1.0.0
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52a5fdc5fcba3cfcc39c208ce3ccb38abee464d629879b28bdb0692b767abc59

Request headers

:path
/wp-content/plugins/simple-floating-menu/assets/css/eleganticons.css?ver=1.0.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1770786
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Sun, 26 Jul 2020 19:21:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IpYUq697NB2Clk3Il%2Fg2duEGClD6kKR03ZfZ26lqlz4jZxFHS3B%2BBVoh8JrUzh3lQAq%2F7e5M4sD1RI8%2FN%2Fb8HugY%2FxDQImIKN%2FSbI2HDDFxqpUkwkYSTV95D7n748bX9aHks1PfI8x7HwuRGLOjlQb9RmWc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
676b217e0aec4eb0-FRA
expires
Fri, 16 Jul 2021 14:31:19 GMT
essential-icon.css
globalrefundgroup.com/wp-content/plugins/simple-floating-menu/assets/css/
20 KB
3 KB
Stylesheet
General
Full URL
https://globalrefundgroup.com/wp-content/plugins/simple-floating-menu/assets/css/essential-icon.css?ver=1.0.0
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5168b88a29580bb2e4c6bcaf94c24c2801eaef58751f8eafeeb7d050aec4838

Request headers

:path
/wp-content/plugins/simple-floating-menu/assets/css/essential-icon.css?ver=1.0.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1770786
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Sun, 26 Jul 2020 19:21:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1G6Ux9j4qeJwhlAmHU8axlbLgYDHfd8fPNexYLjOLihRqomBbwMn0gdCh20PkXvIoNrHfbKPY91iHT3tlwF3tZU8Tau6GkBFfhfa3We4EZmsg%2FFbDTLzi385F3jkarNFjPggMAHQLPUnYHErZx39e0iln70%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
676b217e0ae54eb0-FRA
expires
Fri, 16 Jul 2021 14:31:19 GMT
icofont.css
globalrefundgroup.com/wp-content/plugins/simple-floating-menu/assets/css/
110 KB
16 KB
Stylesheet
General
Full URL
https://globalrefundgroup.com/wp-content/plugins/simple-floating-menu/assets/css/icofont.css?ver=1.0.0
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed8d1b1ebb0bfb62343f83fb6820cbf7ff134072db28adadb2e37ab626118333

Request headers

:path
/wp-content/plugins/simple-floating-menu/assets/css/icofont.css?ver=1.0.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1770786
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Sun, 26 Jul 2020 19:21:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=snu3gjzRpL6y2YJNa%2BNmR%2FhnxvMyi2iqOUj57lLj3vqXcfAZJ4bz77APCq9RoANOVUbQ%2FhN7q%2BzswG3ABEPoMmUhOVO8z2R%2F6YjC1VazwdPiYGHR4vIK6Yu7hrx%2FoQXk3g4MBBHhNBiKHr2YV4Z3RGiSogA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
676b217e0adb4eb0-FRA
expires
Fri, 16 Jul 2021 14:31:19 GMT
materialdesignicons.css
globalrefundgroup.com/wp-content/plugins/simple-floating-menu/assets/css/
104 KB
16 KB
Stylesheet
General
Full URL
https://globalrefundgroup.com/wp-content/plugins/simple-floating-menu/assets/css/materialdesignicons.css?ver=1.0.0
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34a71f4fb5b2a0c47b13fb99a0f6452aa0e0ba490cbe9efb9723dcf8fdcd3852

Request headers

:path
/wp-content/plugins/simple-floating-menu/assets/css/materialdesignicons.css?ver=1.0.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1770786
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Sun, 26 Jul 2020 19:21:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TNlDvM1WZFNB5WJqs1TjdH%2FQlIAsEQSAFHcihQ9oU8iuGLtdglPWQ48nM45Ig9f%2BtwUQJyvzFME8p0qIhOOnWODVUF1V7JukJfCpIVWMlpq1HNOPK%2Fd9ZG1Q6kELfFzhi8vjAiF1ZCzz9NP%2FLmjwu7A3gxc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
676b217e0ae64eb0-FRA
expires
Fri, 16 Jul 2021 14:31:19 GMT
style.css
globalrefundgroup.com/wp-content/plugins/simple-floating-menu/assets/css/
6 KB
2 KB
Stylesheet
General
Full URL
https://globalrefundgroup.com/wp-content/plugins/simple-floating-menu/assets/css/style.css?ver=1.0.0
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07fd3c634eee674b3455465b774ae1b0945efbd446b6ae43ca8401b8742c5fcb

Request headers

:path
/wp-content/plugins/simple-floating-menu/assets/css/style.css?ver=1.0.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1770786
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Sun, 26 Jul 2020 19:21:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4HyPu08jmj%2BhJlTCNX1iuIdEsSglMfBq7v9qm5G4GpsPW32WZWXxe%2Fxtuj3HOQ0Z5VNFReMIKuVyQ9%2FocLydY%2Fnor9lNwofwc78nEHqrKQlCn1sOwUhJ5MQIZ7MK%2FHMls8sClVPIFH6m9pHC53SHWG%2FxhbQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
676b217e0add4eb0-FRA
expires
Fri, 16 Jul 2021 14:31:19 GMT
css
fonts.googleapis.com/
20 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i&subset=latin%2Clatin-ext&ver=1.00
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
176bf34c69ad4b716195073e854bcb902e052f159870b34de9886245f48bec6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 30 Jul 2021 00:29:26 GMT
server
ESF
date
Fri, 30 Jul 2021 02:24:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 30 Jul 2021 02:24:27 GMT
css
fonts.googleapis.com/
160 KB
8 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=PT+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CRoboto%3A400%2C700%7CRoboto+Condensed%3A400%2C700%7COpen+Sans%7COverpass%7CMontserrat%3A300%2C400%2C600%2C700%2C800%2C900%7CPlayball%3A300%2C400%2C600%2C700%2C800%2C900%7CAlegreya%3A300%2C400%2C600%2C700%2C800%2C900%7CJulius+Sans+One%7CArsenal%7CSlabo%7CLato%7COverpass+Mono%7CSource+Sans+Pro%7CRaleway%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CMerriweather%7CRubik%7CLora%7CUbuntu%7CCabin%7CArimo%7CPlayfair+Display%7CQuicksand%7CPadauk%7CMuli%7CInconsolata%7CBitter%7CPacifico%7CIndie+Flower%7CVT323%7CDosis%7CFrank+Ruhl+Libre%7CFjalla+One%7COxygen%7CArvo%7CNoto+Serif%7CLobster%7CCrimson+Text%7CYanone+Kaffeesatz%7CAnton%7CLibre+Baskerville%7CBree+Serif%7CGloria+Hallelujah%7CJosefin+Sans%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%26amp%3Bsubset%3Dlatin-ext%2Cvietnamese%7CAbril+Fatface%7CVarela+Round%7CVampiro+One%7CShadows+Into+Light%7CCuprum%7CRokkitt%7CVollkorn%7CFrancois+One%7COrbitron%7CPatua+One%7CAcme%7CSatisfy%7CJosefin+Slab%7CQuattrocento+Sans%7CArchitects+Daughter%7CRusso+One%7CMonda%7CRighteous%7CLobster+Two%7CHammersmith+One%7CCourgette%7CPermanent+Marker%7CCherry+Swash%7CCormorant+Garamond%7CPoiret+One%7CBenchNine%7CEconomica%7CHandlee%7CCardo%7CAlfa+Slab+One%7CAveria+Serif+Libre%7CCookie%7CChewy%7CGreat+Vibes%7CComing+Soon%7CPhilosopher%7CDays+One%7CKanit%7CShrikhand%7CTangerine%7CIM+Fell+English+SC%7CBoogaloo%7CBangers%7CFredoka+One%7CBad+Script%7CVolkhov%7CShadows+Into+Light+Two%7CMarck+Script%7CSacramento%7CPoppins%3A100%2C200%2C300%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%26amp%3Bsubset%3Ddevanagari%2Clatin-ext%7CPT+Serif%7CKaushan%2BScript%26display%3Dswap%26subset%3Dlatin-ext&ver=5.7.2
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0fe9cc2d3bd0b6ba9c65924066a7179cb915d2d9dd5408d3ab9b95a35cdf09f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 30 Jul 2021 02:24:27 GMT
server
ESF
date
Fri, 30 Jul 2021 02:24:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 30 Jul 2021 02:24:27 GMT
bootstrap.min.css
globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/css/
152 KB
24 KB
Stylesheet
General
Full URL
https://globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/css/bootstrap.min.css?ver=5.7.2
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Request headers

:path
/wp-content/themes/vw-landing-page-pro/assets/css/bootstrap.min.css?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1770786
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Mon, 27 Jul 2020 09:15:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lEHKIYbh2LswobslXzW4VAbARe0oPuUhISEio8QTWuOCBDDRVgbrDQQZL2vVitT4GNysRm%2BQ62QY4f4YsuxUjKgpCvHopOAda8VsUpyT%2BCYqentJpbCzTGazcPg%2BoO3SyQ2GZmOf0wOGcU3rOzUvVSgZ1GI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
676b217e0ad94eb0-FRA
expires
Fri, 16 Jul 2021 14:31:19 GMT
style.css
globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/
118 KB
22 KB
Stylesheet
General
Full URL
https://globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/style.css?ver=5.7.2
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fade43bd27eb6959cdbc62680fc37406a6119ce976965750f525abe7c6a5615

Request headers

:path
/wp-content/themes/vw-landing-page-pro/style.css?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1770786
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Wed, 19 May 2021 17:53:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bhl1YWLcy8wMm27s7U7K5FpWbrOW17K34ciB0QpGxH64j%2BL2KZA8LHbRdnqvP3BUXMmEjHNSbThbIV58L%2Fs7h6QPwOAKL4RHCtV9OjiYLHDbC8kTK%2BkH3BCvuCMv5P%2BwWjs1UJgwFr2uBjP9ebwyRHyp%2Fgw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
676b217e0ad84eb0-FRA
expires
Fri, 16 Jul 2021 14:31:19 GMT
animation.css
globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/css/
67 KB
6 KB
Stylesheet
General
Full URL
https://globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/css/animation.css?ver=5.7.2
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eca89d24cbc453e066518b70e8d5e08d43587276646747d45de949c7dc92e021

Request headers

:path
/wp-content/themes/vw-landing-page-pro/assets/css/animation.css?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1770786
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Mon, 27 Jul 2020 09:15:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LoAqve72TRTV1GS4HbNCWpCKcV%2Bxt5BwckMP4D78WbX1vgY4M5KAq642mCBtTrzKWDayumsj%2Bhknh5gEypdrwUprj82%2FnbYQKx2VjJl8LHQVX4ypxIcqbNJ1mcaLLsph4POpKSd1qBC%2FN4PkpJl4LBF9fmo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
676b217e0ae24eb0-FRA
expires
Fri, 16 Jul 2021 14:31:19 GMT
custom-animation.css
globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/css/
68 B
689 B
Stylesheet
General
Full URL
https://globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/css/custom-animation.css?ver=5.7.2
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8f1aa413f3eb5304b579deba529ab7b57a793f4ef9bab033f8a450abf8e3fa4

Request headers

:path
/wp-content/themes/vw-landing-page-pro/assets/css/custom-animation.css?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1770786
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Mon, 27 Jul 2020 09:15:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RgE0Z5%2B7gMWoaGzhchUJGD%2BiMnrsCm51HeeWNIM1fFOQOikZ6JjYdG1VM9t0g%2FZxfyIBiWr4dE3MrARNIAiq9%2B2%2By7L34UPwXbwoQsPUvchmB9kxnJDBxzwfvLlujsgFOJ3dUqiQlYgHe85ISUbNLGKbpQ4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
676b217e0ae44eb0-FRA
expires
Fri, 16 Jul 2021 14:31:19 GMT
animate.css
globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/css/
20 KB
3 KB
Stylesheet
General
Full URL
https://globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/css/animate.css?ver=5.7.2
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
870121a26fabb87ad9a2ff678d2ec0aae82a919d26b8e9c926de896f4d8e8462

Request headers

:path
/wp-content/themes/vw-landing-page-pro/assets/css/animate.css?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1770786
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Mon, 27 Jul 2020 09:15:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TSLTK0QZGvFHaF2kR%2F2nF6kv4a2yq0Nz4z5wUQWrY9Y8FJmMViQpuH%2FTdVQ4fPtlksactyLf75XCdEMX5m3ZJD5c8vUK%2BNxq3%2FoqkeVMYKO4rq91l8oHe2QpjfSCaVrxUuLguTwavVqEjpdohJsl03cNm2c%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
676b217e0af74eb0-FRA
expires
Fri, 16 Jul 2021 14:31:19 GMT
font-awesome.min.css
globalrefundgroup.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://globalrefundgroup.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d

Request headers

:path
/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1770786
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Sun, 26 Jul 2020 11:32:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9rpZcBS4ygEjudYOMHfPRH8dYl%2ByBj%2BHHxYaqRyX69Iq%2BxXBz8uGbkIEEe9SM3JmH7BjAtJ3oURmhMo0HZLjFVnbPzUfv59co9oMDOmkO4Y%2F6vxDD63QFURxEhab%2F4jI8LIvx9qOq4bIKYfUlPgYfGrmxYY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
676b217e0af54eb0-FRA
expires
Fri, 16 Jul 2021 14:31:19 GMT
effect.css
globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/css/effect.css?ver=5.7.2
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c252483b3652cd0703315d627dfc2b433f497b0029e48b5f4b5c3b7f5cf987bb

Request headers

:path
/wp-content/themes/vw-landing-page-pro/assets/css/effect.css?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
14592
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Mon, 27 Jul 2020 09:15:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=81KPWHh8PRuSS0wYLEFRAqkwsDnfl1D5YTo92sedQ13e%2FHOJQq2s%2BqoeqIfBd7S87EKH3%2BB2pe3X%2FMfZTgntd38%2BdVFUT7LqBtgjj1eafQxjaGJVQhcwhE2jh13GHkjFHAzGRQ9xUWPMkfhcNWWfrEk%2FtNM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
676b217e0af84eb0-FRA
expires
Thu, 05 Aug 2021 22:21:13 GMT
owl.carousel.css
globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/css/
5 KB
2 KB
Stylesheet
General
Full URL
https://globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/css/owl.carousel.css?ver=5.7.2
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f965531c70972c209917c1867f595940ad8a2416935c04d024a7373a28c234d

Request headers

:path
/wp-content/themes/vw-landing-page-pro/assets/css/owl.carousel.css?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1364255
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Mon, 27 Jul 2020 09:15:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iX4zHTW8jB9qpJDtrXmjMCUP71nzhCA36ARjsdmduEr8J4aPIQBAZTzGhF6t0hYl5%2FsFEhfQya0HfHrtMFEv1ldXkvURLHN5scV1SUABoMTJ1JTA7me9uouTvpvuxuVGFa2zvbt2mlELr8BEwlpUfaiWwvs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
676b217e0aeb4eb0-FRA
expires
Wed, 21 Jul 2021 07:26:50 GMT
payment.css
globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/css/
11 KB
3 KB
Stylesheet
General
Full URL
https://globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/css/payment.css?ver=1.4
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb15b9c707e97b510546f64b263492b44dc7092becf6a32734d2006d1e18b2cc

Request headers

:path
/wp-content/themes/vw-landing-page-pro/assets/css/payment.css?ver=1.4
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2117284
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Thu, 20 May 2021 12:30:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q4eAv0pUGOdDZRAex%2BUsb%2BBzSstTmMPlLjEItdj9Ex9VxU7LTLJUVeUr4Fx4SBPZ4tsIQYNTmpDjbTKvDmGQJvtbBgCJIRzejo19Lwdnf4kp7oiA%2BKo14dtT%2BL35SB1Pke53mhBsk7NGSg%2FM48U%2FwV6XfQM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
676b217e0ae94eb0-FRA
expires
Mon, 12 Jul 2021 14:16:20 GMT
sassy-social-share-public.css
globalrefundgroup.com/wp-content/plugins/sassy-social-share/public/css/
34 KB
10 KB
Stylesheet
General
Full URL
https://globalrefundgroup.com/wp-content/plugins/sassy-social-share/public/css/sassy-social-share-public.css?ver=3.3.10
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
182cab990c2118fcdb18feab5115335e4eb4bc0b38bb30a36c4e73c92b080ea4

Request headers

:path
/wp-content/plugins/sassy-social-share/public/css/sassy-social-share-public.css?ver=3.3.10
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1770786
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Tue, 28 Jul 2020 06:21:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eh065iROD6lCtrbvsICcE47H2K5faRqO5lYNcB7j3RRSNfwJNhogmqEja0eUMubl9SJLdGgGHBwiDnwDiRmNTCQNcn3re%2FJLWIswq8kms5IN%2BqEV%2BHhiVSYm8BWbXXSDQ%2FcBIs8jKXeFVxFDCrjaO%2FzWYus%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
676b217e0ada4eb0-FRA
expires
Fri, 16 Jul 2021 14:31:19 GMT
sassy-social-share-svg.css
globalrefundgroup.com/wp-content/plugins/sassy-social-share/admin/css/
109 KB
34 KB
Stylesheet
General
Full URL
https://globalrefundgroup.com/wp-content/plugins/sassy-social-share/admin/css/sassy-social-share-svg.css?ver=3.3.10
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c19b3e7d4486f0d1c11fa6c3d628042a9a1cc5e386484e0cdeba44cbbe3a359

Request headers

:path
/wp-content/plugins/sassy-social-share/admin/css/sassy-social-share-svg.css?ver=3.3.10
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1364255
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Tue, 28 Jul 2020 06:21:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PBaxvI9F0dUFeiMF4yUWtbhooAvGCUuMZjs5Q%2BfbmuYWvER89kTotVRw9DhUyqOS3HBhHX489bmmJ31fxJfXwx8sQjO4LoPIxLt7P9izqSNHU0Cdh3aP8%2FcPSm5Mm3E%2FSFjKuGqwhC30vi7HcxWl3YYvhYs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
676b217e0af04eb0-FRA
expires
Wed, 21 Jul 2021 07:26:50 GMT
elementor-icons.min.css
globalrefundgroup.com/wp-content/plugins/elementor/assets/lib/eicons/css/
16 KB
4 KB
Stylesheet
General
Full URL
https://globalrefundgroup.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.7.0
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18e02d57c21d12f6a6a15787a18bfea58bc95887c2a21b23c4381b070c17472a

Request headers

:path
/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.7.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1770786
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Sun, 26 Jul 2020 11:32:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y2ZW5hqpn%2FjSWxBstTbK1jCkoGtEUp1sIiEGIc2EiTBjz%2FwRbWB%2FHpfD%2BFqeHu6V8u7lCTAvPRqBFCwyOdbtHPV0wSt3FSdkCEYZaC9iJoKas1YAdALeam6%2FtwRR8bLaHYyf1WIziLPBeDvBhLqqqam%2BVZg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
676b217e0ae74eb0-FRA
expires
Fri, 16 Jul 2021 14:31:19 GMT
animations.min.css
globalrefundgroup.com/wp-content/plugins/elementor/assets/lib/animations/
18 KB
3 KB
Stylesheet
General
Full URL
https://globalrefundgroup.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=2.9.14
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Request headers

:path
/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=2.9.14
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1770786
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Sun, 26 Jul 2020 11:32:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d3fLRSbU5ltVlLwWGNCye8PQfD8e3VYtSin0FG3hk7FB3QTU8sKUpLHDYEsZYyBvJYDnRJG1HD86DaRtPzE%2FoZakYuaBBs14qyL0f%2Fgrbui6VP7Tnq9dUJ1AX5oAkrFh0SoiuVsm4fiBpJdJnpsV%2Bd6Swug%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
676b217e0aef4eb0-FRA
expires
Fri, 16 Jul 2021 14:31:19 GMT
frontend.min.css
globalrefundgroup.com/wp-content/plugins/elementor/assets/css/
106 KB
16 KB
Stylesheet
General
Full URL
https://globalrefundgroup.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=2.9.14
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccc05acebaee3aae30ed78b2616ca32e6ae2090efb1a1d3b79e38dc5d8ca5886

Request headers

:path
/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=2.9.14
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1364255
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Sun, 26 Jul 2020 11:32:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GWKgw09Tb6bui7szBllX9Camv1XVZgHwnPTHSifpf%2FNjzThocVcifMNJzfUIGANvLDpoBgTARoGdqWw863IAiRaKyKXF1g46B5mRwycPdAXH4s7%2BfprDEvsJKF1Zwt0XoxV7c7i2xrAvqsdoCwFJxGldtpA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
676b217e0ade4eb0-FRA
expires
Wed, 21 Jul 2021 07:26:50 GMT
global.css
globalrefundgroup.com/wp-content/uploads/elementor/css/
6 KB
1 KB
Stylesheet
General
Full URL
https://globalrefundgroup.com/wp-content/uploads/elementor/css/global.css?ver=1620909611
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57b22f3a5df6b64e6c861d24379cc781da036eaff1326d9c508e593acdda3cb1

Request headers

:path
/wp-content/uploads/elementor/css/global.css?ver=1620909611
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1364255
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Thu, 13 May 2021 12:40:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z1dMl57giJQc9kIly5n0bo5%2Bao8hurnS7VezEpQ8R2Wr5M6jIysL3teDV9FYel%2BRNPLYlCzlab%2BHnzBV4huaTDuS%2FLSaxR9W64cCvc6rykTn%2B1BBGMZ%2BcAXDRAWA43jPu1V19zdi%2BBxBezyYPXIxbSJxtII%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
676b217e0af24eb0-FRA
expires
Wed, 21 Jul 2021 07:26:50 GMT
css
fonts.googleapis.com/
42 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.7.2
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
30a949187cdd1c73e43b3bdee9398a9ae27f403a9481999fc9f5f946d8af0079
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 30 Jul 2021 00:40:06 GMT
server
ESF
date
Fri, 30 Jul 2021 02:24:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 30 Jul 2021 02:24:27 GMT
jquery.min.js
globalrefundgroup.com/wp-includes/js/jquery/
87 KB
32 KB
Script
General
Full URL
https://globalrefundgroup.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

:path
/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1770786
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Wed, 07 Oct 2020 19:03:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EdbDq3m073kJDFJ6YrEgfkp09MmAgcRqZIoHTUELuxPurXF15FFi9bHAa1tvgmMBFnr4IMi%2F4tBbZuh%2BejyZZ5JNJCKV%2BUwffvfdUICZwagoi6w2srUUpw%2FhWc13g%2FwMjET7mgS6fXSpjVIGfNLh4%2B485Ms%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
676b217e0adc4eb0-FRA
expires
Fri, 16 Jul 2021 14:31:19 GMT
jquery-migrate.min.js
globalrefundgroup.com/wp-includes/js/jquery/
11 KB
5 KB
Script
General
Full URL
https://globalrefundgroup.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1770786
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Wed, 18 Nov 2020 12:36:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LJmlGfkcVIxZ%2BU5dn8wZ4FkfJICW5H5QNmL7%2FL7EuVKC0dAfVaA6MCRDtfm6kmccXIk8R4xAdbfrZsVg2JqlSYGfG78OeUWQ0YeOrvgSTG7OJEjaIJ8CJGKx%2FvJhWkoQR%2BIaFHZH3krDNTXugYt%2BKQFCOug%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
676b217e0af34eb0-FRA
expires
Fri, 16 Jul 2021 14:31:19 GMT
gtm4wp-form-move-tracker.js
globalrefundgroup.com/wp-content/plugins/duracelltomi-google-tag-manager/js/
1 KB
954 B
Script
General
Full URL
https://globalrefundgroup.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.11.4
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc71c403dc6113c8597e111a99d6a6a197dd2f2355402f8392ca4812dca57d3d

Request headers

:path
/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.11.4
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
14592
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Tue, 28 Jul 2020 06:20:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IyqQJQklYHcjMEvtGNP4Jlu7gbH8n1uJrvgrEZSkrl10Wb0FI8XKYZuEvvnF0LG03Gyv0YgXOBmcn7s4kVx5SbGGRqUqdiDGm8JOG4yMcWnI8kz9yPAxJ52HbVfmvjMdrDG%2FoGCmlxxW4eE3hcpkirN%2B%2FQY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
676b217e0adf4eb0-FRA
expires
Thu, 05 Aug 2021 22:21:13 GMT
cropped-Global-Refund-Group-01-1-2.png
globalrefundgroup.com/wp-content/uploads/2021/05/
6 KB
7 KB
Image
General
Full URL
https://globalrefundgroup.com/wp-content/uploads/2021/05/cropped-Global-Refund-Group-01-1-2.png
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e02ced55c00bbd3e69e305a6387b10ddc6982f02cdf09aa062853c9e582c47f7

Request headers

:path
/wp-content/uploads/2021/05/cropped-Global-Refund-Group-01-1-2.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
117256
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
6173
last-modified
Fri, 28 May 2021 11:38:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xh5teCCoHJflUWXPnfRMOjt2%2FEaHgI7%2BKZJYxg7H4svK4%2FKFpvE6g20bY6L0Ygn6cdm8caa5gq5l8URdwF%2Feh5JUZ8HLjsNOcXvM%2BdGVX5wQpAOJWs3sNwjjSF38fy21Wy9SLIDJ9GK4GhrdQiYsRz04COU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
676b217e9b894eb0-FRA
expires
Wed, 04 Aug 2021 17:50:10 GMT
slide1.jpg
globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/images/slides/
250 KB
251 KB
Image
General
Full URL
https://globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/images/slides/slide1.jpg
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acafcfa13ac0009715e56a37d06cbf449292814ff4d2bec28457189d3a8e861b

Request headers

:path
/wp-content/themes/vw-landing-page-pro/assets/images/slides/slide1.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2230863
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
255991
last-modified
Mon, 27 Jul 2020 09:15:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I1F26XSCBfli7Elh8mkLf6RnwTJAEUNTuyBdWppwnwGo84rXHKVwYZUGkx6s0IXZetXySEP6T1kIIdjsix8iO1Zs2iL5K5uKbYipfyjSI5USYEo4jBM86gQhk3sp8ODW6fTPxzsDCFd6ZT6F1WZ7cOUCl7w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
676b217e9b8a4eb0-FRA
expires
Sun, 11 Jul 2021 06:43:22 GMT
about-image.png
globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/images/
240 KB
241 KB
Image
General
Full URL
https://globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/images/about-image.png
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
126a8e475c1188e37f896165f1e2f282c2d84fa79255ba606ad7b5cf148ce0ec

Request headers

:path
/wp-content/themes/vw-landing-page-pro/assets/images/about-image.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1767868
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
245689
last-modified
Mon, 27 Jul 2020 09:15:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2Bh62jfTwTYZDqXo%2F9hJofFFAO8bLGWP%2BVVgXKoIdfqCkchjIZNUSHu6fGYhHkXZU0uCgnux9KBJ7yR1ucr1kDMfGDxLi1YI8fWGnFIP21m%2FSf1gaLLvlLCOiBldtx7mU5gBTz3OxPkFWs40Uaad8h6J0XQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
676b217e9b8b4eb0-FRA
expires
Fri, 16 Jul 2021 15:19:57 GMT
how-it-works.png
globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/images/
152 KB
153 KB
Image
General
Full URL
https://globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/images/how-it-works.png
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16cc565d6eeea332caa9223c06d6f316872dd68784faef775f13db8394e409a5

Request headers

:path
/wp-content/themes/vw-landing-page-pro/assets/images/how-it-works.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1767868
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
155897
last-modified
Mon, 27 Jul 2020 09:15:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P7KbrpxOQqJ3eZ7TZS%2FCVIhBIYpDwW1%2FsflH%2FBP2%2BM7PQ5h8v1U5i69tmMa4f%2BImHPAHDsvZhM1lAbjEIMFvRE3MyZCM30uhgC7lWz%2FnDzbqYfl2Xri8q6Liu25CDY4xnU1ZuTrWOWkq8ofsxriQEqOToPk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
676b217e9b8c4eb0-FRA
expires
Fri, 16 Jul 2021 15:19:57 GMT
requestaconsultimg.png
globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/images/
210 KB
211 KB
Image
General
Full URL
https://globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/images/requestaconsultimg.png
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40c7ac4b7c30918bd4ec817e4642073ac90b4f781208362366697bf95156d94a

Request headers

:path
/wp-content/themes/vw-landing-page-pro/assets/images/requestaconsultimg.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
14585
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
214894
last-modified
Mon, 27 Jul 2020 09:15:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2B5NfCivbyf4TpWIAkYWUYKc7NRuoXrsqAi9%2BEovMmTGidrOmu9xoiJSl19QdAESFdxOR%2BJ6UCfRSl9dsISis4mmvdjMUC8ebEFaZsaJfU1%2F3x2PTlUg6nbBlw1epM0zVg3x4jUa4sGgnt3b8pbxzos1ZH4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
676b217e9b8e4eb0-FRA
expires
Thu, 05 Aug 2021 22:21:21 GMT
email-decode.min.js
globalrefundgroup.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://globalrefundgroup.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"cf-nel","max_age":604800}
cf-request-id
0b96d3430b00004eb02c9f0000000001
last-modified
Mon, 19 Jul 2021 18:19:39 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"60f5c23b-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=konXXP2ezfRXwzcSv%2BnBpD5FGPerlSDk6M3Ss2kQO9E9evKYIld5oTpGJcg4eWO2fc2oyTq4Ah27Yf9jE3tYLwyi7UknkXQBhC7osBdK2FO9ILsYaCw3%2FR0jFrcdA7qru%2BGjoHOjOSe1I7O5sLiSEqMweoY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
cf-ray
676b217e7b5b4eb0-FRA
expires
Sun, 01 Aug 2021 02:24:27 GMT
scripts.js
globalrefundgroup.com/wp-content/plugins/contact-form-7/includes/js/
14 KB
5 KB
Script
General
Full URL
https://globalrefundgroup.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.2
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0ea735f765d5bc1230beb63bcb701b69c80d77c48572a61bb159a8915903278

Request headers

:path
/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2117284
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Mon, 27 Jul 2020 09:29:01 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wa22YxZG1mjWmzMlKC673n73r0xrXsVyAUibjOJ71OXCrDMdmfIWEphZt0IYilQxDdAJM3gKIqoXCL2xkzd%2BdJNW5kA2I1Le7uEpVBqUCDl239IIOaVKFByVuA6ox76G%2BIsKz%2FZydzx%2FDWLrpgVPZBnBld0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
676b217e7b634eb0-FRA
expires
Mon, 12 Jul 2021 14:16:20 GMT
custom-scripts.js
globalrefundgroup.com/wp-content/plugins/simple-floating-menu/assets/js/
898 B
1 KB
Script
General
Full URL
https://globalrefundgroup.com/wp-content/plugins/simple-floating-menu/assets/js/custom-scripts.js?ver=1.0.0
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41c7bb7226d59ab078ac5d51fcc15f4deb3cb9dffe988a533bc24d87f6812c7c

Request headers

:path
/wp-content/plugins/simple-floating-menu/assets/js/custom-scripts.js?ver=1.0.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1770783
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Sun, 26 Jul 2020 19:21:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fhazo0tse1W4iqWbyy1iKBNy3pmNAOu3DrgIIr9icuNTjm89p1gItEIa33U%2B7vhGIJqcmfP%2BnyxasQpJnr7PWuwFGVHPT0gSzIKWjmoCFfhDHojOA7d9U7wh04bUo4vO0OnfvX%2BvGRC9ng0f0sANs2E6JgM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
676b217e9b7b4eb0-FRA
expires
Fri, 16 Jul 2021 14:31:22 GMT
tether.js
globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/js/
54 KB
13 KB
Script
General
Full URL
https://globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/js/tether.js?ver=5.7.2
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f271bbf91298b9c279178e4e042ec41ad5cdae437bfd015b910083754282a65

Request headers

:path
/wp-content/themes/vw-landing-page-pro/assets/js/tether.js?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1770783
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Mon, 27 Jul 2020 09:15:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=POa33doyPQLkONTjDZa3ntrt7riXMTsCdjJ3dRL%2BKfsfQEb03jgvuXwzs0QCOWdlIL3gZy4AJW5kIHknaHv5p%2BCyWE1F9EcdvQFXHSe01uteQXYwtCUOBArF%2FtPEp%2FsC1hsr%2F4drGW60Faebg5SVOTBhxag%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
676b217e9b7c4eb0-FRA
expires
Fri, 16 Jul 2021 14:31:22 GMT
bootstrap.min.js
globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/js/
57 KB
16 KB
Script
General
Full URL
https://globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/js/bootstrap.min.js?ver=5.7.2
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Request headers

:path
/wp-content/themes/vw-landing-page-pro/assets/js/bootstrap.min.js?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1770783
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Mon, 27 Jul 2020 09:15:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NASt6wfykiBePYRUNbsbQZIX3QZRYR5K952gq0KgeyXTbEN1eqehbtJ%2F6UnN0VXmEKbIAVTabaLyLRw1fNSGSNlaNtng8l1QvxqrIlX%2B3qNrYwsXX22orST22%2FV6MtXuuQ3J9ozlcYB%2BG2n0EPPeLOMBLzA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
676b217e9b7d4eb0-FRA
expires
Fri, 16 Jul 2021 14:31:22 GMT
jquery.superfish.js
globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/js/
7 KB
3 KB
Script
General
Full URL
https://globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/js/jquery.superfish.js?ver=5.7.2
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
996862df1686747b978037477df2c3ec70effb20a7c5fbd9b4db095772d78b2c

Request headers

:path
/wp-content/themes/vw-landing-page-pro/assets/js/jquery.superfish.js?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1770783
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Mon, 27 Jul 2020 09:15:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GV2TqF%2BNgB7kE5OeMhlPxW93XbzVjuA7tx5ONNaYBF6epc74CId%2BTeaiTwCctWIaDRE7LBR2LDzSYGfCelUB3vB7uj%2FF4RqAg6gZYCkqPM9fKpJLQEAxJpH5cQmT%2FWpRA9JoKG3bcBoBuR%2BTelmkppJO3aM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
676b217e9b7e4eb0-FRA
expires
Fri, 16 Jul 2021 14:31:22 GMT
owl.carousel.js
globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/js/
88 KB
21 KB
Script
General
Full URL
https://globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/js/owl.carousel.js?ver=5.7.2
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e68b934e545803318062d25e68d276d8c7f7c53f75de2beab2f5248f514888c3

Request headers

:path
/wp-content/themes/vw-landing-page-pro/assets/js/owl.carousel.js?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1770783
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Mon, 27 Jul 2020 09:15:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BzQ4%2FRPZvGFDMeFOSucs3Z%2B7BPMZRsHUEom9KYM7Fx%2BGVCIw%2BllS7vswme9FEMl%2FB2ZjWXghf6%2BIZPY2M4DHo6XIyPBYbjZlsawcFu95%2BLfTA7ntcOeAvblho2AEHLdXrNqnYanQeKPsI23AKtzKB4q2lcM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
676b217e9b804eb0-FRA
expires
Fri, 16 Jul 2021 14:31:22 GMT
SmoothScroll.js
globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/js/
21 KB
7 KB
Script
General
Full URL
https://globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/js/SmoothScroll.js?ver=5.7.2
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a73f87f07420169a612ff95ff21a682f2aa736351e566e36ef2330fe15323d4

Request headers

:path
/wp-content/themes/vw-landing-page-pro/assets/js/SmoothScroll.js?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1770783
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Mon, 27 Jul 2020 09:15:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MXsDDGNXTwSPCNCrvyge2UoeUVuwyOR%2B8FUTYu9fgRBGrf5QqF%2BrnkvPxOuglh%2Bm42jPV6pjKHsjHfIto9dRCvyGaWAB8yDG8aHJBM5VH38vLb4MB8mrgLI9qng4T%2FYE4QUnKU1f34IQYaKY9c6vzqHLa0g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
676b217e9b814eb0-FRA
expires
Fri, 16 Jul 2021 14:31:22 GMT
jquery-progressbar.js
globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/js/
2 KB
1 KB
Script
General
Full URL
https://globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/js/jquery-progressbar.js?ver=5.7.2
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b35900ec42f99d275d07028b0a192a4f9b097780e03fb4fc6a8ffcf959146967

Request headers

:path
/wp-content/themes/vw-landing-page-pro/assets/js/jquery-progressbar.js?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1770783
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Mon, 27 Jul 2020 09:15:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EkUBma2gga5vmLSq%2BFsGfW6KD%2Bx8iqCkOQsO0b%2FpiIvEUgqzsjleygqpnkP5M61fEjV4HQBaXd5dLSQd1AamsgBkv8X0sz4RxIwEeqTOtRGvT4nfX4jSRQUfoQZSRVfT9kkVbuQni7uYPhYVmZsspd7ePWc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
676b217e9b824eb0-FRA
expires
Fri, 16 Jul 2021 14:31:22 GMT
custom.js
globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/js/
10 KB
3 KB
Script
General
Full URL
https://globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/js/custom.js?ver=5.7.2
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea5a1b4f2532d66acf4fba8905e2439f3d3df19699b6786d0b168a3e3bca4f13

Request headers

:path
/wp-content/themes/vw-landing-page-pro/assets/js/custom.js?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1770783
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Mon, 27 Jul 2020 09:15:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nDBQca9Uw%2B1zGbQkuQsszNI1MJE%2BiEkISQQY1kLyOPKP0Bi1XHZiHKmQ65jN0JyRVK3OIiXWzxFACJO4AZ6jtpQMyIkx3fb%2Bc8hwT21T4DfDrqXuKjBYuFv1aT1v%2BPggEGQqRPIrNC%2FLbaDG6EUFD7vqKsc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
676b217e9b844eb0-FRA
expires
Fri, 16 Jul 2021 14:31:22 GMT
wow.min.js
globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/js/
8 KB
3 KB
Script
General
Full URL
https://globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/js/wow.min.js?ver=5.7.2
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ec632e6ab02d4fdd514da7f5edc74aa28c9d4c71af76f1c8b93a1fba85bcc69

Request headers

:path
/wp-content/themes/vw-landing-page-pro/assets/js/wow.min.js?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1179501
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Mon, 27 Jul 2020 09:15:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kH4tmDWM7CxC6j3K2SOLqgW1l0OtPikCuCSPBW6COrXOF7LvSyuiLUUrykro7JzUM80YskEsZUdgPyJ7M65PA516Ad8j9r7eiMafrEtbaPfUuAsbiJJrpiteRkSiCgAJEBcsql9bSUKkksqOtm%2FpH4p2HtM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
676b217e9b854eb0-FRA
expires
Fri, 23 Jul 2021 10:46:04 GMT
sassy-social-share-public.js
globalrefundgroup.com/wp-content/plugins/sassy-social-share/public/js/
43 KB
12 KB
Script
General
Full URL
https://globalrefundgroup.com/wp-content/plugins/sassy-social-share/public/js/sassy-social-share-public.js?ver=3.3.10
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d58ad6f49f6f268e1640104190bd2196306450aac1d7398cbda98e8330ab3a9b

Request headers

:path
/wp-content/plugins/sassy-social-share/public/js/sassy-social-share-public.js?ver=3.3.10
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1770783
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Tue, 28 Jul 2020 06:21:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XHBfXIb7S1k7naMr%2FYz%2BMON%2FLQ854Ja%2F4OYyYaSGCJTtI6bL1aauFc%2FmNrJ4vAR3I4m51VfiOcvd3b5wlnm%2B%2BbkFZr9d4kp2ShCt83hTRz0mv0sldcBHsO6ODSFRuGm8iXt8%2FohXY%2B0JbEyWKgUBMtYTFGk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
676b217e9b874eb0-FRA
expires
Fri, 16 Jul 2021 14:31:21 GMT
wp-embed.min.js
globalrefundgroup.com/wp-includes/js/
1 KB
1 KB
Script
General
Full URL
https://globalrefundgroup.com/wp-includes/js/wp-embed.min.js?ver=5.7.2
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path
/wp-includes/js/wp-embed.min.js?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1770783
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Wed, 06 Jan 2021 18:59:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sZLtb8guMnhQ%2FbL7%2Fs0fHqURWOqxycY14BiQeKAFt8dz5CkB18PDMQaovBpzfmj3xPse0LmHfa3k4OlwITMl5CoYHIrzJ2URwYQPtG8rfYlMah5wEwDms3snSKY2uN%2F0plZtGFSG8V866%2FtvLPfZ%2BrUKyOI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
676b217e9b884eb0-FRA
expires
Fri, 16 Jul 2021 14:31:22 GMT
wp-emoji-release.min.js
globalrefundgroup.com/wp-includes/js/
14 KB
5 KB
Script
General
Full URL
https://globalrefundgroup.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1770783
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Wed, 06 Jan 2021 18:59:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2F%2FTaTnSjowsh4Uqj8EoiOAFrtViKKrnYdSa3CBeSfBA00os92eTJ3OzIWRWeijV89THioXDb0lH9uS9eVuXnnkJ%2BoBXu%2BKovjvjiMKIj5LdzyOOgAqFQKfwA6tLcJTW9ZdwZ5990VakBQO1BwqMJRJF0ys%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
676b217e9b8f4eb0-FRA
expires
Fri, 16 Jul 2021 14:31:22 GMT
gtm.js
www.googletagmanager.com/
89 KB
35 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K27L4D9
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0db03fad2c6d39d97113b8aa1dd9ac9a8bbb0b6b47f314279b66d1c6dcce5b46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36028
x-xss-protection
0
last-modified
Fri, 30 Jul 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 30 Jul 2021 02:24:27 GMT
aboutusbg.png
globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/images/
53 KB
54 KB
Image
General
Full URL
https://globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/images/aboutusbg.png
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
716c23b5bf6b4cdda0508291487873c7767ffc026acb18c52946d24a8f284144

Request headers

:path
/wp-content/themes/vw-landing-page-pro/assets/images/aboutusbg.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
902807
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
54364
last-modified
Mon, 27 Jul 2020 09:15:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vxA56AnuBX9TSm32nIu3SRU2G9c1IdocCUeKEfSL%2Bjrp1sz%2FAPRYdWnPcQ3Oripo9aDI5NENfQHE1S6PWSN5uMKLbHAWGTpYrj7EX5Kk8agtMqUak2q5n9yIio9Xj4KQD0%2BtuS0%2F0k4idDWDXp2FQKp8WOU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
676b217edbd74eb0-FRA
expires
Mon, 26 Jul 2021 15:37:37 GMT
servicesbg.png
globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/images/services/
49 KB
49 KB
Image
General
Full URL
https://globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/images/services/servicesbg.png
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5968eb6549e562a22fb18403fc7bc6b4def70bb0d11910105a4dd77c54b861ec

Request headers

:path
/wp-content/themes/vw-landing-page-pro/assets/images/services/servicesbg.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
918602
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
49843
last-modified
Mon, 27 Jul 2020 09:15:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=86lqGPIbxLzj9EohdujSFZRdZkAK2nnEdCsAuQB%2FV5tRxpRGNALtA5bj1Pz%2BDImBAZ711ebGeCzT4fuiIkTxJLfJnSDQpC2IR%2FZEavS3iImMsKNf3ESjQJlg96LnIuo%2BajQx%2ByeeXz%2B0J1iq0YXJCKUsknk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
676b217edbda4eb0-FRA
expires
Mon, 26 Jul 2021 11:14:21 GMT
ourgreatskillbg.png
globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/images/
89 KB
89 KB
Image
General
Full URL
https://globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/images/ourgreatskillbg.png
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a63c58de8e2a25fada956cbbf88eadd244efd9d521a87ff41db1daeaca121831

Request headers

:path
/wp-content/themes/vw-landing-page-pro/assets/images/ourgreatskillbg.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1767868
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
90899
last-modified
Mon, 27 Jul 2020 09:15:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OFEp3EaoavaVcUnPVDqleHkBhSfVntDCkkEIo%2BV3vm03Wy0cfWB%2B9X17J7zwBYzIgJ5EFixQfMKS%2BdQ7HtCf71fU530g42srrK3Bz3bcBH5DAKXut7qp9QePjB6BF0yJeopORijaZTYlotxGLF4IKoLA9C4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
676b217edbdc4eb0-FRA
expires
Fri, 16 Jul 2021 15:19:57 GMT
whychooseusbg.jpg
globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/images/
102 KB
103 KB
Image
General
Full URL
https://globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/images/whychooseusbg.jpg
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2009cff35c56bc26f0e22d1f3bd02bcb9f7961ea5076b3a0a0107c6d3fddf275

Request headers

:path
/wp-content/themes/vw-landing-page-pro/assets/images/whychooseusbg.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1767868
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
104800
last-modified
Mon, 27 Jul 2020 09:15:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oyQyeArzemOOqRDPedYVhg%2FhtYOkTCrHfoE0hHbsBSOrtlfELStPwl1pyCOazFPUN3i2bbwu8DeDG7CEpuTS4Figa0zXVFIBNiSZKG3AXHQKRtX5yp%2FsTLp1YT29RUNCLl953NOpBkaCSz1Wh48XYZGznzQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
676b217edbdd4eb0-FRA
expires
Fri, 16 Jul 2021 15:19:57 GMT
TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/css/
16 KB
16 KB
Font
General
Full URL
https://globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/css/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/style.css?ver=5.7.2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7d5500e6e1d3c7c9fc3f8281d1eb49a78f13788fd65c9da98b0a8476cef9b84

Request headers

:path
/wp-content/themes/vw-landing-page-pro/assets/css/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
pragma
no-cache
origin
https://globalrefundgroup.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/style.css?ver=5.7.2
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://globalrefundgroup.com
Referer
https://globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/style.css?ver=5.7.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
215376
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
15988
last-modified
Mon, 27 Jul 2020 09:15:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vWgqvml8Ln4A8c1FQzUxvFnEad%2F01%2FWg3wk7AxqT8ys%2F%2B5TFH%2FfAeAsDlps9Y2eZv3U3sCJ0tsdT7jbN1A0plA83p%2BDYJcqzO5jnLZOwHwR8phfgxqL59q0JOWz8KxgEZS9%2B%2FbI5lui2z%2FNlSc%2BmFrZ6GVs%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
676b217edbde4eb0-FRA
expires
Tue, 03 Aug 2021 14:34:50 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.7.2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://globalrefundgroup.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:17:27 GMT
x-content-type-options
nosniff
age
205620
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Jul 2022 17:17:27 GMT
fa-solid-900.woff2
globalrefundgroup.com/wp-content/plugins/simple-floating-menu/assets/css/fonts/fontawesome/
61 KB
62 KB
Font
General
Full URL
https://globalrefundgroup.com/wp-content/plugins/simple-floating-menu/assets/css/fonts/fontawesome/fa-solid-900.woff2
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/wp-content/plugins/simple-floating-menu/assets/css/all.css?ver=1.0.0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f

Request headers

:path
/wp-content/plugins/simple-floating-menu/assets/css/fonts/fontawesome/fa-solid-900.woff2
pragma
no-cache
origin
https://globalrefundgroup.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/wp-content/plugins/simple-floating-menu/assets/css/all.css?ver=1.0.0
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://globalrefundgroup.com
Referer
https://globalrefundgroup.com/wp-content/plugins/simple-floating-menu/assets/css/all.css?ver=1.0.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
215375
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
62472
last-modified
Sun, 26 Jul 2020 19:21:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VMcyPgNayUn%2B0G7t2%2FkzBpDNNQVSenqvGYTXXiEOMgh5YaXbbvZ2BQ2TzEnZum%2Bo12RaQYt7ZTPWOTJgNvcoMP7TZ8O6Uuqu7cUP3LFWzbH7YRn0hUyaGBSa6Gtdc3INgkUL1wPSdqGRlUQQ%2BzZYWDvBhyA%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
676b217edbe04eb0-FRA
expires
Tue, 03 Aug 2021 14:34:52 GMT
fa-regular-400.woff2
globalrefundgroup.com/wp-content/plugins/simple-floating-menu/assets/css/fonts/fontawesome/
15 KB
15 KB
Font
General
Full URL
https://globalrefundgroup.com/wp-content/plugins/simple-floating-menu/assets/css/fonts/fontawesome/fa-regular-400.woff2
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/wp-content/plugins/simple-floating-menu/assets/css/all.css?ver=1.0.0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ecd9f5bb492be71e3aacc8ca4f170c8f9890242a25e2c6ec9a42f13561b028f

Request headers

:path
/wp-content/plugins/simple-floating-menu/assets/css/fonts/fontawesome/fa-regular-400.woff2
pragma
no-cache
origin
https://globalrefundgroup.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/wp-content/plugins/simple-floating-menu/assets/css/all.css?ver=1.0.0
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://globalrefundgroup.com
Referer
https://globalrefundgroup.com/wp-content/plugins/simple-floating-menu/assets/css/all.css?ver=1.0.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:27 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
313558
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
14888
last-modified
Sun, 26 Jul 2020 19:21:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sAP6rLjADf4rxjigrvcBVxg1SDVZ%2FkBFpKZuc70A7drfsjpEBikKaLtKRnexJTRm%2F7rdCjeJaHNN%2FG1zbd9kkniVaN4ajyN8uV2FkECBVBXq5xcUMg8S47xlsBr%2FW%2BU5VtBCgnOkXaR5dDwxSAiNrYjNtuo%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
676b217edbe14eb0-FRA
expires
Mon, 02 Aug 2021 11:18:26 GMT
JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CRoboto%3A400%2C700%7CRoboto+Condensed%3A400%2C700%7COpen+Sans%7COverpass%7CMontserrat%3A300%2C400%2C600%2C700%2C800%2C900%7CPlayball%3A300%2C400%2C600%2C700%2C800%2C900%7CAlegreya%3A300%2C400%2C600%2C700%2C800%2C900%7CJulius+Sans+One%7CArsenal%7CSlabo%7CLato%7COverpass+Mono%7CSource+Sans+Pro%7CRaleway%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CMerriweather%7CRubik%7CLora%7CUbuntu%7CCabin%7CArimo%7CPlayfair+Display%7CQuicksand%7CPadauk%7CMuli%7CInconsolata%7CBitter%7CPacifico%7CIndie+Flower%7CVT323%7CDosis%7CFrank+Ruhl+Libre%7CFjalla+One%7COxygen%7CArvo%7CNoto+Serif%7CLobster%7CCrimson+Text%7CYanone+Kaffeesatz%7CAnton%7CLibre+Baskerville%7CBree+Serif%7CGloria+Hallelujah%7CJosefin+Sans%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%26amp%3Bsubset%3Dlatin-ext%2Cvietnamese%7CAbril+Fatface%7CVarela+Round%7CVampiro+One%7CShadows+Into+Light%7CCuprum%7CRokkitt%7CVollkorn%7CFrancois+One%7COrbitron%7CPatua+One%7CAcme%7CSatisfy%7CJosefin+Slab%7CQuattrocento+Sans%7CArchitects+Daughter%7CRusso+One%7CMonda%7CRighteous%7CLobster+Two%7CHammersmith+One%7CCourgette%7CPermanent+Marker%7CCherry+Swash%7CCormorant+Garamond%7CPoiret+One%7CBenchNine%7CEconomica%7CHandlee%7CCardo%7CAlfa+Slab+One%7CAveria+Serif+Libre%7CCookie%7CChewy%7CGreat+Vibes%7CComing+Soon%7CPhilosopher%7CDays+One%7CKanit%7CShrikhand%7CTangerine%7CIM+Fell+English+SC%7CBoogaloo%7CBangers%7CFredoka+One%7CBad+Script%7CVolkhov%7CShadows+Into+Light+Two%7CMarck+Script%7CSacramento%7CPoppins%3A100%2C200%2C300%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%26amp%3Bsubset%3Ddevanagari%2Clatin-ext%7CPT+Serif%7CKaushan%2BScript%26display%3Dswap%26subset%3Dlatin-ext&ver=5.7.2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://globalrefundgroup.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 05:41:48 GMT
x-content-type-options
nosniff
age
247359
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19264
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:13:07 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Jul 2022 05:41:48 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CRoboto%3A400%2C700%7CRoboto+Condensed%3A400%2C700%7COpen+Sans%7COverpass%7CMontserrat%3A300%2C400%2C600%2C700%2C800%2C900%7CPlayball%3A300%2C400%2C600%2C700%2C800%2C900%7CAlegreya%3A300%2C400%2C600%2C700%2C800%2C900%7CJulius+Sans+One%7CArsenal%7CSlabo%7CLato%7COverpass+Mono%7CSource+Sans+Pro%7CRaleway%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CMerriweather%7CRubik%7CLora%7CUbuntu%7CCabin%7CArimo%7CPlayfair+Display%7CQuicksand%7CPadauk%7CMuli%7CInconsolata%7CBitter%7CPacifico%7CIndie+Flower%7CVT323%7CDosis%7CFrank+Ruhl+Libre%7CFjalla+One%7COxygen%7CArvo%7CNoto+Serif%7CLobster%7CCrimson+Text%7CYanone+Kaffeesatz%7CAnton%7CLibre+Baskerville%7CBree+Serif%7CGloria+Hallelujah%7CJosefin+Sans%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%26amp%3Bsubset%3Dlatin-ext%2Cvietnamese%7CAbril+Fatface%7CVarela+Round%7CVampiro+One%7CShadows+Into+Light%7CCuprum%7CRokkitt%7CVollkorn%7CFrancois+One%7COrbitron%7CPatua+One%7CAcme%7CSatisfy%7CJosefin+Slab%7CQuattrocento+Sans%7CArchitects+Daughter%7CRusso+One%7CMonda%7CRighteous%7CLobster+Two%7CHammersmith+One%7CCourgette%7CPermanent+Marker%7CCherry+Swash%7CCormorant+Garamond%7CPoiret+One%7CBenchNine%7CEconomica%7CHandlee%7CCardo%7CAlfa+Slab+One%7CAveria+Serif+Libre%7CCookie%7CChewy%7CGreat+Vibes%7CComing+Soon%7CPhilosopher%7CDays+One%7CKanit%7CShrikhand%7CTangerine%7CIM+Fell+English+SC%7CBoogaloo%7CBangers%7CFredoka+One%7CBad+Script%7CVolkhov%7CShadows+Into+Light+Two%7CMarck+Script%7CSacramento%7CPoppins%3A100%2C200%2C300%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%26amp%3Bsubset%3Ddevanagari%2Clatin-ext%7CPT+Serif%7CKaushan%2BScript%26display%3Dswap%26subset%3Dlatin-ext&ver=5.7.2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://globalrefundgroup.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 12:00:01 GMT
x-content-type-options
nosniff
age
224666
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Jul 2022 12:00:01 GMT
pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CRoboto%3A400%2C700%7CRoboto+Condensed%3A400%2C700%7COpen+Sans%7COverpass%7CMontserrat%3A300%2C400%2C600%2C700%2C800%2C900%7CPlayball%3A300%2C400%2C600%2C700%2C800%2C900%7CAlegreya%3A300%2C400%2C600%2C700%2C800%2C900%7CJulius+Sans+One%7CArsenal%7CSlabo%7CLato%7COverpass+Mono%7CSource+Sans+Pro%7CRaleway%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CMerriweather%7CRubik%7CLora%7CUbuntu%7CCabin%7CArimo%7CPlayfair+Display%7CQuicksand%7CPadauk%7CMuli%7CInconsolata%7CBitter%7CPacifico%7CIndie+Flower%7CVT323%7CDosis%7CFrank+Ruhl+Libre%7CFjalla+One%7COxygen%7CArvo%7CNoto+Serif%7CLobster%7CCrimson+Text%7CYanone+Kaffeesatz%7CAnton%7CLibre+Baskerville%7CBree+Serif%7CGloria+Hallelujah%7CJosefin+Sans%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%26amp%3Bsubset%3Dlatin-ext%2Cvietnamese%7CAbril+Fatface%7CVarela+Round%7CVampiro+One%7CShadows+Into+Light%7CCuprum%7CRokkitt%7CVollkorn%7CFrancois+One%7COrbitron%7CPatua+One%7CAcme%7CSatisfy%7CJosefin+Slab%7CQuattrocento+Sans%7CArchitects+Daughter%7CRusso+One%7CMonda%7CRighteous%7CLobster+Two%7CHammersmith+One%7CCourgette%7CPermanent+Marker%7CCherry+Swash%7CCormorant+Garamond%7CPoiret+One%7CBenchNine%7CEconomica%7CHandlee%7CCardo%7CAlfa+Slab+One%7CAveria+Serif+Libre%7CCookie%7CChewy%7CGreat+Vibes%7CComing+Soon%7CPhilosopher%7CDays+One%7CKanit%7CShrikhand%7CTangerine%7CIM+Fell+English+SC%7CBoogaloo%7CBangers%7CFredoka+One%7CBad+Script%7CVolkhov%7CShadows+Into+Light+Two%7CMarck+Script%7CSacramento%7CPoppins%3A100%2C200%2C300%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%26amp%3Bsubset%3Ddevanagari%2Clatin-ext%7CPT+Serif%7CKaushan%2BScript%26display%3Dswap%26subset%3Dlatin-ext&ver=5.7.2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3834f0a520d623453cdb6b03b88331bc0394367eb18809f1037ea18c699ebded
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://globalrefundgroup.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 00:50:56 GMT
x-content-type-options
nosniff
age
264811
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7848
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:01:23 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Jul 2022 00:50:56 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CRoboto%3A400%2C700%7CRoboto+Condensed%3A400%2C700%7COpen+Sans%7COverpass%7CMontserrat%3A300%2C400%2C600%2C700%2C800%2C900%7CPlayball%3A300%2C400%2C600%2C700%2C800%2C900%7CAlegreya%3A300%2C400%2C600%2C700%2C800%2C900%7CJulius+Sans+One%7CArsenal%7CSlabo%7CLato%7COverpass+Mono%7CSource+Sans+Pro%7CRaleway%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CMerriweather%7CRubik%7CLora%7CUbuntu%7CCabin%7CArimo%7CPlayfair+Display%7CQuicksand%7CPadauk%7CMuli%7CInconsolata%7CBitter%7CPacifico%7CIndie+Flower%7CVT323%7CDosis%7CFrank+Ruhl+Libre%7CFjalla+One%7COxygen%7CArvo%7CNoto+Serif%7CLobster%7CCrimson+Text%7CYanone+Kaffeesatz%7CAnton%7CLibre+Baskerville%7CBree+Serif%7CGloria+Hallelujah%7CJosefin+Sans%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%26amp%3Bsubset%3Dlatin-ext%2Cvietnamese%7CAbril+Fatface%7CVarela+Round%7CVampiro+One%7CShadows+Into+Light%7CCuprum%7CRokkitt%7CVollkorn%7CFrancois+One%7COrbitron%7CPatua+One%7CAcme%7CSatisfy%7CJosefin+Slab%7CQuattrocento+Sans%7CArchitects+Daughter%7CRusso+One%7CMonda%7CRighteous%7CLobster+Two%7CHammersmith+One%7CCourgette%7CPermanent+Marker%7CCherry+Swash%7CCormorant+Garamond%7CPoiret+One%7CBenchNine%7CEconomica%7CHandlee%7CCardo%7CAlfa+Slab+One%7CAveria+Serif+Libre%7CCookie%7CChewy%7CGreat+Vibes%7CComing+Soon%7CPhilosopher%7CDays+One%7CKanit%7CShrikhand%7CTangerine%7CIM+Fell+English+SC%7CBoogaloo%7CBangers%7CFredoka+One%7CBad+Script%7CVolkhov%7CShadows+Into+Light+Two%7CMarck+Script%7CSacramento%7CPoppins%3A100%2C200%2C300%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%26amp%3Bsubset%3Ddevanagari%2Clatin-ext%7CPT+Serif%7CKaushan%2BScript%26display%3Dswap%26subset%3Dlatin-ext&ver=5.7.2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://globalrefundgroup.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 22:05:46 GMT
x-content-type-options
nosniff
age
274722
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7832
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:01:48 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Jul 2022 22:05:46 GMT
credit-and-debit-card-scams.jpg
globalrefundgroup.com/wp-content/uploads/2020/07/
34 KB
35 KB
Image
General
Full URL
https://globalrefundgroup.com/wp-content/uploads/2020/07/credit-and-debit-card-scams.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98b3bff80f182cd12cfd9f5a2ec500c9b296bb3e4c606a4fcc7fc8d314bc21fb

Request headers

:path
/wp-content/uploads/2020/07/credit-and-debit-card-scams.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:28 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1953145
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
35049
last-modified
Tue, 28 Jul 2020 11:19:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IMD0NeYA7oF6wM0qXi%2FU4dF1GWnahqoKC7p5tZi2VpkvaZSbtGjNlVpqxhVECxbAUx8BEPv8VlP6jL1%2FGqNO3iwmXeJPwDASIW2vYdRFaGB7EC7HuxtwWAh5Kd8IqMb4WtklLzbLujjN3hm3nmPT7pszgGM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
676b21802d274eb0-FRA
expires
Wed, 14 Jul 2021 11:52:01 GMT
romance-scams.jpg
globalrefundgroup.com/wp-content/uploads/2020/07/
45 KB
46 KB
Image
General
Full URL
https://globalrefundgroup.com/wp-content/uploads/2020/07/romance-scams.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9de5747a000041b19cab32b4b7f101a2ff95cb50b51caa3bae69aaa7560b4bac

Request headers

:path
/wp-content/uploads/2020/07/romance-scams.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:28 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1767869
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
46584
last-modified
Tue, 28 Jul 2020 11:19:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fc5cy8FYkbJ85%2BNiPfRE9ZnSSdVeW6ZetYKLOacFKJLT%2BWyJFHxJ9BF8CkU1j3uQ5HHJp622GVRPKQ1UTS8%2Fc%2BF8c5GWF8%2FKJAKl3JfbEpYF3hc5oQKu%2BW2t4AEg1U%2ByNaARCTogk6ZjrsCA2Fv8K8NdwP8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
676b21802d2a4eb0-FRA
expires
Fri, 16 Jul 2021 15:19:57 GMT
phishing-scams.jpg
globalrefundgroup.com/wp-content/uploads/2020/07/
38 KB
39 KB
Image
General
Full URL
https://globalrefundgroup.com/wp-content/uploads/2020/07/phishing-scams.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4df0ad3a1e3277e98aadf3e5cf5d9bc4346e9ea995c1f78e0e2fb65839dbffc

Request headers

:path
/wp-content/uploads/2020/07/phishing-scams.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:28 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1179486
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
39154
last-modified
Tue, 28 Jul 2020 11:19:45 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yuvI9z6yjgeVcOZt9TX3QQ3%2B%2BEfwIDyX9I88baNGPHbdL660jcJqxKtg8we9anPIP6o0DUlU%2BsJk0AcY1BdOlOp6GI0Bk0VpgGuot%2BYVP15XfnDoz%2Fgric4usbhcSprDGzoSfMISeqybcXNMnV%2FZF8rheLU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
676b21802d2b4eb0-FRA
expires
Fri, 23 Jul 2021 10:46:20 GMT
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K27L4D9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
6905
date
Fri, 30 Jul 2021 00:29:23 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Fri, 30 Jul 2021 02:29:23 GMT
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=327561461&t=pageview&_s=1&dl=https%3A%2F%2Fglobalrefundgroup.com%2F&ul=en-us&de=UTF-8&dt=HOME%20-&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=27534641&gjid=1831994365&cid=1871302494.1627611868&tid=UA-174652167-1&_gid=112426931.1627611868&_r=1&gtm=2wg7s0K27L4D9&z=134734690
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 02:24:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://globalrefundgroup.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
trading-scams.jpg
globalrefundgroup.com/wp-content/uploads/2020/07/
35 KB
35 KB
Image
General
Full URL
https://globalrefundgroup.com/wp-content/uploads/2020/07/trading-scams.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6926e6d1b6a67b401f8dadf98adee531cbc51e667de7089cf175c18eb4a0256

Request headers

:path
/wp-content/uploads/2020/07/trading-scams.jpg
pragma
no-cache
cookie
_ga=GA1.2.1871302494.1627611868; _gid=GA1.2.112426931.1627611868; _gat_UA-174652167-1=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:33 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1767874
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
35511
last-modified
Tue, 28 Jul 2020 11:19:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DXrt%2FmLlBnwwymLWSu412GC4F83oWwkH5MAFM0Tf71f%2BSDB1jTTYtB9EBpFAyKZB6Zc5pj%2FRisNGChvTXG3cggLbA%2FqjEkEZwxpSRGj5qugt1u%2B%2FSW4R3Fv5%2Fn%2B2YscdBUbHcndg9zjx4Jsv351sZZzdC5Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
676b219f5cec4eb0-FRA
expires
Fri, 16 Jul 2021 15:19:57 GMT
credit-and-debit-card-scams.jpg
globalrefundgroup.com/wp-content/uploads/2020/07/
34 KB
35 KB
Image
General
Full URL
https://globalrefundgroup.com/wp-content/uploads/2020/07/credit-and-debit-card-scams.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98b3bff80f182cd12cfd9f5a2ec500c9b296bb3e4c606a4fcc7fc8d314bc21fb

Request headers

:path
/wp-content/uploads/2020/07/credit-and-debit-card-scams.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
globalrefundgroup.com
referer
https://globalrefundgroup.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 02:24:38 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1953155
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
35049
last-modified
Tue, 28 Jul 2020 11:19:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RB6Wz42oCTQtVDeL1%2FQr8BOVNW%2Fesv7FODK4LsOkYyR45XYhi%2B8Ska51ktBwDOoM9kN63kGLY%2BjzKziqLbJoeFOyErx2E3XBuS7GP%2FDQivytT4GTqshSrPseMRUEXYdPEnhBfOzkn1iRVP%2FnWdsFKBM%2FiZ8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
676b21be9a9205d0-FRA
expires
Wed, 14 Jul 2021 11:52:01 GMT

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| gtm4wp_datalayer_name object| dataLayer object| _wpemojiSettings undefined| $ function| jQuery object| dataLayer_content object| wpcf7 function| Tether object| bootstrap function| SmoothScroll function| openNav function| closeNav function| openAllPanels function| closeAllPanels function| WOW function| heateorSssLoadEvent string| heateorSssSharingAjaxUrl string| heateorSssCloseIconPath string| heateorSssPluginIconPath number| heateorSssHorizontalSharingCountEnable number| heateorSssVerticalSharingCountEnable number| heateorSssSharingOffset number| heateorSssMobileStickySharingEnabled string| heateorSssCopyLinkMessage object| heateorSssUrlCountFetched string| heateorSssSharesText string| heateorSssShareText function| heateorSssPopup string| heateorSssWhatsappShareAPI function| heateorSssCallAjax function| heateorSssGetScript function| heateorSssDetermineWhatsappShareAPI function| heateorSssMoreSharingPopup function| heateorSssFilterSharing object| heateorSssFacebookTargetUrls function| heateorSssGetSharingCounts function| heateorSssFetchFacebookShares function| heateorSssFBShareJSONCall function| heateorSssSaveFacebookShares function| heateorSssCalculateApproxCount function| heateorSssCalculateActualCount function| heateorSssCapitaliseFirstLetter function| heateorSssHideSharing function| ClipboardJS object| wp object| twemoji object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

0 Cookies

1 Console Messages

Source Level URL
Text
console-api log URL: https://globalrefundgroup.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
globalrefundgroup.com
www.google-analytics.com
www.googletagmanager.com
2606:4700:3034::6815:5449
2a00:1450:4001:812::2003
2a00:1450:4001:828::200e
2a00:1450:4001:82b::2008
2a00:1450:4001:831::200a
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
07fd3c634eee674b3455465b774ae1b0945efbd446b6ae43ca8401b8742c5fcb
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0db03fad2c6d39d97113b8aa1dd9ac9a8bbb0b6b47f314279b66d1c6dcce5b46
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0ec632e6ab02d4fdd514da7f5edc74aa28c9d4c71af76f1c8b93a1fba85bcc69
0ecd9f5bb492be71e3aacc8ca4f170c8f9890242a25e2c6ec9a42f13561b028f
0fade43bd27eb6959cdbc62680fc37406a6119ce976965750f525abe7c6a5615
126a8e475c1188e37f896165f1e2f282c2d84fa79255ba606ad7b5cf148ce0ec
16cc565d6eeea332caa9223c06d6f316872dd68784faef775f13db8394e409a5
176bf34c69ad4b716195073e854bcb902e052f159870b34de9886245f48bec6c
182cab990c2118fcdb18feab5115335e4eb4bc0b38bb30a36c4e73c92b080ea4
18e02d57c21d12f6a6a15787a18bfea58bc95887c2a21b23c4381b070c17472a
2009cff35c56bc26f0e22d1f3bd02bcb9f7961ea5076b3a0a0107c6d3fddf275
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
30a949187cdd1c73e43b3bdee9398a9ae27f403a9481999fc9f5f946d8af0079
34a71f4fb5b2a0c47b13fb99a0f6452aa0e0ba490cbe9efb9723dcf8fdcd3852
3834f0a520d623453cdb6b03b88331bc0394367eb18809f1037ea18c699ebded
3ddc2daa3935e81bec0daa5effbf1861f60ed8ddea3c348c95c5302912233858
40c7ac4b7c30918bd4ec817e4642073ac90b4f781208362366697bf95156d94a
41c7bb7226d59ab078ac5d51fcc15f4deb3cb9dffe988a533bc24d87f6812c7c
481bfa4292798eb15d056ff461dc1e90bbe9795fd99299b59c02970a0e710207
52a5fdc5fcba3cfcc39c208ce3ccb38abee464d629879b28bdb0692b767abc59
57b22f3a5df6b64e6c861d24379cc781da036eaff1326d9c508e593acdda3cb1
5968eb6549e562a22fb18403fc7bc6b4def70bb0d11910105a4dd77c54b861ec
5a73f87f07420169a612ff95ff21a682f2aa736351e566e36ef2330fe15323d4
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f271bbf91298b9c279178e4e042ec41ad5cdae437bfd015b910083754282a65
6f965531c70972c209917c1867f595940ad8a2416935c04d024a7373a28c234d
716c23b5bf6b4cdda0508291487873c7767ffc026acb18c52946d24a8f284144
8384e9c53eb3693f059050f90cc8ec99a8e2fe2758671393f13ea9f0a4635933
870121a26fabb87ad9a2ff678d2ec0aae82a919d26b8e9c926de896f4d8e8462
98b3bff80f182cd12cfd9f5a2ec500c9b296bb3e4c606a4fcc7fc8d314bc21fb
996862df1686747b978037477df2c3ec70effb20a7c5fbd9b4db095772d78b2c
9c19b3e7d4486f0d1c11fa6c3d628042a9a1cc5e386484e0cdeba44cbbe3a359
9de5747a000041b19cab32b4b7f101a2ff95cb50b51caa3bae69aaa7560b4bac
a0ea735f765d5bc1230beb63bcb701b69c80d77c48572a61bb159a8915903278
a63c58de8e2a25fada956cbbf88eadd244efd9d521a87ff41db1daeaca121831
a7d5500e6e1d3c7c9fc3f8281d1eb49a78f13788fd65c9da98b0a8476cef9b84
acafcfa13ac0009715e56a37d06cbf449292814ff4d2bec28457189d3a8e861b
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b35900ec42f99d275d07028b0a192a4f9b097780e03fb4fc6a8ffcf959146967
b6926e6d1b6a67b401f8dadf98adee531cbc51e667de7089cf175c18eb4a0256
b8f1aa413f3eb5304b579deba529ab7b57a793f4ef9bab033f8a450abf8e3fa4
b9991f67d7243acd284a6df9c6a74e49a83dd2a21d20ed72dd69603d1e914c77
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bc71c403dc6113c8597e111a99d6a6a197dd2f2355402f8392ca4812dca57d3d
c252483b3652cd0703315d627dfc2b433f497b0029e48b5f4b5c3b7f5cf987bb
c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d
ccc05acebaee3aae30ed78b2616ca32e6ae2090efb1a1d3b79e38dc5d8ca5886
d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a
d58ad6f49f6f268e1640104190bd2196306450aac1d7398cbda98e8330ab3a9b
e02ced55c00bbd3e69e305a6387b10ddc6982f02cdf09aa062853c9e582c47f7
e0fe9cc2d3bd0b6ba9c65924066a7179cb915d2d9dd5408d3ab9b95a35cdf09f
e5168b88a29580bb2e4c6bcaf94c24c2801eaef58751f8eafeeb7d050aec4838
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e68b934e545803318062d25e68d276d8c7f7c53f75de2beab2f5248f514888c3
ea5a1b4f2532d66acf4fba8905e2439f3d3df19699b6786d0b168a3e3bca4f13
eb15b9c707e97b510546f64b263492b44dc7092becf6a32734d2006d1e18b2cc
eca89d24cbc453e066518b70e8d5e08d43587276646747d45de949c7dc92e021
ed8d1b1ebb0bfb62343f83fb6820cbf7ff134072db28adadb2e37ab626118333
f4df0ad3a1e3277e98aadf3e5cf5d9bc4346e9ea995c1f78e0e2fb65839dbffc
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c