urlscan.io logo urlscan.io
SecurityTrails logo

get.steamrefund.com Open in urlscan Pro
2606:4700:20::ac43:4a40  Public Scan

Go To Rescan Add Verdict Report
URL: https://get.steamrefund.com/?agency=agencybell&utm_source=facebook&campaignid=23852746490130234&campaignname=%282023-02-12%2...
Submission: On July 31 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 31 IPs in 4 countries across 24 domains to perform 72 HTTP transactions. The main IP is 2606:4700:20::ac43:4a40, located in United States and belongs to CLOUDFLARENET, US. The main domain is get.steamrefund.com.
TLS certificate: Issued by GTS CA 1P5 on June 14th 2023. Valid for: 3 months.
This is the only time get.steamrefund.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 2606:4700:20:... 13335 (CLOUDFLAR...)
2 13.224.189.63 16509 (AMAZON-02)
2 2600:9000:210... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
15 52.222.137.70 16509 (AMAZON-02)
3 65.9.86.47 16509 (AMAZON-02)
1 34.192.61.144 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42::396 54113 (FASTLY)
2 151.101.65.44 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 104.126.37.185 20940 (AKAMAI-ASN1)
1 54.192.87.248 16509 (AMAZON-02)
1 146.75.116.157 54113 (FASTLY)
2 23.32.185.60 16625 (AKAMAI-AS)
1 5 2600:9000:225... 16509 (AMAZON-02)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2001:4860:480... 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
1 151.101.193.140 54113 (FASTLY)
2 70.42.32.159 13789 (INTERNAP-...)
1 104.244.42.133 13414 (TWITTER)
1 104.244.42.3 13414 (TWITTER)
1 104.198.8.50 15169 (GOOGLE)
5 35.190.43.134 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a05:d018:cc3... 16509 (AMAZON-02)
2 2a03:2880:f17... 32934 (FACEBOOK)
2 141.226.228.48 200478 (TABOOLA-AS)
72 31
4    2606:4700:20::ac43:4a40 (United States)

ASN13335 (CLOUDFLARENET, US)
get.steamrefund.com
2    13.224.189.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-63.fra2.r.cloudfront.net
builder-assets.unbounce.com
2    2600:9000:2104:0:b:3165:13c0:21 (United States)

ASN16509 (AMAZON-02, US)
d1wbjksx0xxdn3.cloudfront.net
4    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
15    52.222.137.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-137-70.ams50.r.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
3    65.9.86.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-86-47.ams1.r.cloudfront.net
fonts.ub-assets.com
1    34.192.61.144 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-61-144.compute-1.amazonaws.com
events.ub-analytics.com
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a04:4e42::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
2    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
1    2606:4700::6812:30 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.stape.io
4    104.126.37.185 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-185.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    54.192.87.248 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-87-248.ams50.r.cloudfront.net
sc-static.net
1    146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    23.32.185.60 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-60.deploy.static.akamaitechnologies.com
amplify.outbrain.com
wave.outbrain.com
5    2600:9000:225e:7200:6:9280:1080:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.adroll.com
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    151.101.193.140 (United States)

ASN54113 (FASTLY, US)
alb.reddit.com
2    70.42.32.159 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
tr.outbrain.com
1    104.244.42.133 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    104.198.8.50 (The Dalles, United States)

ASN15169 (GOOGLE, US)
PTR: 50.8.198.104.bc.googleusercontent.com
gtm.steamrefund.com
5    35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com
tr.snapchat.com
1    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a05:d018:cc3:fe05:1324:48bf:9255:4886 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
2    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
Apex Domain
Subdomains		 Transfer
17 cloudfront.net
d1wbjksx0xxdn3.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
448 KB
6 adroll.com
s.adroll.com — Cisco Umbrella Rank: 2657
d.adroll.com — Cisco Umbrella Rank: 1411
89 KB
5 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 936
1 KB
5 steamrefund.com
get.steamrefund.com
gtm.steamrefund.com
14 KB
4 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1914
www.google-analytics.com — Cisco Umbrella Rank: 58
21 KB
4 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 3176
tr.outbrain.com — Cisco Umbrella Rank: 2925
wave.outbrain.com — Cisco Umbrella Rank: 4240
8 KB
4 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 745
125 KB
4 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 861
trc.taboola.com — Cisco Umbrella Rank: 616
trc-events.taboola.com — Cisco Umbrella Rank: 1861
21 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 73
286 KB
3 ub-assets.com
fonts.ub-assets.com — Cisco Umbrella Rank: 27312
48 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
216 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 170
134 KB
2 unbounce.com
builder-assets.unbounce.com — Cisco Umbrella Rank: 22066
37 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 5772
455 B
1 google.com
www.google.com — Cisco Umbrella Rank: 3
455 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 688
727 B
1 t.co
t.co — Cisco Umbrella Rank: 525
377 B
1 reddit.com
alb.reddit.com — Cisco Umbrella Rank: 1510
637 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 713
15 KB
1 sc-static.net
sc-static.net — Cisco Umbrella Rank: 1124
16 KB
1 stape.io
cdn.stape.io — Cisco Umbrella Rank: 84490
6 KB
1 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1368
8 KB
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
2 KB
1 ub-analytics.com
events.ub-analytics.com — Cisco Umbrella Rank: 30602
282 B
72 24
Domain Requested by
15 d9hhrg4mnvzow.cloudfront.net get.steamrefund.com
5 tr.snapchat.com sc-static.net
5 s.adroll.com 1 redirects get.steamrefund.com
s.adroll.com
4 analytics.tiktok.com get.steamrefund.com
analytics.tiktok.com
4 www.googletagmanager.com get.steamrefund.com
www.googletagmanager.com
4 get.steamrefund.com 1 redirects get.steamrefund.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
get.steamrefund.com
3 fonts.ub-assets.com builder-assets.unbounce.com
fonts.ub-assets.com
2 trc-events.taboola.com cdn.taboola.com
2 www.facebook.com get.steamrefund.com
2 tr.outbrain.com amplify.outbrain.com
2 connect.facebook.net get.steamrefund.com
connect.facebook.net
2 d1wbjksx0xxdn3.cloudfront.net get.steamrefund.com
d1wbjksx0xxdn3.cloudfront.net
2 builder-assets.unbounce.com get.steamrefund.com
1 d.adroll.com s.adroll.com
1 www.google.de get.steamrefund.com
1 www.google.com get.steamrefund.com
1 gtm.steamrefund.com cdn.stape.io
1 trc.taboola.com cdn.taboola.com
1 analytics.twitter.com get.steamrefund.com
1 t.co get.steamrefund.com
1 wave.outbrain.com amplify.outbrain.com
1 alb.reddit.com get.steamrefund.com
1 region1.google-analytics.com www.googletagmanager.com
1 amplify.outbrain.com get.steamrefund.com
1 static.ads-twitter.com get.steamrefund.com
1 sc-static.net get.steamrefund.com
1 cdn.stape.io www.googletagmanager.com
1 cdn.taboola.com www.googletagmanager.com
1 www.redditstatic.com www.googletagmanager.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 events.ub-analytics.com get.steamrefund.com
72 32

This site contains no links.

Subject Issuer Validity Valid
steamrefund.com
GTS CA 1P5		 2023-06-14 -
2023-09-12		 3 months crt.sh
*.unbounce.com
Amazon RSA 2048 M01		 2023-02-21 -
2024-02-07		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
fonts.ub-assets.com
Amazon RSA 2048 M02		 2023-06-01 -
2024-06-29		 a year crt.sh
*.ub-analytics.com
Amazon RSA 2048 M01		 2023-03-11 -
2024-04-08		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-12 -
2023-10-08		 6 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
stape.io
Cloudflare Inc ECC CA-3		 2023-05-03 -
2024-05-02		 a year crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
sc-static.net
Amazon RSA 2048 M02		 2023-01-20 -
2024-02-18		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-11		 a year crt.sh
s.adroll.com
Amazon RSA 2048 M01		 2023-06-03 -
2024-07-01		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-05-10 -
2023-08-08		 3 months crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-19 -
2023-10-15		 6 months crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
gtm.steamrefund.com
R3		 2023-07-07 -
2023-10-05		 3 months crt.sh
*.snap.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-13 -
2024-04-12		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2022-11-08 -
2023-12-07		 a year crt.sh

This page contains 3 frames:

Primary Page: https://get.steamrefund.com/?agency=agencybell&utm_source=facebook&campaignid=23852746490130234&campaignname=%282023-02-12%29+ST+MAS%3A+Steam+Refund+-+Stage+1+Test+%28Prospecting+-+Valve+Games%29&adgroupid=23852768834250234&adgroupname=AS+52+abc+-+Valve+%28Software%29+%7C+18%2B+M%2FF+%7C+Signed+Retainer&creativeid=23852768834030234&creativename=0019+c&placement=an&network=an
Frame ID: D6DEE128512B0AA420062E31AFC9EE56
Requests: 69 HTTP requests in this frame

Frame: https://get.steamrefund.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/11b725eb/invisible.js
Frame ID: 04691F1B48F7E23A7B16F3C23DFBA64C
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=a1860529-0aae-45cb-a054-1bba5385bf0a&u_scsid=d36b4442-45b3-4ea1-8e22-c220f1c9c7ee&u_sclid=3c5bd3cf-27a9-421d-b1de-c6951ae4ab1d
Frame ID: 54A3719F4E8F65D84F11D7EE1122C94C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Steam Gamers: Possible Refund

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

72
Requests

96 %
HTTPS

47 %
IPv6

24
Domains

32
Subdomains

31
IPs

4
Countries

1282 kB
Transfer

3304 kB
Size

26
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://get.steamrefund.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • https://get.steamrefund.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/11b725eb/invisible.js
Request Chain 48
  • https://s.adroll.com/j/exp/6FGPXF7JBVHSVDCJIPGVKW/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js

72 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
get.steamrefund.com/ 		77 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://get.steamrefund.com/?agency=agencybell&utm_source=facebook&campaignid=23852746490130234&campaignname=%282023-02-12%29+ST+MAS%3A+Steam+Refund+-+Stage+1+Test+%28Prospecting+-+Valve+Games%29&adgroupid=23852768834250234&adgroupname=AS+52+abc+-+Valve+%28Software%29+%7C+18%2B+M%2FF+%7C+Signed+Retainer&creativeid=23852768834030234&creativename=0019+c&placement=an&network=an
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
731d3b616b4ce75ab36d3e7df072311a5db70d9698b9e1f467f9e6f9aa7ae8c3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7ef95af71a761901-FRA
content-encoding
br
content-location
https://get.steamrefund.com/
content-type
text/html; charset=utf-8
date
Mon, 31 Jul 2023 22:42:34 GMT
link
<https://get.steamrefund.com/>; rel="canonical"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nY1%2BLfW7Fu6YjE6%2BxTzp7b7POfsakTGzVE86pfMGG05Avwcx04K0MYnCtJJ4N9n0FJsUw15mTH5VktmgOW11%2FYZNaixdxrcrybrggy9nMau28JWaiw0Nou91Al6%2ByexkckPg8y1pgIzY%2BPQ9yPH8LYo%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-proxy-backend
page-server
x-unbounce-pageid
d526434c-0dc6-4d14-b154-0300c8623898
x-unbounce-variant
f
x-unbounce-visitorid
270185e1-a5f8-44b1-b352-0a6f2120f2c9
main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/?agency=agencybell&utm_source=facebook&campaignid=23852746490130234&campaignname=%282023-02-12%29+ST+MAS%3A+Steam+Refund+-+Stage+1+Test+%28Prospecting+-+Valve+Games%29&adgroupid=23852768834250234&adgroupname=AS+52+abc+-+Valve+%28Software%29+%7C+18%2B+M%2FF+%7C+Signed+Retainer&creativeid=23852768834030234&creativename=0019+c&placement=an&network=an
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-63.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 05:52:08 GMT
content-encoding
gzip
via
1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
x-amz-version-id
Hi0GplZUCMAlUo2d3AkAvO_Jy02q1fIj
x-amz-cf-pop
FRA2-C1
age
11638227
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2902
last-modified
Mon, 13 Mar 2023 16:18:47 GMT
server
AmazonS3
etag
"15295835030f315ea1ec0147abd5ea63"
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
kLIOvpYeTwFfbZTXqi4UzAmPx395VUPSLhuCJ1cdVC70Ezl2ns1liQ==
ub.js
d1wbjksx0xxdn3.cloudfront.net/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1wbjksx0xxdn3.cloudfront.net/ub.js?1687799037
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/?agency=agencybell&utm_source=facebook&campaignid=23852746490130234&campaignname=%282023-02-12%29+ST+MAS%3A+Steam+Refund+-+Stage+1+Test+%28Prospecting+-+Valve+Games%29&adgroupid=23852768834250234&adgroupname=AS+52+abc+-+Valve+%28Software%29+%7C+18%2B+M%2FF+%7C+Signed+Retainer&creativeid=23852768834030234&creativename=0019+c&placement=an&network=an
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:0:b:3165:13c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3537c6a36fae2d2132581b7915d51e1ed268ae146f5df18a84def7ed594fbe15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 26 Jun 2023 17:24:21 GMT
content-encoding
gzip
via
1.1 bdbb0d922c29917c00cfed799f55e7c2.cloudfront.net (CloudFront)
x-amz-version-id
DrDbRvFA9mO1umKMKkGWhgl31YCzXh7a
x-amz-cf-pop
AMS1-C1
age
3043094
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1864
last-modified
Mon, 26 Jun 2023 16:59:10 GMT
server
AmazonS3
etag
"118cee1e64f6b283233c55aee7da10da"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
0lpTHikaFZHZf-OSzAp61ibv8HA__KN8wdl6IHSIToAAbpmJayfx7g==
main.bundle-85a7477.z.js
builder-assets.unbounce.com/published-js/ 		104 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-js/main.bundle-85a7477.z.js
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/?agency=agencybell&utm_source=facebook&campaignid=23852746490130234&campaignname=%282023-02-12%29+ST+MAS%3A+Steam+Refund+-+Stage+1+Test+%28Prospecting+-+Valve+Games%29&adgroupid=23852768834250234&adgroupname=AS+52+abc+-+Valve+%28Software%29+%7C+18%2B+M%2FF+%7C+Signed+Retainer&creativeid=23852768834030234&creativename=0019+c&placement=an&network=an
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-63.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
85a747734bc4cf88e192f853e80b6bd25a7976dcea76af998f41c88ed64f6b86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 11 May 2023 04:58:19 GMT
content-encoding
gzip
via
1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
x-amz-version-id
TbQKLyFxqupjak3Mea65SB0HvILXqPo2
x-amz-cf-pop
FRA2-C1
age
7062256
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
33747
last-modified
Mon, 27 Feb 2023 19:12:56 GMT
server
AmazonS3
etag
"b4081a636463cc60b1faf49e579e8cb9"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
G25Hm16Yf6lQ1dREjEYXAT4Ms0iZQMkNgnkOnxYVceg3YQUWZ0gevw==
gtm.js
www.googletagmanager.com/ 		238 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WM6PL8S
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/?agency=agencybell&utm_source=facebook&campaignid=23852746490130234&campaignname=%282023-02-12%29+ST+MAS%3A+Steam+Refund+-+Stage+1+Test+%28Prospecting+-+Valve+Games%29&adgroupid=23852768834250234&adgroupname=AS+52+abc+-+Valve+%28Software%29+%7C+18%2B+M%2FF+%7C+Signed+Retainer&creativeid=23852768834030234&creativename=0019+c&placement=an&network=an
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9b5d9463af76d9a34c6da3a70c4d52bbab6ce07a8a875d5d3f9dba9eb35f48c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 22:42:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81383
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 21:35:07 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 31 Jul 2023 22:42:34 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/gif
51d1bd3d-vlvstm_10000000zk0mx00001v028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ 		331 KB
331 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/51d1bd3d-vlvstm_10000000zk0mx00001v028.png
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/?agency=agencybell&utm_source=facebook&campaignid=23852746490130234&campaignname=%282023-02-12%29+ST+MAS%3A+Steam+Refund+-+Stage+1+Test+%28Prospecting+-+Valve+Games%29&adgroupid=23852768834250234&adgroupname=AS+52+abc+-+Valve+%28Software%29+%7C+18%2B+M%2FF+%7C+Signed+Retainer&creativeid=23852768834030234&creativename=0019+c&placement=an&network=an
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.137.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-137-70.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5949cde2e457895671da9b112c4d9d582d997beaea8f1dc96625e77d21de2b47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 12:54:15 GMT
x-amz-version-id
Pyt2pAW3hXHdkbusYSGyscWCJGgcDBpv
via
1.1 d8c5e23736c47a3e5184b0a78042898e.cloudfront.net (CloudFront)
last-modified
Thu, 16 Mar 2023 23:50:38 GMT
server
AmazonS3
x-amz-cf-pop
AMS50-C1
age
35300
etag
"559c243c171fdd635cf4a024256dc6ac"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
338472
x-amz-cf-id
aBtnGKMwucICRGoVJ_2A6Jfq0CoUA7WdnIsBo2mLiR3pklVbzlXGnA==
sp-2.14.0.js
d1wbjksx0xxdn3.cloudfront.net/ 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1wbjksx0xxdn3.cloudfront.net/sp-2.14.0.js
Requested by
Host: d1wbjksx0xxdn3.cloudfront.net
URL: https://d1wbjksx0xxdn3.cloudfront.net/ub.js?1687799037
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:0:b:3165:13c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 26 Jun 2023 17:20:26 GMT
content-encoding
gzip
via
1.1 bdbb0d922c29917c00cfed799f55e7c2.cloudfront.net (CloudFront)
x-amz-version-id
0Jz2Bo4sfVFEftEdSoFX9n5OCEdIO6kj
x-amz-cf-pop
AMS1-C1
age
3043329
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30399
last-modified
Mon, 26 Jun 2023 16:59:50 GMT
server
AmazonS3
etag
"73de733c308b8b5e44d2a6242dc4bd99"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
OFz58MYB6Ra9CbyzjP2vXRcZPeFm2LjuIn9sH0RSy430Sk4zjT1dsQ==
069e1dc8-a282-4dba-a7aa-968cdc0f59d8
https://get.steamrefund.com/ 		5 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
blob:https://get.steamrefund.com/069e1dc8-a282-4dba-a7aa-968cdc0f59d8
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-85a7477.z.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4e5a3a4b4858e1659fc13663ba9fc8bd7b5e7ee16a1be8e7f96f36890253db31

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Length
5523
Content-Type
text/css
css
fonts.ub-assets.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/css?family=Montserrat:600%7CPT+Serif:regular
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-85a7477.z.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-47.ams1.r.cloudfront.net
Software
/
Resource Hash
6437cce713ff63bd708650a8ed269a6443223fc718ab070ff1d000231b7035c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 22:42:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 a156165ae278c5ddd408f18e7181dccc.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-amzn-requestid
ced82d7b-a453-4b7a-83a1-4c87d18973a1
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
I83STHJnoAMEO9g=
content-length
614
x-xss-protection
0
cross-origin-opener-policy
same-origin-allow-popups
x-amzn-trace-id
Root=1-64c838db-595467ab6fefb3b46bcfaf6b
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
x-amz-cf-id
g2gVIwUsFTmsZKQPrq_5Aut1IPgKdWnZ_PDtGzFwC5F-PmDIKTgliw==
78cb5a2b-mason-llp-logo_1096025000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/78cb5a2b-mason-llp-logo_1096025000000000000028.png
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/?agency=agencybell&utm_source=facebook&campaignid=23852746490130234&campaignname=%282023-02-12%29+ST+MAS%3A+Steam+Refund+-+Stage+1+Test+%28Prospecting+-+Valve+Games%29&adgroupid=23852768834250234&adgroupname=AS+52+abc+-+Valve+%28Software%29+%7C+18%2B+M%2FF+%7C+Signed+Retainer&creativeid=23852768834030234&creativename=0019+c&placement=an&network=an
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.137.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-137-70.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
894a03b7c93fe755e5367e332b177af9e0a511bc702cd2a85c0400c2d74e614a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:28:42 GMT
x-amz-version-id
PfkGGfYAKCa.AhA_lG1qIICqhVq8nz6d
via
1.1 d8c5e23736c47a3e5184b0a78042898e.cloudfront.net (CloudFront)
last-modified
Thu, 16 Mar 2023 23:50:38 GMT
server
AmazonS3
x-amz-cf-pop
AMS50-C1
age
620033
etag
"cd4803cf9411c95d357c34ff995fc6e0"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
2779
x-amz-cf-id
Hr0JB8RcFjLudswF1XDlu2u7fylDhCZSZAvAtWZyAXc-wYUn9aAbrw==
c830f7bb-super1_105302y000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/c830f7bb-super1_105302y000000000000028.png
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/?agency=agencybell&utm_source=facebook&campaignid=23852746490130234&campaignname=%282023-02-12%29+ST+MAS%3A+Steam+Refund+-+Stage+1+Test+%28Prospecting+-+Valve+Games%29&adgroupid=23852768834250234&adgroupname=AS+52+abc+-+Valve+%28Software%29+%7C+18%2B+M%2FF+%7C+Signed+Retainer&creativeid=23852768834030234&creativename=0019+c&placement=an&network=an
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.137.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-137-70.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8912f270dff53f0103d8bf3d654d0ead4b3de4f28e968c489d004d88070f39eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 21:11:48 GMT
x-amz-version-id
aB3zVs3tqW2GFEr0Cc47ufbA7Il1e2sm
via
1.1 d8c5e23736c47a3e5184b0a78042898e.cloudfront.net (CloudFront)
last-modified
Thu, 16 Mar 2023 23:50:39 GMT
server
AmazonS3
x-amz-cf-pop
AMS50-C1
age
351047
etag
"3e64e7e35ec8ae8f220da9c35328c19c"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
2990
x-amz-cf-id
gj_SjI4M22dL0RhnLLTbijfsQj6g1KUlDDxp1BqPDQhi430SSbioiQ==
0760bd0a-pj-mage-e1611939292573_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/0760bd0a-pj-mage-e1611939292573_1000000000000000000028.png
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/?agency=agencybell&utm_source=facebook&campaignid=23852746490130234&campaignname=%282023-02-12%29+ST+MAS%3A+Steam+Refund+-+Stage+1+Test+%28Prospecting+-+Valve+Games%29&adgroupid=23852768834250234&adgroupname=AS+52+abc+-+Valve+%28Software%29+%7C+18%2B+M%2FF+%7C+Signed+Retainer&creativeid=23852768834030234&creativename=0019+c&placement=an&network=an
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.137.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-137-70.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97da9553ce78d1a2a04f9bf2ede472522a9328bb7d4c820a2de807cec48fdc37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 16:41:03 GMT
x-amz-version-id
udkdaIgElMqP41XLkD8PDCaCcxR8LPIH
via
1.1 d8c5e23736c47a3e5184b0a78042898e.cloudfront.net (CloudFront)
last-modified
Thu, 16 Mar 2023 23:50:38 GMT
server
AmazonS3
x-amz-cf-pop
AMS50-C1
age
712892
etag
"b66486f26a714d16a58763c9408ef593"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
5797
x-amz-cf-id
FBbPWWPMNjGkLOh90fuHrfIaeYVMWMSIR64zJ1Mvy5ZCgEdtQhn98w==
7ecc3d0d-lf-founder-lockdown-2022_106g02s000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/7ecc3d0d-lf-founder-lockdown-2022_106g02s000000000000028.png
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/?agency=agencybell&utm_source=facebook&campaignid=23852746490130234&campaignname=%282023-02-12%29+ST+MAS%3A+Steam+Refund+-+Stage+1+Test+%28Prospecting+-+Valve+Games%29&adgroupid=23852768834250234&adgroupname=AS+52+abc+-+Valve+%28Software%29+%7C+18%2B+M%2FF+%7C+Signed+Retainer&creativeid=23852768834030234&creativename=0019+c&placement=an&network=an
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.137.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-137-70.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
456207cd45250c8ccb0fd84d653b7c64394e912f99a310da5422768b0504e711

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:28:42 GMT
x-amz-version-id
9Ivbq6jAPlJIDyyy3ScSNwCZIsywdn0m
via
1.1 d8c5e23736c47a3e5184b0a78042898e.cloudfront.net (CloudFront)
last-modified
Thu, 16 Mar 2023 23:50:38 GMT
server
AmazonS3
x-amz-cf-pop
AMS50-C1
age
620033
etag
"54072a1cb53cdea013cd93d37caa7317"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
7003
x-amz-cf-id
1jMVg_2BLTvanER5Mej00SMEUSc2vgv75dQG2XpMvU7ED2rA5L_2vg==
696855d1-ntl-top-100-flat-badge-1021x1024-1_102w02w00000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/696855d1-ntl-top-100-flat-badge-1021x1024-1_102w02w00000000000001o.jpg
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/?agency=agencybell&utm_source=facebook&campaignid=23852746490130234&campaignname=%282023-02-12%29+ST+MAS%3A+Steam+Refund+-+Stage+1+Test+%28Prospecting+-+Valve+Games%29&adgroupid=23852768834250234&adgroupname=AS+52+abc+-+Valve+%28Software%29+%7C+18%2B+M%2FF+%7C+Signed+Retainer&creativeid=23852768834030234&creativename=0019+c&placement=an&network=an
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.137.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-137-70.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bfb31ad287f7b31afae1f180a12bbb9c14ca4643cbc43b9c7f72618934c0ac9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 21:11:48 GMT
x-amz-version-id
WpxUqM7Sy5cBjsJ3.tEP8rVPEjJmxXV.
via
1.1 d8c5e23736c47a3e5184b0a78042898e.cloudfront.net (CloudFront)
last-modified
Thu, 16 Mar 2023 23:50:38 GMT
server
AmazonS3
x-amz-cf-pop
AMS50-C1
age
351047
etag
"941d90fdf23fe51d81528c7d002a9b0b"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31557600
accept-ranges
bytes
content-length
3626
x-amz-cf-id
BuSvJ1vJF-NsI4OVwDNJvItXnqr2MLq6hMVTJr0A09UXZN9oLP-s_A==
2f86d8e7-lawsuit-settlement-1_108204m000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/2f86d8e7-lawsuit-settlement-1_108204m000000000000028.png
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/?agency=agencybell&utm_source=facebook&campaignid=23852746490130234&campaignname=%282023-02-12%29+ST+MAS%3A+Steam+Refund+-+Stage+1+Test+%28Prospecting+-+Valve+Games%29&adgroupid=23852768834250234&adgroupname=AS+52+abc+-+Valve+%28Software%29+%7C+18%2B+M%2FF+%7C+Signed+Retainer&creativeid=23852768834030234&creativename=0019+c&placement=an&network=an
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.137.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-137-70.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cababe098647cd4f80454377f78cece1d9c903a90938db4aa32d87fd34aaac61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 12:54:15 GMT
x-amz-version-id
DFC1HET_LExxClVFf29a3WeGjeT5LY4X
via
1.1 d8c5e23736c47a3e5184b0a78042898e.cloudfront.net (CloudFront)
last-modified
Thu, 16 Mar 2023 23:50:38 GMT
server
AmazonS3
x-amz-cf-pop
AMS50-C1
age
35301
etag
"df6b9e481bcba7b2877308962769f6df"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
13827
x-amz-cf-id
p_17FAkVSxzO6eLabCFOz-qkQGAE8OXn2ImE-aFJDo1QRl_OfqnckQ==
09de75e4-lawsuit-settlement-2_108204m000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/09de75e4-lawsuit-settlement-2_108204m000000000000028.png
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/?agency=agencybell&utm_source=facebook&campaignid=23852746490130234&campaignname=%282023-02-12%29+ST+MAS%3A+Steam+Refund+-+Stage+1+Test+%28Prospecting+-+Valve+Games%29&adgroupid=23852768834250234&adgroupname=AS+52+abc+-+Valve+%28Software%29+%7C+18%2B+M%2FF+%7C+Signed+Retainer&creativeid=23852768834030234&creativename=0019+c&placement=an&network=an
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.137.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-137-70.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7db89be8c6619ccda15be79150972cc7c033d6b559943a11bacde4aa572000ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 12:54:15 GMT
x-amz-version-id
EpPyL.vSWEwuSQrm3_Qy7yJAaxUdfq.q
via
1.1 d8c5e23736c47a3e5184b0a78042898e.cloudfront.net (CloudFront)
last-modified
Thu, 16 Mar 2023 23:50:38 GMT
server
AmazonS3
x-amz-cf-pop
AMS50-C1
age
35301
etag
"a469e69812c01d688085477f9b0d82fa"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
18133
x-amz-cf-id
bfjk2c8tt_PUVt0KdVaYkKsljP1E6Ifq0_N3woTObWFTXHBtGdAmvA==
2da7c1a5-lawsuit-settlement-3_108204l000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/2da7c1a5-lawsuit-settlement-3_108204l000000000000028.png
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/?agency=agencybell&utm_source=facebook&campaignid=23852746490130234&campaignname=%282023-02-12%29+ST+MAS%3A+Steam+Refund+-+Stage+1+Test+%28Prospecting+-+Valve+Games%29&adgroupid=23852768834250234&adgroupname=AS+52+abc+-+Valve+%28Software%29+%7C+18%2B+M%2FF+%7C+Signed+Retainer&creativeid=23852768834030234&creativename=0019+c&placement=an&network=an
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.137.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-137-70.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
639a44504eb21a9ccefcb1b0a8db4717408b4ef8e7ff93611e948f4c3b49b460

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 21:11:48 GMT
x-amz-version-id
lXC7uYxaMqeWwHmFlKyQ1GaBzWzAmFKN
via
1.1 d8c5e23736c47a3e5184b0a78042898e.cloudfront.net (CloudFront)
last-modified
Thu, 16 Mar 2023 23:50:38 GMT
server
AmazonS3
x-amz-cf-pop
AMS50-C1
age
351048
etag
"e69fb767d5a08505b02e53cc19005a73"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
12130
x-amz-cf-id
qBySJWG8Z0R5m0-zEAX0jcOKVxb_uYc3VHpQknVSlRYiPIxk7iCpPw==
803304b1-ign-logo-1536x864_104502b000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/803304b1-ign-logo-1536x864_104502b000000000000028.png
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/?agency=agencybell&utm_source=facebook&campaignid=23852746490130234&campaignname=%282023-02-12%29+ST+MAS%3A+Steam+Refund+-+Stage+1+Test+%28Prospecting+-+Valve+Games%29&adgroupid=23852768834250234&adgroupname=AS+52+abc+-+Valve+%28Software%29+%7C+18%2B+M%2FF+%7C+Signed+Retainer&creativeid=23852768834030234&creativename=0019+c&placement=an&network=an
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.137.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-137-70.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4206aea9d4731e3537b5a3e0d6b0bed82179891d0c6354ebb9cf80cc0d30cfef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 21:11:48 GMT
x-amz-version-id
ZOWx_51bhwwAsLYzNUE6n2UPJ.lLmvZP
via
1.1 d8c5e23736c47a3e5184b0a78042898e.cloudfront.net (CloudFront)
last-modified
Thu, 16 Mar 2023 23:50:38 GMT
server
AmazonS3
x-amz-cf-pop
AMS50-C1
age
351048
etag
"7bcb922759fd4d84fa03ab8780518252"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
1616
x-amz-cf-id
6IX-rgsDwRi9g6qLefDM4ttUz-3zG0vbGsnM6Ehxl1LMpq2e7jpsEg==
fccf38a4-shack-news-logo_106h016000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/fccf38a4-shack-news-logo_106h016000000000000028.png
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/?agency=agencybell&utm_source=facebook&campaignid=23852746490130234&campaignname=%282023-02-12%29+ST+MAS%3A+Steam+Refund+-+Stage+1+Test+%28Prospecting+-+Valve+Games%29&adgroupid=23852768834250234&adgroupname=AS+52+abc+-+Valve+%28Software%29+%7C+18%2B+M%2FF+%7C+Signed+Retainer&creativeid=23852768834030234&creativename=0019+c&placement=an&network=an
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.137.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-137-70.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e1e5b21a92e417a421cec29ba2ccc6dd60eeca773aa145c4802657d8fed02a42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 12:54:15 GMT
x-amz-version-id
_MNYSwEMscoBz3zTYH1.GPz.VuuU7TPv
via
1.1 d8c5e23736c47a3e5184b0a78042898e.cloudfront.net (CloudFront)
last-modified
Thu, 16 Mar 2023 23:50:39 GMT
server
AmazonS3
x-amz-cf-pop
AMS50-C1
age
35300
etag
"c0e55ff1a51c1c1ab1dbb14c3a14f3f2"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
2826
x-amz-cf-id
DuU3BcCy0VhCHkChg2v4ELon9VCL894DTrgQYflfuEndPMxIjszgrg==
c3c7b570-game-rant-logo2_107e010000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/c3c7b570-game-rant-logo2_107e010000000000000028.png
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/?agency=agencybell&utm_source=facebook&campaignid=23852746490130234&campaignname=%282023-02-12%29+ST+MAS%3A+Steam+Refund+-+Stage+1+Test+%28Prospecting+-+Valve+Games%29&adgroupid=23852768834250234&adgroupname=AS+52+abc+-+Valve+%28Software%29+%7C+18%2B+M%2FF+%7C+Signed+Retainer&creativeid=23852768834030234&creativename=0019+c&placement=an&network=an
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.137.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-137-70.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e0c11eef6f6ab1e486807d65ceb85f844c8692c2b1d41e8e7b5a7dbfc1d7e8a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sun, 30 Jul 2023 03:21:30 GMT
x-amz-version-id
Kk7oDynBhjIm_yfsd7uQ2.Y_3ea0DOr9
via
1.1 d8c5e23736c47a3e5184b0a78042898e.cloudfront.net (CloudFront)
last-modified
Thu, 16 Mar 2023 23:50:39 GMT
server
AmazonS3
x-amz-cf-pop
AMS50-C1
age
156066
etag
"fe33fb6ca063e7f4e94d476fd7858042"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
2140
x-amz-cf-id
MQT9xMm6ES6YX-qEtSUEsj9uEAbSFGJ_-KmvrgsRMkkF_s8NZ5Dgtg==
5db5dd54-1600px-pc-gamer-old-logo-svg_107e01j000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/5db5dd54-1600px-pc-gamer-old-logo-svg_107e01j000000000000028.png
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/?agency=agencybell&utm_source=facebook&campaignid=23852746490130234&campaignname=%282023-02-12%29+ST+MAS%3A+Steam+Refund+-+Stage+1+Test+%28Prospecting+-+Valve+Games%29&adgroupid=23852768834250234&adgroupname=AS+52+abc+-+Valve+%28Software%29+%7C+18%2B+M%2FF+%7C+Signed+Retainer&creativeid=23852768834030234&creativename=0019+c&placement=an&network=an
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.137.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-137-70.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
096f7954e8e41553e39e3f290efc4a79553cb926cc4fa362e126c7204fc9130d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 12:54:16 GMT
x-amz-version-id
AqfRUaDc_qaU0zo9lFELCvKDnXghCfpn
via
1.1 d8c5e23736c47a3e5184b0a78042898e.cloudfront.net (CloudFront)
last-modified
Thu, 16 Mar 2023 23:50:38 GMT
server
AmazonS3
x-amz-cf-pop
AMS50-C1
age
35300
etag
"1990686fa110c07707dcee247cbd5362"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
2786
x-amz-cf-id
Udm7_BtDRT4P0qh-lGVl00x0BOKO5eaBU6qLxWL6Z8T1ypfTFC6dug==
ce9c8e93-logo-of-gamespot-svg_106j024000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ce9c8e93-logo-of-gamespot-svg_106j024000000000000028.png
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/?agency=agencybell&utm_source=facebook&campaignid=23852746490130234&campaignname=%282023-02-12%29+ST+MAS%3A+Steam+Refund+-+Stage+1+Test+%28Prospecting+-+Valve+Games%29&adgroupid=23852768834250234&adgroupname=AS+52+abc+-+Valve+%28Software%29+%7C+18%2B+M%2FF+%7C+Signed+Retainer&creativeid=23852768834030234&creativename=0019+c&placement=an&network=an
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.137.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-137-70.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5836fd0454a66f98cc72445de9a15615492621c13002c2470e1a1cf0af1b7b59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 21:11:48 GMT
x-amz-version-id
TK7em8fbTRz6B36Gr.6dWmoyaYODMUVa
via
1.1 d8c5e23736c47a3e5184b0a78042898e.cloudfront.net (CloudFront)
last-modified
Thu, 16 Mar 2023 23:50:39 GMT
server
AmazonS3
x-amz-cf-pop
AMS50-C1
age
351048
etag
"2ce7c87a626d600553f837bd8a47e785"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
3280
x-amz-cf-id
XpDDAZcBJkFrXSOOxSKX0Ieylexq6u14LIRJDMjm5OyaY96z70z1rQ==
f308602a-0352-eurogamer-logo.svg
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/f308602a-0352-eurogamer-logo.svg
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/?agency=agencybell&utm_source=facebook&campaignid=23852746490130234&campaignname=%282023-02-12%29+ST+MAS%3A+Steam+Refund+-+Stage+1+Test+%28Prospecting+-+Valve+Games%29&adgroupid=23852768834250234&adgroupname=AS+52+abc+-+Valve+%28Software%29+%7C+18%2B+M%2FF+%7C+Signed+Retainer&creativeid=23852768834030234&creativename=0019+c&placement=an&network=an
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.137.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-137-70.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0afb6faff44a842fe76a446a279686f8e6a9fceae1549a22468033c653860225

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 02:45:08 GMT
x-amz-version-id
SfffJWp8XTpSoh6HNju3jOXyfAYoIx6G
content-encoding
gzip
last-modified
Thu, 16 Mar 2023 23:50:39 GMT
server
AmazonS3
via
1.1 d8c5e23736c47a3e5184b0a78042898e.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS50-C1
etag
W/"a7116c911d88a4d87c2d6905a3c87b9d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=31557600
age
71848
x-amz-cf-id
yyniy0jhU8z0diIlUcZ-Y5eYHAe1VVl0AujOlLaNr24x8S3Ws25HQg==
invisible.js
get.steamrefund.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/11b725eb/ Frame 0469
Redirect Chain
  • https://get.steamrefund.com/cdn-cgi/challenge-platform/scripts/invisible.js
  • https://get.steamrefund.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/11b725eb/invisible.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.steamrefund.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/11b725eb/invisible.js
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/?agency=agencybell&utm_source=facebook&campaignid=23852746490130234&campaignname=%282023-02-12%29+ST+MAS%3A+Steam+Refund+-+Stage+1+Test+%28Prospecting+-+Valve+Games%29&adgroupid=23852768834250234&adgroupname=AS+52+abc+-+Valve+%28Software%29+%7C+18%2B+M%2FF+%7C+Signed+Retainer&creativeid=23852768834030234&creativename=0019+c&placement=an&network=an
Protocol
H2
Server
2606:4700:20::ac43:4a40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb21a5f2d2c39c399737283c8f24bb43100eb0823717ac8a9315405d61996d4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 22:42:34 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tjf2i957T%2BIHuYfVL%2BGkXaQGqE1POGmYVuWq%2BDmk%2BoranW6zwuZcv4J2d2OeMIXyWk87YbTotFmF120zwMCID3SYkcCtDu81daooVTXWBBwLZpAtCDiq68CB8Jda%2BiWC2fhFb642wNmBMNY1cpW4S4k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7ef95af8ac3a1901-FRA

Redirect headers

date
Mon, 31 Jul 2023 22:42:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mlp6MjGfgQUFKoESIa6pV0rIilRzekovP5hgPnuxjwa%2BRszjD5gy9r5QQXMn9DCZEZoVd0DI28HxXAM2Jc6wXm893UKZT%2Bqy8J66jGfNpZbsuJvwE2Pvfb9ljAqup0RZ%2BC8fxy%2FXWldFWK5%2FC3Xjf5M%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/11b725eb/invisible.js
cache-control
max-age=300, public
cf-ray
7ef95af88c141901-FRA
i
events.ub-analytics.com/ 		43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.ub-analytics.com/i?stm=1690843354983&e=pv&url=https%3A%2F%2Fget.steamrefund.com%2F%3Fagency%3Dagencybell%26utm_source%3Dfacebook%26campaignid%3D23852746490130234%26campaignname%3D%25282023-02-12%2529%2BST%2BMAS%253A%2BSteam%2BRefund%2B-%2BStage%2B1%2BTest%2B%2528Prospecting%2B-%2BValve%2BGames%2529%26adgroupid%3D23852768834250234%26adgroupname%3DAS%2B52%2Babc%2B-%2BValve%2B%2528Software%2529%2B%257C%2B18%252B%2BM%252FF%2B%257C%2BSigned%2BRetainer%26creativeid%3D23852768834030234%26creativename%3D0019%2Bc%26placement%3Dan%26network%3Dan&page=Steam%20Gamers%3A%20Possible%20Refund&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=bcae8131-7360-4b3e-8ccd-f8085a402d0a&dtm=1690843354982&vp=1600x1200&ds=1600x1884&vid=1&sid=de8c988c-5582-48f2-a7c5-1ef32e907230&duid=6d162136-b3df-41b0-9e16-76148c30515f&uid=270185e1-a5f8-44b1-b352-0a6f2120f2c9&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiZDUyNjQzNGMtMGRjNi00ZDE0LWIxNTQtMDMwMGM4NjIzODk4IiwidmFyaWFudElkIjoiZiIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6ImR0YSJ9fV19
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/?agency=agencybell&utm_source=facebook&campaignid=23852746490130234&campaignname=%282023-02-12%29+ST+MAS%3A+Steam+Refund+-+Stage+1+Test+%28Prospecting+-+Valve+Games%29&adgroupid=23852768834250234&adgroupname=AS+52+abc+-+Valve+%28Software%29+%7C+18%2B+M%2FF+%7C+Signed+Retainer&creativeid=23852768834030234&creativename=0019+c&placement=an&network=an
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.61.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-61-144.compute-1.amazonaws.com
Software
akka-http/10.2.9 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 22:42:35 GMT
server
akka-http/10.2.9
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
43
7ef95af71a761901
get.steamrefund.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 0469 		0
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://get.steamrefund.com/cdn-cgi/challenge-platform/h/b/cv/result/7ef95af71a761901
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 31 Jul 2023 22:42:35 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
7ef95af95d071901-FRA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GDcqDuAy2Oa8nCC3rXYIKWWGBipRdtaEcZ0cORtld9FtaZkKtF%2Fy1gGW1mdO921Xl64qgMP3E6y3E3qqvOBw2amppMHv7gL7jpQwSYefMecmREr2H3wxXAaF4E7TIlSPWN%2FEybk5jhf53sm%2B5L9ri3w%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11050824091/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11050824091/?random=1690843355113&cv=11&fst=1690843355113&bg=ffffff&guid=ON&async=1&gtm=45He37q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fget.steamrefund.com%2F%3Fagency%3Dagencybell%26utm_source%3Dfacebook%26campaignid%3D23852746490130234%26campaignname%3D%25282023-02-12%2529%2BST%2BMAS%253A%2BSteam%2BRefund%2B-%2BStage%2B1%2BTest%2B%2528Prospecting%2B-%2BValve%2BGames%2529%26adgroupid%3D23852768834250234%26adgroupname%3DAS%2B52%2Babc%2B-%2BValve%2B%2528Software%2529%2B%257C%2B18%252B%2BM%252FF%2B%257C%2BSigned%2BRetainer%26creativeid%3D23852768834030234%26creativename%3D0019%2Bc%26placement%3Dan%26network%3Dan&hn=www.googleadservices.com&frm=0&tiba=Steam%20Gamers%3A%20Possible%20Refund&auid=2015553018.1690843355&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WM6PL8S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75c13fbd9a8b4628af35b4405fcbd6658a31939cfd57f5ae6602cbd2c0d5d2be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 22:42:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1551
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.js
www.redditstatic.com/ads/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WM6PL8S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 22:42:35 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Thu, 15 Jun 2023 20:49:59 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"4a205643a240cb95fa82289d62b5af7e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
7409
tfa.js
cdn.taboola.com/libtrc/unip/1515208/ 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1515208/tfa.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WM6PL8S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
da3e5ede2326c1fac68d3e867d4e2c51bdcb77e5928fe229d6bc8363a7e8b694

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
1TkCpu8zQeczF1iu_FkpiqYdCvaX72KD
content-encoding
gzip
via
1.1 varnish
date
Mon, 31 Jul 2023 22:42:35 GMT
x-amz-request-id
FH6NQ1QQX2RYF9EN
age
22634
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
18369
x-amz-id-2
Hl4UztsVbl/vs2eWb7SmDmhHXe8QV7MK+Tii0caM7gyTWHkr9PlEWV5ZgwyMttJwkZFxLOH2Tsw=
x-served-by
cache-muc13951-MUC
last-modified
Mon, 31 Jul 2023 08:54:55 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1690843355.222001,VS0,VE1
etag
"7183f6a4402e245b30d33ad5b9113769"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
72
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
v5.js
cdn.stape.io/dtag/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stape.io/dtag/v5.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WM6PL8S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7657eea272b62c540e89a651d3ce05555e18062e77e4734247e5458908d1773
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 22:42:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1237814
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Mon, 23 May 2022 07:46:57 GMT
server
cloudflare
etag
W/"628b3bf1-39c0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
7ef95afa1abc1cc5-FRA
expires
Tue, 30 Jul 2024 22:42:35 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CEIHHGRC77UD28TRBJC0&lib=ttq
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/?agency=agencybell&utm_source=facebook&campaignid=23852746490130234&campaignname=%282023-02-12%29+ST+MAS%3A+Steam+Refund+-+Stage+1+Test+%28Prospecting+-+Valve+Games%29&adgroupid=23852768834250234&adgroupname=AS+52+abc+-+Valve+%28Software%29+%7C+18%2B+M%2FF+%7C+Signed+Retainer&creativeid=23852768834030234&creativename=0019+c&placement=an&network=an
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-185.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9895b2e17bbfefa556e9e107cc00713a6e808d2216e460e473525be529d0c9c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-akamai-request-id
835542db.1eb608f7
date
Mon, 31 Jul 2023 22:42:35 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-126-37-181.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-)
x-parent-response-time
217,104.126.37.181
server-timing
cdn-cache; desc=MISS, edge; dur=185, origin; dur=32, inner; dur=3
content-length
1227
pragma
no-cache
server
nginx
x-tt-logid
20230731224235345312C3D3FBAC27785F
x-cache-remote
TCP_MISS from a23-220-105-155.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
33,23.220.105.155
x-tt-trace-host
01588f606d41f8f3694862e810e21a29afa789fb9d8cd08d1f8edbd8cfc298efa2a3a9f4118e40a71dfcb506abe56e76988b09575db949c08df9df087fa1e59fd9a0865f37d0950acc741127d537cde540e53d0a501a37aa108de04fd1958420f879cba9710909041b0049b2b93b8ae3c2
expires
Mon, 31 Jul 2023 22:42:35 GMT
scevent.min.js
sc-static.net/ 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/?agency=agencybell&utm_source=facebook&campaignid=23852746490130234&campaignname=%282023-02-12%29+ST+MAS%3A+Steam+Refund+-+Stage+1+Test+%28Prospecting+-+Valve+Games%29&adgroupid=23852768834250234&adgroupname=AS+52+abc+-+Valve+%28Software%29+%7C+18%2B+M%2FF+%7C+Signed+Retainer&creativeid=23852768834030234&creativename=0019+c&placement=an&network=an
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.87.248 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-87-248.ams50.r.cloudfront.net
Software
CloudFront /
Resource Hash
5b3c70ac6c6912d933cd038b99d3f571c362f4efb49162332eec57d0f93e8afa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 22:42:35 GMT
content-encoding
gzip
via
1.1 e286b474b1ba30ed08f54fc007fcfa08.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
AMS50-C1
x-cache
Miss from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
16324
x-amz-cf-id
bJcYlUFYde6DUTIATeudKfaNDrRmwOlYgD3P_2RDyMUw8y_xjauRzw==
js
www.googletagmanager.com/gtag/ 		257 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P48CLNLYJE
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WM6PL8S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9b4b52527edefc359d82575987a26d65c3ff57d3204ceb283af92c5a5d33e7f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 22:42:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88596
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 31 Jul 2023 22:42:35 GMT
js
www.googletagmanager.com/gtag/ 		162 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-252624536-1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WM6PL8S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1db9fa3311efea14186f26682f969a8687f9a04b4f6540cf0d424ba2193f94dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 22:42:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61089
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 21:35:07 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 31 Jul 2023 22:42:35 GMT
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/?agency=agencybell&utm_source=facebook&campaignid=23852746490130234&campaignname=%282023-02-12%29+ST+MAS%3A+Steam+Refund+-+Stage+1+Test+%28Prospecting+-+Valve+Games%29&adgroupid=23852768834250234&adgroupname=AS+52+abc+-+Valve+%28Software%29+%7C+18%2B+M%2FF+%7C+Signed+Retainer&creativeid=23852768834030234&creativename=0019+c&placement=an&network=an
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 22:42:35 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 16:56:53 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-eddf8230031-FRA
obtp.js
amplify.outbrain.com/cp/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/?agency=agencybell&utm_source=facebook&campaignid=23852746490130234&campaignname=%282023-02-12%29+ST+MAS%3A+Steam+Refund+-+Stage+1+Test+%28Prospecting+-+Valve+Games%29&adgroupid=23852768834250234&adgroupname=AS+52+abc+-+Valve+%28Software%29+%7C+18%2B+M%2FF+%7C+Signed+Retainer&creativeid=23852768834030234&creativename=0019+c&placement=an&network=an
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
90734058f9833d9278ec4e2e8afb1a017e502b20d37038b9584ca8e00fc9b46a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Mon, 31 Jul 2023 22:42:35 GMT
Content-Encoding
gzip
Last-Modified
Mon, 31 Jul 2023 08:52:24 GMT
Server
AkamaiNetStorage
ETag
"bd841cdb4abf95686c38fb5009d4dbb5:1690794822.884996"
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-RG
EU
Cache-Control
max-age=1200
X-CC
DE
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7076
Expires
Mon, 31 Jul 2023 23:02:35 GMT
roundtrip.js
s.adroll.com/j/6FGPXF7JBVHSVDCJIPGVKW/ 		96 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/6FGPXF7JBVHSVDCJIPGVKW/roundtrip.js
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/?agency=agencybell&utm_source=facebook&campaignid=23852746490130234&campaignname=%282023-02-12%29+ST+MAS%3A+Steam+Refund+-+Stage+1+Test+%28Prospecting+-+Valve+Games%29&adgroupid=23852768834250234&adgroupname=AS+52+abc+-+Valve+%28Software%29+%7C+18%2B+M%2FF+%7C+Signed+Retainer&creativeid=23852768834030234&creativename=0019+c&placement=an&network=an
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:7200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f8b5c1fd8cc69f1430d409277ce6ad1e171e4470acbc8bb7844d2f7edec4377f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

X-Amz-Version-Id
g1DYX8NtjsPkkTWsMWrysR8lLWCl1NDJ
Content-Encoding
gzip
Via
1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
Date
Mon, 31 Jul 2023 22:42:35 GMT
Age
2737
X-Amz-Cf-Pop
FRA60-P4
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon, 31 Jul 2023 12:00:40 GMT
Server
AmazonS3
Etag
W/"fdb730ee68491b531e0f4c78ca6dc838"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Max-Age
600
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
0ymHy8JbMftRHgxNwNLQKje0JBF04CKMckafkIXS65e-LXK1oe6ToQ==
fbevents.js
connect.facebook.net/en_US/ 		172 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/?agency=agencybell&utm_source=facebook&campaignid=23852746490130234&campaignname=%282023-02-12%29+ST+MAS%3A+Steam+Refund+-+Stage+1+Test+%28Prospecting+-+Valve+Games%29&adgroupid=23852768834250234&adgroupname=AS+52+abc+-+Valve+%28Software%29+%7C+18%2B+M%2FF+%7C+Signed+Retainer&creativeid=23852768834030234&creativename=0019+c&placement=an&network=an
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c99ff58c3dc4deb821c87dc9c45aed4af66541ceb1b0f62ec208114ffc37dbf4
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 31 Jul 2023 22:42:35 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
47198
x-xss-protection
0
pragma
public
x-fb-debug
Axrkr4GsuT2AtFIq+iCtqHfT7EyBNZkBCyHWgCWwUE84IFoZLC5NVqkVuEQsllgcQMH8eijE0/3xxqFgT/uM0A==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		162 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-252624536-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P48CLNLYJE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
eca21a75bee7163e8a914c037a887e31dfd7726c28f5f7cf39b937daab49cd97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 22:42:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61168
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 21:35:07 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 31 Jul 2023 22:42:35 GMT
collect
region1.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-P48CLNLYJE&gtm=45je37q0&_p=1780554843&cid=1378764228.1690843355&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1690843355&sct=1&seg=0&dl=https%3A%2F%2Fget.steamrefund.com%2F%3Fagency%3Dagencybell%26utm_source%3Dfacebook%26campaignid%3D23852746490130234%26campaignname%3D%25282023-02-12%2529%2BST%2BMAS%253A%2BSteam%2BRefund%2B-%2BStage%2B1%2BTest%2B%2528Prospecting%2B-%2BValve%2BGames%2529%26adgroupid%3D23852768834250234%26adgroupname%3DAS%2B52%2Babc%2B-%2BValve%2B%2528Software%2529%2B%257C%2B18%252B%2BM%252FF%2B%257C%2BSigned%2BRetainer%26creativeid%3D23852768834030234%26creativename%3D0019%2Bc%26placement%3Dan%26network%3Dan&dt=Steam%20Gamers%3A%20Possible%20Refund&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P48CLNLYJE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 22:42:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://get.steamrefund.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-252624536-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 31 Jul 2023 22:01:00 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
2495
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 01 Aug 2023 00:01:00 GMT
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1690843355271&id=t2_f8rkva25&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=ada83ec8-588e-4445-9ebc-0fad9e8ae04f&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_f5bd31b2
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/?agency=agencybell&utm_source=facebook&campaignid=23852746490130234&campaignname=%282023-02-12%29+ST+MAS%3A+Steam+Refund+-+Stage+1+Test+%28Prospecting+-+Valve+Games%29&adgroupid=23852768834250234&adgroupname=AS+52+abc+-+Valve+%28Software%29+%7C+18%2B+M%2FF+%7C+Signed+Retainer&creativeid=23852768834030234&creativename=0019+c&placement=an&network=an
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 22:42:35 GMT
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server
Varnish
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
unifiedPixel
tr.outbrain.com/ 		53 B
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/unifiedPixel?optOut=false&bust=03866047656386007&referrer=&cht=gtm&marketerId=009063823c6ff0a709127c2dd74e59c875&name=PAGE_VIEW&dl=https%3A%2F%2Fget.steamrefund.com%2F%3Fagency%3Dagencybell%26utm_source%3Dfacebook%26campaignid%3D23852746490130234%26campaignname%3D%25282023-02-12%2529%2BST%2BMAS%253A%2BSteam%2BRefund%2B-%2BStage%2B1%2BTest%2B%2528Prospecting%2B-%2BValve%2BGames%2529%26adgroupid%3D23852768834250234%26adgroupname%3DAS%2B52%2Babc%2B-%2BValve%2B%2528Software%2529%2B%257C%2B18%252B%2BM%252FF%2B%257C%2BSigned%2BRetainer%26creativeid%3D23852768834030234%26creativename%3D0019%2Bc%26placement%3Dan%26network%3Dan&g=1&obApiVersion=1.1&obtpVersion=2.0.5
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Mon, 31 Jul 2023 22:42:35 GMT
Cache-Control
no-cache
content-encoding
br
X-TraceId
d6fd9c025a6b7a4e397b55b6f2a189fc
Content-Length
54
Content-Type
image/gif;
cachedClickId
tr.outbrain.com/ 		35 B
220 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=009063823c6ff0a709127c2dd74e59c875
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Mon, 31 Jul 2023 22:42:35 GMT
content-encoding
br
X-TraceId
bb46e0af16bb2a322b2acaa074ddfbf2
Content-Length
39
Content-Type
application/javascript
009063823c6ff0a709127c2dd74e59c875
wave.outbrain.com/mtWavesBundler/handler/ 		2 B
399 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wave.outbrain.com/mtWavesBundler/handler/009063823c6ff0a709127c2dd74e59c875
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Mon, 31 Jul 2023 22:42:35 GMT
ob-sent-time
1690843355779
ETag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
X-RG
EU
Cache-Control
max-age=300
X-CC
DE
Connection
keep-alive
X-TraceId
e1e20dbf69848cd60d30d6daa25bd137
Content-Length
2
Expires
Mon, 31 Jul 2023 22:47:35 GMT
adsct
t.co/1/i/ 		43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=10bf6808-78ca-4d0d-83b4-1a366243b2e3&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=aaa9bc8a-2c22-4916-b072-f947d93e441f&tw_document_href=https%3A%2F%2Fget.steamrefund.com%2F%3Fagency%3Dagencybell%26utm_source%3Dfacebook%26campaignid%3D23852746490130234%26campaignname%3D%25282023-02-12%2529%2BST%2BMAS%253A%2BSteam%2BRefund%2B-%2BStage%2B1%2BTest%2B%2528Prospecting%2B-%2BValve%2BGames%2529%26adgroupid%3D23852768834250234%26adgroupname%3DAS%2B52%2Babc%2B-%2BValve%2B%2528Software%2529%2B%257C%2B18%252B%2BM%252FF%2B%257C%2BSigned%2BRetainer%26creativeid%3D23852768834030234%26creativename%3D0019%2Bc%26placement%3Dan%26network%3Dan&tw_iframe_status=0&txn_id=odb55&type=javascript&version=2.3.29
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/?agency=agencybell&utm_source=facebook&campaignid=23852746490130234&campaignname=%282023-02-12%29+ST+MAS%3A+Steam+Refund+-+Stage+1+Test+%28Prospecting+-+Valve+Games%29&adgroupid=23852768834250234&adgroupname=AS+52+abc+-+Valve+%28Software%29+%7C+18%2B+M%2FF+%7C+Signed+Retainer&creativeid=23852768834030234&creativename=0019+c&placement=an&network=an
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-response-time
116
date
Mon, 31 Jul 2023 22:42:34 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
36b45d8d71b3d19a
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
1e85c6d5a23036a5ce47e2755af00862d1cbbc55be330830028cff1ae5a91861
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=10bf6808-78ca-4d0d-83b4-1a366243b2e3&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=aaa9bc8a-2c22-4916-b072-f947d93e441f&tw_document_href=https%3A%2F%2Fget.steamrefund.com%2F%3Fagency%3Dagencybell%26utm_source%3Dfacebook%26campaignid%3D23852746490130234%26campaignname%3D%25282023-02-12%2529%2BST%2BMAS%253A%2BSteam%2BRefund%2B-%2BStage%2B1%2BTest%2B%2528Prospecting%2B-%2BValve%2BGames%2529%26adgroupid%3D23852768834250234%26adgroupname%3DAS%2B52%2Babc%2B-%2BValve%2B%2528Software%2529%2B%257C%2B18%252B%2BM%252FF%2B%257C%2BSigned%2BRetainer%26creativeid%3D23852768834030234%26creativename%3D0019%2Bc%26placement%3Dan%26network%3Dan&tw_iframe_status=0&txn_id=odb55&type=javascript&version=2.3.29
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/?agency=agencybell&utm_source=facebook&campaignid=23852746490130234&campaignname=%282023-02-12%29+ST+MAS%3A+Steam+Refund+-+Stage+1+Test+%28Prospecting+-+Valve+Games%29&adgroupid=23852768834250234&adgroupname=AS+52+abc+-+Valve+%28Software%29+%7C+18%2B+M%2FF+%7C+Signed+Retainer&creativeid=23852768834030234&creativename=0019+c&placement=an&network=an
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-response-time
109
date
Mon, 31 Jul 2023 22:42:34 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
e8509082743713f3
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
0c69c7226660f72e4b5e2b1ab413553a6fd4541bf57a714ad6ab9786b2dbd3b0
content-length
43
json
trc.taboola.com/1515208/trc/3/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1515208/trc/3/json?tim=1690843355288&data=%7B%22id%22%3A640%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1690843355283%2C%22cv%22%3A%2220230730-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fget.steamrefund.com%2F%3Fagency%3Dagencybell%26utm_source%3Dfacebook%26campaignid%3D23852746490130234%26campaignname%3D%25282023-02-12%2529%2BST%2BMAS%253A%2BSteam%2BRefund%2B-%2BStage%2B1%2BTest%2B%2528Prospecting%2B-%2BValve%2BGames%2529%26adgroupid%3D23852768834250234%26adgroupname%3DAS%2B52%2Babc%2B-%2BValve%2B%2528Software%2529%2B%257C%2B18%252B%2BM%252FF%2B%257C%2BSigned%2BRetainer%26creativeid%3D23852768834030234%26creativename%3D0019%2Bc%26placement%3Dan%26network%3Dan%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fagency%3Dagencybell%26utm_source%3Dfacebook%26campaignid%3D23852746490130234%26campaignname%3D%25282023-02-12%2529%2BST%2BMAS%253A%2BSteam%2BRefund%2B-%2BStage%2B1%2BTest%2B%2528Prospecting%2B-%2BValve%2BGames%2529%26adgroupid%3D23852768834250234%26adgroupname%3DAS%2B52%2Babc%2B-%2BValve%2B%2528Software%2529%2B%257C%2B18%252B%2BM%252FF%2B%257C%2BSigned%2BRetainer%26creativeid%3D23852768834030234%26creativename%3D0019%2Bc%26placement%3Dan%26network%3Dan%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-jordanagencybellcom%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1690843355287%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fget.steamrefund.com%2F%3Fagency%3Dagencybell%26utm_source%3Dfacebook%26campaignid%3D23852746490130234%26campaignname%3D%25282023-02-12%2529%2BST%2BMAS%253A%2BSteam%2BRefund%2B-%2BStage%2B1%2BTest%2B%2528Prospecting%2B-%2BValve%2BGames%2529%26adgroupid%3D23852768834250234%26adgroupname%3DAS%2B52%2Babc%2B-%2BValve%2B%2528Software%2529%2B%257C%2B18%252B%2BM%252FF%2B%257C%2BSigned%2BRetainer%26creativeid%3D23852768834030234%26creativename%3D0019%2Bc%26placement%3Dan%26network%3Dan%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1515208/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
619f4e1b5ab785eba98503e62df8827907f557479953e63e0e4d01eae88de843

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-vcl-time-ms
25
date
Mon, 31 Jul 2023 22:42:35 GMT
content-encoding
gzip
via
1.1 varnish
x-fastly-to-nlb-rtt
13102
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-muc13951-MUC
server
nginx
x-timer
S1690843355.320370,VS0,VE25
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/6FGPXF7JBVHSVDCJIPGVKW/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
785 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/exp/index.js
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/?agency=agencybell&utm_source=facebook&campaignid=23852746490130234&campaignname=%282023-02-12%29+ST+MAS%3A+Steam+Refund+-+Stage+1+Test+%28Prospecting+-+Valve+Games%29&adgroupid=23852768834250234&adgroupname=AS+52+abc+-+Valve+%28Software%29+%7C+18%2B+M%2FF+%7C+Signed+Retainer&creativeid=23852768834030234&creativename=0019+c&placement=an&network=an
Protocol
HTTP/1.1
Server
2600:9000:225e:7200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

X-Amz-Version-Id
KLTaAvzmAP.1_rS.URSLlTS3u46mZQHP
Date
Mon, 31 Jul 2023 18:16:16 GMT
Via
1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
Age
15982
X-Amz-Cf-Pop
FRA60-P4
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
28
Last-Modified
Tue, 21 Mar 2023 16:39:30 GMT
Server
AmazonS3
Etag
"5816cced8568d223aa09d889f300692b"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
-xS0AkgluyFX1Z4x2dOF_u2Gz8QtLZA8H7e5Ixwxa6ojEAK7cmIxIw==

Redirect headers

Date
Mon, 31 Jul 2023 14:43:38 GMT
Via
1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
Age
28736
X-Amz-Cf-Pop
FRA60-P4
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Server
AmazonS3
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
QM0Xl8pt2JgOTx4thABfxqwQVicNVLetdovhLSCUEBUxF36J8w4kww==
data
gtm.steamrefund.com/ 		68 B
430 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gtm.steamrefund.com/data?v=2&event_name=page_view
Requested by
Host: cdn.stape.io
URL: https://cdn.stape.io/dtag/v5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.198.8.50 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.8.198.104.bc.googleusercontent.com
Software
/
Resource Hash
afab200ac22923fd81ce74e44dc416d4a6fefa83e4618eb427a0b4fbdade2b46

Request headers

Referer
https://get.steamrefund.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 31 Jul 2023 22:42:35 GMT
access-control-max-age
600
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
https://get.steamrefund.com
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
access-control-allow-headers
content-type,set-cookie,x-robots-tag,x-gtm-server-preview,x-stape-preview
content-length
68
851791816024757
connect.facebook.net/signals/config/ 		300 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/851791816024757?v=2.9.120&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
02ebc1a3573931881b8039f3d1c00da9b01d8a511a9c5ec4c5aa372dfad2e66e
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 31 Jul 2023 22:42:35 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
+KcVnWe0m90FgJLLkRkE+7WsLeOP/yyt+1vBJsZSyrOq8/fgvZ49AdFZQz4/bA/R/7o27lg+H3ifEYfZG1ZF5g==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
a1860529-0aae-45cb-a054-1bba5385bf0a.js
tr.snapchat.com/config/com/ 		167 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/config/com/a1860529-0aae-45cb-a054-1bba5385bf0a.js
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
4f106c8a33d40c6ebb65982bb7c3eff81e54486a5aa43a3f22da73f05eecda7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://get.steamrefund.com/
Origin
https://get.steamrefund.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 22:42:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 google
server
API Gateway
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://get.steamrefund.com
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
i
tr.snapchat.com/cm/ Frame 54A3 		0
201 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=a1860529-0aae-45cb-a054-1bba5385bf0a&u_scsid=d36b4442-45b3-4ea1-8e22-c220f1c9c7ee&u_sclid=3c5bd3cf-27a9-421d-b1de-c6951ae4ab1d
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://get.steamrefund.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 31 Jul 2023 22:42:35 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google
x-envoy-upstream-service-time
0
/
www.google.com/pagead/1p-user-list/11050824091/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/11050824091/?random=1690843355113&cv=11&fst=1690840800000&bg=ffffff&guid=ON&async=1&gtm=45He37q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fget.steamrefund.com%2F%3Fagency%3Dagencybell%26utm_source%3Dfacebook%26campaignid%3D23852746490130234%26campaignname%3D%25282023-02-12%2529%2BST%2BMAS%253A%2BSteam%2BRefund%2B-%2BStage%2B1%2BTest%2B%2528Prospecting%2B-%2BValve%2BGames%2529%26adgroupid%3D23852768834250234%26adgroupname%3DAS%2B52%2Babc%2B-%2BValve%2B%2528Software%2529%2B%257C%2B18%252B%2BM%252FF%2B%257C%2BSigned%2BRetainer%26creativeid%3D23852768834030234%26creativename%3D0019%2Bc%26placement%3Dan%26network%3Dan&frm=0&tiba=Steam%20Gamers%3A%20Possible%20Refund&fmt=3&is_vtc=1&random=834160906&rmt_tld=0&ipr=y
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/?agency=agencybell&utm_source=facebook&campaignid=23852746490130234&campaignname=%282023-02-12%29+ST+MAS%3A+Steam+Refund+-+Stage+1+Test+%28Prospecting+-+Valve+Games%29&adgroupid=23852768834250234&adgroupname=AS+52+abc+-+Valve+%28Software%29+%7C+18%2B+M%2FF+%7C+Signed+Retainer&creativeid=23852768834030234&creativename=0019+c&placement=an&network=an
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 22:42:35 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/11050824091/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/11050824091/?random=1690843355113&cv=11&fst=1690840800000&bg=ffffff&guid=ON&async=1&gtm=45He37q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fget.steamrefund.com%2F%3Fagency%3Dagencybell%26utm_source%3Dfacebook%26campaignid%3D23852746490130234%26campaignname%3D%25282023-02-12%2529%2BST%2BMAS%253A%2BSteam%2BRefund%2B-%2BStage%2B1%2BTest%2B%2528Prospecting%2B-%2BValve%2BGames%2529%26adgroupid%3D23852768834250234%26adgroupname%3DAS%2B52%2Babc%2B-%2BValve%2B%2528Software%2529%2B%257C%2B18%252B%2BM%252FF%2B%257C%2BSigned%2BRetainer%26creativeid%3D23852768834030234%26creativename%3D0019%2Bc%26placement%3Dan%26network%3Dan&frm=0&tiba=Steam%20Gamers%3A%20Possible%20Refund&fmt=3&is_vtc=1&random=834160906&rmt_tld=1&ipr=y
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/?agency=agencybell&utm_source=facebook&campaignid=23852746490130234&campaignname=%282023-02-12%29+ST+MAS%3A+Steam+Refund+-+Stage+1+Test+%28Prospecting+-+Valve+Games%29&adgroupid=23852768834250234&adgroupname=AS+52+abc+-+Valve+%28Software%29+%7C+18%2B+M%2FF+%7C+Signed+Retainer&creativeid=23852768834030234&creativename=0019+c&placement=an&network=an
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 22:42:35 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2
fonts.ub-assets.com/fonts/s/montserrat/v25/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Montserrat:600%7CPT+Serif:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-47.ams1.r.cloudfront.net
Software
/
Resource Hash
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Montserrat:600%7CPT+Serif:regular
Origin
https://get.steamrefund.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sun, 04 Jun 2023 13:16:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
12700
via
1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
age
4958759
x-amzn-requestid
2eef2318-ea9d-4760-909b-6c6163baa916
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
F_s8OFfQIAMFn6A=
content-length
12723
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:56:02 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-647c8eb4-5e70b54d5b9748b74dab6b9d
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
Dl2pF_zMPax5dGiDXioa72s_A4SDvm1WeZ25H6oNCAdga5bFBl88bg==
EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.ub-assets.com/fonts/s/ptserif/v18/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFWzr8.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Montserrat:600%7CPT+Serif:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-47.ams1.r.cloudfront.net
Software
/
Resource Hash
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Montserrat:600%7CPT+Serif:regular
Origin
https://get.steamrefund.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sun, 04 Jun 2023 13:44:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
33116
via
1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
age
4957087
x-amzn-requestid
77a77aaa-02d6-4b87-aaf9-581a96347318
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
F_xBdH9voAMFYbQ=
content-length
33149
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:52:25 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-647c953c-5471b9a77e08219b19174ca6
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
Sk3AGbeXIDawWp72hx9sjqHmpt655Cc4-bcI_JFVbCrMv8mY9KrKzA==
6FGPXF7JBVHSVDCJIPGVKW
d.adroll.com/consent/check/ 		464 B
557 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/6FGPXF7JBVHSVDCJIPGVKW?pv=44837554736.30706&arrfrr=https%3A%2F%2Fget.steamrefund.com%2F%3Fagency%3Dagencybell%26utm_source%3Dfacebook%26campaignid%3D23852746490130234%26campaignname%3D%25282023-02-12%2529%2BST%2BMAS%253A%2BSteam%2BRefund%2B-%2BStage%2B1%2BTest%2B%2528Prospecting%2B-%2BValve%2BGames%2529%26adgroupid%3D23852768834250234%26adgroupname%3DAS%2B52%2Babc%2B-%2BValve%2B%2528Software%2529%2B%257C%2B18%252B%2BM%252FF%2B%257C%2BSigned%2BRetainer%26creativeid%3DNR_REDACT%26creativename%3D0019%2Bc%26placement%3Dan%26network%3Dan&_s=c6e3bc0714a94a751561b17d8e5dd3d3&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/6FGPXF7JBVHSVDCJIPGVKW/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe05:1324:48bf:9255:4886 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
04d1af88845fb011bd20760cf1a42ff9bc768f142e6f9edb4d28f369b1fab732

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 22:42:35 GMT
server
nginx/1.22.1
content-length
464
content-type
application/javascript
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=851791816024757&ev=PageView&dl=https%3A%2F%2Fget.steamrefund.com%2F%3Fagency%3Dagencybell%26utm_source%3Dfacebook%26campaignid%3D23852746490130234%26campaignname%3D%25282023-02-12%2529%2BST%2BMAS%253A%2BSteam%2BRefund%2B-%2BStage%2B1%2BTest%2B%2528Prospecting%2B-%2BValve%2BGames%2529%26adgroupid%3D23852768834250234%26adgroupname%3DAS%2B52%2Babc%2B-%2BValve%2B%2528Software%2529%2B%257C%2B18%252B%2BM%252FF%2B%257C%2BSigned%2BRetainer%26creativeid%3D23852768834030234%26creativename%3D0019%2Bc%26placement%3Dan%26network%3Dan&rl=&if=false&ts=1690843355424&sw=1600&sh=1200&v=2.9.120&r=stable&ec=0&o=30&fbp=fb.1.1690843355422.186097610&it=1690843355330&coo=false&eid=pageview_1690843355120.842523.1&exp=a3&rqm=GET
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/?agency=agencybell&utm_source=facebook&campaignid=23852746490130234&campaignname=%282023-02-12%29+ST+MAS%3A+Steam+Refund+-+Stage+1+Test+%28Prospecting+-+Valve+Games%29&adgroupid=23852768834250234&adgroupname=AS+52+abc+-+Valve+%28Software%29+%7C+18%2B+M%2FF+%7C+Signed+Retainer&creativeid=23852768834030234&creativename=0019+c&placement=an&network=an
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 31 Jul 2023 22:42:35 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
www.google-analytics.com/j/ 		1 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1780554843&t=pageview&_s=1&dl=https%3A%2F%2Fget.steamrefund.com%2F%3Fagency%3Dagencybell%26utm_source%3Dfacebook%26campaignid%3D23852746490130234%26campaignname%3D%25282023-02-12%2529%2BST%2BMAS%253A%2BSteam%2BRefund%2B-%2BStage%2B1%2BTest%2B%2528Prospecting%2B-%2BValve%2BGames%2529%26adgroupid%3D23852768834250234%26adgroupname%3DAS%2B52%2Babc%2B-%2BValve%2B%2528Software%2529%2B%257C%2B18%252B%2BM%252FF%2B%257C%2BSigned%2BRetainer%26creativeid%3D23852768834030234%26creativename%3D0019%2Bc%26placement%3Dan%26network%3Dan&ul=en-us&de=UTF-8&dt=Steam%20Gamers%3A%20Possible%20Refund&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=2036018843&gjid=730877917&cid=1378764228.1690843355&tid=UA-252624536-1&_gid=914278221.1690843355&_r=1&gtm=457e37q0&jsscut=1&z=726580446
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://get.steamrefund.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 22:42:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://get.steamrefund.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1780554843&t=pageview&_s=2&dl=https%3A%2F%2Fget.steamrefund.com%2F%3Fagency%3Dagencybell%26utm_source%3Dfacebook%26campaignid%3D23852746490130234%26campaignname%3D%25282023-02-12%2529%2BST%2BMAS%253A%2BSteam%2BRefund%2B-%2BStage%2B1%2BTest%2B%2528Prospecting%2B-%2BValve%2BGames%2529%26adgroupid%3D23852768834250234%26adgroupname%3DAS%2B52%2Babc%2B-%2BValve%2B%2528Software%2529%2B%257C%2B18%252B%2BM%252FF%2B%257C%2BSigned%2BRetainer%26creativeid%3D23852768834030234%26creativename%3D0019%2Bc%26placement%3Dan%26network%3Dan&ul=en-us&de=UTF-8&dt=Steam%20Gamers%3A%20Possible%20Refund&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=&gjid=&cid=1378764228.1690843355&tid=UA-252624536-1&_gid=914278221.1690843355&gtm=457e37q0&jsscut=1&z=136712
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/?agency=agencybell&utm_source=facebook&campaignid=23852746490130234&campaignname=%282023-02-12%29+ST+MAS%3A+Steam+Refund+-+Stage+1+Test+%28Prospecting+-+Valve+Games%29&adgroupid=23852768834250234&adgroupname=AS+52+abc+-+Valve+%28Software%29+%7C+18%2B+M%2FF+%7C+Signed+Retainer&creativeid=23852768834030234&creativename=0019+c&placement=an&network=an
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jul 2023 22:47:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
86097
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
main.MTJmOGM0MDk1MA.js
analytics.tiktok.com/i18n/pixel/static/ 		337 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTJmOGM0MDk1MA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CEIHHGRC77UD28TRBJC0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-185.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8b435d8b0ae81cfebe5fc191b96cac18d8b936aa91e141d9493051babd21ff89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-akamai-request-id
1eb60ded
date
Mon, 31 Jul 2023 22:42:35 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202307271440137687A3BA08B2DC64F152
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a104-126-37-181.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
019dc8d96e05a6ff2f8fc2ed35940503ccdb064271b3481993338156aa4b342e45889c92b89929274836300d8d75ece3bd73dff3e3f54bbb81f2caeaf61b8a6a6b4eaee84620d9f41279ad32d2c8936de12b99e337078272ba4042436325cef38c066ee04223f6a51436193c632290aec4
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
content-length
93361
identify_185ec.js
analytics.tiktok.com/i18n/pixel/static/ 		114 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_185ec.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJmOGM0MDk1MA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-185.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-akamai-request-id
1eb60f53
date
Mon, 31 Jul 2023 22:42:35 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202307271440137687A3BA08B2DC64F176
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a104-126-37-181.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
019dc8d96e05a6ff2f8fc2ed35940503ccdb064271b3481993338156aa4b342e45889c92b89929274836300d8d75ece3bd73dff3e3f54bbb81f2caeaf61b8a6a6bcaf4a91fb571ea8b45823ce15c0d2396cc309e94cc567d0dfde6bce86ad3c0b6f3e1f0b548627d45c48aa7e7fe422622
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length
30766
pixel
analytics.tiktok.com/api/v2/ 		0
695 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJmOGM0MDk1MA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-185.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://get.steamrefund.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
4943ee82.1eb610d8
date
Mon, 31 Jul 2023 22:42:35 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-126-37-181.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-)
x-parent-response-time
130,104.126.37.181
server-timing
cdn-cache; desc=MISS, edge; dur=96, origin; dur=43, inner; dur=41
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20230731224235F306A26DE5761422F138
x-cache-remote
TCP_MISS from a23-217-116-143.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-)
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
44,23.217.116.143
x-tt-trace-host
01588f606d41f8f3694862e810e21a29afa789fb9d8cd08d1f8edbd8cfc298efa2c2973de7160d0c2d19a4b3a176fc403b314f12a2df848b822a53ef65844d9dae735e57a85f58895e724c8f1bc94d06353dde39cecc71fd0893d80b6d6a031aab7b51c2257d721405c50af75e2d8e6694
expires
Mon, 31 Jul 2023 22:42:35 GMT
p
tr.snapchat.com/ 		68 B
347 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://get.steamrefund.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 31 Jul 2023 22:42:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
content-type
text/html
access-control-allow-origin
https://get.steamrefund.com
cache-control
no-cache, no-transform
x-envoy-upstream-service-time
7
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
hm
tr.snapchat.com/ 		68 B
88 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/hm
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://get.steamrefund.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 31 Jul 2023 22:42:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
content-type
application/json
access-control-allow-origin
https://get.steamrefund.com
cache-control
no-cache, no-transform
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
hm
tr.snapchat.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/hm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://get.steamrefund.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,x-grpc-web,X-Snap-Route-Tag,x-cof-user-agent,x-snap-client-user-agent,bitmoji-token,X-Snap-Access-Token
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin
https://get.steamrefund.com
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 31 Jul 2023 22:42:35 GMT
server
API Gateway
via
1.1 google
consent_tcfv2.js
s.adroll.com/j/ 		418 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/consent_tcfv2.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/6FGPXF7JBVHSVDCJIPGVKW/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:7200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
47e5ff66931402cb5755d7eed98a6d23ee556a7f8e9c1dd340d351c27f669a0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

X-Amz-Version-Id
wD7IUQmRA9PUuld8lU58FBeuMlOqC6p6
Content-Encoding
gzip
Via
1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
Date
Mon, 31 Jul 2023 22:42:35 GMT
Age
37
X-Amz-Cf-Pop
FRA60-P4
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 05 Jul 2023 21:39:27 GMT
Server
AmazonS3
Etag
W/"3306a47faf7223d93fb356e8a73d1942"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=300, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Max-Age
600
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
_ZNLYhbdzVmBPyekJx2GfYrKkkhz9dYuldoIQpB9t9WOTvglJTwQZw==
nextroll-32x32.png
s.adroll.com/i/favicon/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.adroll.com/i/favicon/nextroll-32x32.png
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/?agency=agencybell&utm_source=facebook&campaignid=23852746490130234&campaignname=%282023-02-12%29+ST+MAS%3A+Steam+Refund+-+Stage+1+Test+%28Prospecting+-+Valve+Games%29&adgroupid=23852768834250234&adgroupname=AS+52+abc+-+Valve+%28Software%29+%7C+18%2B+M%2FF+%7C+Signed+Retainer&creativeid=23852768834030234&creativename=0019+c&placement=an&network=an
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:7200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

X-Amz-Version-Id
eTpwxbAIDHDUN.4tfrROIgU_pzKN9Xh0
Date
Mon, 31 Jul 2023 17:27:02 GMT
Via
1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
Age
19004
X-Amz-Cf-Pop
FRA60-P4
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
1615
Last-Modified
Mon, 28 Jun 2021 18:19:21 GMT
Server
AmazonS3
Etag
"403a0a7dcf2d617e7ea852bfb9d11945"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
lS4WNzsnBfuXhUmiC0jbPnmKxnJgbdXtQ7ayY9g4neJ2tIMEXq373A==
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=851791816024757&ev=Microdata&dl=https%3A%2F%2Fget.steamrefund.com%2F%3Fagency%3Dagencybell%26utm_source%3Dfacebook%26campaignid%3D23852746490130234%26campaignname%3D%25282023-02-12%2529%2BST%2BMAS%253A%2BSteam%2BRefund%2B-%2BStage%2B1%2BTest%2B%2528Prospecting%2B-%2BValve%2BGames%2529%26adgroupid%3D23852768834250234%26adgroupname%3DAS%2B52%2Babc%2B-%2BValve%2B%2528Software%2529%2B%257C%2B18%252B%2BM%252FF%2B%257C%2BSigned%2BRetainer%26creativeid%3D23852768834030234%26creativename%3D0019%2Bc%26placement%3Dan%26network%3Dan&rl=&if=false&ts=1690843355926&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Steam%20Gamers%3A%20Possible%20Refund%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Steam%20Gamers%3A%20Possible%20Refund%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.120&r=stable&ec=1&o=30&fbp=fb.1.1690843355422.186097610&it=1690843355330&coo=false&es=automatic&tm=3&exp=a3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 31 Jul 2023 22:42:35 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
unip
trc-events.taboola.com/1515208/log/3/ 		0
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1515208/log/3/unip?en=pre_d_eng_tb&tos=1554&scd=0&ssd=1&est=1690843355285&ver=36&isls=true&src=i&invt=1500&msa=684&rv=1&tim=1690843356839&vi=1690843355283&ri=b9705cbbf26ebe98c228a9acfaa2598f&ref=null&cv=20230730-6-RELEASE&item-url=https%3A%2F%2Fget.steamrefund.com%2F%3Fagency%3Dagencybell%26utm_source%3Dfacebook%26campaignid%3D23852746490130234%26campaignname%3D%25282023-02-12%2529%2BST%2BMAS%253A%2BSteam%2BRefund%2B-%2BStage%2B1%2BTest%2B%2528Prospecting%2B-%2BValve%2BGames%2529%26adgroupid%3D23852768834250234%26adgroupname%3DAS%2B52%2Babc%2B-%2BValve%2B%2528Software%2529%2B%257C%2B18%252B%2BM%252FF%2B%257C%2BSigned%2BRetainer%26creativeid%3D23852768834030234%26creativename%3D0019%2Bc%26placement%3Dan%26network%3Dan&ler=other
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1515208/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin
https://get.steamrefund.com
pragma
no-cache
date
Mon, 31 Jul 2023 22:42:37 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1515208/log/3/ 		0
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1515208/log/3/unip?en=pre_d_eng_tb&tos=4556&scd=0&ssd=1&est=1690843355285&ver=36&isls=true&src=i&invt=3000&msa=684&rv=1&tim=1690843359842&vi=1690843355283&ri=b9705cbbf26ebe98c228a9acfaa2598f&ref=null&cv=20230730-6-RELEASE&item-url=https%3A%2F%2Fget.steamrefund.com%2F%3Fagency%3Dagencybell%26utm_source%3Dfacebook%26campaignid%3D23852746490130234%26campaignname%3D%25282023-02-12%2529%2BST%2BMAS%253A%2BSteam%2BRefund%2B-%2BStage%2B1%2BTest%2B%2528Prospecting%2B-%2BValve%2BGames%2529%26adgroupid%3D23852768834250234%26adgroupname%3DAS%2B52%2Babc%2B-%2BValve%2B%2528Software%2529%2B%257C%2B18%252B%2BM%252FF%2B%257C%2BSigned%2BRetainer%26creativeid%3D23852768834030234%26creativename%3D0019%2Bc%26placement%3Dan%26network%3Dan&ler=other
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1515208/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin
https://get.steamrefund.com
pragma
no-cache
date
Mon, 31 Jul 2023 22:42:39 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| ub object| dataLayer object| UnbounceSnowplowNamespace function| ubSnowplow function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ function| ownKeys function| _objectSpread function| _defineProperty function| _typeof object| Snowplow object| google_tag_manager object| google_tag_data object| GooglebQhCsO function| rdt object| __tfa_pixel_init object| _tfa string| _randomPageId string| TiktokAnalyticsObject object| ttq function| snaptr object| r function| twq function| obApi string| adroll_adv_id string| adroll_pix_id string| adroll_version boolean| __adroll_loaded object| adroll function| fbq function| _fbq function| gtag function| onYouTubeIframeAPIReady object| gaGlobal string| GoogleAnalyticsObject function| ga object| configArgs number| pixelRatio number| width number| height object| screenSize object| labels function| apiObj object| regeneratorRuntime object| twttr function| parseResponse function| dataTagSendData function| dataTagGetData function| dataTagMD5 function| dataTag256 function| jsSHA object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError function| __adroll__ string| adroll_sid object| __adroll function| __cmp function| __tcfapi function| __gpp boolean| adroll_sendrolling_cross_device object| adroll_form_fields object| adroll_third_party_forms function| adroll_tpc_callback object| dataTagData object| _scPxHelper object| __adroll_consent_data object| adroll_exp_list object| gaplugins object| gaData object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country object| $jscomp string| BANNER_VERSION string| TCF_VERSION string| IABWRITE_NO_COOKIE object| __adroll_consent_banner boolean| __adroll_consent_prev_lastchild

26 Cookies

Domain/Path Name / Value
sc-static.net/scevent.min.js Name: X-AB
Value: 0d6e407936704bd380072f5891d28b0e
get.steamrefund.com/ Name: ubvs
Value: 270185e1-a5f8-44b1-b352-0a6f2120f2c9
.steamrefund.com/ Name: ubvt
Value: v2%7C270185e1-a5f8-44b1-b352-0a6f2120f2c9%7Cd526434c-0dc6-4d14-b154-0300c8623898%3Af%3Adta
get.steamrefund.com/ Name: ubpv
Value: f%2Cd526434c-0dc6-4d14-b154-0300c8623898
.steamrefund.com/ Name: _gcl_au
Value: 1.1.2015553018.1690843355
.steamrefund.com/ Name: cf_clearance
Value: x_zgp_KPgOMB7AnNKQi7jsDbz65Q.ZuHKuapOWOVAsg-1690843355-0-1-f1b2765a.55f10ab.a6b329ba-0.2.1690843355
.steamrefund.com/ Name: _ga_P48CLNLYJE
Value: GS1.1.1690843355.1.0.1690843355.0.0.0
.steamrefund.com/ Name: _rdt_uuid
Value: 1690843355270.ada83ec8-588e-4445-9ebc-0fad9e8ae04f
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.steamrefund.com/ Name: _scid
Value: 8c961ce2-32d2-46b0-a847-9c5fc7acde7e
.steamrefund.com/ Name: _scid_r
Value: 8c961ce2-32d2-46b0-a847-9c5fc7acde7e
.steamrefund.com/ Name: _fbp
Value: fb.1.1690843355422.186097610
.steamrefund.com/ Name: _ga
Value: GA1.2.1378764228.1690843355
.steamrefund.com/ Name: _gid
Value: GA1.2.914278221.1690843355
.steamrefund.com/ Name: _gat_gtag_UA_252624536_1
Value: 1
.tiktok.com/ Name: _ttp
Value: 2TMC2U7N4GKjYgEXVhKAylVOpe4
.steamrefund.com/ Name: _tt_enable_cookie
Value: 1
.steamrefund.com/ Name: _ttp
Value: 0Mxk8SGKq_z9rChx2U5ZCo17W8z
.twitter.com/ Name: guest_id_marketing
Value: v1%3A169084335546385171
.twitter.com/ Name: guest_id_ads
Value: v1%3A169084335546385171
.twitter.com/ Name: personalization_id
Value: "v1_3bdZcaFVGW4KQ1OTuKxGWw=="
.twitter.com/ Name: guest_id
Value: v1%3A169084335546385171
.t.co/ Name: muc_ads
Value: 726dcbb2-0052-4498-b12b-87d83beee8a1
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAA3JyREAIAgEsIqY8VhUylkVqqB4zTexQfUJYQQFPigEr8xtjGPtFzLrsLLQu2qWBxB7IvkyAAAA
get.steamrefund.com/ Name: outbrain_cid_fetch
Value: true
.steamrefund.com/ Name: _dcid
Value: dcid.1.1690843355794.888307923

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alb.reddit.com
amplify.outbrain.com
analytics.tiktok.com
analytics.twitter.com
builder-assets.unbounce.com
cdn.stape.io
cdn.taboola.com
connect.facebook.net
d.adroll.com
d1wbjksx0xxdn3.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
events.ub-analytics.com
fonts.ub-assets.com
get.steamrefund.com
googleads.g.doubleclick.net
gtm.steamrefund.com
region1.google-analytics.com
s.adroll.com
sc-static.net
static.ads-twitter.com
t.co
tr.outbrain.com
tr.snapchat.com
trc-events.taboola.com
trc.taboola.com
wave.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.redditstatic.com
104.126.37.185
104.198.8.50
104.244.42.133
104.244.42.3
13.224.189.63
141.226.228.48
146.75.116.157
151.101.193.140
151.101.65.44
2001:4860:4802:34::178
2001:4860:4802:34::36
23.32.185.60
2600:9000:2104:0:b:3165:13c0:21
2600:9000:225e:7200:6:9280:1080:93a1
2606:4700:20::ac43:4a40
2606:4700::6812:30
2a00:1450:4001:806::2004
2a00:1450:4001:811::2008
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42::396
2a05:d018:cc3:fe05:1324:48bf:9255:4886
34.192.61.144
35.190.43.134
52.222.137.70
54.192.87.248
65.9.86.47
70.42.32.159
02ebc1a3573931881b8039f3d1c00da9b01d8a511a9c5ec4c5aa372dfad2e66e
04d1af88845fb011bd20760cf1a42ff9bc768f142e6f9edb4d28f369b1fab732
096f7954e8e41553e39e3f290efc4a79553cb926cc4fa362e126c7204fc9130d
0afb6faff44a842fe76a446a279686f8e6a9fceae1549a22468033c653860225
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1db9fa3311efea14186f26682f969a8687f9a04b4f6540cf0d424ba2193f94dd
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
3537c6a36fae2d2132581b7915d51e1ed268ae146f5df18a84def7ed594fbe15
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
4206aea9d4731e3537b5a3e0d6b0bed82179891d0c6354ebb9cf80cc0d30cfef
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
456207cd45250c8ccb0fd84d653b7c64394e912f99a310da5422768b0504e711
47e5ff66931402cb5755d7eed98a6d23ee556a7f8e9c1dd340d351c27f669a0f
4e5a3a4b4858e1659fc13663ba9fc8bd7b5e7ee16a1be8e7f96f36890253db31
4f106c8a33d40c6ebb65982bb7c3eff81e54486a5aa43a3f22da73f05eecda7b
5836fd0454a66f98cc72445de9a15615492621c13002c2470e1a1cf0af1b7b59
5949cde2e457895671da9b112c4d9d582d997beaea8f1dc96625e77d21de2b47
5b3c70ac6c6912d933cd038b99d3f571c362f4efb49162332eec57d0f93e8afa
619f4e1b5ab785eba98503e62df8827907f557479953e63e0e4d01eae88de843
639a44504eb21a9ccefcb1b0a8db4717408b4ef8e7ff93611e948f4c3b49b460
6437cce713ff63bd708650a8ed269a6443223fc718ab070ff1d000231b7035c5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
731d3b616b4ce75ab36d3e7df072311a5db70d9698b9e1f467f9e6f9aa7ae8c3
75c13fbd9a8b4628af35b4405fcbd6658a31939cfd57f5ae6602cbd2c0d5d2be
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7db89be8c6619ccda15be79150972cc7c033d6b559943a11bacde4aa572000ed
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85a747734bc4cf88e192f853e80b6bd25a7976dcea76af998f41c88ed64f6b86
8912f270dff53f0103d8bf3d654d0ead4b3de4f28e968c489d004d88070f39eb
894a03b7c93fe755e5367e332b177af9e0a511bc702cd2a85c0400c2d74e614a
8b435d8b0ae81cfebe5fc191b96cac18d8b936aa91e141d9493051babd21ff89
90734058f9833d9278ec4e2e8afb1a017e502b20d37038b9584ca8e00fc9b46a
97da9553ce78d1a2a04f9bf2ede472522a9328bb7d4c820a2de807cec48fdc37
9895b2e17bbfefa556e9e107cc00713a6e808d2216e460e473525be529d0c9c3
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31
9b4b52527edefc359d82575987a26d65c3ff57d3204ceb283af92c5a5d33e7f1
9b5d9463af76d9a34c6da3a70c4d52bbab6ce07a8a875d5d3f9dba9eb35f48c1
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
afab200ac22923fd81ce74e44dc416d4a6fefa83e4618eb427a0b4fbdade2b46
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
bb21a5f2d2c39c399737283c8f24bb43100eb0823717ac8a9315405d61996d4b
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
bfb31ad287f7b31afae1f180a12bbb9c14ca4643cbc43b9c7f72618934c0ac9f
c99ff58c3dc4deb821c87dc9c45aed4af66541ceb1b0f62ec208114ffc37dbf4
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cababe098647cd4f80454377f78cece1d9c903a90938db4aa32d87fd34aaac61
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d7657eea272b62c540e89a651d3ce05555e18062e77e4734247e5458908d1773
da3e5ede2326c1fac68d3e867d4e2c51bdcb77e5928fe229d6bc8363a7e8b694
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0c11eef6f6ab1e486807d65ceb85f844c8692c2b1d41e8e7b5a7dbfc1d7e8a3
e1e5b21a92e417a421cec29ba2ccc6dd60eeca773aa145c4802657d8fed02a42
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f
eca21a75bee7163e8a914c037a887e31dfd7726c28f5f7cf39b937daab49cd97
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f8b5c1fd8cc69f1430d409277ce6ad1e171e4470acbc8bb7844d2f7edec4377f