statefile.pr-4280.getyourrefund-testing.org Open in urlscan Pro
54.209.91.188  Public Scan

8 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response statefile.pr-4280.getyourrefund-testing.org/	11 KB 13 KB	371ms 116ms	Document text/html	54.209.91.188 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://statefile.pr-4280.getyourrefund-testing.org/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.209.91.188 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-209-91-188.compute-1.amazonaws.com Software Cowboy / Resource Hash 92f3e6e51f5f34345e1d3cb1132c7d4a762a2a9105ec2f61256dd2fbc910a74a Security Headers Name Value Content-Security-Policy Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control max-age=0, private, must-revalidate Connection keep-alive Content-Length 11464 Content-Security-Policy Content-Type text/html; charset=utf-8 Date Wed, 28 Feb 2024 21:35:00 GMT Etag W/"92f3e6e51f5f34345e1d3cb1132c7d4a" Link </assets/application-bba9bd0312a62ff1f49ba0f5b2ec044957c534ed768041f7bca5c03cbe09b863.css>; rel=preload; as=style; nopush,</packs/css/application-5433f474.css>; rel=preload; as=style; nopush Nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} Referrer-Policy strict-origin-when-cross-origin Report-To {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1709156100&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=O%2BOO%2Brm%2B3Yntr37sD6x4wZZ7N5NzJG00s%2B8PYs1apbM%3D"}]} Reporting-Endpoints heroku-nel=https://nel.heroku.com/reports?ts=1709156100&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=O%2BOO%2Brm%2B3Yntr37sD6x4wZZ7N5NzJG00s%2B8PYs1apbM%3D Server Cowboy Strict-Transport-Security max-age=63072000; includeSubDomains Via 1.1 vegur X-Content-Type-Options nosniff X-Download-Options noopen X-Frame-Options SAMEORIGIN X-Permitted-Cross-Domain-Policies none X-Request-Id 3d66eea7-9a89-4aff-87e3-d9dbcff0ec74 X-Runtime 0.019004 X-Xss-Protection 0
GET H/1.1	200 OK	application-bba9bd0312a62ff1f49ba0f5b2ec044957c534ed768041f7bca5c03cbe09b863.css statefile.pr-4280.getyourrefund-testing.org/assets/	230 KB 44 KB	188ms 97ms	Stylesheet text/css	54.209.91.188 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://statefile.pr-4280.getyourrefund-testing.org/assets/application-bba9bd0312a62ff1f49ba0f5b2ec044957c534ed768041f7bca5c03cbe09b863.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.209.91.188 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-209-91-188.compute-1.amazonaws.com Software Cowboy / Resource Hash bf3a30cdef5afdbbfd57344a22cfa3af6552bf1b6e6e871fef6566ddb765bff9 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://statefile.pr-4280.getyourrefund-testing.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Wed, 28 Feb 2024 21:35:00 GMT Content-Encoding gzip Via 1.1 vegur Strict-Transport-Security max-age=63072000; includeSubDomains Nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} Server Cowboy Last-Modified Wed, 28 Feb 2024 21:28:42 GMT Vary accept-encoding Report-To {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1709156101&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=tRQXivVl85HPLhkLMLFK7FNp1mDxfMWO7dTJzdQ5LD4%3D"}]} Content-Type text/css Cache-Control public, max-age=31536000 Connection keep-alive Content-Length 44385 Reporting-Endpoints heroku-nel=https://nel.heroku.com/reports?ts=1709156101&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=tRQXivVl85HPLhkLMLFK7FNp1mDxfMWO7dTJzdQ5LD4%3D
GET H/1.1	200 OK	application-5433f474.css statefile.pr-4280.getyourrefund-testing.org/packs/css/	10 KB 3 KB	272ms 91ms	Stylesheet text/css	54.209.91.188 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://statefile.pr-4280.getyourrefund-testing.org/packs/css/application-5433f474.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.209.91.188 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-209-91-188.compute-1.amazonaws.com Software Cowboy / Resource Hash 1580331be0ce4c6908f21a3c3f816c61c8c92a8d2e12a6ccea033d4fee6d4eca Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://statefile.pr-4280.getyourrefund-testing.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Wed, 28 Feb 2024 21:35:00 GMT Content-Encoding br Via 1.1 vegur Strict-Transport-Security max-age=63072000; includeSubDomains Nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} Server Cowboy Last-Modified Wed, 28 Feb 2024 21:29:32 GMT Vary accept-encoding Report-To {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1709156101&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=tRQXivVl85HPLhkLMLFK7FNp1mDxfMWO7dTJzdQ5LD4%3D"}]} Content-Type text/css Cache-Control public, max-age=31536000 Connection keep-alive Content-Length 2347 Reporting-Endpoints heroku-nel=https://nel.heroku.com/reports?ts=1709156101&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=tRQXivVl85HPLhkLMLFK7FNp1mDxfMWO7dTJzdQ5LD4%3D
GET H2	200	css fonts.googleapis.com/	1 KB 886 B	59ms 16ms	Stylesheet text/css	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Public%20Sans Requested by Host: statefile.pr-4280.getyourrefund-testing.org URL: https://statefile.pr-4280.getyourrefund-testing.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 45edef9dfe9f0fdc0f993b7bceb4006e6ffb79e5d33144f3b5ba3bf5b295488d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://statefile.pr-4280.getyourrefund-testing.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 28 Feb 2024 21:35:01 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 28 Feb 2024 21:35:01 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 28 Feb 2024 21:35:01 GMT
GET H/1.1	200 OK	runtime-5d83b91d2172c6417e29.js Show response statefile.pr-4280.getyourrefund-testing.org/packs/js/	1 KB 2 KB	276ms 93ms	Script application/javascript	54.209.91.188 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://statefile.pr-4280.getyourrefund-testing.org/packs/js/runtime-5d83b91d2172c6417e29.js Requested by Host: statefile.pr-4280.getyourrefund-testing.org URL: https://statefile.pr-4280.getyourrefund-testing.org/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.209.91.188 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-209-91-188.compute-1.amazonaws.com Software Cowboy / Resource Hash b4bbca17dde30ca7c1ebeef9eacb9bc8705ca76f4089911a3c60500eb2e17224 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://statefile.pr-4280.getyourrefund-testing.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Wed, 28 Feb 2024 21:35:01 GMT Content-Encoding br Via 1.1 vegur Strict-Transport-Security max-age=63072000; includeSubDomains Nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} Server Cowboy Last-Modified Wed, 28 Feb 2024 21:29:32 GMT Vary accept-encoding Report-To {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1709156101&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=tRQXivVl85HPLhkLMLFK7FNp1mDxfMWO7dTJzdQ5LD4%3D"}]} Content-Type application/javascript Cache-Control public, max-age=31536000 Connection keep-alive Content-Length 728 Reporting-Endpoints heroku-nel=https://nel.heroku.com/reports?ts=1709156101&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=tRQXivVl85HPLhkLMLFK7FNp1mDxfMWO7dTJzdQ5LD4%3D
GET H/1.1	200 OK	822-19d83f4aa39adb18930f.js Show response statefile.pr-4280.getyourrefund-testing.org/packs/js/	451 KB 103 KB	92ms 92ms	Script application/javascript	54.209.91.188 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://statefile.pr-4280.getyourrefund-testing.org/packs/js/822-19d83f4aa39adb18930f.js Requested by Host: statefile.pr-4280.getyourrefund-testing.org URL: https://statefile.pr-4280.getyourrefund-testing.org/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.209.91.188 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-209-91-188.compute-1.amazonaws.com Software Cowboy / Resource Hash fdebb880bf08c8e7ff4ec28dae39abfbe2783294dc5464292571a807e64f0c59 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://statefile.pr-4280.getyourrefund-testing.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Wed, 28 Feb 2024 21:35:01 GMT Content-Encoding br Via 1.1 vegur Strict-Transport-Security max-age=63072000; includeSubDomains Nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} Server Cowboy Last-Modified Wed, 28 Feb 2024 21:29:32 GMT Vary accept-encoding Report-To {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1709156101&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=tRQXivVl85HPLhkLMLFK7FNp1mDxfMWO7dTJzdQ5LD4%3D"}]} Content-Type application/javascript Cache-Control public, max-age=31536000 Connection keep-alive Content-Length 104991 Reporting-Endpoints heroku-nel=https://nel.heroku.com/reports?ts=1709156101&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=tRQXivVl85HPLhkLMLFK7FNp1mDxfMWO7dTJzdQ5LD4%3D
GET H/1.1	200 OK	application-44203bdb06f1790929e7.js Show response statefile.pr-4280.getyourrefund-testing.org/packs/js/	53 KB 17 KB	97ms 97ms	Script application/javascript	54.209.91.188 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://statefile.pr-4280.getyourrefund-testing.org/packs/js/application-44203bdb06f1790929e7.js Requested by Host: statefile.pr-4280.getyourrefund-testing.org URL: https://statefile.pr-4280.getyourrefund-testing.org/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.209.91.188 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-209-91-188.compute-1.amazonaws.com Software Cowboy / Resource Hash 26a96dd65e1d66a55898cca0ad2c40c15fee63d2eaaeaa5511fe3d38b5ee5d2e Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://statefile.pr-4280.getyourrefund-testing.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Wed, 28 Feb 2024 21:35:00 GMT Content-Encoding br Via 1.1 vegur Strict-Transport-Security max-age=63072000; includeSubDomains Nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} Server Cowboy Last-Modified Wed, 28 Feb 2024 21:29:32 GMT Vary accept-encoding Report-To {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1709156101&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=tRQXivVl85HPLhkLMLFK7FNp1mDxfMWO7dTJzdQ5LD4%3D"}]} Content-Type application/javascript Cache-Control public, max-age=31536000 Connection keep-alive Content-Length 16134 Reporting-Endpoints heroku-nel=https://nel.heroku.com/reports?ts=1709156101&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=tRQXivVl85HPLhkLMLFK7FNp1mDxfMWO7dTJzdQ5LD4%3D
GET H/1.1	200 OK	state_file-8383c7086e31e82e4d39.js Show response statefile.pr-4280.getyourrefund-testing.org/packs/js/	10 KB 4 KB	95ms 95ms	Script application/javascript	54.209.91.188 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://statefile.pr-4280.getyourrefund-testing.org/packs/js/state_file-8383c7086e31e82e4d39.js Requested by Host: statefile.pr-4280.getyourrefund-testing.org URL: https://statefile.pr-4280.getyourrefund-testing.org/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.209.91.188 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-209-91-188.compute-1.amazonaws.com Software Cowboy / Resource Hash c58074567ebac3cbe5fd1d0bf643a99e80758b6edd7190c67f61b5fd2054f0a8 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://statefile.pr-4280.getyourrefund-testing.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Wed, 28 Feb 2024 21:35:00 GMT Content-Encoding br Via 1.1 vegur Strict-Transport-Security max-age=63072000; includeSubDomains Nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} Server Cowboy Last-Modified Wed, 28 Feb 2024 21:29:32 GMT Vary accept-encoding Report-To {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1709156101&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=tRQXivVl85HPLhkLMLFK7FNp1mDxfMWO7dTJzdQ5LD4%3D"}]} Content-Type application/javascript Cache-Control public, max-age=31536000 Connection keep-alive Content-Length 2830 Reporting-Endpoints heroku-nel=https://nel.heroku.com/reports?ts=1709156101&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=tRQXivVl85HPLhkLMLFK7FNp1mDxfMWO7dTJzdQ5LD4%3D
GET H/1.1	200 OK	fyst-logo-9f910d296e319359198007ff15593ea172e6f1640d2128dc9eabc6a0ac461f83.svg statefile.pr-4280.getyourrefund-testing.org/assets/	13 KB 14 KB	273ms 92ms	Image image/svg+xml	54.209.91.188 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://statefile.pr-4280.getyourrefund-testing.org/assets/fyst-logo-9f910d296e319359198007ff15593ea172e6f1640d2128dc9eabc6a0ac461f83.svg Requested by Host: statefile.pr-4280.getyourrefund-testing.org URL: https://statefile.pr-4280.getyourrefund-testing.org/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.209.91.188 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-209-91-188.compute-1.amazonaws.com Software Cowboy / Resource Hash 9f910d296e319359198007ff15593ea172e6f1640d2128dc9eabc6a0ac461f83 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://statefile.pr-4280.getyourrefund-testing.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Wed, 28 Feb 2024 21:35:00 GMT Strict-Transport-Security max-age=63072000; includeSubDomains Via 1.1 vegur Nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} Server Cowboy Last-Modified Wed, 28 Feb 2024 21:27:28 GMT Report-To {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1709156101&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=tRQXivVl85HPLhkLMLFK7FNp1mDxfMWO7dTJzdQ5LD4%3D"}]} Content-Type image/svg+xml Cache-Control public, max-age=31536000 Connection keep-alive Content-Length 13479 Reporting-Endpoints heroku-nel=https://nel.heroku.com/reports?ts=1709156101&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=tRQXivVl85HPLhkLMLFK7FNp1mDxfMWO7dTJzdQ5LD4%3D
GET H/1.1	200 OK	close-26922f18815a5e5e66c7f5f729c5f1eec082c64427b9e407c0b319caa9beb254.svg statefile.pr-4280.getyourrefund-testing.org/assets/icons/	2 KB 3 KB	275ms 93ms	Image image/svg+xml	54.209.91.188 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://statefile.pr-4280.getyourrefund-testing.org/assets/icons/close-26922f18815a5e5e66c7f5f729c5f1eec082c64427b9e407c0b319caa9beb254.svg Requested by Host: statefile.pr-4280.getyourrefund-testing.org URL: https://statefile.pr-4280.getyourrefund-testing.org/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.209.91.188 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-209-91-188.compute-1.amazonaws.com Software Cowboy / Resource Hash 26922f18815a5e5e66c7f5f729c5f1eec082c64427b9e407c0b319caa9beb254 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://statefile.pr-4280.getyourrefund-testing.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Wed, 28 Feb 2024 21:35:01 GMT Strict-Transport-Security max-age=63072000; includeSubDomains Via 1.1 vegur Nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} Server Cowboy Last-Modified Wed, 28 Feb 2024 21:27:28 GMT Report-To {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1709156101&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=tRQXivVl85HPLhkLMLFK7FNp1mDxfMWO7dTJzdQ5LD4%3D"}]} Content-Type image/svg+xml Cache-Control public, max-age=31536000 Connection keep-alive Content-Length 1806 Reporting-Endpoints heroku-nel=https://nel.heroku.com/reports?ts=1709156101&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=tRQXivVl85HPLhkLMLFK7FNp1mDxfMWO7dTJzdQ5LD4%3D
GET H/1.1	200 OK	welcome-bd39d5f35e3a006337c078879b24c3a23c0bce9242b137e905b5ff26d4712075.svg statefile.pr-4280.getyourrefund-testing.org/assets/questions/	11 KB 11 KB	268ms 95ms	Image image/svg+xml	54.209.91.188 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://statefile.pr-4280.getyourrefund-testing.org/assets/questions/welcome-bd39d5f35e3a006337c078879b24c3a23c0bce9242b137e905b5ff26d4712075.svg Requested by Host: statefile.pr-4280.getyourrefund-testing.org URL: https://statefile.pr-4280.getyourrefund-testing.org/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.209.91.188 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-209-91-188.compute-1.amazonaws.com Software Cowboy / Resource Hash bd39d5f35e3a006337c078879b24c3a23c0bce9242b137e905b5ff26d4712075 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://statefile.pr-4280.getyourrefund-testing.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Wed, 28 Feb 2024 21:35:00 GMT Strict-Transport-Security max-age=63072000; includeSubDomains Via 1.1 vegur Nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} Server Cowboy Last-Modified Wed, 28 Feb 2024 21:27:28 GMT Report-To {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1709156101&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=tRQXivVl85HPLhkLMLFK7FNp1mDxfMWO7dTJzdQ5LD4%3D"}]} Content-Type image/svg+xml Cache-Control public, max-age=31536000 Connection keep-alive Content-Length 10753 Reporting-Endpoints heroku-nel=https://nel.heroku.com/reports?ts=1709156101&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=tRQXivVl85HPLhkLMLFK7FNp1mDxfMWO7dTJzdQ5LD4%3D
GET H/1.1	200 OK	intercom-chat-303f5019f96110dce78eb26a69e3c412587c9377bd92caf2d5dcfb8d6d629d65.svg statefile.pr-4280.getyourrefund-testing.org/assets/	330 B 1 KB	91ms 91ms	Image image/svg+xml	54.209.91.188 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://statefile.pr-4280.getyourrefund-testing.org/assets/intercom-chat-303f5019f96110dce78eb26a69e3c412587c9377bd92caf2d5dcfb8d6d629d65.svg Requested by Host: statefile.pr-4280.getyourrefund-testing.org URL: https://statefile.pr-4280.getyourrefund-testing.org/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.209.91.188 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-209-91-188.compute-1.amazonaws.com Software Cowboy / Resource Hash 303f5019f96110dce78eb26a69e3c412587c9377bd92caf2d5dcfb8d6d629d65 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://statefile.pr-4280.getyourrefund-testing.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Wed, 28 Feb 2024 21:35:00 GMT Strict-Transport-Security max-age=63072000; includeSubDomains Via 1.1 vegur Nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} Server Cowboy Last-Modified Wed, 28 Feb 2024 21:27:28 GMT Report-To {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1709156101&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=tRQXivVl85HPLhkLMLFK7FNp1mDxfMWO7dTJzdQ5LD4%3D"}]} Content-Type image/svg+xml Cache-Control public, max-age=31536000 Connection keep-alive Content-Length 330 Reporting-Endpoints heroku-nel=https://nel.heroku.com/reports?ts=1709156101&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=tRQXivVl85HPLhkLMLFK7FNp1mDxfMWO7dTJzdQ5LD4%3D
GET H2	200	ijwGs572Xtc6ZYQws9YVwllKVG8qX1oyOymuFpmJxAco.woff2 fonts.gstatic.com/s/publicsans/v15/	14 KB 15 KB	28ms 7ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/publicsans/v15/ijwGs572Xtc6ZYQws9YVwllKVG8qX1oyOymuFpmJxAco.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Public%20Sans Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9707fd1d120b6fd56804438c1c0879cee23233534149a1a4a7782ca1f40121ad Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://statefile.pr-4280.getyourrefund-testing.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 27 Feb 2024 03:49:35 GMT x-content-type-options nosniff age 150326 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14648 x-xss-protection 0 last-modified Wed, 13 Sep 2023 23:34:03 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 26 Feb 2025 03:49:35 GMT
GET H2	200	rtcpj4hf Show response widget.intercom.io/widget/	7 KB 3 KB	413ms 386ms	Script application/javascript	13.224.189.18 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget.intercom.io/widget/rtcpj4hf Requested by Host: statefile.pr-4280.getyourrefund-testing.org URL: https://statefile.pr-4280.getyourrefund-testing.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.18 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-18.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash f92305f32080111f71dc588569aa95cdf17b947a96dc439aba96ddd9c4f0d2b9 Request headers accept-language de-DE,de;q=0.9 Referer https://statefile.pr-4280.getyourrefund-testing.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers x-amz-version-id lt2OmDcn1SyrHwB8zh2TmXQgig25HIet content-encoding gzip via 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront) date Wed, 28 Feb 2024 21:34:17 GMT x-amz-cf-pop FRA2-C1 age 46 x-amz-server-side-encryption AES256 x-cache Error from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 2705 last-modified Wed, 28 Feb 2024 13:14:45 GMT server AmazonS3 etag "36f00a6d2fc5bfdc0d06692bca32f86f" vary Accept-Encoding, Origin content-type application/javascript; charset=UTF-8 cache-control max-age=300, s-maxage=300, public accept-ranges bytes x-amz-cf-id ldFBtzQfV4G-PTtxBuX-TBz06HT5D1VZfbCXSxRxomLJLCKH3lX6bA==
GET H2	200	frame-modern.3d73a898.js Show response js.intercomcdn.com/ Frame BBA2	511 KB 142 KB	59ms 14ms	Script application/javascript	99.84.88.96 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.intercomcdn.com/frame-modern.3d73a898.js Requested by Host: widget.intercom.io URL: https://widget.intercom.io/widget/rtcpj4hf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.88.96 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-88-96.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash c94eed5d343d24529e1d37117b40df78eaa1db216dd42812e1ee96743792e256 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers x-amz-version-id yzOX10dvH4ZkcymHvu_0SUbSdIEiBxNn content-encoding gzip via 1.1 598adc26bc2de491984cda2fac7d893a.cloudfront.net (CloudFront) date Wed, 28 Feb 2024 21:14:49 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop MUC50-C1 age 1214 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 144158 last-modified Wed, 28 Feb 2024 13:12:44 GMT server AmazonS3 etag "8cd3051746cc9a8add133cdf7dafb39f" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=31536000, s-maxage=7200, public accept-ranges bytes x-amz-cf-id jeOCWF-_nFx57RTL6pzidi3ZKLT3NHGLmc39pCUTSkSkAjd-S_R4sQ==
GET H2	200	vendor-modern.8d69465d.js Show response js.intercomcdn.com/ Frame BBA2	483 KB 148 KB	89ms 44ms	Script application/javascript	99.84.88.96 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.intercomcdn.com/vendor-modern.8d69465d.js Requested by Host: widget.intercom.io URL: https://widget.intercom.io/widget/rtcpj4hf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.88.96 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-88-96.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash 13c2807c65367c01a2efd19ff996e8213d5a8e2747983f7a96fb32c2855e9e2c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers x-amz-version-id twc4djv9ufR_wVHu2oBUJ4ENavsNuRoi content-encoding gzip via 1.1 598adc26bc2de491984cda2fac7d893a.cloudfront.net (CloudFront) date Wed, 28 Feb 2024 19:59:34 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop MUC50-C1 age 5727 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 151062 last-modified Tue, 27 Feb 2024 16:54:57 GMT server AmazonS3 etag "462f5c1443849f0df2a9e0b24e16e809" vary Accept-Encoding content-type application/javascript cache-control max-age=31536000, s-maxage=7200, public accept-ranges bytes x-amz-cf-id cDxsug5NYr8fwf7BjugRThX9SEzj46cVIUP98vwfGFaPb7fPMqD2lA==
POST H2	200	ping Show response api-iam.intercom.io/messenger/web/ Frame BBA2	4 KB 2 KB	629ms 433ms	XHR application/json	54.88.196.222 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api-iam.intercom.io/messenger/web/ping Requested by Host: js.intercomcdn.com URL: https://js.intercomcdn.com/frame-modern.3d73a898.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.88.196.222 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-88-196-222.compute-1.amazonaws.com Software nginx / Resource Hash ad563390a398428daeb82bf25436684839de7a7fb7659a77fa5a165407744284 Security Headers Name Value Strict-Transport-Security max-age=31556952; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Wed, 28 Feb 2024 21:35:02 GMT strict-transport-security max-age=31556952; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff x-ami-version ami-0ad20df1d0b5588d3 status 200 OK x-xss-protection 1; mode=block x-request-id 000emqrcfu81e933ks80 x-runtime 0.318712 server nginx etag W/"ad563390a398428daeb82bf254366848" x-request-queueing 0 vary Accept,Accept-Encoding access-control-allow-methods POST, GET, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin https://statefile.pr-4280.getyourrefund-testing.org x-intercom-version 39efcf636d9fbd29923bfd82232fc8193503547a cache-control max-age=0, private, must-revalidate access-control-allow-credentials true x-frame-options SAMEORIGIN access-control-allow-headers Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| intercomSettings function| Intercom object| webpackChunkapp function| clearImmediate function| setImmediate function| jQuery function| $ boolean| _rails_loaded function| __intercomAssignLocation function| __intercomReloadLocation

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			statefile.pr-4280.getyourrefund-testing.org/	1970-01-21 04:21:56	Name: visitor_id Value: %2FKTYdTFLAY4Tprn%2BoA06a%2B6pUezPFMVZL9YxIBXD9g9Td8Oa5OkUCYYtzqPuljESuRKUhBBZemLnaElo6bNNUiJD6izEDH3AvmhPHsLUD4VIsHCY6aHpA5qHai%2FG8hhHt4kNs62A6z4Vb4186%2FYmaaufMKo9yP0bcXzkKhZ9D%2BQbDGcaCph%2Fyidcj9FLhpnnJw%2Bn%2F3%2BnmacRyh%2FW--u0drpzwxZCXN%2FUmB--F%2BCE7Qd4570VFYee7lzEaQ%3D%3D
			statefile.pr-4280.getyourrefund-testing.org/	1969-12-31 23:59:59	Name: _vita_min_session Value: YbdZ2A070VxytVIEVD9ug%2FZtFkkHnpL3N2pApaj0CBlXvkXjiWOSt%2FtYwLXS3Mc4C2O9bc0KmUJ0b%2FEp0YczueFwj8ANdQ5i6siUwxrT1v9hercsj3LIKyb1mXtjKrOGZrRY8NKi2BA2R6H18Fyt%2BMKSWwTqwMddiUEzUcJn%2FH2p3PqpuB5u4oHYMvmKiKtSnlGvNVolk2hDdj0FGl3Lnj8VFVNEOWF4vMgSXoJTUXc%2FasL5cn1XX2Sde2MFBhQBqXWZfBoAYU08xK2Fa6OYUBEWswBMYIugsdfDvfEhFj31AZsArzPniu3mE%2BOiUD2URA%3D%3D--K3an0Fec2Wsi4dQl--vbjbVSznXRwuyzfz43SNxA%3D%3D
			.getyourrefund-testing.org/	1970-01-21 01:14:46	Name: intercom-id-rtcpj4hf Value: 80e71731-02bf-48df-b299-7f000f418625
			.getyourrefund-testing.org/	1970-01-20 18:56:00	Name: intercom-session-rtcpj4hf Value:
			.getyourrefund-testing.org/	1970-01-21 01:14:46	Name: intercom-device-id-rtcpj4hf Value: 91810701-7c1b-465c-9251-b90986707346

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
fonts.googleapis.com
fonts.gstatic.com
js.intercomcdn.com
statefile.pr-4280.getyourrefund-testing.org
widget.intercom.io
13.224.189.18
2a00:1450:4001:813::200a
2a00:1450:4001:830::2003
54.209.91.188
54.88.196.222
99.84.88.96
13c2807c65367c01a2efd19ff996e8213d5a8e2747983f7a96fb32c2855e9e2c
1580331be0ce4c6908f21a3c3f816c61c8c92a8d2e12a6ccea033d4fee6d4eca
26922f18815a5e5e66c7f5f729c5f1eec082c64427b9e407c0b319caa9beb254
26a96dd65e1d66a55898cca0ad2c40c15fee63d2eaaeaa5511fe3d38b5ee5d2e
303f5019f96110dce78eb26a69e3c412587c9377bd92caf2d5dcfb8d6d629d65
45edef9dfe9f0fdc0f993b7bceb4006e6ffb79e5d33144f3b5ba3bf5b295488d
92f3e6e51f5f34345e1d3cb1132c7d4a762a2a9105ec2f61256dd2fbc910a74a
9707fd1d120b6fd56804438c1c0879cee23233534149a1a4a7782ca1f40121ad
9f910d296e319359198007ff15593ea172e6f1640d2128dc9eabc6a0ac461f83
ad563390a398428daeb82bf25436684839de7a7fb7659a77fa5a165407744284
b4bbca17dde30ca7c1ebeef9eacb9bc8705ca76f4089911a3c60500eb2e17224
bd39d5f35e3a006337c078879b24c3a23c0bce9242b137e905b5ff26d4712075
bf3a30cdef5afdbbfd57344a22cfa3af6552bf1b6e6e871fef6566ddb765bff9
c58074567ebac3cbe5fd1d0bf643a99e80758b6edd7190c67f61b5fd2054f0a8
c94eed5d343d24529e1d37117b40df78eaa1db216dd42812e1ee96743792e256
f92305f32080111f71dc588569aa95cdf17b947a96dc439aba96ddd9c4f0d2b9
fdebb880bf08c8e7ff4ec28dae39abfbe2783294dc5464292571a807e64f0c59