payment.globalrefundgroup.com Open in urlscan Pro
2606:4700:3031::6815:297b  Public Scan

URL: https://payment.globalrefundgroup.com/
Submission: On March 05 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 13 IPs in 2 countries across 10 domains to perform 110 HTTP transactions. The main IP is 2606:4700:3031::6815:297b, located in United States and belongs to CLOUDFLARENET, US. The main domain is payment.globalrefundgroup.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 26th 2022. Valid for: a year.
This is the only time payment.globalrefundgroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
48 globalrefundgroup.com
payment.globalrefundgroup.com
globalrefundgroup.com
dev.globalrefundgroup.com Failed
647 KB
39 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1051
q.stripe.com — Cisco Umbrella Rank: 6717
merchant-ui-api.stripe.com — Cisco Umbrella Rank: 5375
r.stripe.com — Cisco Umbrella Rank: 4126
m.stripe.com — Cisco Umbrella Rank: 1056
526 KB
7 gstatic.com
fonts.gstatic.com
107 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
14 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1159
17 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
20 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 339
22 KB
1 geojs.io
get.geojs.io — Cisco Umbrella Rank: 15426
727 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 44
46 KB
0 restcountries.eu Failed
restcountries.eu Failed
110 10
Domain Requested by
44 payment.globalrefundgroup.com payment.globalrefundgroup.com
16 r.stripe.com js.stripe.com
14 js.stripe.com payment.globalrefundgroup.com
js.stripe.com
7 q.stripe.com payment.globalrefundgroup.com
7 fonts.gstatic.com fonts.googleapis.com
6 fonts.googleapis.com payment.globalrefundgroup.com
globalrefundgroup.com
4 globalrefundgroup.com payment.globalrefundgroup.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 cdn.jsdelivr.net payment.globalrefundgroup.com
1 m.stripe.com m.stripe.network
1 merchant-ui-api.stripe.com js.stripe.com
1 get.geojs.io payment.globalrefundgroup.com
1 www.googletagmanager.com payment.globalrefundgroup.com
0 restcountries.eu Failed payment.globalrefundgroup.com
0 dev.globalrefundgroup.com Failed payment.globalrefundgroup.com
110 16

This site contains links to these domains. Also see Links.

Domain
globalrefundgroup.com
www.vwthemes.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-09-26 -
2023-09-26
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4
2022-12-23 -
2024-01-24
a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2023-02-06 -
2023-05-13
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-02-14 -
2023-06-13
4 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1
2023-01-08 -
2023-04-08
3 months crt.sh

This page contains 5 frames:

Primary Page: https://payment.globalrefundgroup.com/
Frame ID: F083CB32C6DE8B94A29C00AAE1555292
Requests: 70 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: FDDBE948BF777B23DEAA33766164ECAC
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-4b36ccd8e57982c88507576b9c36e8e9.html
Frame ID: 38F7FE1C16D5D00A4E4FAFBDA10DFAB6
Requests: 23 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-3cc643d22654cabc367e612be504b001.html
Frame ID: F9E4CC32595B29F4F2E074663304933C
Requests: 9 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 0767FD55582FD279113A6D4737EF9A20
Requests: 4 HTTP requests in this frame

Screenshot

Page Title

Payment page - Global Refund

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js


Overall confidence: 100%
Detected patterns
  • select2(?:\.min|\.full)?\.js

Overall confidence: 100%
Detected patterns
  • tracker\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

110
Requests

98 %
HTTPS

58 %
IPv6

10
Domains

16
Subdomains

13
IPs

2
Countries

1399 kB
Transfer

4682 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

110 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
payment.globalrefundgroup.com/
153 KB
27 KB
Document
General
Full URL
https://payment.globalrefundgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.33
Resource Hash
4e0094f50477607896d285336e8aca96758a8e811f03d22244973be17deef137

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7a32852b58af910d-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 05 Mar 2023 12:56:39 GMT
link
<https://payment.globalrefundgroup.com/wp-json/>; rel="https://api.w.org/" <https://payment.globalrefundgroup.com/wp-json/wp/v2/pages/300>; rel="alternate"; type="application/json" <https://payment.globalrefundgroup.com/>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CzSSSAljOSH7GYvXiA08Z%2F8rwoul6qKBHGGcOcAruxzx%2FMTI0IF7PN7XT017rdcBDhF4UIKRHC6jj64pvJfiJEotbx40Y6TpnsKAp4sEFQom%2F4Qw3uZmHI%2BsjNYg44ytrjmN0XIw%2B2z6ONttKUDDD4En%2FuCBpPJr1I8SNA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.3.33
x-turbo-charged-by
LiteSpeed
style.min.css
payment.globalrefundgroup.com/wp-includes/css/dist/block-library/
57 KB
9 KB
Stylesheet
General
Full URL
https://payment.globalrefundgroup.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.8
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 07 Apr 2021 02:20:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
89227
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wJsYvnXT353TUG17udlI72vr2AIR0HnpCGv3PEXLOds6OK3P6jLzxLy%2B7ymQsCV8TagykbDXKcJEVHyYgi2p3rUV9yNrf2qOzWyqS6ramUzbkGwuQhbX9XoJsMrX8baU8ZA2IgTxEssNJHnAmSajLLauKmNvHJ%2FgIpTFTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
7a3285308ed6910d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 11 Mar 2023 12:09:34 GMT
bbpress.min.css
payment.globalrefundgroup.com/wp-content/plugins/bbpress/templates/default/css/
29 KB
6 KB
Stylesheet
General
Full URL
https://payment.globalrefundgroup.com/wp-content/plugins/bbpress/templates/default/css/bbpress.min.css?ver=2.6.5
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481bfa4292798eb15d056ff461dc1e90bbe9795fd99299b59c02970a0e710207

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 27 Jul 2020 09:21:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
89227
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2F6ofDTLH2tLO3hc7EeK16ajf0B60W1z6HqVzBBCLvuL2is9zCR74zSTOsrn6tJSvB8sbcMSh%2BDneJsaotynxKkG%2B8pItkYp97fLry2VnftdIPXooGL51e1UZXyH9GXx%2BjTKmd3l764SStkY%2FxzCoikmSoBOQ6qaStqqqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
7a3285308ee0910d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 11 Mar 2023 12:09:34 GMT
styles.css
payment.globalrefundgroup.com/wp-content/plugins/contact-form-7/includes/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://payment.globalrefundgroup.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.2
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ddc2daa3935e81bec0daa5effbf1861f60ed8ddea3c348c95c5302912233858

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 27 Jul 2020 09:29:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
89227
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IkDYskIL7ELbdsZ52sVCuiu11VNKJCw2pmkWQfUuR2fOcEX2O06Zen252aEWKjHz6hcU2RyEO9tiR4Tl%2FgLd%2BKbPZotOPQzB00m8ObiXW2cK3RYrgKDCBQVU%2BbyNRr%2B7LHFNJ4iaAU0EHuUjKK6eqINMl7ZkXA4B7cWKSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
7a3285308ee2910d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 11 Mar 2023 12:09:34 GMT
all.css
payment.globalrefundgroup.com/wp-content/plugins/simple-floating-menu/assets/css/
60 KB
11 KB
Stylesheet
General
Full URL
https://payment.globalrefundgroup.com/wp-content/plugins/simple-floating-menu/assets/css/all.css?ver=1.0.0
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9991f67d7243acd284a6df9c6a74e49a83dd2a21d20ed72dd69603d1e914c77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 26 Jul 2020 19:21:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
89227
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AdRtufQ76VzdZhARaRwZHcTYNvYRJlZrpk18Fq%2BKxTMFHBkuiNDDIWS3c%2BIgBP77nK%2F0kizUpCgMNzj4ipCDd9ffU06AqRAH97kXOGaZoPoIs1g88sceqgdHYMxm%2BB%2B1PSAJ7RdMzc4ryLiyi7CURsLjZhpAczd8QQUHgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
7a3285308ee3910d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 11 Mar 2023 12:09:34 GMT
eleganticons.css
payment.globalrefundgroup.com/wp-content/plugins/simple-floating-menu/assets/css/
25 KB
5 KB
Stylesheet
General
Full URL
https://payment.globalrefundgroup.com/wp-content/plugins/simple-floating-menu/assets/css/eleganticons.css?ver=1.0.0
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52a5fdc5fcba3cfcc39c208ce3ccb38abee464d629879b28bdb0692b767abc59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 26 Jul 2020 19:21:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
89227
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UVdF%2FzBJL59zDCq1k5pmgx3G8heezBELhMCTGAaySmlQs3qR%2BZkAaNi%2BBUbQrNyUF%2Bv1wQz0EECUnH2jIJ6831slPUd5eQQH9ewLek7pD%2FJbAKkVB%2Bo1jtvTj1hlcpE7t%2F%2FDQBwkNPCt3yCLBxJ%2BksTZ89zM7aCNTnXVoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
7a3285308ee4910d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 11 Mar 2023 12:09:34 GMT
essential-icon.css
payment.globalrefundgroup.com/wp-content/plugins/simple-floating-menu/assets/css/
20 KB
3 KB
Stylesheet
General
Full URL
https://payment.globalrefundgroup.com/wp-content/plugins/simple-floating-menu/assets/css/essential-icon.css?ver=1.0.0
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5168b88a29580bb2e4c6bcaf94c24c2801eaef58751f8eafeeb7d050aec4838

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 26 Jul 2020 19:21:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
89227
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BOf0RkDilLP0b36%2BI90Hp474YBs82g9I7AXeAJPtR9qm0pqJFFfMXnh4Nk1DyrdIg8CRTjA%2BXDfUDHQOoRnjBG55yA%2FhI5dr%2FRf9SfWqz6RYWVotYad%2Bz938ClF5ZNFynW0mo6iNww2Fx%2FuDvooLXymrjI%2B1JxvSEaOtMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
7a3285308ee6910d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 11 Mar 2023 12:09:34 GMT
icofont.css
payment.globalrefundgroup.com/wp-content/plugins/simple-floating-menu/assets/css/
110 KB
16 KB
Stylesheet
General
Full URL
https://payment.globalrefundgroup.com/wp-content/plugins/simple-floating-menu/assets/css/icofont.css?ver=1.0.0
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed8d1b1ebb0bfb62343f83fb6820cbf7ff134072db28adadb2e37ab626118333

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 26 Jul 2020 19:21:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
89227
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N9ZV%2BxFCxFfT4c13%2FFvJtoE32vKW0Li8MEwU92K%2BFYyplc3v6yh9160NYQKiW7Gg0Up47PrCzyCDJaGMNOwmXfRjANDYoY8m8mRBnQtGd9xg8Hk%2FnTBjyfdqHMGqkTLGMCtktPQ45UHfSAXcIoLksoSJU2DASUf5L3I6vA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
7a3285308ee8910d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 11 Mar 2023 12:09:34 GMT
materialdesignicons.css
payment.globalrefundgroup.com/wp-content/plugins/simple-floating-menu/assets/css/
104 KB
16 KB
Stylesheet
General
Full URL
https://payment.globalrefundgroup.com/wp-content/plugins/simple-floating-menu/assets/css/materialdesignicons.css?ver=1.0.0
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34a71f4fb5b2a0c47b13fb99a0f6452aa0e0ba490cbe9efb9723dcf8fdcd3852

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 26 Jul 2020 19:21:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
89227
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e49QUTXUbU850fPMURMYT7OyqAhdoIZHjgKJ3om3FnGDp%2BoP37ldEDjx%2FSuFQJ1Iru9kwagFgS45KNeJz1tZEERQA6izmyjWcm6zsYpmu%2Bf3Jq%2FbyMC4OmxGGB%2F1Ubf76KXNHaYaOdgKI7tP76zKltnIeY5xdZVPmo8jpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
7a3285308ee9910d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 11 Mar 2023 12:09:34 GMT
style.css
payment.globalrefundgroup.com/wp-content/plugins/simple-floating-menu/assets/css/
6 KB
1 KB
Stylesheet
General
Full URL
https://payment.globalrefundgroup.com/wp-content/plugins/simple-floating-menu/assets/css/style.css?ver=1.0.0
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07fd3c634eee674b3455465b774ae1b0945efbd446b6ae43ca8401b8742c5fcb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 26 Jul 2020 19:21:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
89227
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VtPD66wBZhZODIxo10V5E9TMYNfjDTIxWaQGsTMhYzj10XLXQ3XmAMnxdKvSbB7TAfGw7B5o8HG3fPiiFifV58XyC1Na85OelLjOWkuz7r6dYoPNWE7ypIvr29BcvEO5nOJLNLBC%2BjKSJp5TxExnKrg%2FkrToBsnYC4IU%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
7a3285308eea910d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 11 Mar 2023 12:09:34 GMT
css
fonts.googleapis.com/
26 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i&subset=latin%2Clatin-ext&ver=1.00
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
47a7dd0cada3c63b3d5981848b65973772a3f5ccc578d16ed90e3aa1b74056ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 05 Mar 2023 12:56:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 05 Mar 2023 12:40:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 05 Mar 2023 12:56:39 GMT
css
fonts.googleapis.com/
164 KB
9 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=PT+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CRoboto%3A400%2C700%7CRoboto+Condensed%3A400%2C700%7COpen+Sans%7COverpass%7CMontserrat%3A300%2C400%2C600%2C700%2C800%2C900%7CPlayball%3A300%2C400%2C600%2C700%2C800%2C900%7CAlegreya%3A300%2C400%2C600%2C700%2C800%2C900%7CJulius+Sans+One%7CArsenal%7CSlabo%7CLato%7COverpass+Mono%7CSource+Sans+Pro%7CRaleway%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CMerriweather%7CRubik%7CLora%7CUbuntu%7CCabin%7CArimo%7CPlayfair+Display%7CQuicksand%7CPadauk%7CMuli%7CInconsolata%7CBitter%7CPacifico%7CIndie+Flower%7CVT323%7CDosis%7CFrank+Ruhl+Libre%7CFjalla+One%7COxygen%7CArvo%7CNoto+Serif%7CLobster%7CCrimson+Text%7CYanone+Kaffeesatz%7CAnton%7CLibre+Baskerville%7CBree+Serif%7CGloria+Hallelujah%7CJosefin+Sans%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%26amp%3Bsubset%3Dlatin-ext%2Cvietnamese%7CAbril+Fatface%7CVarela+Round%7CVampiro+One%7CShadows+Into+Light%7CCuprum%7CRokkitt%7CVollkorn%7CFrancois+One%7COrbitron%7CPatua+One%7CAcme%7CSatisfy%7CJosefin+Slab%7CQuattrocento+Sans%7CArchitects+Daughter%7CRusso+One%7CMonda%7CRighteous%7CLobster+Two%7CHammersmith+One%7CCourgette%7CPermanent+Marker%7CCherry+Swash%7CCormorant+Garamond%7CPoiret+One%7CBenchNine%7CEconomica%7CHandlee%7CCardo%7CAlfa+Slab+One%7CAveria+Serif+Libre%7CCookie%7CChewy%7CGreat+Vibes%7CComing+Soon%7CPhilosopher%7CDays+One%7CKanit%7CShrikhand%7CTangerine%7CIM+Fell+English+SC%7CBoogaloo%7CBangers%7CFredoka+One%7CBad+Script%7CVolkhov%7CShadows+Into+Light+Two%7CMarck+Script%7CSacramento%7CPoppins%3A100%2C200%2C300%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%26amp%3Bsubset%3Ddevanagari%2Clatin-ext%7CPT+Serif%7CKaushan%2BScript%26display%3Dswap%26subset%3Dlatin-ext&ver=5.7.8
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4a94f23728beb2880bb818eb2f8a57614883b65518410f74a5f45faedf4dbdc1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 05 Mar 2023 12:56:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 05 Mar 2023 12:56:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 05 Mar 2023 12:56:39 GMT
bootstrap.min.css
payment.globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/css/
152 KB
24 KB
Stylesheet
General
Full URL
https://payment.globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/css/bootstrap.min.css?ver=5.7.8
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 27 Jul 2020 09:15:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
89227
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ln1dZUyCZCMguQyHxdWk9eDGgUbxXnQ0j2glRwhk3r3KHJOyXwQlNqZn1fDJepLcAA3IuQB%2BYZ62ZU47hlyg7hWqsnasLwEJIplfHicpVFtfE8hjMSSIpv9%2FE8YXicUSBOFVBCvZcZZ4nrsLzJjCicI%2BznsBht8dokjv0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
7a3285308eed910d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 11 Mar 2023 12:09:34 GMT
style.css
payment.globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/
118 KB
22 KB
Stylesheet
General
Full URL
https://payment.globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/style.css?ver=5.7.8
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1741b695a1c01def04bb5559af33d8402b8a927968cb1e575268935c4ae8d45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 03 Jan 2023 11:26:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
89227
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lib5KxcgjqZFlAFN3U5mVW%2BxSO44cL%2BRt0k%2FLy9tAG78uYwhAm5JBTozaJHDyTRmdTBzX5tu27nm5VO0IiDU0NfrFtqCdX8uWE%2BrGBXayflH0BIHjup9CSpB0OcTh8jeyQvu5gPFiLiig%2B8MK3Ks9bEMe5uU4PxhiIvGUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
7a3285309f05910d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 11 Mar 2023 12:09:34 GMT
animation.css
payment.globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/css/
67 KB
5 KB
Stylesheet
General
Full URL
https://payment.globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/css/animation.css?ver=5.7.8
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eca89d24cbc453e066518b70e8d5e08d43587276646747d45de949c7dc92e021

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 27 Jul 2020 09:15:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
89227
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xslaKc6BUL9xQ5uMUhUcp%2Bt2k8ACLc2MHTbotNrGB5G9ZBiOp8GLN6oEqFwau2lTRj%2FWLs265H7GPkeFlhTB0DHgHMh0f6IlgqHL6%2BihBWLNLYTqV8La8WdqN0L54fGucniJE5%2F5aeJJ%2FnT7YHDHC6OXZHJ1OakrmIdjog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
7a3285309f08910d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 11 Mar 2023 12:09:34 GMT
custom-animation.css
payment.globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/css/
68 B
370 B
Stylesheet
General
Full URL
https://payment.globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/css/custom-animation.css?ver=5.7.8
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8f1aa413f3eb5304b579deba529ab7b57a793f4ef9bab033f8a450abf8e3fa4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 27 Jul 2020 09:15:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
89227
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=heehyntOMedO5z90k%2FeSpl5r1GVye%2BIyQugrsEuYFe8Qz%2Bh%2BBtIYvmlxjO%2FSj1nEvuKIR3BmwqtVKrH%2BtgzSCYyPUR8IQ3gJCzP7jW2s0L4VA2ZHp7lVqn5js%2BjwmsvIxp0DKWu2vGqfHKaU8Qb6udCnN19N5xZlsVNmMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
7a3285309f09910d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 11 Mar 2023 12:09:34 GMT
animate.css
payment.globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/css/
20 KB
2 KB
Stylesheet
General
Full URL
https://payment.globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/css/animate.css?ver=5.7.8
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
870121a26fabb87ad9a2ff678d2ec0aae82a919d26b8e9c926de896f4d8e8462

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 27 Jul 2020 09:15:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
89227
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OhqyVSLgR3QL%2FQx0eBkK%2FP5V27BsGJxSNBRugWyj9Cx70qRhSsn%2FasPkGr887lE48RiXbTBCy0jC9nfbxQLnm6nScUncXeFagyJtRopGyuEcqba%2FjJgc%2FmAugAo%2FB1jkM2iEz7a2r1VskV4Esu6PFRzSln3VBwsE970Nvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
7a3285309f0a910d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 11 Mar 2023 12:09:34 GMT
font-awesome.min.css
payment.globalrefundgroup.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://payment.globalrefundgroup.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 26 Jul 2020 11:32:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
89227
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6iUCnJmeEuHK5jWGE71iWsCh9DvugNjJkOzi9nHl2cg4fhJCw334OHKmr4SLM91IY836bnHOBWnsER%2BezYJa0133YwEGQFeNzrALCH4N9n542PQiWnFgx%2BAL8%2Bi3xQ1S8AEMWQ77%2FOPozDwg0zx9C76eTkuWFqKYYccn%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
7a3285309f0b910d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 11 Mar 2023 12:09:34 GMT
effect.css
payment.globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/css/
2 KB
909 B
Stylesheet
General
Full URL
https://payment.globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/css/effect.css?ver=5.7.8
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c252483b3652cd0703315d627dfc2b433f497b0029e48b5f4b5c3b7f5cf987bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:39 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 27 Jul 2020 09:15:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pumi0XUQwC6u5Q0Ga%2BDnA2ttbM3vkIWCYBJcZZcewpKVesSW8tOdKaIm3TvFkbp07jnVrbcz9LiF%2BriGPubuYr3N%2BtDVxICjcpRyqGOGHbYYxZQUP0Mbj6QIOsdYFcq3zPC6P4EJ8%2BfmWdfO1ea4hlOY5lQ1Yw5sr%2BzjVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
7a3285309f0c910d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 12 Mar 2023 12:56:42 GMT
owl.carousel.css
payment.globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/css/
5 KB
2 KB
Stylesheet
General
Full URL
https://payment.globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/css/owl.carousel.css?ver=5.7.8
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f965531c70972c209917c1867f595940ad8a2416935c04d024a7373a28c234d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 27 Jul 2020 09:15:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
89227
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lZzwWaQ4FTTvmmSfRAn82Q9x43X3WAQMxAESqX8N%2BbP%2F5uj0j31H7V%2ByGkeBDgmN%2B1Zf77pwsKaINh7Yg5e9Ecm6jn%2BwIdny6kfB5RGm4KynHuYrTCU%2F2o9gq9bLvKp2rRDhGGSwKBTOyY8D6JWMgQtw3ht45NepKwRsgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
7a3285309f0e910d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 11 Mar 2023 12:09:34 GMT
select2.min.css
cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/css/
16 KB
3 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/css/select2.min.css?ver=5.7.8
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cda4a81c187015d95ed2c71f1841540b08203cdec5fa2a7d5d1825a3c2166f8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 05 Mar 2023 12:56:39 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
11687413
x-jsd-version
4.1.0-rc.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2162
x-served-by
cache-fra-eddf8230031-FRA, cache-hhn-etou8220035-HHN
x-jsd-version-type
version
etag
W/"3f88-kT+fe5U1rseQyjzp1uNaz682mZM"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
payment.css
payment.globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/css/
11 KB
3 KB
Stylesheet
General
Full URL
https://payment.globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/css/payment.css?ver=1.8
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd0d963ceaff782262d72db7041d3cabfb3d0d0f098b33cd32d093a52e8fa1ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Dec 2021 11:55:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
89227
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tJyXMS2MGpDa5rv6reIWd%2FsBKWIaehHJt%2BdpBz3tkHcuAJb3tzqCS0CfJq%2F2EWrIuJGBciNFxiJWF3%2FwFSuCobe3%2B3j8dIHT1gqM6iBo2HMcPCpEKRNhdT4ZSXtcBByCk2dLY1cr9N3uzxKhMp0OoWLMewND9iqwgMyU5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
7a3285309f10910d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 11 Mar 2023 12:09:34 GMT
sassy-social-share-public.css
payment.globalrefundgroup.com/wp-content/plugins/sassy-social-share/public/css/
34 KB
10 KB
Stylesheet
General
Full URL
https://payment.globalrefundgroup.com/wp-content/plugins/sassy-social-share/public/css/sassy-social-share-public.css?ver=3.3.10
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
182cab990c2118fcdb18feab5115335e4eb4bc0b38bb30a36c4e73c92b080ea4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 28 Jul 2020 06:21:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
89227
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7sLSmo0DJ4MrYyK5%2F4GKLCtAg8OFiTT3Iw68ToSUvCyinIP%2F5LsyEQlpU2%2FpK7Mr9J67guRp24HWkmiLtmlFQBbKuIdfSf6RpUsiLwlD7%2FCPQg3eNsM5o%2BFezD3WIPJLEIVv3wUELu3H1VWFGoMD1bw1o1G8y53PL4AB8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
7a3285309f11910d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 11 Mar 2023 12:09:34 GMT
sassy-social-share-svg.css
payment.globalrefundgroup.com/wp-content/plugins/sassy-social-share/admin/css/
109 KB
34 KB
Stylesheet
General
Full URL
https://payment.globalrefundgroup.com/wp-content/plugins/sassy-social-share/admin/css/sassy-social-share-svg.css?ver=3.3.10
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c19b3e7d4486f0d1c11fa6c3d628042a9a1cc5e386484e0cdeba44cbbe3a359

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 28 Jul 2020 06:21:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
89227
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T2SDnjmjyaEVegm3v8uObRy2qGzltSn6NnfqToE7P31x5ltmlaW%2FusP4qUrQHlsj52lY8E5dv0pfsB2fZghUOZPhtZ64mJxiaifQbRzrmL8o71dWFBn%2B67CtatiCIPAvhHw8CSUZLSthqUHvTIujRSh8WG3GAhrXGeZsIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
7a3285309f12910d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 11 Mar 2023 12:09:34 GMT
elementor-icons.min.css
payment.globalrefundgroup.com/wp-content/plugins/elementor/assets/lib/eicons/css/
16 KB
3 KB
Stylesheet
General
Full URL
https://payment.globalrefundgroup.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.7.0
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18e02d57c21d12f6a6a15787a18bfea58bc95887c2a21b23c4381b070c17472a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 26 Jul 2020 11:32:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
89227
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vAVrFuk1PulbqrwNEh1r8gtMZdVANGt570CWjtQ3frG4a3HnU5pmev0XB6jiqItNyzMdaFpedSXs2mF1Ib1J1aCZWjFBYEID6%2F2tsNKN5PwGEdu9QssvfEoCilAGiXRrlFaTl5ttGfzmikLWgfa8G6FicPAKRtJZj2eiDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
7a3285309f13910d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 11 Mar 2023 12:09:34 GMT
animations.min.css
payment.globalrefundgroup.com/wp-content/plugins/elementor/assets/lib/animations/
18 KB
3 KB
Stylesheet
General
Full URL
https://payment.globalrefundgroup.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=2.9.14
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 26 Jul 2020 11:32:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
89227
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=603Xekw1dPLfoUY4ER8NfdUiKlZY9Iy0j2mQEMYMCPp0DrkDroLSy4KahjuThvVD%2FoQ6e21uljFrttm9vd1n9LIUFfsFv0KWsuA%2FeA7HtuqAzcmRKqAs%2BjnJxgive1LhEhdYumRPre32JIa8xyLLlRgm0fN6URwJk5zdCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
7a3285309f14910d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 11 Mar 2023 12:09:34 GMT
frontend.min.css
payment.globalrefundgroup.com/wp-content/plugins/elementor/assets/css/
106 KB
16 KB
Stylesheet
General
Full URL
https://payment.globalrefundgroup.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=2.9.14
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccc05acebaee3aae30ed78b2616ca32e6ae2090efb1a1d3b79e38dc5d8ca5886

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 26 Jul 2020 11:32:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
89227
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ohTvZHbey9wynnurWWzf3%2FbM9DBJtZKGnJZ8UsB2hUvW4yg6k%2FFdaY1SuVQoDm34fg%2BkzMwKS6HUnFT54zldemM3shas6N4q7nVS0VZdIjVSJQRnzipyfgiLm6L7G3svT7ENxvHbi9Es9byAUhIzeOa4OgroLtjgdba2xw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
7a3285309f15910d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 11 Mar 2023 12:09:34 GMT
global.css
payment.globalrefundgroup.com/wp-content/uploads/elementor/css/
6 KB
1 KB
Stylesheet
General
Full URL
https://payment.globalrefundgroup.com/wp-content/uploads/elementor/css/global.css?ver=1620909611
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57b22f3a5df6b64e6c861d24379cc781da036eaff1326d9c508e593acdda3cb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:39 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 13 May 2021 12:40:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OoIDwyXwF3vLY9%2FjZuPhzQjQgNCHDsmKyBpfBUUpSjJ9AzejWdhw4wYu9tCKuQ%2Fr9lEFCBncSOtCXpbW70LyfY7Vkgge6SKgfy%2B1yvOhx7TuPfabNocekLLVavZl3WxpjnyeD5cN2coPMgNqO7SgDLdcwb2%2BLyck11bvYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
7a3285309f16910d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 12 Mar 2023 12:56:42 GMT
css
fonts.googleapis.com/
42 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.7.8
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5dfdf00359b7743919a732ae8eb80536ff206faaf16a99fcdd3f967aca1f81e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 05 Mar 2023 12:56:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 05 Mar 2023 11:34:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 05 Mar 2023 12:56:39 GMT
jquery.min.js
payment.globalrefundgroup.com/wp-includes/js/jquery/
87 KB
32 KB
Script
General
Full URL
https://payment.globalrefundgroup.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:39 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 07 Oct 2020 19:03:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7WGenbiRlccpwpFVyF%2FN68tD4p3NHwsuVpgDqLAeWCJ%2FdB%2FVwSWRKIOj83V7rj0FY8PNgNvu9qrGWPbivuN%2FuQ%2Bw0NZha%2BqUdIdqi4IG10zeyR4xQHcOFgxLdKSN89%2FatyMoW%2BjTeKpultgxY1UjMUM3iJ4mFEhwN04%2Fww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
7a3285309f18910d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 12 Mar 2023 12:56:42 GMT
jquery-migrate.min.js
payment.globalrefundgroup.com/wp-includes/js/jquery/
11 KB
5 KB
Script
General
Full URL
https://payment.globalrefundgroup.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 18 Nov 2020 12:36:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
89227
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pgCGger5lIpIvW%2F%2FynEse9y1R2X7cYBp28dBWr%2FUMhOWAXLdaKalMADc0zJ%2FTQiv8bysPTfD7I84BzqHaSZwC0EBY0NgqpA1bMp0qkful8l0DNY1BUKVeUr0pgDrWQvBcp7ZKvPDEMCO6k3p5NPKqQdY95Oo8jMTecy%2FYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
7a3285309f19910d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 11 Mar 2023 12:09:34 GMT
gtm4wp-form-move-tracker.js
payment.globalrefundgroup.com/wp-content/plugins/duracelltomi-google-tag-manager/js/
1 KB
663 B
Script
General
Full URL
https://payment.globalrefundgroup.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.11.4
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc71c403dc6113c8597e111a99d6a6a197dd2f2355402f8392ca4812dca57d3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 28 Jul 2020 06:20:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
89227
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xx1pTf8%2Bru4wN81Zu%2BkrQtiVCUEUGEXCFblBf9Y8d4kl9RQm6vwNwcxNUe8kicgCXtqEoEbjDLkm4zVWeRjlnrMUmblkukt7vq2Cl%2BVJ5dejeqpR5rVTQLt8YBag%2FSSiu3ReI%2FfyJ7XK%2BXjV8NFrsQWzbz0gx%2B%2Fttvu16Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
7a3285309f1a910d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 11 Mar 2023 12:09:34 GMT
LOGO-4.png
globalrefundgroup.com/wp-content/uploads/2022/12/
18 KB
18 KB
Image
General
Full URL
https://globalrefundgroup.com/wp-content/uploads/2022/12/LOGO-4.png
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ca6784614ecd910a30b591f565574468193fcd15f71931643d247daf19a8928

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
88108
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18184
last-modified
Tue, 13 Dec 2022 11:47:34 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mi5kIyZ23XJIJkmpyP5mrpx5b4bbhPlH%2FLcjgXvUOqDH%2FO%2B7Pmc57LLT8PL2QZ3%2FHc%2F72UR%2By%2By%2B1eOVjXRiuqZzTwypepxhJEf2aOkWjSFoft5Xt8xFS%2F3EpSuMUcjcL8880qYdgr8aAUP6cGyvijMNupw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7a3285324915910d-FRA
expires
Sat, 11 Mar 2023 12:28:14 GMT
general.css
globalrefundgroup.com/wp-content/themes/global-refund/css/
75 KB
11 KB
Stylesheet
General
Full URL
https://globalrefundgroup.com/wp-content/themes/global-refund/css/general.css?ver=6.1.1
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
723c44d87b52dc7df76dcb4bddaa66d4bf9413fb0c58f0205e8fb6756e77b9d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 28 Nov 2022 12:16:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
15513
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qc3YLa9IaJfOn0rl3hC3UJqVH2RNwJay2ag7yRX7UJtKTbYI72N%2BQEkdigeR00nNFe%2BLnQMmY4z0%2BfAmvIKF1iBuULrgzU77SQGvxj%2BwL8QyIfDKU%2BmqbonrHpPlxZLzqqxIyZ8oIEygPMjfcEzPdj48ziQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
7a3285324913910d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 12 Mar 2023 08:38:09 GMT
css2
fonts.googleapis.com/
7 KB
735 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,400;0,500;0,600;0,700;1,100&display=swap
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2471f41a883c7215148382455ac967b6c476da6748d422cd9cdd6be5d4c2df09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 05 Mar 2023 12:56:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 05 Mar 2023 12:56:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 05 Mar 2023 12:56:40 GMT
wp-emoji-release.min.js
payment.globalrefundgroup.com/wp-includes/js/
14 KB
5 KB
Script
General
Full URL
https://payment.globalrefundgroup.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.8
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:40 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 06 Jan 2021 18:59:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yn%2B2cyUIvGCpyeAuQgowbLkU5aSeH9GddB64xDNiJnPGc8teZsyTf5WF1x4DudXZGzYTCSQgxnkZbiXHTBcnz8bf%2FpVKadem67bU2llnQEKZJIQTR0UfHitguCPIfHZcA8tiQUljKU7UmKMhHGuuP2kRvVJQdQrgsf6mNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
7a3285321a239054-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 12 Mar 2023 12:56:42 GMT
footer-logo-1.png
dev.globalrefundgroup.com/wp-content/uploads/2022/12/
0
0

email-decode.min.js
payment.globalrefundgroup.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://payment.globalrefundgroup.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 28 Feb 2023 18:28:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63fe47b5-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CUdTGpvo6%2BsfloRgAi9s%2BgrfHf7XvtRY0J3ftTGjzCt%2BbVQRxWcu3MfyhIYtJ%2FfQEfxrUcYEJ5omWReysNORRtCONLX3TY6mjjxba%2FAX7AKt6PCO6Xh%2B0C%2Bugta5YZ9EG0swq4rLmwRof6ns8iKwju3xKbirPb0NeV89qQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7a3285321a059054-FRA
expires
Tue, 07 Mar 2023 12:56:40 GMT
scripts.js
payment.globalrefundgroup.com/wp-content/plugins/contact-form-7/includes/js/
14 KB
4 KB
Script
General
Full URL
https://payment.globalrefundgroup.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.2
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0ea735f765d5bc1230beb63bcb701b69c80d77c48572a61bb159a8915903278

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:40 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 27 Jul 2020 09:29:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4pMtll6j%2F91KTC%2BsPRfvmaBtVU3%2BDcfOGZxxOIRbjFS6wfxNciONtmjHlVumCYwYcgj1lNSyLC%2FSXweYTScoFRGy7IYN5JRAGl%2BWHCNRii28nry8QX97rXk9aFCmXmzIt7FM7g5UmAe2vT3QlqXiVY6MjXjUW6gkW80H7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
7a3285321a0d9054-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 12 Mar 2023 12:56:42 GMT
custom-scripts.js
payment.globalrefundgroup.com/wp-content/plugins/simple-floating-menu/assets/js/
898 B
959 B
Script
General
Full URL
https://payment.globalrefundgroup.com/wp-content/plugins/simple-floating-menu/assets/js/custom-scripts.js?ver=1.0.0
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41c7bb7226d59ab078ac5d51fcc15f4deb3cb9dffe988a533bc24d87f6812c7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:40 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 26 Jul 2020 19:21:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uvy%2F8wFekc4zfWmJ8lx1VH67B5JUq1YEFNEEiqQwTCAxhUMHv5TMW5eCaVPhqpVdGl7BOsijtMe45SEDdmQ2KvjbNZ6ZiNCf1%2B4LkVjBnIdW3hoIBuYC1jg4zk3m0nJYcIQKUQIIAI03rX6vgbUxQ98DsiUPShi5DFsk6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
7a3285321a0f9054-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 12 Mar 2023 12:56:42 GMT
tether.js
payment.globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/js/
54 KB
13 KB
Script
General
Full URL
https://payment.globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/js/tether.js?ver=5.7.8
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f271bbf91298b9c279178e4e042ec41ad5cdae437bfd015b910083754282a65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:40 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 27 Jul 2020 09:15:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qqII%2F3tJZiY8ULFsXvbCTCbjn8NdW%2Bozo%2Bvd%2FoRyVbvmHhodI7KVHgTmCblkLhBWpXHYj0jimNCHIP0rgiIecmcqTr122%2BJdecvDE%2FMGcnbFaFmLNhafJZ%2BPqsMNqJ3inOudnjdUTlhrqbzYacGde90IuAXYyWioujjvRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
7a3285321a109054-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 12 Mar 2023 12:56:42 GMT
bootstrap.min.js
payment.globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/js/
57 KB
16 KB
Script
General
Full URL
https://payment.globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/js/bootstrap.min.js?ver=5.7.8
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:40 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 27 Jul 2020 09:15:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y4KPKHzXmic5GY%2F%2Bb7rmzRvRc%2BjVlJr2Z6DFffUwhSeoeIqtgxaZPBZRWmGCY1Y%2FkPCBlEpGWCiUzOKE4ixi4zjfi%2Fiz5UXbNII9YEdzu7kMVAKiIxanf38R1Seg8RxDBc8hdw%2BPFzRn9RXSM9xD1USpw7cYTa%2BExNekcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
7a3285321a129054-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 12 Mar 2023 12:56:42 GMT
jquery.superfish.js
payment.globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/js/
7 KB
3 KB
Script
General
Full URL
https://payment.globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/js/jquery.superfish.js?ver=5.7.8
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
996862df1686747b978037477df2c3ec70effb20a7c5fbd9b4db095772d78b2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:40 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 27 Jul 2020 09:15:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O1hvjNrteha%2FgAEt%2FacEFM8mjWp5Ry0OV1BBNBnSSZiudcCuyC4oQUPFq%2BC6FZJv64NIE2gmABIMVhmYoqfQr3gjJeLNwLSS7dFT1RnfGkq7tsOWPgga%2F9wV1bQZpvWgTLfj%2ByIhq23Ws94ExXg7KV1TrVFoY%2B7aqzDBsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
7a3285321a139054-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 12 Mar 2023 12:56:42 GMT
owl.carousel.js
payment.globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/js/
88 KB
21 KB
Script
General
Full URL
https://payment.globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/js/owl.carousel.js?ver=5.7.8
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e68b934e545803318062d25e68d276d8c7f7c53f75de2beab2f5248f514888c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:40 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 27 Jul 2020 09:15:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pWkCn0gFFthYFNxURkjluqHElZ8pkpRLmCY%2Bb%2Brnslis9ICr5jmsTZWauzfEFSPv95vcDnvQlQOr%2B96NFTkooM%2FdrhYOn1GatiZukxBZ%2FbG4aS58ZhOCjT0SP5f32fSZawLucFGXe2F1Trgrbm6%2FgZp5xGuOhGKB9PksXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
7a3285321a149054-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 12 Mar 2023 12:56:42 GMT
SmoothScroll.js
payment.globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/js/
21 KB
7 KB
Script
General
Full URL
https://payment.globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/js/SmoothScroll.js?ver=5.7.8
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a73f87f07420169a612ff95ff21a682f2aa736351e566e36ef2330fe15323d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:40 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 27 Jul 2020 09:15:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5dqySOEjrY3C8XBHzk4io61g7AxsK1UJj9xSjFbf7c3LSep8Np%2BHlP4Qlt6RQUUYomNNYvdNhYl%2F3wjFsGHNV1qzuQfXM5m%2FqUOkh0nDy3QTSnNBHmHHo7QD5DJ8MSZBB7X45SFPZtRbXoXqMDZ4Cltv8DQLJMTre1gyFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
7a3285321a169054-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 12 Mar 2023 12:56:42 GMT
jquery-progressbar.js
payment.globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/js/
2 KB
1 KB
Script
General
Full URL
https://payment.globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/js/jquery-progressbar.js?ver=5.7.8
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b35900ec42f99d275d07028b0a192a4f9b097780e03fb4fc6a8ffcf959146967

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:40 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 27 Jul 2020 09:15:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XbDrpBW96HQn820mA5yTzag7Fcnuh8rE%2FyJ9aTRmqTZ%2BD%2B3sSDideFSvMhn5dqtXCS6iHxHJDW%2BgMcgikA1G5KBO9CjIccQpRsWcjeKnbdfVAlxaOVVeF%2Fymj6k2nvdFKemqyNZQEZMJiMY0SIU3gElDeDKjsyhQy%2FRXyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
7a3285321a189054-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 12 Mar 2023 12:56:42 GMT
custom.js
payment.globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/js/
10 KB
3 KB
Script
General
Full URL
https://payment.globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/js/custom.js?ver=5.7.8
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea5a1b4f2532d66acf4fba8905e2439f3d3df19699b6786d0b168a3e3bca4f13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:40 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 27 Jul 2020 09:15:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TKt9kz155Fp%2BBypvoXy4i6jkhaZB5X90aBJ5hXNlKLrJt3FLYW5w4mEb1Gpmk0Oym%2Bc0JN1a1YbuWiYCiih5xN1zjwZN3u08cJ0O%2FybL6cACf4dt45n2R0UdTKNtMBjPz306QrMO8jLU%2F6gogSe8xfILO0RbTaniKPsspw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
7a3285321a1a9054-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 12 Mar 2023 12:56:42 GMT
wow.min.js
payment.globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/js/
8 KB
3 KB
Script
General
Full URL
https://payment.globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/js/wow.min.js?ver=5.7.8
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ec632e6ab02d4fdd514da7f5edc74aa28c9d4c71af76f1c8b93a1fba85bcc69

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:40 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 27 Jul 2020 09:15:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QsPViLHZe2m2cvwY04oWPCHbyMJazVtb82J9zsQN%2BrWv9lh4ooBhg95uqWRDINzmo%2FlkHBE5zAtbfDlx1NSq1Am3D%2B6Gx2ktE%2FjzXyJAc7nniqrFooDMXgkYWpvJwyq7O%2BteQK%2BQ%2FHEQas8ImCEX5tzM1s87PNES71knuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
7a3285321a1b9054-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 12 Mar 2023 12:56:42 GMT
/
js.stripe.com/v3/
438 KB
118 KB
Script
General
Full URL
https://js.stripe.com/v3/
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
379e9964b89c3a34788397d3922c33a71d33b37fa9cc5fee89100a649211ea55
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sun, 05 Mar 2023 12:56:40 GMT
via
1.1 varnish
age
33
x-cache
HIT
content-length
120392
x-request-id
6c650b01-337e-4b35-81db-cb3b3dd05ab7
x-served-by
cache-hhn-etou8220074-HHN
last-modified
Fri, 03 Mar 2023 22:13:10 GMT
server
Fastly
etag
"5d0a5abdc95ed2ece9003d7cad46ad47"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
29
select2.min.js
cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/js/
71 KB
20 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/js/select2.min.js
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f7244fff610595b944f76bf3080d74e3af42b5dd234f8f079e698cc39ac966b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 05 Mar 2023 12:56:40 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
966962
x-jsd-version
4.1.0-rc.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
20012
x-served-by
cache-fra-eddf8230125-FRA, cache-hhn-etou8220035-HHN
x-jsd-version-type
version
etag
W/"11dcb-beEOdKmS/KFegD2RDRMPgmYxy4Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
payment.js
payment.globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/js/
15 KB
5 KB
Script
General
Full URL
https://payment.globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/js/payment.js?ver=4.0
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82025996756c4ad6d2e82fe7d4270f88eefe9cbf26f869e98cbb6864d45e6fe1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:40 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 28 Oct 2021 22:31:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RagarJTanjylrQsGFs9a3kFqwIcSwuwrsjccLan9V8r%2BUVZMlOp%2F8LAv8coJBsEX86qf5WSvT5srCfn7qe8oSXrcRxmlsm%2FQ5D6rbNFwxCJc9Vh4jVG8ULJZ4JROAtkiCyLnBIufcIP%2FxwRgefk6KkjOYerOHiwyK6zYvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
7a3285321a1d9054-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 12 Mar 2023 12:56:42 GMT
sassy-social-share-public.js
payment.globalrefundgroup.com/wp-content/plugins/sassy-social-share/public/js/
43 KB
12 KB
Script
General
Full URL
https://payment.globalrefundgroup.com/wp-content/plugins/sassy-social-share/public/js/sassy-social-share-public.js?ver=3.3.10
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d58ad6f49f6f268e1640104190bd2196306450aac1d7398cbda98e8330ab3a9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:40 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 28 Jul 2020 06:21:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yrNKJQkSFl2Xx99aSSVuyH8Bdu%2B6pzWHWN9gn9hlCqLANBMKYF5thCVLnoub6a7QigdWJDHE8vvsk1fF0Ok1Kgh6e0KFR3uudnS7HATY3KAWyu2wUT0O1fVhlfYtTQ0fC6p6nN5My5fe%2FiYywrEzZxBrlw61ZcfbjutDMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
7a3285321a209054-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 12 Mar 2023 12:56:42 GMT
wp-embed.min.js
payment.globalrefundgroup.com/wp-includes/js/
1 KB
1 KB
Script
General
Full URL
https://payment.globalrefundgroup.com/wp-includes/js/wp-embed.min.js?ver=5.7.8
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:40 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 06 Jan 2021 18:59:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rImzpCzZvG1iwj0fHFt%2Bc5ZWqziVJ3m04XBWURHrrd9uk3zsWrxyACuIDlgD2351kphZkYLnkPwx%2FXaXPM51FGixogUXhb%2B6EmB6k1qeKP44pH8%2BhKk5%2Bk6qZ90k0vg9IKDyd%2F1WZMAJKlcF0KQGpZ7JQ9LTnn7POwc4gA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
cf-ray
7a3285321a219054-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 12 Mar 2023 12:56:42 GMT
gtm.js
www.googletagmanager.com/
117 KB
46 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K27L4D9
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c15c4e668d943880bf545f788af1b588d95d8101f89580be57a861190877ed87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46292
x-xss-protection
0
last-modified
Sun, 05 Mar 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 05 Mar 2023 12:56:40 GMT
pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CRoboto%3A400%2C700%7CRoboto+Condensed%3A400%2C700%7COpen+Sans%7COverpass%7CMontserrat%3A300%2C400%2C600%2C700%2C800%2C900%7CPlayball%3A300%2C400%2C600%2C700%2C800%2C900%7CAlegreya%3A300%2C400%2C600%2C700%2C800%2C900%7CJulius+Sans+One%7CArsenal%7CSlabo%7CLato%7COverpass+Mono%7CSource+Sans+Pro%7CRaleway%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CMerriweather%7CRubik%7CLora%7CUbuntu%7CCabin%7CArimo%7CPlayfair+Display%7CQuicksand%7CPadauk%7CMuli%7CInconsolata%7CBitter%7CPacifico%7CIndie+Flower%7CVT323%7CDosis%7CFrank+Ruhl+Libre%7CFjalla+One%7COxygen%7CArvo%7CNoto+Serif%7CLobster%7CCrimson+Text%7CYanone+Kaffeesatz%7CAnton%7CLibre+Baskerville%7CBree+Serif%7CGloria+Hallelujah%7CJosefin+Sans%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%26amp%3Bsubset%3Dlatin-ext%2Cvietnamese%7CAbril+Fatface%7CVarela+Round%7CVampiro+One%7CShadows+Into+Light%7CCuprum%7CRokkitt%7CVollkorn%7CFrancois+One%7COrbitron%7CPatua+One%7CAcme%7CSatisfy%7CJosefin+Slab%7CQuattrocento+Sans%7CArchitects+Daughter%7CRusso+One%7CMonda%7CRighteous%7CLobster+Two%7CHammersmith+One%7CCourgette%7CPermanent+Marker%7CCherry+Swash%7CCormorant+Garamond%7CPoiret+One%7CBenchNine%7CEconomica%7CHandlee%7CCardo%7CAlfa+Slab+One%7CAveria+Serif+Libre%7CCookie%7CChewy%7CGreat+Vibes%7CComing+Soon%7CPhilosopher%7CDays+One%7CKanit%7CShrikhand%7CTangerine%7CIM+Fell+English+SC%7CBoogaloo%7CBangers%7CFredoka+One%7CBad+Script%7CVolkhov%7CShadows+Into+Light+Two%7CMarck+Script%7CSacramento%7CPoppins%3A100%2C200%2C300%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%26amp%3Bsubset%3Ddevanagari%2Clatin-ext%7CPT+Serif%7CKaushan%2BScript%26display%3Dswap%26subset%3Dlatin-ext&ver=5.7.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://payment.globalrefundgroup.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 09:06:59 GMT
x-content-type-options
nosniff
age
359381
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7840
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:51:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Feb 2024 09:06:59 GMT
TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
payment.globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/css/
16 KB
16 KB
Font
General
Full URL
https://payment.globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/css/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/style.css?ver=5.7.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7d5500e6e1d3c7c9fc3f8281d1eb49a78f13788fd65c9da98b0a8476cef9b84

Request headers

Referer
https://payment.globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/style.css?ver=5.7.8
Origin
https://payment.globalrefundgroup.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:40 GMT
cf-cache-status
MISS
last-modified
Mon, 27 Jul 2020 09:15:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zH29KXKdV0inGX2X8cg17E8QXhWbnc0k3NEPia8YpNX3%2BGVil9pt1KWSfYyVl4VJD5k5R9%2BO5lUrKV20k2Lzac%2B8HYIw6lv7RclUvdRkMILK5C%2FMtlsewPK5sayecb9FGFRnVcgLTU74%2BxRrIq2olXYAdOpbaDPCDN6EBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7a3285324a579054-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15988
expires
Sun, 12 Mar 2023 12:56:42 GMT
css2
fonts.googleapis.com/
4 KB
616 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/wp-content/themes/global-refund/css/general.css?ver=6.1.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
928222a1042d46e159da2dc8d0f59efbfaf961ecfb457ccc0a5c578d93cc3ea7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 05 Mar 2023 12:56:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 05 Mar 2023 11:59:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 05 Mar 2023 12:56:40 GMT
css2
fonts.googleapis.com/
5 KB
591 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600&display=swap
Requested by
Host: globalrefundgroup.com
URL: https://globalrefundgroup.com/wp-content/themes/global-refund/css/general.css?ver=6.1.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9fdeb216658b19daba06be26650f3a39cbaf5df38a8b9374192a374f819a1892
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 05 Mar 2023 12:56:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 05 Mar 2023 11:23:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 05 Mar 2023 12:56:40 GMT
LOGO-3.png
globalrefundgroup.com/wp-content/uploads/2022/12/
18 KB
18 KB
Image
General
Full URL
https://globalrefundgroup.com/wp-content/uploads/2022/12/LOGO-3.png
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ca6784614ecd910a30b591f565574468193fcd15f71931643d247daf19a8928

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:40 GMT
cf-cache-status
MISS
last-modified
Tue, 13 Dec 2022 11:46:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g1EX90ZZLwt45f3jqj4%2F3Fs9GG9dKnQLThMG08i2l7HdGe12ABvuo2a8iLx4EFCYHsZcUvD8zS1F1ku0U6TvT5Y8TfcbiTPeH1KzglHKPmsIDaH3WSq9lPYjs6tZyEnYjBlg%2FX%2FqWNyLTn0sksDbMxmKIBQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7a328532eb249054-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18184
expires
Sun, 12 Mar 2023 12:56:42 GMT
clay-banks-c2a0TydMlAs-unsplash.jpg
globalrefundgroup.com/wp-content/uploads/2022/11/
222 KB
223 KB
Image
General
Full URL
https://globalrefundgroup.com/wp-content/uploads/2022/11/clay-banks-c2a0TydMlAs-unsplash.jpg
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:297b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c3bdc068229046be420f4a84d0d0017d0c1752a96bdc1edc50cb1f5aa7c2f8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:40 GMT
cf-cache-status
MISS
last-modified
Wed, 02 Nov 2022 10:50:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FTlE6KgaJkrLavAnACX25aTE0pHARGaCp2IvJgFritDbYASoRWHWS0E0apV9pEqhzZTPGcS8zWC4iLCsaGt5XEohCXzQwxu8b89I34Yn1izZaON7bCJ4G%2FqlDiK1Ag8Nr3uUYht%2BUOaqNVcE2akFhEEK2Vs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2628000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7a328532eb259054-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
227586
expires
Sun, 12 Mar 2023 12:56:42 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CRoboto%3A400%2C700%7CRoboto+Condensed%3A400%2C700%7COpen+Sans%7COverpass%7CMontserrat%3A300%2C400%2C600%2C700%2C800%2C900%7CPlayball%3A300%2C400%2C600%2C700%2C800%2C900%7CAlegreya%3A300%2C400%2C600%2C700%2C800%2C900%7CJulius+Sans+One%7CArsenal%7CSlabo%7CLato%7COverpass+Mono%7CSource+Sans+Pro%7CRaleway%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CMerriweather%7CRubik%7CLora%7CUbuntu%7CCabin%7CArimo%7CPlayfair+Display%7CQuicksand%7CPadauk%7CMuli%7CInconsolata%7CBitter%7CPacifico%7CIndie+Flower%7CVT323%7CDosis%7CFrank+Ruhl+Libre%7CFjalla+One%7COxygen%7CArvo%7CNoto+Serif%7CLobster%7CCrimson+Text%7CYanone+Kaffeesatz%7CAnton%7CLibre+Baskerville%7CBree+Serif%7CGloria+Hallelujah%7CJosefin+Sans%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%26amp%3Bsubset%3Dlatin-ext%2Cvietnamese%7CAbril+Fatface%7CVarela+Round%7CVampiro+One%7CShadows+Into+Light%7CCuprum%7CRokkitt%7CVollkorn%7CFrancois+One%7COrbitron%7CPatua+One%7CAcme%7CSatisfy%7CJosefin+Slab%7CQuattrocento+Sans%7CArchitects+Daughter%7CRusso+One%7CMonda%7CRighteous%7CLobster+Two%7CHammersmith+One%7CCourgette%7CPermanent+Marker%7CCherry+Swash%7CCormorant+Garamond%7CPoiret+One%7CBenchNine%7CEconomica%7CHandlee%7CCardo%7CAlfa+Slab+One%7CAveria+Serif+Libre%7CCookie%7CChewy%7CGreat+Vibes%7CComing+Soon%7CPhilosopher%7CDays+One%7CKanit%7CShrikhand%7CTangerine%7CIM+Fell+English+SC%7CBoogaloo%7CBangers%7CFredoka+One%7CBad+Script%7CVolkhov%7CShadows+Into+Light+Two%7CMarck+Script%7CSacramento%7CPoppins%3A100%2C200%2C300%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%26amp%3Bsubset%3Ddevanagari%2Clatin-ext%7CPT+Serif%7CKaushan%2BScript%26display%3Dswap%26subset%3Dlatin-ext&ver=5.7.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://payment.globalrefundgroup.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 21:17:40 GMT
x-content-type-options
nosniff
age
229140
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 21:17:40 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/
30 KB
30 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CRoboto%3A400%2C700%7CRoboto+Condensed%3A400%2C700%7COpen+Sans%7COverpass%7CMontserrat%3A300%2C400%2C600%2C700%2C800%2C900%7CPlayball%3A300%2C400%2C600%2C700%2C800%2C900%7CAlegreya%3A300%2C400%2C600%2C700%2C800%2C900%7CJulius+Sans+One%7CArsenal%7CSlabo%7CLato%7COverpass+Mono%7CSource+Sans+Pro%7CRaleway%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CMerriweather%7CRubik%7CLora%7CUbuntu%7CCabin%7CArimo%7CPlayfair+Display%7CQuicksand%7CPadauk%7CMuli%7CInconsolata%7CBitter%7CPacifico%7CIndie+Flower%7CVT323%7CDosis%7CFrank+Ruhl+Libre%7CFjalla+One%7COxygen%7CArvo%7CNoto+Serif%7CLobster%7CCrimson+Text%7CYanone+Kaffeesatz%7CAnton%7CLibre+Baskerville%7CBree+Serif%7CGloria+Hallelujah%7CJosefin+Sans%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%26amp%3Bsubset%3Dlatin-ext%2Cvietnamese%7CAbril+Fatface%7CVarela+Round%7CVampiro+One%7CShadows+Into+Light%7CCuprum%7CRokkitt%7CVollkorn%7CFrancois+One%7COrbitron%7CPatua+One%7CAcme%7CSatisfy%7CJosefin+Slab%7CQuattrocento+Sans%7CArchitects+Daughter%7CRusso+One%7CMonda%7CRighteous%7CLobster+Two%7CHammersmith+One%7CCourgette%7CPermanent+Marker%7CCherry+Swash%7CCormorant+Garamond%7CPoiret+One%7CBenchNine%7CEconomica%7CHandlee%7CCardo%7CAlfa+Slab+One%7CAveria+Serif+Libre%7CCookie%7CChewy%7CGreat+Vibes%7CComing+Soon%7CPhilosopher%7CDays+One%7CKanit%7CShrikhand%7CTangerine%7CIM+Fell+English+SC%7CBoogaloo%7CBangers%7CFredoka+One%7CBad+Script%7CVolkhov%7CShadows+Into+Light+Two%7CMarck+Script%7CSacramento%7CPoppins%3A100%2C200%2C300%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%26amp%3Bsubset%3Ddevanagari%2Clatin-ext%7CPT+Serif%7CKaushan%2BScript%26display%3Dswap%26subset%3Dlatin-ext&ver=5.7.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://payment.globalrefundgroup.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 20:35:57 GMT
x-content-type-options
nosniff
age
404443
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Feb 2024 20:35:57 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CRoboto%3A400%2C700%7CRoboto+Condensed%3A400%2C700%7COpen+Sans%7COverpass%7CMontserrat%3A300%2C400%2C600%2C700%2C800%2C900%7CPlayball%3A300%2C400%2C600%2C700%2C800%2C900%7CAlegreya%3A300%2C400%2C600%2C700%2C800%2C900%7CJulius+Sans+One%7CArsenal%7CSlabo%7CLato%7COverpass+Mono%7CSource+Sans+Pro%7CRaleway%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CMerriweather%7CRubik%7CLora%7CUbuntu%7CCabin%7CArimo%7CPlayfair+Display%7CQuicksand%7CPadauk%7CMuli%7CInconsolata%7CBitter%7CPacifico%7CIndie+Flower%7CVT323%7CDosis%7CFrank+Ruhl+Libre%7CFjalla+One%7COxygen%7CArvo%7CNoto+Serif%7CLobster%7CCrimson+Text%7CYanone+Kaffeesatz%7CAnton%7CLibre+Baskerville%7CBree+Serif%7CGloria+Hallelujah%7CJosefin+Sans%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%26amp%3Bsubset%3Dlatin-ext%2Cvietnamese%7CAbril+Fatface%7CVarela+Round%7CVampiro+One%7CShadows+Into+Light%7CCuprum%7CRokkitt%7CVollkorn%7CFrancois+One%7COrbitron%7CPatua+One%7CAcme%7CSatisfy%7CJosefin+Slab%7CQuattrocento+Sans%7CArchitects+Daughter%7CRusso+One%7CMonda%7CRighteous%7CLobster+Two%7CHammersmith+One%7CCourgette%7CPermanent+Marker%7CCherry+Swash%7CCormorant+Garamond%7CPoiret+One%7CBenchNine%7CEconomica%7CHandlee%7CCardo%7CAlfa+Slab+One%7CAveria+Serif+Libre%7CCookie%7CChewy%7CGreat+Vibes%7CComing+Soon%7CPhilosopher%7CDays+One%7CKanit%7CShrikhand%7CTangerine%7CIM+Fell+English+SC%7CBoogaloo%7CBangers%7CFredoka+One%7CBad+Script%7CVolkhov%7CShadows+Into+Light+Two%7CMarck+Script%7CSacramento%7CPoppins%3A100%2C200%2C300%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%26amp%3Bsubset%3Ddevanagari%2Clatin-ext%7CPT+Serif%7CKaushan%2BScript%26display%3Dswap%26subset%3Dlatin-ext&ver=5.7.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://payment.globalrefundgroup.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 22:20:50 GMT
x-content-type-options
nosniff
age
225350
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 22:20:50 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CRoboto%3A400%2C700%7CRoboto+Condensed%3A400%2C700%7COpen+Sans%7COverpass%7CMontserrat%3A300%2C400%2C600%2C700%2C800%2C900%7CPlayball%3A300%2C400%2C600%2C700%2C800%2C900%7CAlegreya%3A300%2C400%2C600%2C700%2C800%2C900%7CJulius+Sans+One%7CArsenal%7CSlabo%7CLato%7COverpass+Mono%7CSource+Sans+Pro%7CRaleway%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CMerriweather%7CRubik%7CLora%7CUbuntu%7CCabin%7CArimo%7CPlayfair+Display%7CQuicksand%7CPadauk%7CMuli%7CInconsolata%7CBitter%7CPacifico%7CIndie+Flower%7CVT323%7CDosis%7CFrank+Ruhl+Libre%7CFjalla+One%7COxygen%7CArvo%7CNoto+Serif%7CLobster%7CCrimson+Text%7CYanone+Kaffeesatz%7CAnton%7CLibre+Baskerville%7CBree+Serif%7CGloria+Hallelujah%7CJosefin+Sans%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%26amp%3Bsubset%3Dlatin-ext%2Cvietnamese%7CAbril+Fatface%7CVarela+Round%7CVampiro+One%7CShadows+Into+Light%7CCuprum%7CRokkitt%7CVollkorn%7CFrancois+One%7COrbitron%7CPatua+One%7CAcme%7CSatisfy%7CJosefin+Slab%7CQuattrocento+Sans%7CArchitects+Daughter%7CRusso+One%7CMonda%7CRighteous%7CLobster+Two%7CHammersmith+One%7CCourgette%7CPermanent+Marker%7CCherry+Swash%7CCormorant+Garamond%7CPoiret+One%7CBenchNine%7CEconomica%7CHandlee%7CCardo%7CAlfa+Slab+One%7CAveria+Serif+Libre%7CCookie%7CChewy%7CGreat+Vibes%7CComing+Soon%7CPhilosopher%7CDays+One%7CKanit%7CShrikhand%7CTangerine%7CIM+Fell+English+SC%7CBoogaloo%7CBangers%7CFredoka+One%7CBad+Script%7CVolkhov%7CShadows+Into+Light+Two%7CMarck+Script%7CSacramento%7CPoppins%3A100%2C200%2C300%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%26amp%3Bsubset%3Ddevanagari%2Clatin-ext%7CPT+Serif%7CKaushan%2BScript%26display%3Dswap%26subset%3Dlatin-ext&ver=5.7.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://payment.globalrefundgroup.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 12:18:44 GMT
x-content-type-options
nosniff
age
347876
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Feb 2024 12:18:44 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/
37 KB
37 KB
Font
General
Full URL
https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://payment.globalrefundgroup.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 18:59:53 GMT
x-content-type-options
nosniff
age
237407
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37924
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:54:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 18:59:53 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K27L4D9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 05 Mar 2023 11:17:30 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
5950
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Sun, 05 Mar 2023 13:17:30 GMT
m-outer-93afeeb17bc37e711759584dbfc50d47.html
js.stripe.com/v3/ Frame FDDB
200 B
787 B
Document
General
Full URL
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://payment.globalrefundgroup.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
7555897
cache-control
max-age=31536000
content-encoding
br
content-length
122
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sun, 05 Mar 2023 12:56:40 GMT
etag
"93afeeb17bc37e711759584dbfc50d47"
last-modified
Wed, 07 Dec 2022 23:30:12 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
350738
x-content-type-options
nosniff
x-request-id
afd310a0-8655-442a-84d2-6c60216536a3
x-served-by
cache-hhn-etou8220074-HHN
country.json
get.geojs.io/v1/ip/
84 B
727 B
Fetch
General
Full URL
https://get.geojs.io/v1/ip/country.json
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/wp-content/themes/vw-landing-page-pro/assets/js/payment.js?ver=4.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d911c5a60295bc16830af34df84e23ea3984f778c6c26649fe2697414792b26
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.globalrefundgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 12:56:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
1eef4d76e09826032891a45f2afebcc6-AMS
x-geojs-location
AMS
pragma
no-cache
server
cloudflare
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oZo0TMC3zUronxPoiw6ViL5ikNIa3Gl5nudsU7uijpWwwDoxrMmN3fghovOQBLF2N%2FUHQSkgBmKON%2BlKPb5vIfBdFOiWgJDCyAu2aQcGGdwi%2Bvnkaar%2FWY2s8qhjMEZVFSGpKfapkQEwnA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate, private, max-age=0
cf-ray
7a3285343f553821-FRA
controller-4b36ccd8e57982c88507576b9c36e8e9.html
js.stripe.com/v3/ Frame 38F7
325 B
1 KB
Document
General
Full URL
https://js.stripe.com/v3/controller-4b36ccd8e57982c88507576b9c36e8e9.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
8787a6bcc84198383ab9a491bb74eaa9c8df1f10e17357e36f6d3763184fdb69
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://payment.globalrefundgroup.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
30
cache-control
max-age=60
content-encoding
br
content-length
189
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sun, 05 Mar 2023 12:56:40 GMT
etag
"4b36ccd8e57982c88507576b9c36e8e9"
last-modified
Fri, 03 Mar 2023 21:44:23 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
9
x-content-type-options
nosniff
x-request-id
b51b4fc9-bc51-44e7-ab83-fb30d31e84d3
x-served-by
cache-hhn-etou8220074-HHN
elements-inner-card-3cc643d22654cabc367e612be504b001.html
js.stripe.com/v3/ Frame F9E4
798 B
1 KB
Document
General
Full URL
https://js.stripe.com/v3/elements-inner-card-3cc643d22654cabc367e612be504b001.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
aeaf3ffc068738b3f1b27630c1d828e377d552039cfeb250315a3a63f3cc9997
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://payment.globalrefundgroup.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
141034
cache-control
max-age=31536000
content-encoding
br
content-length
360
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sun, 05 Mar 2023 12:56:40 GMT
etag
"3cc643d22654cabc367e612be504b001"
last-modified
Fri, 03 Mar 2023 21:44:23 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
6476
x-content-type-options
nosniff
x-request-id
c769b27c-e6c8-42df-a1da-92075c1eb2bf
x-served-by
cache-hhn-etou8220074-HHN
csp-report
q.stripe.com/ Frame FDDB
0
601 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sun, 05 Mar 2023 12:56:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame FDDB
0
600 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sun, 05 Mar 2023 12:56:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
m-outer-8cb24ab2d649fd36a488d04d8c457933.js
js.stripe.com/v3/fingerprinted/js/ Frame FDDB
631 B
504 B
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sun, 05 Mar 2023 12:56:40 GMT
via
1.1 varnish
age
7555896
x-cache
HIT
content-length
332
x-request-id
1ff39654-0277-4407-bede-f40731618005
x-served-by
cache-hhn-etou8220074-HHN
last-modified
Wed, 07 Dec 2022 23:30:11 GMT
server
Fastly
etag
"f8f6a4584135f737b26927596ce6e0a7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
317191
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CRoboto%3A400%2C700%7CRoboto+Condensed%3A400%2C700%7COpen+Sans%7COverpass%7CMontserrat%3A300%2C400%2C600%2C700%2C800%2C900%7CPlayball%3A300%2C400%2C600%2C700%2C800%2C900%7CAlegreya%3A300%2C400%2C600%2C700%2C800%2C900%7CJulius+Sans+One%7CArsenal%7CSlabo%7CLato%7COverpass+Mono%7CSource+Sans+Pro%7CRaleway%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CMerriweather%7CRubik%7CLora%7CUbuntu%7CCabin%7CArimo%7CPlayfair+Display%7CQuicksand%7CPadauk%7CMuli%7CInconsolata%7CBitter%7CPacifico%7CIndie+Flower%7CVT323%7CDosis%7CFrank+Ruhl+Libre%7CFjalla+One%7COxygen%7CArvo%7CNoto+Serif%7CLobster%7CCrimson+Text%7CYanone+Kaffeesatz%7CAnton%7CLibre+Baskerville%7CBree+Serif%7CGloria+Hallelujah%7CJosefin+Sans%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%26amp%3Bsubset%3Dlatin-ext%2Cvietnamese%7CAbril+Fatface%7CVarela+Round%7CVampiro+One%7CShadows+Into+Light%7CCuprum%7CRokkitt%7CVollkorn%7CFrancois+One%7COrbitron%7CPatua+One%7CAcme%7CSatisfy%7CJosefin+Slab%7CQuattrocento+Sans%7CArchitects+Daughter%7CRusso+One%7CMonda%7CRighteous%7CLobster+Two%7CHammersmith+One%7CCourgette%7CPermanent+Marker%7CCherry+Swash%7CCormorant+Garamond%7CPoiret+One%7CBenchNine%7CEconomica%7CHandlee%7CCardo%7CAlfa+Slab+One%7CAveria+Serif+Libre%7CCookie%7CChewy%7CGreat+Vibes%7CComing+Soon%7CPhilosopher%7CDays+One%7CKanit%7CShrikhand%7CTangerine%7CIM+Fell+English+SC%7CBoogaloo%7CBangers%7CFredoka+One%7CBad+Script%7CVolkhov%7CShadows+Into+Light+Two%7CMarck+Script%7CSacramento%7CPoppins%3A100%2C200%2C300%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%26amp%3Bsubset%3Ddevanagari%2Clatin-ext%7CPT+Serif%7CKaushan%2BScript%26display%3Dswap%26subset%3Dlatin-ext&ver=5.7.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://payment.globalrefundgroup.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 16:42:33 GMT
x-content-type-options
nosniff
age
245647
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:59:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 16:42:33 GMT
csp-report
q.stripe.com/ Frame 38F7
0
600 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sun, 05 Mar 2023 12:56:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 38F7
0
600 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sun, 05 Mar 2023 12:56:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
shared-418bcde74fbe0d6d080c64e038ca8212.js
js.stripe.com/v3/fingerprinted/js/ Frame 38F7
367 KB
89 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-418bcde74fbe0d6d080c64e038ca8212.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-4b36ccd8e57982c88507576b9c36e8e9.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
9238c514b9ab645f51a6177ab93b06ecf8bb6bfbc9ea59ef68adb147adff1007
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-4b36ccd8e57982c88507576b9c36e8e9.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sun, 05 Mar 2023 12:56:40 GMT
via
1.1 varnish
age
141033
x-cache
HIT
content-length
91178
x-request-id
92d57192-c04a-420a-a838-04a209e925ea
x-served-by
cache-hhn-etou8220074-HHN
last-modified
Fri, 03 Mar 2023 21:44:33 GMT
server
Fastly
etag
"f64b25930cef26077e3d3699fd363151"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
23417
controller-3e37c93e3845f8fd945f345b8a2cfc79.js
js.stripe.com/v3/fingerprinted/js/ Frame 38F7
433 KB
119 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-3e37c93e3845f8fd945f345b8a2cfc79.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-4b36ccd8e57982c88507576b9c36e8e9.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
4cdd88ddba64fd2709fffdc2098d6f07d65e3f69fb8980e627028733c45a3479
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-4b36ccd8e57982c88507576b9c36e8e9.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sun, 05 Mar 2023 12:56:40 GMT
via
1.1 varnish
age
141033
x-cache
HIT
content-length
121698
x-request-id
26ac4a6e-5980-48c9-b063-ac7f4e71546d
x-served-by
cache-hhn-etou8220074-HHN
last-modified
Fri, 03 Mar 2023 21:44:31 GMT
server
Fastly
etag
"a33bc9d809ce690885fb779493c707c0"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
21671
csp-report
q.stripe.com/ Frame F9E4
0
600 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sun, 05 Mar 2023 12:56:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame F9E4
0
600 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sun, 05 Mar 2023 12:56:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
shared-418bcde74fbe0d6d080c64e038ca8212.js
js.stripe.com/v3/fingerprinted/js/ Frame F9E4
367 KB
89 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-418bcde74fbe0d6d080c64e038ca8212.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-3cc643d22654cabc367e612be504b001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
9238c514b9ab645f51a6177ab93b06ecf8bb6bfbc9ea59ef68adb147adff1007
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-3cc643d22654cabc367e612be504b001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sun, 05 Mar 2023 12:56:40 GMT
via
1.1 varnish
age
141033
x-cache
HIT
content-length
91178
x-request-id
01bb6101-28d8-4f58-b382-436d5bdca9dd
x-served-by
cache-hhn-etou8220074-HHN
last-modified
Fri, 03 Mar 2023 21:44:33 GMT
server
Fastly
etag
"f64b25930cef26077e3d3699fd363151"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
23418
ui-shared-2ebe72929d567a14319c9e3a7bc07adb.js
js.stripe.com/v3/fingerprinted/js/ Frame F9E4
257 KB
79 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/ui-shared-2ebe72929d567a14319c9e3a7bc07adb.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-3cc643d22654cabc367e612be504b001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
01d79cd73f7c0f78fd5a538e96c61b89268f6a715b87ef98be9aaab332f5a537
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-3cc643d22654cabc367e612be504b001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sun, 05 Mar 2023 12:56:40 GMT
via
1.1 varnish
age
141033
x-cache
HIT
content-length
81182
x-request-id
49e20559-12b6-45f7-8dbe-8fac3fd3aa30
x-served-by
cache-hhn-etou8220074-HHN
last-modified
Fri, 03 Mar 2023 21:44:33 GMT
server
Fastly
etag
"c83c293241e42a57b01b817eb21bf2cf"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
7155
elements-inner-card-d29775fc49d508804afba247a7d4357d.js
js.stripe.com/v3/fingerprinted/js/ Frame F9E4
48 KB
13 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-d29775fc49d508804afba247a7d4357d.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-3cc643d22654cabc367e612be504b001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
8801f3f03f791127a4b2670781844640fd8ee52652ae4f67206786765faa8d8e
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-3cc643d22654cabc367e612be504b001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sun, 05 Mar 2023 12:56:40 GMT
via
1.1 varnish
age
141033
x-cache
HIT
content-length
13204
x-request-id
fbcb66dd-b7bd-463f-b0ea-463dbca8f54e
x-served-by
cache-hhn-etou8220074-HHN
last-modified
Fri, 03 Mar 2023 21:44:31 GMT
server
Fastly
etag
"ae35275c79ff4e2c798b195640cf71ce"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
5212
ui-shared-6c089c66f6d59f856e4f2aec8e44a3e0.css
js.stripe.com/v3/fingerprinted/css/ Frame F9E4
19 KB
3 KB
Stylesheet
General
Full URL
https://js.stripe.com/v3/fingerprinted/css/ui-shared-6c089c66f6d59f856e4f2aec8e44a3e0.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-3cc643d22654cabc367e612be504b001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
40bd976a925d4ca5476bbc9252a77f181ae45690a63af60fe09c34a75ad1752c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-3cc643d22654cabc367e612be504b001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sun, 05 Mar 2023 12:56:40 GMT
via
1.1 varnish
age
312672
x-cache
HIT
content-length
3226
x-request-id
e99cdcab-7949-45a3-87c9-96ae9c5e6aca
x-served-by
cache-hhn-etou8220074-HHN
last-modified
Wed, 01 Mar 2023 22:03:16 GMT
server
Fastly
etag
"12f1155abd6370f58edcf19c26e2d98d"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
18828
elements-inner-card-a8c69ab9ca72b4bf75901aec8c50690c.css
js.stripe.com/v3/fingerprinted/css/ Frame F9E4
9 KB
2 KB
Stylesheet
General
Full URL
https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-a8c69ab9ca72b4bf75901aec8c50690c.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-3cc643d22654cabc367e612be504b001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
b6232d62c63a5696999302aa4d0e1658285106b3db3c836160cc679209cfd7e8
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-3cc643d22654cabc367e612be504b001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sun, 05 Mar 2023 12:56:40 GMT
via
1.1 varnish
age
1448203
x-cache
HIT
content-length
1524
x-request-id
726f28c2-9f58-48e4-9138-3ee3668c7846
x-served-by
cache-hhn-etou8220074-HHN
last-modified
Thu, 16 Feb 2023 18:37:23 GMT
server
Fastly
etag
"bfae2292884299f0218902960aa79996"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
24263
inner.html
m.stripe.network/ Frame 0767
930 B
1 KB
Document
General
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
18
cache-control
max-age=300, public
content-encoding
gzip
content-length
527
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sun, 05 Mar 2023 12:56:40 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 varnish
x-cache
HIT
x-cache-hits
35
x-content-type-options
nosniff
x-request-id
1d1500a7-0457-48a6-a5d7-15eec2931c1d
x-served-by
cache-hhn-etou8220074-HHN
x-timer
S1678021000.378178,VS0,VE0
collect
www.google-analytics.com/j/
3 B
218 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1275297956&t=pageview&_s=1&dl=https%3A%2F%2Fpayment.globalrefundgroup.com%2F&ul=en-us&de=UTF-8&dt=Payment%20page%20-%20Global%20Refund&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=216215030&gjid=6735745&cid=678086389.1678021000&tid=UA-174652167-1&_gid=912578096.1678021000&_r=1&_slc=1&gtm=45He3310n81K27L4D9&z=1032825647
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://payment.globalrefundgroup.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 05 Mar 2023 12:56:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://payment.globalrefundgroup.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
.deploy_status_henson.json
js.stripe.com/v3/ Frame 38F7
474 B
373 B
Fetch
General
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-418bcde74fbe0d6d080c64e038ca8212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
69a26c060717c77c09e75bd76cb15e198fa93050c6db96369aeaa2d6c4c9c7a9
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-4b36ccd8e57982c88507576b9c36e8e9.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 05 Mar 2023 12:56:40 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
22
x-cache
HIT
content-length
298
x-request-id
3598fd7d-b279-4973-9657-6ca69a36ea1d
x-served-by
cache-hhn-etou8220022-HHN
last-modified
Fri, 03 Mar 2023 22:13:10 GMT
server
Fastly
etag
"a1b452244e4eccaf6c847fec6049c3bf"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
9
csp-report
q.stripe.com/ Frame 0767
0
374 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: payment.globalrefundgroup.com
URL: https://payment.globalrefundgroup.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/csp-report

Response headers

x-stripe-bg-intended-route-color
green
pragma
no-cache
date
Sun, 05 Mar 2023 12:56:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
nginx
cross-origin-opener-policy
same-origin
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
x-robots-tag
none
content-length
0
expires
0
.deploy_status_henson.json
js.stripe.com/v3/ Frame F9E4
474 B
612 B
Fetch
General
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-418bcde74fbe0d6d080c64e038ca8212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
69a26c060717c77c09e75bd76cb15e198fa93050c6db96369aeaa2d6c4c9c7a9
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-card-3cc643d22654cabc367e612be504b001.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 05 Mar 2023 12:56:40 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
22
x-cache
HIT
content-length
298
x-request-id
5ef0cceb-0254-4639-bb64-7f343e1ebbd3
x-served-by
cache-hhn-etou8220022-HHN
last-modified
Fri, 03 Mar 2023 22:13:10 GMT
server
Fastly
etag
"a1b452244e4eccaf6c847fec6049c3bf"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
8
out-4.5.42.js
m.stripe.network/ Frame 0767
86 KB
16 KB
Script
General
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Sun, 05 Mar 2023 12:56:40 GMT
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 varnish
age
15
x-cache
HIT
content-length
16031
x-request-id
1a015fc7-1c8c-47e2-992e-404463558775
x-served-by
cache-hhn-etou8220074-HHN
server
Fastly
x-timer
S1678021000.471182,VS0,VE0
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
accept-ranges
bytes
x-cache-hits
31
all
restcountries.eu/rest/v2/
0
0

link-config
merchant-ui-api.stripe.com/elements/ Frame 38F7
802 B
2 KB
Fetch
General
Full URL
https://merchant-ui-api.stripe.com/elements/link-config?key=pk_live_51IK3e3FzOsRTrdxauodO5G1LsBIr4pLMlTYytjMUXM0lFDTc9Kz07JsNEwHnRgpXcZuM1JbUKUKSSFaR7gsxEfg7003tIsKGTP&stripe_js_id=ffb82d9d-07d5-4632-a67c-7d1b2a4e0147
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-418bcde74fbe0d6d080c64e038ca8212.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.76.53.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-53-164.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5fa8a6f37b2c746444de92833c31e8fb6de0ac7dda28388872886a490f96ab9c
Security Headers
Name Value
Content-Security-Policy report-uri /csp-report?p=%2Felements%2Flink-config;block-all-mixed-content;default-src 'none' 'report-sample';base-uri 'none';form-action 'none';style-src 'unsafe-inline';frame-ancestors 'self';connect-src 'self';img-src 'self' https://b.stripecdn.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 05 Mar 2023 12:56:40 GMT
content-security-policy
report-uri /csp-report?p=%2Felements%2Flink-config;block-all-mixed-content;default-src 'none' 'report-sample';base-uri 'none';form-action 'none';style-src 'unsafe-inline';frame-ancestors 'self';connect-src 'self';img-src 'self' https://b.stripecdn.com
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy
same-site
content-length
802
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
access-control-max-age
300
access-control-allow-methods
GET, POST, HEAD, OPTIONS, DELETE
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Request-Id, Stripe-Manage-Version, X-Stripe-External-Auth-Required, X-Stripe-Privileged-Session-Required
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
timing-allow-origin
https://js.stripe.com
x-robots-tag
none
expires
0
0
r.stripe.com/ Frame 38F7
0
158 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-418bcde74fbe0d6d080c64e038ca8212.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
x-stripe-bg-intended-route-color
green
date
Sun, 05 Mar 2023 12:56:41 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 38F7
0
157 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-418bcde74fbe0d6d080c64e038ca8212.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
x-stripe-bg-intended-route-color
green
date
Sun, 05 Mar 2023 12:56:41 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 38F7
0
157 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-418bcde74fbe0d6d080c64e038ca8212.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
x-stripe-bg-intended-route-color
green
date
Sun, 05 Mar 2023 12:56:41 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 38F7
0
157 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-418bcde74fbe0d6d080c64e038ca8212.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
x-stripe-bg-intended-route-color
green
date
Sun, 05 Mar 2023 12:56:41 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 38F7
0
157 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-418bcde74fbe0d6d080c64e038ca8212.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
x-stripe-bg-intended-route-color
green
date
Sun, 05 Mar 2023 12:56:41 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 38F7
0
157 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-418bcde74fbe0d6d080c64e038ca8212.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
x-stripe-bg-intended-route-color
green
date
Sun, 05 Mar 2023 12:56:41 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 38F7
0
157 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-418bcde74fbe0d6d080c64e038ca8212.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
x-stripe-bg-intended-route-color
green
date
Sun, 05 Mar 2023 12:56:41 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 38F7
0
157 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-418bcde74fbe0d6d080c64e038ca8212.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
x-stripe-bg-intended-route-color
green
date
Sun, 05 Mar 2023 12:56:41 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 38F7
0
157 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-418bcde74fbe0d6d080c64e038ca8212.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
x-stripe-bg-intended-route-color
green
date
Sun, 05 Mar 2023 12:56:41 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 38F7
0
157 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-418bcde74fbe0d6d080c64e038ca8212.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
x-stripe-bg-intended-route-color
green
date
Sun, 05 Mar 2023 12:56:41 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 38F7
0
157 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-418bcde74fbe0d6d080c64e038ca8212.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
x-stripe-bg-intended-route-color
green
date
Sun, 05 Mar 2023 12:56:41 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 38F7
0
157 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-418bcde74fbe0d6d080c64e038ca8212.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
x-stripe-bg-intended-route-color
green
date
Sun, 05 Mar 2023 12:56:41 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
6
m.stripe.com/ Frame 0767
156 B
552 B
XHR
General
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.240.21.97 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-240-21-97.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
6b8dc5ec37319dcb5c6d39df642e3508b7e7893c6f88eca83f7d52ded883d588
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
blue
date
Sun, 05 Mar 2023 12:56:41 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
server
nginx
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
0
r.stripe.com/ Frame 38F7
0
157 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-418bcde74fbe0d6d080c64e038ca8212.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
x-stripe-bg-intended-route-color
green
date
Sun, 05 Mar 2023 12:56:41 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 38F7
0
157 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-418bcde74fbe0d6d080c64e038ca8212.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
x-stripe-bg-intended-route-color
green
date
Sun, 05 Mar 2023 12:56:41 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 38F7
0
157 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-418bcde74fbe0d6d080c64e038ca8212.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
x-stripe-bg-intended-route-color
green
date
Sun, 05 Mar 2023 12:56:41 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 38F7
0
157 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-418bcde74fbe0d6d080c64e038ca8212.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
x-stripe-bg-intended-route-color
green
date
Sun, 05 Mar 2023 12:56:41 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dev.globalrefundgroup.com
URL
https://dev.globalrefundgroup.com/wp-content/uploads/2022/12/footer-logo-1.png
Domain
restcountries.eu
URL
https://restcountries.eu/rest/v2/all

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| credentialless string| gtm4wp_datalayer_name object| dataLayer object| _wpemojiSettings undefined| $ function| jQuery object| dataLayer_content object| wpcf7 function| Tether object| twemoji object| wp object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| bootstrap function| SmoothScroll function| openNav function| closeNav function| openAllPanels function| closeAllPanels function| WOW object| webpackChunkStripeJSouter function| noop function| Stripe function| heateorSssLoadEvent string| heateorSssSharingAjaxUrl string| heateorSssCloseIconPath string| heateorSssPluginIconPath number| heateorSssHorizontalSharingCountEnable number| heateorSssVerticalSharingCountEnable number| heateorSssSharingOffset number| heateorSssMobileStickySharingEnabled string| heateorSssCopyLinkMessage object| heateorSssUrlCountFetched string| heateorSssSharesText string| heateorSssShareText function| heateorSssPopup string| heateorSssWhatsappShareAPI function| heateorSssCallAjax function| heateorSssGetScript function| heateorSssDetermineWhatsappShareAPI function| heateorSssMoreSharingPopup function| heateorSssFilterSharing object| heateorSssFacebookTargetUrls function| heateorSssGetSharingCounts function| heateorSssFetchFacebookShares function| heateorSssFBShareJSONCall function| heateorSssSaveFacebookShares function| heateorSssCalculateApproxCount function| heateorSssCalculateActualCount function| heateorSssCapitaliseFirstLetter function| heateorSssHideSharing function| ClipboardJS function| requestIntegromat object| gaplugins object| gaGlobal object| gaData

6 Cookies

Domain/Path Name / Value
.globalrefundgroup.com/ Name: _ga
Value: GA1.2.678086389.1678021000
.globalrefundgroup.com/ Name: _gid
Value: GA1.2.912578096.1678021000
.globalrefundgroup.com/ Name: _gat_UA-174652167-1
Value: 1
m.stripe.com/ Name: m
Value: 029b9a91-c1fb-4346-b49f-84640663f357f539eb
.payment.globalrefundgroup.com/ Name: __stripe_mid
Value: e26fe725-74f4-4e7a-9dff-92a3ccfcd580b831b0
.payment.globalrefundgroup.com/ Name: __stripe_sid
Value: 6e52059c-a319-4ab3-83bd-7207dfb2d7fbefea20

4 Console Messages

Source Level URL
Text
network error URL: https://dev.globalrefundgroup.com/wp-content/uploads/2022/12/footer-logo-1.png
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
dev.globalrefundgroup.com
fonts.googleapis.com
fonts.gstatic.com
get.geojs.io
globalrefundgroup.com
js.stripe.com
m.stripe.com
m.stripe.network
merchant-ui-api.stripe.com
payment.globalrefundgroup.com
q.stripe.com
r.stripe.com
restcountries.eu
www.google-analytics.com
www.googletagmanager.com
dev.globalrefundgroup.com
restcountries.eu
151.101.64.176
2606:4700:20::681a:64
2606:4700:3031::6815:297b
2a00:1450:400d:806::2008
2a00:1450:400d:80a::200a
2a00:1450:400d:80a::200e
2a00:1450:400d:80c::2003
2a04:4e42:200::485
44.240.21.97
54.187.119.242
54.187.159.182
54.76.53.164
01d79cd73f7c0f78fd5a538e96c61b89268f6a715b87ef98be9aaab332f5a537
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
07fd3c634eee674b3455465b774ae1b0945efbd446b6ae43ca8401b8742c5fcb
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0ec632e6ab02d4fdd514da7f5edc74aa28c9d4c71af76f1c8b93a1fba85bcc69
182cab990c2118fcdb18feab5115335e4eb4bc0b38bb30a36c4e73c92b080ea4
18e02d57c21d12f6a6a15787a18bfea58bc95887c2a21b23c4381b070c17472a
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2471f41a883c7215148382455ac967b6c476da6748d422cd9cdd6be5d4c2df09
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
34a71f4fb5b2a0c47b13fb99a0f6452aa0e0ba490cbe9efb9723dcf8fdcd3852
379e9964b89c3a34788397d3922c33a71d33b37fa9cc5fee89100a649211ea55
3ddc2daa3935e81bec0daa5effbf1861f60ed8ddea3c348c95c5302912233858
40bd976a925d4ca5476bbc9252a77f181ae45690a63af60fe09c34a75ad1752c
41c7bb7226d59ab078ac5d51fcc15f4deb3cb9dffe988a533bc24d87f6812c7c
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
47a7dd0cada3c63b3d5981848b65973772a3f5ccc578d16ed90e3aa1b74056ab
481bfa4292798eb15d056ff461dc1e90bbe9795fd99299b59c02970a0e710207
4a94f23728beb2880bb818eb2f8a57614883b65518410f74a5f45faedf4dbdc1
4cdd88ddba64fd2709fffdc2098d6f07d65e3f69fb8980e627028733c45a3479
4e0094f50477607896d285336e8aca96758a8e811f03d22244973be17deef137
52a5fdc5fcba3cfcc39c208ce3ccb38abee464d629879b28bdb0692b767abc59
57b22f3a5df6b64e6c861d24379cc781da036eaff1326d9c508e593acdda3cb1
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a73f87f07420169a612ff95ff21a682f2aa736351e566e36ef2330fe15323d4
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d911c5a60295bc16830af34df84e23ea3984f778c6c26649fe2697414792b26
5dfdf00359b7743919a732ae8eb80536ff206faaf16a99fcdd3f967aca1f81e7
5fa8a6f37b2c746444de92833c31e8fb6de0ac7dda28388872886a490f96ab9c
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
69a26c060717c77c09e75bd76cb15e198fa93050c6db96369aeaa2d6c4c9c7a9
6b8dc5ec37319dcb5c6d39df642e3508b7e7893c6f88eca83f7d52ded883d588
6f271bbf91298b9c279178e4e042ec41ad5cdae437bfd015b910083754282a65
6f965531c70972c209917c1867f595940ad8a2416935c04d024a7373a28c234d
723c44d87b52dc7df76dcb4bddaa66d4bf9413fb0c58f0205e8fb6756e77b9d2
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7c3bdc068229046be420f4a84d0d0017d0c1752a96bdc1edc50cb1f5aa7c2f8a
7ca6784614ecd910a30b591f565574468193fcd15f71931643d247daf19a8928
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
82025996756c4ad6d2e82fe7d4270f88eefe9cbf26f869e98cbb6864d45e6fe1
870121a26fabb87ad9a2ff678d2ec0aae82a919d26b8e9c926de896f4d8e8462
8787a6bcc84198383ab9a491bb74eaa9c8df1f10e17357e36f6d3763184fdb69
8801f3f03f791127a4b2670781844640fd8ee52652ae4f67206786765faa8d8e
9238c514b9ab645f51a6177ab93b06ecf8bb6bfbc9ea59ef68adb147adff1007
928222a1042d46e159da2dc8d0f59efbfaf961ecfb457ccc0a5c578d93cc3ea7
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
996862df1686747b978037477df2c3ec70effb20a7c5fbd9b4db095772d78b2c
9c19b3e7d4486f0d1c11fa6c3d628042a9a1cc5e386484e0cdeba44cbbe3a359
9fdeb216658b19daba06be26650f3a39cbaf5df38a8b9374192a374f819a1892
a0ea735f765d5bc1230beb63bcb701b69c80d77c48572a61bb159a8915903278
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a7d5500e6e1d3c7c9fc3f8281d1eb49a78f13788fd65c9da98b0a8476cef9b84
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
aeaf3ffc068738b3f1b27630c1d828e377d552039cfeb250315a3a63f3cc9997
b35900ec42f99d275d07028b0a192a4f9b097780e03fb4fc6a8ffcf959146967
b6232d62c63a5696999302aa4d0e1658285106b3db3c836160cc679209cfd7e8
b8f1aa413f3eb5304b579deba529ab7b57a793f4ef9bab033f8a450abf8e3fa4
b9991f67d7243acd284a6df9c6a74e49a83dd2a21d20ed72dd69603d1e914c77
bc71c403dc6113c8597e111a99d6a6a197dd2f2355402f8392ca4812dca57d3d
bd0d963ceaff782262d72db7041d3cabfb3d0d0f098b33cd32d093a52e8fa1ac
c15c4e668d943880bf545f788af1b588d95d8101f89580be57a861190877ed87
c1741b695a1c01def04bb5559af33d8402b8a927968cb1e575268935c4ae8d45
c252483b3652cd0703315d627dfc2b433f497b0029e48b5f4b5c3b7f5cf987bb
c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d
ccc05acebaee3aae30ed78b2616ca32e6ae2090efb1a1d3b79e38dc5d8ca5886
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cda4a81c187015d95ed2c71f1841540b08203cdec5fa2a7d5d1825a3c2166f8c
d58ad6f49f6f268e1640104190bd2196306450aac1d7398cbda98e8330ab3a9b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5168b88a29580bb2e4c6bcaf94c24c2801eaef58751f8eafeeb7d050aec4838
e68b934e545803318062d25e68d276d8c7f7c53f75de2beab2f5248f514888c3
ea5a1b4f2532d66acf4fba8905e2439f3d3df19699b6786d0b168a3e3bca4f13
eca89d24cbc453e066518b70e8d5e08d43587276646747d45de949c7dc92e021
ed8d1b1ebb0bfb62343f83fb6820cbf7ff134072db28adadb2e37ab626118333
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f7244fff610595b944f76bf3080d74e3af42b5dd234f8f079e698cc39ac966b0
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c