scamrefundgov.com Open in urlscan Pro
173.252.167.180 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://scamrefundgov.com/
Submission: On August 23 via manual (August 23rd 2024, 12:04:22 am UTC) from AU — Scanned from AU

Summary HTTP 81 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 81 HTTP transactions. The main IP is 173.252.167.180, located in Wilmington, United States and belongs to ORANGEHOST, US. The main domain is scamrefundgov.com.
TLS certificate: Issued by R10 on July 30th 2024. Valid for: 3 months.

This is the only time scamrefundgov.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Scamwatch (Government)

Community Verdicts: Malicious — 1 votes Show Verdicts

Domain & IP information

	IP Address	AS Autonomous System
27	173.252.167.180 173.252.167.180	19853 (ORANGEHOST) (ORANGEHOST)
39	172.67.41.30 172.67.41.30	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.98.105.146 34.98.105.146	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	142.251.221.42 142.251.221.42	15169 (GOOGLE) (GOOGLE)
5	172.217.24.35 172.217.24.35	15169 (GOOGLE) (GOOGLE)
2	34.98.91.45 34.98.91.45	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.190.93.146 35.190.93.146	15169 (GOOGLE) (GOOGLE)
1	202.14.188.23 202.14.188.23	9555 (VZB-AU-AS...) (VZB-AU-AS Verizon Australia PTY Limited)
1	151.101.130.208 151.101.130.208	54113 (FASTLY) (FASTLY)
81	10

27 173.252.167.180 (Wilmington, United States)

ASN19853 (ORANGEHOST, US)
PTR: server218.orangehost.com

scamrefundgov.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 172.67.41.30 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.commoninja.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.commoninja.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
website-assets.commoninja.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.105.146 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 146.105.98.34.bc.googleusercontent.com

app-script.monsido.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.221.42 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: mnl08s03-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.24.35 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s20-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.91.45 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 45.91.98.34.bc.googleusercontent.com

heatmaps.monsido.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.93.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.93.190.35.bc.googleusercontent.com

tracking.monsido.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.14.188.23 (Australia)

ASN9555 (VZB-AU-AS Verizon Australia PTY Limited, AU)

www.scamwatch.gov.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.208 (San Francisco, United States)

ASN54113 (FASTLY, US)

images.unsplash.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	commoninja.com cdn.commoninja.com — Cisco Umbrella Rank: 115875 www.commoninja.com — Cisco Umbrella Rank: 195987 website-assets.commoninja.com — Cisco Umbrella Rank: 628198	440 KB
27	scamrefundgov.com scamrefundgov.com	615 KB
5	gstatic.com fonts.gstatic.com	98 KB
4	monsido.com app-script.monsido.com — Cisco Umbrella Rank: 31230 heatmaps.monsido.com — Cisco Umbrella Rank: 51458 tracking.monsido.com — Cisco Umbrella Rank: 29288	7 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	2 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	20 KB
1	unsplash.com images.unsplash.com — Cisco Umbrella Rank: 19337	49 KB
1	scamwatch.gov.au www.scamwatch.gov.au	678 B
81	8

	Domain	Requested by
27	scamrefundgov.com	scamrefundgov.com
22	cdn.commoninja.com	scamrefundgov.com cdn.commoninja.com
14	www.commoninja.com	cdn.commoninja.com
5	fonts.gstatic.com	fonts.googleapis.com
3	website-assets.commoninja.com	cdn.commoninja.com
2	heatmaps.monsido.com	app-script.monsido.com heatmaps.monsido.com
2	fonts.googleapis.com	scamrefundgov.com cdn.commoninja.com
2	cdnjs.cloudflare.com	scamrefundgov.com
1	images.unsplash.com
1	www.scamwatch.gov.au
1	tracking.monsido.com
1	app-script.monsido.com	scamrefundgov.com
81	12

This site contains links to these domains. Also see Links.

Domain
t.me
twitter.com
instagram.com

Subject Issuer	Validity	Valid
*.scamrefundgov.com R10	`2024-07-30` - `2024-10-28`	3 months	crt.sh
commoninja.com WE1	`2024-07-10` - `2024-10-08`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
app-script.monsido.com WR3	`2024-06-27` - `2024-09-25`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
heatmaps.monsido.com WR3	`2024-06-30` - `2024-09-29`	3 months	crt.sh
tracking.monsido.com WR3	`2024-07-07` - `2024-10-05`	3 months	crt.sh
www.scamwatch.gov.au E5	`2024-07-10` - `2024-10-08`	3 months	crt.sh
images.unsplash.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-12-07` - `2025-01-07`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://scamrefundgov.com/
Frame ID: F485A7938B2D46E363BAB81E61D9CCEA
Requests: 81 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Scam Refund - Home

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

81
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

12
Subdomains

10
IPs

3
Countries

1230 kB
Transfer

2967 kB
Size

3
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://t.me/Scamrefundgov
Title: Send Direct Telegram chat

Search URL Search Domain Scan URL

URL: https://twitter.com/
Title: Follow Scamwatch on Twitter

Search URL Search Domain Scan URL

URL: https://instagram.com/
Title: Follow ACCC on Instagram

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

81 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
scamrefundgov.com/ 45 KB
10 KB 1119ms
571ms Document
text/html 173.252.167.180
ORANGEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://scamrefundgov.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.252.167.180 Wilmington, United States, ASN19853 (ORANGEHOST, US),
Reverse DNS: server218.orangehost.com
Software: /
Resource Hash: 04a9fc1ef08ff201239eac8d6bf18b150575dbf12339c575b6c9d167baded872

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-cache, private
content-encoding: br
content-length: 9027
content-type: text/html; charset=UTF-8
date: Fri, 23 Aug 2024 00:04:14 GMT
vary: Accept-Encoding

GET
H2 200 header-background.webp
scamrefundgov.com/frontcss/sites/www.scamwatch.gov.au/themes/scamwatch_theme/images/ 16 KB
16 KB 157ms
157ms Image
image/webp 173.252.167.180
ORANGEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scamrefundgov.com/frontcss/sites/www.scamwatch.gov.au/themes/scamwatch_theme/images/header-background.webp
Requested by: Host: scamrefundgov.com
URL: https://scamrefundgov.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.252.167.180 Wilmington, United States, ASN19853 (ORANGEHOST, US),
Reverse DNS: server218.orangehost.com
Software: /
Resource Hash: 965a0a3f311517e0c0cd493b5166560f848c52ecb4ae853c564ad5fa13f18e0d

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Fri, 30 Aug 2024 00:04:14 GMT
date: Fri, 23 Aug 2024 00:04:14 GMT
cache-control: public, max-age=604800
last-modified: Sun, 28 Jul 2024 17:05:52 GMT
accept-ranges: bytes
content-length: 16296
content-type: image/webp

GET
H2 200 css_0mJRnoUceKjZk5FWjMIfYF7Kik1i4yfzhSn1ftLpUHs.css
scamrefundgov.com/frontcss/sites/www.scamwatch.gov.au/files/css/ 83 KB
12 KB 155ms
152ms Stylesheet
text/css 173.252.167.180
ORANGEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://scamrefundgov.com/frontcss/sites/www.scamwatch.gov.au/files/css/css_0mJRnoUceKjZk5FWjMIfYF7Kik1i4yfzhSn1ftLpUHs.css?delta=0&language=en&theme=scamwatch_theme&include=eJxtUQFuwzAI_FBcS9P-YxGHOnS2sQB3ze_nrO06RZUsZO4QdwDEGMMMir4b5Qn-0v3nClelhZ1GoWZ3tiuKp2ooFbLLnKi6TPVrAlW0QPWC0Vj8RccLjw5HMqr6xmpBMOOQCytbONMNdUrMKWOA0X0ziuqPwKSbGha_23wZDrZiwXD9-I8zm5pA8ynzPNyqbcNqOrJ6TZ94RdlmXrYjCRe4uTNldL1lhsU14SSow0eE8g0W17v2UeRI7_iYD2-2r8sv0hvk0yOdGgikobfqk3khp15bnzPpisvdHlYj28JKKCBx3XzBBAVrP16Quzge-uKUDNW9qzFubr8-GT0rroTf6n_jqfDSM06Ku1KARgG6ceTSMtoY6z3-A7sG6vU
Requested by: Host: scamrefundgov.com
URL: https://scamrefundgov.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.252.167.180 Wilmington, United States, ASN19853 (ORANGEHOST, US),
Reverse DNS: server218.orangehost.com
Software: /
Resource Hash: ada06cc954101cda04cb64ec1574c80692247c34b4f232e089b449710b2b0b15

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:14 GMT
content-encoding: br
last-modified: Sun, 28 Jul 2024 12:51:43 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 12245
expires: Fri, 30 Aug 2024 00:04:14 GMT

GET
H2 200 css_NuMXpjbsWzFxj2qAkcmlixmmJaGMxFFyPsSjJveWd3s.css
scamrefundgov.com/frontcss/sites/www.scamwatch.gov.au/files/css/ 301 KB
42 KB 306ms
303ms Stylesheet
text/css 173.252.167.180
ORANGEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://scamrefundgov.com/frontcss/sites/www.scamwatch.gov.au/files/css/css_NuMXpjbsWzFxj2qAkcmlixmmJaGMxFFyPsSjJveWd3s.css?delta=1&language=en&theme=scamwatch_theme&include=eJxtUQFuwzAI_FBcS9P-YxGHOnS2sQB3ze_nrO06RZUsZO4QdwDEGMMMir4b5Qn-0v3nClelhZ1GoWZ3tiuKp2ooFbLLnKi6TPVrAlW0QPWC0Vj8RccLjw5HMqr6xmpBMOOQCytbONMNdUrMKWOA0X0ziuqPwKSbGha_23wZDrZiwXD9-I8zm5pA8ynzPNyqbcNqOrJ6TZ94RdlmXrYjCRe4uTNldL1lhsU14SSow0eE8g0W17v2UeRI7_iYD2-2r8sv0hvk0yOdGgikobfqk3khp15bnzPpisvdHlYj28JKKCBx3XzBBAVrP16Quzge-uKUDNW9qzFubr8-GT0rroTf6n_jqfDSM06Ku1KARgG6ceTSMtoY6z3-A7sG6vU
Requested by: Host: scamrefundgov.com
URL: https://scamrefundgov.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.252.167.180 Wilmington, United States, ASN19853 (ORANGEHOST, US),
Reverse DNS: server218.orangehost.com
Software: /
Resource Hash: bee5fa7876061cd2718708bb93a5e835e04d5974e30acaec5504060298daf002

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:14 GMT
content-encoding: br
last-modified: Sun, 28 Jul 2024 12:41:20 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 43047
expires: Fri, 30 Aug 2024 00:04:14 GMT

GET
H2 200 css_4JWCJVXyRRxjWRhRCYYh0GoVLDZsjWSAkrGj0Dp7dws.css
scamrefundgov.com/frontcss/sites/www.scamwatch.gov.au/files/css/ 392 B
265 B 457ms
454ms Stylesheet
text/css 173.252.167.180
ORANGEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://scamrefundgov.com/frontcss/sites/www.scamwatch.gov.au/files/css/css_4JWCJVXyRRxjWRhRCYYh0GoVLDZsjWSAkrGj0Dp7dws.css?delta=3&language=en&theme=scamwatch_theme&include=eJxtUQFuwzAI_FBcS9P-YxGHOnS2sQB3ze_nrO06RZUsZO4QdwDEGMMMir4b5Qn-0v3nClelhZ1GoWZ3tiuKp2ooFbLLnKi6TPVrAlW0QPWC0Vj8RccLjw5HMqr6xmpBMOOQCytbONMNdUrMKWOA0X0ziuqPwKSbGha_23wZDrZiwXD9-I8zm5pA8ynzPNyqbcNqOrJ6TZ94RdlmXrYjCRe4uTNldL1lhsU14SSow0eE8g0W17v2UeRI7_iYD2-2r8sv0hvk0yOdGgikobfqk3khp15bnzPpisvdHlYj28JKKCBx3XzBBAVrP16Quzge-uKUDNW9qzFubr8-GT0rroTf6n_jqfDSM06Ku1KARgG6ceTSMtoY6z3-A7sG6vU
Requested by: Host: scamrefundgov.com
URL: https://scamrefundgov.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.252.167.180 Wilmington, United States, ASN19853 (ORANGEHOST, US),
Reverse DNS: server218.orangehost.com
Software: /
Resource Hash: 89f8517ee2b3661b93296f786ada77b756ff8128fc65a33005fc94f0b5eb7cad

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:14 GMT
content-encoding: br
last-modified: Sun, 28 Jul 2024 17:05:58 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 210
expires: Fri, 30 Aug 2024 00:04:14 GMT

GET
H2 200 js_p7xjOzxlb_SrdmzOVaFqhR9vz3wp5-CfUMoRUGf6Bj4.js Show response
scamrefundgov.com/frontcss/sites/www.scamwatch.gov.au/files/js/ 86 KB
29 KB 457ms
454ms Script
text/javascript 173.252.167.180
ORANGEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://scamrefundgov.com/frontcss/sites/www.scamwatch.gov.au/files/js/js_p7xjOzxlb_SrdmzOVaFqhR9vz3wp5-CfUMoRUGf6Bj4.js?scope=header&delta=0&language=en&theme=scamwatch_theme&include=eJxtUQFuwzAI_FBcS9P-YxGHOnS2sQB3ze_nrO06RZUsZO4QdwDEGMMMir4b5Qn-0v3nClelhZ1GoWZ3tiuKp2ooFbLLnKi6TPVrAlW0QPWC0Vj8RccLjw5HMqr6xmpBMOOQCytbONMNdUrMKWOA0X0ziuqPwKSbGha_23wZDrZiwXD9-I8zm5pA8ynzPNyqbcNqOrJ6TZ94RdlmXrYjCRe4uTNldL1lhsU14SSow0eE8g0W17v2UeRI7_iYD2-2r8sv0hvk0yOdGgikobfqk3khp15bnzPpisvdHlYj28JKKCBx3XzBBAVrP16Quzge-uKUDNW9qzFubr8-GT0rroTf6n_jqfDSM06Ku1KARgG6ceTSMtoY6z3-A7sG6vU
Requested by: Host: scamrefundgov.com
URL: https://scamrefundgov.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.252.167.180 Wilmington, United States, ASN19853 (ORANGEHOST, US),
Reverse DNS: server218.orangehost.com
Software: /
Resource Hash: e3482b8e7abb441ab3024d044ebadf18a779fceae0f4717572e1c4f0c5b6fe5f

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:14 GMT
content-encoding: br
last-modified: Sun, 28 Jul 2024 17:07:48 GMT
accept-ranges: bytes
content-length: 29797
vary: Accept-Encoding
content-type: text/javascript

GET
H2 200 js_monsido-1a92470c288861986b4c6a05acbe25e1.js Show response
scamrefundgov.com/frontcss/sites/www.scamwatch.gov.au/files/asset_injector/js/ 387 B
242 B 457ms
454ms Script
text/javascript 173.252.167.180
ORANGEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://scamrefundgov.com/frontcss/sites/www.scamwatch.gov.au/files/asset_injector/js/js_monsido-1a92470c288861986b4c6a05acbe25e1.js?sghzm4
Requested by: Host: scamrefundgov.com
URL: https://scamrefundgov.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.252.167.180 Wilmington, United States, ASN19853 (ORANGEHOST, US),
Reverse DNS: server218.orangehost.com
Software: /
Resource Hash: 862e01b623cfb27bda6d406b1d52b28fb675fbaa69311bbf48d58a6bb943b940

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:14 GMT
content-encoding: br
last-modified: Sun, 28 Jul 2024 17:07:50 GMT
accept-ranges: bytes
content-length: 189
vary: Accept-Encoding
content-type: text/javascript

GET
H2 200 commonninja.js Show response
cdn.commoninja.com/sdk/latest/ 31 KB
10 KB 345ms
27ms Script
application/javascript 172.67.41.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.commoninja.com/sdk/latest/commonninja.js
Requested by: Host: scamrefundgov.com
URL: https://scamrefundgov.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.41.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c894b53906e5fecca9e55a665670443ad5d8afb18f1af140d1739b6152202a38

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:16 GMT
via: 1.1 vegur, 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 549
x-powered-by: Express
cross-origin-resource-policy: cross-origin
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724342080&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=cNKNb4iC88jEgm3bZJM0b81%2BNQCAydJh6FdZJwqAU6c%3D
cf-bgj: minify
last-modified: Wed, 21 Aug 2024 13:42:03 GMT
server: cloudflare
etag: W/"7dd3-191752c4bf8"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724342080&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=cNKNb4iC88jEgm3bZJM0b81%2BNQCAydJh6FdZJwqAU6c%3D"}]}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 8b76d8203e3f5509-SYD

GET
H3 200 solid.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.6.0/css/ 572 B
856 B 48ms
32ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.6.0/css/solid.min.css

Requested by

Host: scamrefundgov.com
URL: https://scamrefundgov.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95ab6cad65a712ff68281ceac2fa56ed94041c6d4d6fe52bb8293ce826d87331

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://scamrefundgov.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 11502
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 275
last-modified: Tue, 16 Jul 2024 17:07:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6696a8d8-113"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L2VOopxiPa0vpHHxkRSwo3c568dXc1aoU8zvTXnVKRiPPZbmRexSlqgkyL0fX0vWUbs8R1zI2Vdn9vEscADZXET65w412UPItQbppIUlb1aKN0u2L0VGd0ddDdLDPNsvN%2Ffavjpu"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b76d8190cb5a955-SYD
expires: Wed, 13 Aug 2025 00:04:14 GMT

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.6.0/css/ 94 KB
19 KB 42ms
27ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.6.0/css/all.min.css

Requested by

Host: scamrefundgov.com
URL: https://scamrefundgov.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5e202e3c899507992952533f57b634722b69b34241d271963559d31aa33ef81

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://scamrefundgov.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 97390
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 18714
last-modified: Tue, 16 Jul 2024 17:07:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6696a8d8-491a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P81IAZfCSn134vkoIICmeAmYkMSmFtyOWReGqKTeg5R67FJmNL2HbX5vMn%2BkMhEWX33LCzmwtIECT503SkpgVMEFDewnoEu%2BMoSVUvSJLODQg3jKHQQHKY3Q%2BbdqAkp9uC8629Nb"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b76d818fcb2a955-SYD
expires: Wed, 13 Aug 2025 00:04:14 GMT

GET
H2 200 logo.png
scamrefundgov.com/assets/images/logoIcon/ 17 KB
17 KB 456ms
454ms Image
image/png 173.252.167.180
ORANGEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scamrefundgov.com/assets/images/logoIcon/logo.png?sghzm4
Requested by: Host: scamrefundgov.com
URL: https://scamrefundgov.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.252.167.180 Wilmington, United States, ASN19853 (ORANGEHOST, US),
Reverse DNS: server218.orangehost.com
Software: /
Resource Hash: b0b5f7d60ab098d69717d39073ab8c81e4b1c4f4e27e244c3f0140a425fb44b0

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Fri, 30 Aug 2024 00:04:14 GMT
date: Fri, 23 Aug 2024 00:04:14 GMT
cache-control: public, max-age=604800
last-modified: Tue, 30 Jul 2024 19:50:22 GMT
accept-ranges: bytes
content-length: 17777
content-type: image/png

GET
H2 200 logo_2.png
scamrefundgov.com/assets/images/logoIcon/ 17 KB
17 KB 457ms
455ms Image
image/png 173.252.167.180
ORANGEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scamrefundgov.com/assets/images/logoIcon/logo_2.png?sghzm4
Requested by: Host: scamrefundgov.com
URL: https://scamrefundgov.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.252.167.180 Wilmington, United States, ASN19853 (ORANGEHOST, US),
Reverse DNS: server218.orangehost.com
Software: /
Resource Hash: 6fb98746d03e91c157c9ac7a3269df874f0eb197b90d374fbb2847afe806e058

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Fri, 30 Aug 2024 00:04:14 GMT
date: Fri, 23 Aug 2024 00:04:14 GMT
cache-control: public, max-age=604800
last-modified: Tue, 30 Jul 2024 19:50:22 GMT
accept-ranges: bytes
content-length: 17268
content-type: image/png

GET
H3 200 nasc-standalone.webp
scamrefundgov.com/frontcss/sites/www.scamwatch.gov.au/themes/scamwatch_theme/images/ 14 KB
15 KB 155ms
154ms Image
image/webp 173.252.167.180
ORANGEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scamrefundgov.com/frontcss/sites/www.scamwatch.gov.au/themes/scamwatch_theme/images/nasc-standalone.webp?version=2023071301
Requested by: Host: scamrefundgov.com
URL: https://scamrefundgov.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 173.252.167.180 Wilmington, United States, ASN19853 (ORANGEHOST, US),
Reverse DNS: server218.orangehost.com
Software: /
Resource Hash: 1f06a10cba3ccd750550153c86b5a084abd186d111378816afcf9c51fae5495a

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:15 GMT
last-modified: Sun, 28 Jul 2024 17:07:58 GMT
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 14652
expires: Fri, 30 Aug 2024 00:04:15 GMT

GET
H3 200 js_BGWOm2eHPu8n8YwwVrAWoANfg7xrJIqAX9LMxeYC5WQ.js Show response
scamrefundgov.com/frontcss/sites/www.scamwatch.gov.au/files/js/ 77 KB
22 KB 156ms
156ms Script
text/javascript 173.252.167.180
ORANGEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://scamrefundgov.com/frontcss/sites/www.scamwatch.gov.au/files/js/js_BGWOm2eHPu8n8YwwVrAWoANfg7xrJIqAX9LMxeYC5WQ.js?scope=footer&delta=0&language=en&theme=scamwatch_theme&include=eJxtUQFuwzAI_FBcS9P-YxGHOnS2sQB3ze_nrO06RZUsZO4QdwDEGMMMir4b5Qn-0v3nClelhZ1GoWZ3tiuKp2ooFbLLnKi6TPVrAlW0QPWC0Vj8RccLjw5HMqr6xmpBMOOQCytbONMNdUrMKWOA0X0ziuqPwKSbGha_23wZDrZiwXD9-I8zm5pA8ynzPNyqbcNqOrJ6TZ94RdlmXrYjCRe4uTNldL1lhsU14SSow0eE8g0W17v2UeRI7_iYD2-2r8sv0hvk0yOdGgikobfqk3khp15bnzPpisvdHlYj28JKKCBx3XzBBAVrP16Quzge-uKUDNW9qzFubr8-GT0rroTf6n_jqfDSM06Ku1KARgG6ceTSMtoY6z3-A7sG6vU
Requested by: Host: scamrefundgov.com
URL: https://scamrefundgov.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 173.252.167.180 Wilmington, United States, ASN19853 (ORANGEHOST, US),
Reverse DNS: server218.orangehost.com
Software: /
Resource Hash: fb11730b8df831b0ebbd230f6f33b025c05afc08efb86608adebc4e30b664236

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:15 GMT
content-encoding: br
last-modified: Sun, 28 Jul 2024 17:08:04 GMT
accept-ranges: bytes
content-length: 22096
vary: Accept-Encoding
content-type: text/javascript

GET
H2 200 monsido-script.js Show response
app-script.monsido.com/v2/ 8 KB
3 KB 314ms
4ms Script
text/javascript 34.98.105.146
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://app-script.monsido.com/v2/monsido-script.js
Requested by: Host: scamrefundgov.com
URL: https://scamrefundgov.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.105.146 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 146.105.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 64e8ce58f2d8ee4332cc27fcb759c31013f418b6523586b6441fd2f097107b35

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 23:59:21 GMT
content-encoding: gzip
age: 295
x-guploader-uploadid: AHxI1nMtSKY57UFwsC_gUFeUZl1e3uW8W8YK7mDxQtFQyCAreUCvjvGqUzul958CMzQt48LqZYoP4JdbdQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2757
last-modified: Thu, 01 Jun 2023 11:12:59 GMT
server: UploadServer
etag: "fce0a6a1f924b9c6816bdc5bc679506e"
vary: Accept-Encoding
x-goog-generation: 1685617979609837
x-goog-hash: crc32c=dMVJbw==, md5=/OCmofkkucaBa9xbxnlQbg==
content-type: text/javascript
cache-control: public, max-age=300
x-goog-stored-content-length: 2757
accept-ranges: bytes
expires: Fri, 23 Aug 2024 00:04:21 GMT

GET
H3 200 js_waozb-1x5CpXE8vbvAzP8OiNibB9Spn-EXedEDZKezg.js Show response
scamrefundgov.com/frontcss/sites/www.scamwatch.gov.au/files/js/ 116 KB
30 KB 153ms
153ms Script
text/javascript 173.252.167.180
ORANGEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://scamrefundgov.com/frontcss/sites/www.scamwatch.gov.au/files/js/js_waozb-1x5CpXE8vbvAzP8OiNibB9Spn-EXedEDZKezg.js?scope=footer&delta=2&language=en&theme=scamwatch_theme&include=eJxtUQFuwzAI_FBcS9P-YxGHOnS2sQB3ze_nrO06RZUsZO4QdwDEGMMMir4b5Qn-0v3nClelhZ1GoWZ3tiuKp2ooFbLLnKi6TPVrAlW0QPWC0Vj8RccLjw5HMqr6xmpBMOOQCytbONMNdUrMKWOA0X0ziuqPwKSbGha_23wZDrZiwXD9-I8zm5pA8ynzPNyqbcNqOrJ6TZ94RdlmXrYjCRe4uTNldL1lhsU14SSow0eE8g0W17v2UeRI7_iYD2-2r8sv0hvk0yOdGgikobfqk3khp15bnzPpisvdHlYj28JKKCBx3XzBBAVrP16Quzge-uKUDNW9qzFubr8-GT0rroTf6n_jqfDSM06Ku1KARgG6ceTSMtoY6z3-A7sG6vU
Requested by: Host: scamrefundgov.com
URL: https://scamrefundgov.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 173.252.167.180 Wilmington, United States, ASN19853 (ORANGEHOST, US),
Reverse DNS: server218.orangehost.com
Software: /
Resource Hash: f43b0d4d0f5647671c895dce146120eb016f1cc63ee975d494b0932da39f5904

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:15 GMT
content-encoding: br
last-modified: Sun, 28 Jul 2024 17:08:08 GMT
accept-ranges: bytes
content-length: 30687
vary: Accept-Encoding
content-type: text/javascript

GET
H3 200 css_gMqEL9iz8S_YILP10l9qo-eZOzo1_wR-lT9ZVKu1jnY.css
scamrefundgov.com/frontcss/sites/www.scamwatch.gov.au/files/css/ 272 B
361 B 154ms
153ms Stylesheet
text/css 173.252.167.180
ORANGEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://scamrefundgov.com/frontcss/sites/www.scamwatch.gov.au/files/css/css_gMqEL9iz8S_YILP10l9qo-eZOzo1_wR-lT9ZVKu1jnY.css?delta=2&language=en&theme=scamwatch_theme&include=eJxtUQFuwzAI_FBcS9P-YxGHOnS2sQB3ze_nrO06RZUsZO4QdwDEGMMMir4b5Qn-0v3nClelhZ1GoWZ3tiuKp2ooFbLLnKi6TPVrAlW0QPWC0Vj8RccLjw5HMqr6xmpBMOOQCytbONMNdUrMKWOA0X0ziuqPwKSbGha_23wZDrZiwXD9-I8zm5pA8ynzPNyqbcNqOrJ6TZ94RdlmXrYjCRe4uTNldL1lhsU14SSow0eE8g0W17v2UeRI7_iYD2-2r8sv0hvk0yOdGgikobfqk3khp15bnzPpisvdHlYj28JKKCBx3XzBBAVrP16Quzge-uKUDNW9qzFubr8-GT0rroTf6n_jqfDSM06Ku1KARgG6ceTSMtoY6z3-A7sG6vU
Requested by: Host: scamrefundgov.com
URL: https://scamrefundgov.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 173.252.167.180 Wilmington, United States, ASN19853 (ORANGEHOST, US),
Reverse DNS: server218.orangehost.com
Software: /
Resource Hash: a61deebe71ad5f31deefeb47eee7fb8f685419125938e76e80a64f30873cf55f

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Fri, 30 Aug 2024 00:04:16 GMT
date: Fri, 23 Aug 2024 00:04:16 GMT
cache-control: public, max-age=604800
last-modified: Sun, 28 Jul 2024 17:05:58 GMT
accept-ranges: bytes
content-length: 272
content-type: text/css

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 729ms
157ms Stylesheet
text/css 142.251.221.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Bitter:400,700|Roboto:400,700&display=swap

Requested by

Host: scamrefundgov.com
URL: https://scamrefundgov.com/frontcss/sites/www.scamwatch.gov.au/files/css/css_NuMXpjbsWzFxj2qAkcmlixmmJaGMxFFyPsSjJveWd3s.css?delta=1&language=en&theme=scamwatch_theme&include=eJxtUQFuwzAI_FBcS9P-YxGHOnS2sQB3ze_nrO06RZUsZO4QdwDEGMMMir4b5Qn-0v3nClelhZ1GoWZ3tiuKp2ooFbLLnKi6TPVrAlW0QPWC0Vj8RccLjw5HMqr6xmpBMOOQCytbONMNdUrMKWOA0X0ziuqPwKSbGha_23wZDrZiwXD9-I8zm5pA8ynzPNyqbcNqOrJ6TZ94RdlmXrYjCRe4uTNldL1lhsU14SSow0eE8g0W17v2UeRI7_iYD2-2r8sv0hvk0yOdGgikobfqk3khp15bnzPpisvdHlYj28JKKCBx3XzBBAVrP16Quzge-uKUDNW9qzFubr8-GT0rroTf6n_jqfDSM06Ku1KARgG6ceTSMtoY6z3-A7sG6vU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.42 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f10.1e100.net

Software

ESF /

Resource Hash

0df74a8c68b4fa3b0bcd344376e6ad2268b2f25f526908cf07a0d5cb5b24bfe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 23 Aug 2024 00:04:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 23 Aug 2024 00:04:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Aug 2024 00:04:15 GMT

GET
H3 404 icons.svg
scamrefundgov.com/frontcss/themes/custom/accc_bootstrap/icons/ 0
0 469ms
469ms Other
text/html 173.252.167.180
ORANGEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://scamrefundgov.com/frontcss/themes/custom/accc_bootstrap/icons/icons.svg?sghzm4
Requested by: Host: scamrefundgov.com
URL: https://scamrefundgov.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 173.252.167.180 Wilmington, United States, ASN19853 (ORANGEHOST, US),
Reverse DNS: server218.orangehost.com
Software: /
Resource Hash

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:16 GMT
cache-control: no-cache, private
content-encoding: br
content-length: 496
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H3 404 icons.svg
scamrefundgov.com/frontcss/themes/custom/accc_bootstrap/icons/ 0
0 468ms
467ms Other
text/html 173.252.167.180
ORANGEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://scamrefundgov.com/frontcss/themes/custom/accc_bootstrap/icons/icons.svg
Requested by: Host: scamrefundgov.com
URL: https://scamrefundgov.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 173.252.167.180 Wilmington, United States, ASN19853 (ORANGEHOST, US),
Reverse DNS: server218.orangehost.com
Software: /
Resource Hash

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:16 GMT
cache-control: no-cache, private
content-encoding: br
content-length: 496
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 logo_2.png
scamrefundgov.com/assets/images/logoIcon/ 17 KB
0 0ms
0ms Image
image/png 173.252.167.180
ORANGEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scamrefundgov.com/assets/images/logoIcon/logo_2.png?sghzm4
Requested by: Host: scamrefundgov.com
URL: https://scamrefundgov.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.252.167.180 Wilmington, United States, ASN19853 (ORANGEHOST, US),
Reverse DNS: server218.orangehost.com
Software: /
Resource Hash: 6fb98746d03e91c157c9ac7a3269df874f0eb197b90d374fbb2847afe806e058

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Fri, 30 Aug 2024 00:04:14 GMT
date: Fri, 23 Aug 2024 00:04:14 GMT
cache-control: public, max-age=604800
last-modified: Tue, 30 Jul 2024 19:50:22 GMT
accept-ranges: bytes
content-length: 17268
content-type: image/png

GET
H3 200 newspaper.svg
scamrefundgov.com/frontcss/themes/custom/accc_bootstrap/icons/fontawesome-icons/regular/ 1 KB
526 B 153ms
152ms Image
image/svg+xml 173.252.167.180
ORANGEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scamrefundgov.com/frontcss/themes/custom/accc_bootstrap/icons/fontawesome-icons/regular/newspaper.svg
Requested by: Host: scamrefundgov.com
URL: https://scamrefundgov.com/frontcss/sites/www.scamwatch.gov.au/files/css/css_0mJRnoUceKjZk5FWjMIfYF7Kik1i4yfzhSn1ftLpUHs.css?delta=0&language=en&theme=scamwatch_theme&include=eJxtUQFuwzAI_FBcS9P-YxGHOnS2sQB3ze_nrO06RZUsZO4QdwDEGMMMir4b5Qn-0v3nClelhZ1GoWZ3tiuKp2ooFbLLnKi6TPVrAlW0QPWC0Vj8RccLjw5HMqr6xmpBMOOQCytbONMNdUrMKWOA0X0ziuqPwKSbGha_23wZDrZiwXD9-I8zm5pA8ynzPNyqbcNqOrJ6TZ94RdlmXrYjCRe4uTNldL1lhsU14SSow0eE8g0W17v2UeRI7_iYD2-2r8sv0hvk0yOdGgikobfqk3khp15bnzPpisvdHlYj28JKKCBx3XzBBAVrP16Quzge-uKUDNW9qzFubr8-GT0rroTf6n_jqfDSM06Ku1KARgG6ceTSMtoY6z3-A7sG6vU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 173.252.167.180 Wilmington, United States, ASN19853 (ORANGEHOST, US),
Reverse DNS: server218.orangehost.com
Software: /
Resource Hash: 3a1b04d8d6e8ceed1979feb697d8d728d36accd7d76053b56c378d2da1dfb4ba

Request headers

Referer: https://scamrefundgov.com/frontcss/sites/www.scamwatch.gov.au/files/css/css_0mJRnoUceKjZk5FWjMIfYF7Kik1i4yfzhSn1ftLpUHs.css?delta=0&language=en&theme=scamwatch_theme&include=eJxtUQFuwzAI_FBcS9P-YxGHOnS2sQB3ze_nrO06RZUsZO4QdwDEGMMMir4b5Qn-0v3nClelhZ1GoWZ3tiuKp2ooFbLLnKi6TPVrAlW0QPWC0Vj8RccLjw5HMqr6xmpBMOOQCytbONMNdUrMKWOA0X0ziuqPwKSbGha_23wZDrZiwXD9-I8zm5pA8ynzPNyqbcNqOrJ6TZ94RdlmXrYjCRe4uTNldL1lhsU14SSow0eE8g0W17v2UeRI7_iYD2-2r8sv0hvk0yOdGgikobfqk3khp15bnzPpisvdHlYj28JKKCBx3XzBBAVrP16Quzge-uKUDNW9qzFubr8-GT0rroTf6n_jqfDSM06Ku1KARgG6ceTSMtoY6z3-A7sG6vU
Origin: https://scamrefundgov.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:16 GMT
content-encoding: br
last-modified: Sun, 28 Jul 2024 17:08:24 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 469
expires: Fri, 30 Aug 2024 00:04:16 GMT

GET
H3 200 comments.svg
scamrefundgov.com/frontcss/themes/custom/accc_bootstrap/icons/fontawesome-icons/regular/ 1 KB
673 B 153ms
152ms Image
image/svg+xml 173.252.167.180
ORANGEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scamrefundgov.com/frontcss/themes/custom/accc_bootstrap/icons/fontawesome-icons/regular/comments.svg
Requested by: Host: scamrefundgov.com
URL: https://scamrefundgov.com/frontcss/sites/www.scamwatch.gov.au/files/css/css_0mJRnoUceKjZk5FWjMIfYF7Kik1i4yfzhSn1ftLpUHs.css?delta=0&language=en&theme=scamwatch_theme&include=eJxtUQFuwzAI_FBcS9P-YxGHOnS2sQB3ze_nrO06RZUsZO4QdwDEGMMMir4b5Qn-0v3nClelhZ1GoWZ3tiuKp2ooFbLLnKi6TPVrAlW0QPWC0Vj8RccLjw5HMqr6xmpBMOOQCytbONMNdUrMKWOA0X0ziuqPwKSbGha_23wZDrZiwXD9-I8zm5pA8ynzPNyqbcNqOrJ6TZ94RdlmXrYjCRe4uTNldL1lhsU14SSow0eE8g0W17v2UeRI7_iYD2-2r8sv0hvk0yOdGgikobfqk3khp15bnzPpisvdHlYj28JKKCBx3XzBBAVrP16Quzge-uKUDNW9qzFubr8-GT0rroTf6n_jqfDSM06Ku1KARgG6ceTSMtoY6z3-A7sG6vU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 173.252.167.180 Wilmington, United States, ASN19853 (ORANGEHOST, US),
Reverse DNS: server218.orangehost.com
Software: /
Resource Hash: 3669ce6bc67c3cd482a328fc68aba457549f46f800ced947537b071e650b9b9d

Request headers

Referer: https://scamrefundgov.com/frontcss/sites/www.scamwatch.gov.au/files/css/css_0mJRnoUceKjZk5FWjMIfYF7Kik1i4yfzhSn1ftLpUHs.css?delta=0&language=en&theme=scamwatch_theme&include=eJxtUQFuwzAI_FBcS9P-YxGHOnS2sQB3ze_nrO06RZUsZO4QdwDEGMMMir4b5Qn-0v3nClelhZ1GoWZ3tiuKp2ooFbLLnKi6TPVrAlW0QPWC0Vj8RccLjw5HMqr6xmpBMOOQCytbONMNdUrMKWOA0X0ziuqPwKSbGha_23wZDrZiwXD9-I8zm5pA8ynzPNyqbcNqOrJ6TZ94RdlmXrYjCRe4uTNldL1lhsU14SSow0eE8g0W17v2UeRI7_iYD2-2r8sv0hvk0yOdGgikobfqk3khp15bnzPpisvdHlYj28JKKCBx3XzBBAVrP16Quzge-uKUDNW9qzFubr8-GT0rroTf6n_jqfDSM06Ku1KARgG6ceTSMtoY6z3-A7sG6vU
Origin: https://scamrefundgov.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:16 GMT
content-encoding: br
last-modified: Sun, 28 Jul 2024 17:08:24 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 652
expires: Fri, 30 Aug 2024 00:04:16 GMT

GET
H3 200 caret-right.svg
scamrefundgov.com/frontcss/themes/custom/accc_bootstrap/icons/fontawesome-icons/solid/ 423 B
313 B 153ms
152ms Image
image/svg+xml 173.252.167.180
ORANGEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scamrefundgov.com/frontcss/themes/custom/accc_bootstrap/icons/fontawesome-icons/solid/caret-right.svg
Requested by: Host: scamrefundgov.com
URL: https://scamrefundgov.com/frontcss/sites/www.scamwatch.gov.au/files/css/css_0mJRnoUceKjZk5FWjMIfYF7Kik1i4yfzhSn1ftLpUHs.css?delta=0&language=en&theme=scamwatch_theme&include=eJxtUQFuwzAI_FBcS9P-YxGHOnS2sQB3ze_nrO06RZUsZO4QdwDEGMMMir4b5Qn-0v3nClelhZ1GoWZ3tiuKp2ooFbLLnKi6TPVrAlW0QPWC0Vj8RccLjw5HMqr6xmpBMOOQCytbONMNdUrMKWOA0X0ziuqPwKSbGha_23wZDrZiwXD9-I8zm5pA8ynzPNyqbcNqOrJ6TZ94RdlmXrYjCRe4uTNldL1lhsU14SSow0eE8g0W17v2UeRI7_iYD2-2r8sv0hvk0yOdGgikobfqk3khp15bnzPpisvdHlYj28JKKCBx3XzBBAVrP16Quzge-uKUDNW9qzFubr8-GT0rroTf6n_jqfDSM06Ku1KARgG6ceTSMtoY6z3-A7sG6vU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 173.252.167.180 Wilmington, United States, ASN19853 (ORANGEHOST, US),
Reverse DNS: server218.orangehost.com
Software: /
Resource Hash: 1bde3943f5fe19a1008a1db96e2aa56255d766786f8ed6dfde2ea28a9056cbbe

Request headers

Referer: https://scamrefundgov.com/frontcss/sites/www.scamwatch.gov.au/files/css/css_0mJRnoUceKjZk5FWjMIfYF7Kik1i4yfzhSn1ftLpUHs.css?delta=0&language=en&theme=scamwatch_theme&include=eJxtUQFuwzAI_FBcS9P-YxGHOnS2sQB3ze_nrO06RZUsZO4QdwDEGMMMir4b5Qn-0v3nClelhZ1GoWZ3tiuKp2ooFbLLnKi6TPVrAlW0QPWC0Vj8RccLjw5HMqr6xmpBMOOQCytbONMNdUrMKWOA0X0ziuqPwKSbGha_23wZDrZiwXD9-I8zm5pA8ynzPNyqbcNqOrJ6TZ94RdlmXrYjCRe4uTNldL1lhsU14SSow0eE8g0W17v2UeRI7_iYD2-2r8sv0hvk0yOdGgikobfqk3khp15bnzPpisvdHlYj28JKKCBx3XzBBAVrP16Quzge-uKUDNW9qzFubr8-GT0rroTf6n_jqfDSM06Ku1KARgG6ceTSMtoY6z3-A7sG6vU
Origin: https://scamrefundgov.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:16 GMT
content-encoding: br
last-modified: Sun, 28 Jul 2024 17:08:22 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 269
expires: Fri, 30 Aug 2024 00:04:16 GMT

GET
H3 200 header-background-home.webp
scamrefundgov.com/frontcss/sites/www.scamwatch.gov.au/themes/scamwatch_theme/images/ 337 KB
337 KB 154ms
154ms Image
image/webp 173.252.167.180
ORANGEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scamrefundgov.com/frontcss/sites/www.scamwatch.gov.au/themes/scamwatch_theme/images/header-background-home.webp?version=2023071301
Requested by: Host: scamrefundgov.com
URL: https://scamrefundgov.com/frontcss/sites/www.scamwatch.gov.au/files/css/css_NuMXpjbsWzFxj2qAkcmlixmmJaGMxFFyPsSjJveWd3s.css?delta=1&language=en&theme=scamwatch_theme&include=eJxtUQFuwzAI_FBcS9P-YxGHOnS2sQB3ze_nrO06RZUsZO4QdwDEGMMMir4b5Qn-0v3nClelhZ1GoWZ3tiuKp2ooFbLLnKi6TPVrAlW0QPWC0Vj8RccLjw5HMqr6xmpBMOOQCytbONMNdUrMKWOA0X0ziuqPwKSbGha_23wZDrZiwXD9-I8zm5pA8ynzPNyqbcNqOrJ6TZ94RdlmXrYjCRe4uTNldL1lhsU14SSow0eE8g0W17v2UeRI7_iYD2-2r8sv0hvk0yOdGgikobfqk3khp15bnzPpisvdHlYj28JKKCBx3XzBBAVrP16Quzge-uKUDNW9qzFubr8-GT0rroTf6n_jqfDSM06Ku1KARgG6ceTSMtoY6z3-A7sG6vU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 173.252.167.180 Wilmington, United States, ASN19853 (ORANGEHOST, US),
Reverse DNS: server218.orangehost.com
Software: /
Resource Hash: 0a3c823c1ac52c8aab7404f6d950fbf21d12ee2651f0d57aab41f9c757d0ee22

Request headers

Referer: https://scamrefundgov.com/frontcss/sites/www.scamwatch.gov.au/files/css/css_NuMXpjbsWzFxj2qAkcmlixmmJaGMxFFyPsSjJveWd3s.css?delta=1&language=en&theme=scamwatch_theme&include=eJxtUQFuwzAI_FBcS9P-YxGHOnS2sQB3ze_nrO06RZUsZO4QdwDEGMMMir4b5Qn-0v3nClelhZ1GoWZ3tiuKp2ooFbLLnKi6TPVrAlW0QPWC0Vj8RccLjw5HMqr6xmpBMOOQCytbONMNdUrMKWOA0X0ziuqPwKSbGha_23wZDrZiwXD9-I8zm5pA8ynzPNyqbcNqOrJ6TZ94RdlmXrYjCRe4uTNldL1lhsU14SSow0eE8g0W17v2UeRI7_iYD2-2r8sv0hvk0yOdGgikobfqk3khp15bnzPpisvdHlYj28JKKCBx3XzBBAVrP16Quzge-uKUDNW9qzFubr8-GT0rroTf6n_jqfDSM06Ku1KARgG6ceTSMtoY6z3-A7sG6vU
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Fri, 30 Aug 2024 00:04:16 GMT
date: Fri, 23 Aug 2024 00:04:16 GMT
cache-control: public, max-age=604800
last-modified: Sun, 28 Jul 2024 17:08:50 GMT
accept-ranges: bytes
content-length: 344940
content-type: image/webp

GET
H3 404 arrow-right.svg
scamrefundgov.com/themes/custom/accc_bootstrap/icons/fontawesome-icons/solid/ 1 KB
1 KB 455ms
455ms Image
text/html 173.252.167.180
ORANGEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scamrefundgov.com/themes/custom/accc_bootstrap/icons/fontawesome-icons/solid/arrow-right.svg
Requested by: Host: scamrefundgov.com
URL: https://scamrefundgov.com/frontcss/sites/www.scamwatch.gov.au/files/css/css_NuMXpjbsWzFxj2qAkcmlixmmJaGMxFFyPsSjJveWd3s.css?delta=1&language=en&theme=scamwatch_theme&include=eJxtUQFuwzAI_FBcS9P-YxGHOnS2sQB3ze_nrO06RZUsZO4QdwDEGMMMir4b5Qn-0v3nClelhZ1GoWZ3tiuKp2ooFbLLnKi6TPVrAlW0QPWC0Vj8RccLjw5HMqr6xmpBMOOQCytbONMNdUrMKWOA0X0ziuqPwKSbGha_23wZDrZiwXD9-I8zm5pA8ynzPNyqbcNqOrJ6TZ94RdlmXrYjCRe4uTNldL1lhsU14SSow0eE8g0W17v2UeRI7_iYD2-2r8sv0hvk0yOdGgikobfqk3khp15bnzPpisvdHlYj28JKKCBx3XzBBAVrP16Quzge-uKUDNW9qzFubr8-GT0rroTf6n_jqfDSM06Ku1KARgG6ceTSMtoY6z3-A7sG6vU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 173.252.167.180 Wilmington, United States, ASN19853 (ORANGEHOST, US),
Reverse DNS: server218.orangehost.com
Software: /
Resource Hash: 15d47bceab3336774a34d2a88f58a4b965facbd4ecd458b0e68789268bad686e

Request headers

Referer: https://scamrefundgov.com/frontcss/sites/www.scamwatch.gov.au/files/css/css_NuMXpjbsWzFxj2qAkcmlixmmJaGMxFFyPsSjJveWd3s.css?delta=1&language=en&theme=scamwatch_theme&include=eJxtUQFuwzAI_FBcS9P-YxGHOnS2sQB3ze_nrO06RZUsZO4QdwDEGMMMir4b5Qn-0v3nClelhZ1GoWZ3tiuKp2ooFbLLnKi6TPVrAlW0QPWC0Vj8RccLjw5HMqr6xmpBMOOQCytbONMNdUrMKWOA0X0ziuqPwKSbGha_23wZDrZiwXD9-I8zm5pA8ynzPNyqbcNqOrJ6TZ94RdlmXrYjCRe4uTNldL1lhsU14SSow0eE8g0W17v2UeRI7_iYD2-2r8sv0hvk0yOdGgikobfqk3khp15bnzPpisvdHlYj28JKKCBx3XzBBAVrP16Quzge-uKUDNW9qzFubr8-GT0rroTf6n_jqfDSM06Ku1KARgG6ceTSMtoY6z3-A7sG6vU
Origin: https://scamrefundgov.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:16 GMT
cache-control: no-cache, private
content-encoding: br
content-length: 496
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H3 200 header-background.webp
scamrefundgov.com/frontcss/sites/www.scamwatch.gov.au/themes/scamwatch_theme/images/ 16 KB
16 KB 181ms
181ms Image
image/webp 173.252.167.180
ORANGEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scamrefundgov.com/frontcss/sites/www.scamwatch.gov.au/themes/scamwatch_theme/images/header-background.webp?version=2023071301
Requested by: Host: scamrefundgov.com
URL: https://scamrefundgov.com/frontcss/sites/www.scamwatch.gov.au/files/css/css_NuMXpjbsWzFxj2qAkcmlixmmJaGMxFFyPsSjJveWd3s.css?delta=1&language=en&theme=scamwatch_theme&include=eJxtUQFuwzAI_FBcS9P-YxGHOnS2sQB3ze_nrO06RZUsZO4QdwDEGMMMir4b5Qn-0v3nClelhZ1GoWZ3tiuKp2ooFbLLnKi6TPVrAlW0QPWC0Vj8RccLjw5HMqr6xmpBMOOQCytbONMNdUrMKWOA0X0ziuqPwKSbGha_23wZDrZiwXD9-I8zm5pA8ynzPNyqbcNqOrJ6TZ94RdlmXrYjCRe4uTNldL1lhsU14SSow0eE8g0W17v2UeRI7_iYD2-2r8sv0hvk0yOdGgikobfqk3khp15bnzPpisvdHlYj28JKKCBx3XzBBAVrP16Quzge-uKUDNW9qzFubr8-GT0rroTf6n_jqfDSM06Ku1KARgG6ceTSMtoY6z3-A7sG6vU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 173.252.167.180 Wilmington, United States, ASN19853 (ORANGEHOST, US),
Reverse DNS: server218.orangehost.com
Software: /
Resource Hash: 965a0a3f311517e0c0cd493b5166560f848c52ecb4ae853c564ad5fa13f18e0d

Request headers

Referer: https://scamrefundgov.com/frontcss/sites/www.scamwatch.gov.au/files/css/css_NuMXpjbsWzFxj2qAkcmlixmmJaGMxFFyPsSjJveWd3s.css?delta=1&language=en&theme=scamwatch_theme&include=eJxtUQFuwzAI_FBcS9P-YxGHOnS2sQB3ze_nrO06RZUsZO4QdwDEGMMMir4b5Qn-0v3nClelhZ1GoWZ3tiuKp2ooFbLLnKi6TPVrAlW0QPWC0Vj8RccLjw5HMqr6xmpBMOOQCytbONMNdUrMKWOA0X0ziuqPwKSbGha_23wZDrZiwXD9-I8zm5pA8ynzPNyqbcNqOrJ6TZ94RdlmXrYjCRe4uTNldL1lhsU14SSow0eE8g0W17v2UeRI7_iYD2-2r8sv0hvk0yOdGgikobfqk3khp15bnzPpisvdHlYj28JKKCBx3XzBBAVrP16Quzge-uKUDNW9qzFubr8-GT0rroTf6n_jqfDSM06Ku1KARgG6ceTSMtoY6z3-A7sG6vU
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Fri, 30 Aug 2024 00:04:16 GMT
date: Fri, 23 Aug 2024 00:04:16 GMT
cache-control: public, max-age=604800
last-modified: Sun, 28 Jul 2024 17:05:52 GMT
accept-ranges: bytes
content-length: 16296
content-type: image/webp

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
19 KB 405ms
3ms Font
font/woff2 172.217.24.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bitter:400,700|Roboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f3.1e100.net

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://scamrefundgov.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 03:49:03 GMT
x-content-type-options: nosniff
age: 72913
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000
content-length: 18536
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Aug 2025 03:49:03 GMT

GET
H2 200 rax8HiqOu8IVPmn7f4xp.woff2
fonts.gstatic.com/s/bitter/v36/ 33 KB
33 KB 406ms
5ms Font
font/woff2 172.217.24.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bitter/v36/rax8HiqOu8IVPmn7f4xp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bitter:400,700|Roboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f3.1e100.net

Software

sffe /

Resource Hash

710837bbd0f471356c5ea8fa53770a38ad6e4ccb135168c90fdbc0f33aef0ad3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://scamrefundgov.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 03:52:53 GMT
x-content-type-options: nosniff
age: 72683
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000
content-length: 33804
x-xss-protection: 0
last-modified: Wed, 26 Jun 2024 16:04:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Aug 2025 03:52:53 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 405ms
4ms Font
font/woff2 172.217.24.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bitter:400,700|Roboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f3.1e100.net

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://scamrefundgov.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 03:57:14 GMT
x-content-type-options: nosniff
age: 72422
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000
content-length: 18596
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Aug 2025 03:57:14 GMT

GET
H3 200 scam.png
scamrefundgov.com/frontcss/sites/www.scamwatch.gov.au/files/styles/large/public/ 16 KB
16 KB 177ms
176ms Image
image/png 173.252.167.180
ORANGEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scamrefundgov.com/frontcss/sites/www.scamwatch.gov.au/files/styles/large/public/scam.png?itok=cXzXPlfR
Requested by: Host: scamrefundgov.com
URL: https://scamrefundgov.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 173.252.167.180 Wilmington, United States, ASN19853 (ORANGEHOST, US),
Reverse DNS: server218.orangehost.com
Software: /
Resource Hash: 48c5a6bb9a2bf66c16620b9a24a280ffbf64c5f4d34df739fee29e959b797897

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Fri, 30 Aug 2024 00:04:16 GMT
date: Fri, 23 Aug 2024 00:04:16 GMT
cache-control: public, max-age=604800
last-modified: Sun, 28 Jul 2024 17:07:56 GMT
accept-ranges: bytes
content-length: 15923
content-type: image/png

GET
H3 200 check.png
scamrefundgov.com/frontcss/sites/www.scamwatch.gov.au/files/styles/large/public/ 10 KB
10 KB 276ms
274ms Image
image/png 173.252.167.180
ORANGEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scamrefundgov.com/frontcss/sites/www.scamwatch.gov.au/files/styles/large/public/check.png?itok=C-03pv7T
Requested by: Host: scamrefundgov.com
URL: https://scamrefundgov.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 173.252.167.180 Wilmington, United States, ASN19853 (ORANGEHOST, US),
Reverse DNS: server218.orangehost.com
Software: /
Resource Hash: b797bf52f3a8504894204cd92071aa8084611b233b2575639ec1aaac7d1e2fe3

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Fri, 30 Aug 2024 00:04:16 GMT
date: Fri, 23 Aug 2024 00:04:16 GMT
cache-control: public, max-age=604800
last-modified: Sun, 28 Jul 2024 17:07:56 GMT
accept-ranges: bytes
content-length: 9886
content-type: image/png

GET
H3 200 scammed.png
scamrefundgov.com/frontcss/sites/www.scamwatch.gov.au/files/styles/large/public/ 11 KB
11 KB 262ms
260ms Image
image/png 173.252.167.180
ORANGEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scamrefundgov.com/frontcss/sites/www.scamwatch.gov.au/files/styles/large/public/scammed.png?itok=Xrv7XCdJ
Requested by: Host: scamrefundgov.com
URL: https://scamrefundgov.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 173.252.167.180 Wilmington, United States, ASN19853 (ORANGEHOST, US),
Reverse DNS: server218.orangehost.com
Software: /
Resource Hash: 7fdfb888f170d3d8a68cfab7046dbbfc65384fdaaa2be6c5710598688b5d1cfa

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Fri, 30 Aug 2024 00:04:16 GMT
date: Fri, 23 Aug 2024 00:04:16 GMT
cache-control: public, max-age=604800
last-modified: Sun, 28 Jul 2024 17:07:58 GMT
accept-ranges: bytes
content-length: 10847
content-type: image/png

GET
H2 200 commonninja.js Show response
cdn.commoninja.com/sdk/latest/ 31 KB
0 0ms
0ms Script
application/javascript 172.67.41.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.commoninja.com/sdk/latest/commonninja.js
Requested by: Host: scamrefundgov.com
URL: https://scamrefundgov.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.41.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c894b53906e5fecca9e55a665670443ad5d8afb18f1af140d1739b6152202a38

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:16 GMT
via: 1.1 vegur, 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 549
x-powered-by: Express
cross-origin-resource-policy: cross-origin
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724342080&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=cNKNb4iC88jEgm3bZJM0b81%2BNQCAydJh6FdZJwqAU6c%3D
cf-bgj: minify
last-modified: Wed, 21 Aug 2024 13:42:03 GMT
server: cloudflare
etag: W/"7dd3-191752c4bf8"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724342080&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=cNKNb4iC88jEgm3bZJM0b81%2BNQCAydJh6FdZJwqAU6c%3D"}]}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 8b76d8203e3f5509-SYD

GET
H3 404 internal Show response
scamrefundgov.com/accc-user/ 69 B
77 B 374ms
373ms XHR
application/json 173.252.167.180
ORANGEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://scamrefundgov.com/accc-user/internal
Requested by: Host: scamrefundgov.com
URL: https://scamrefundgov.com/frontcss/sites/www.scamwatch.gov.au/files/js/js_p7xjOzxlb_SrdmzOVaFqhR9vz3wp5-CfUMoRUGf6Bj4.js?scope=header&delta=0&language=en&theme=scamwatch_theme&include=eJxtUQFuwzAI_FBcS9P-YxGHOnS2sQB3ze_nrO06RZUsZO4QdwDEGMMMir4b5Qn-0v3nClelhZ1GoWZ3tiuKp2ooFbLLnKi6TPVrAlW0QPWC0Vj8RccLjw5HMqr6xmpBMOOQCytbONMNdUrMKWOA0X0ziuqPwKSbGha_23wZDrZiwXD9-I8zm5pA8ynzPNyqbcNqOrJ6TZ94RdlmXrYjCRe4uTNldL1lhsU14SSow0eE8g0W17v2UeRI7_iYD2-2r8sv0hvk0yOdGgikobfqk3khp15bnzPpisvdHlYj28JKKCBx3XzBBAVrP16Quzge-uKUDNW9qzFubr8-GT0rroTf6n_jqfDSM06Ku1KARgG6ceTSMtoY6z3-A7sG6vU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 173.252.167.180 Wilmington, United States, ASN19853 (ORANGEHOST, US),
Reverse DNS: server218.orangehost.com
Software: /
Resource Hash: 9746f8a4d98418c02b1fbc08c26db135ccec7b520797b8b24f0d90ee9bb3e76b

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://scamrefundgov.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:16 GMT
cache-control: no-cache, private
content-encoding: br
content-length: 61
vary: Accept-Encoding
content-type: application/json

GET
H2 200 main.js Show response
cdn.commoninja.com/scripts/sdk/ 442 KB
132 KB 34ms
33ms Script
text/javascript 172.67.41.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.commoninja.com/scripts/sdk/main.js
Requested by: Host: cdn.commoninja.com
URL: https://cdn.commoninja.com/sdk/latest/commonninja.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.41.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 8380c7efd6f77d6abbe546b675165a560270b214e34d0cc7cf6aa0c475b23708

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:16 GMT
via: 1.1 vegur, 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 558
x-powered-by: Express
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724342083&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=6zhtEhuStMg0M5wL6Uede676xwaVAKXJCNUk%2Bkv%2Fq28%3D
cf-bgj: minify
server: cloudflare
etag: W/"6e7cf-+rYduRlcnsQP66+uvHViTPYbh8E"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724342083&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=6zhtEhuStMg0M5wL6Uede676xwaVAKXJCNUk%2Bkv%2Fq28%3D"}]}
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
cf-ray: 8b76d8216f485509-SYD

GET
H2 200 c9633e90-0f17-41a1-a0f2-d7408506562d Show response
cdn.commoninja.com/api/v1/embed/ 4 KB
2 KB 1508ms
1198ms XHR
application/json 172.67.41.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.commoninja.com/api/v1/embed/c9633e90-0f17-41a1-a0f2-d7408506562d
Requested by: Host: cdn.commoninja.com
URL: https://cdn.commoninja.com/sdk/latest/commonninja.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.41.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 658a3ba48c12060b5eba99fbba6e4048562c90b6baf3015bbaf59a8978df108f

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:17 GMT
via: 1.1 vegur, 1.1 vegur
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724370048&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=AS%2F72qjseUiXHL7Q4ui6xL%2FA2NTdEQCRLzZyLrmMMOo%3D
server: cloudflare
etag: W/"ef0-08uOQJ4yHowb8VFDOR009OHChcs"
x-ratelimit-remaining: 985
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724370048&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=AS%2F72qjseUiXHL7Q4ui6xL%2FA2NTdEQCRLzZyLrmMMOo%3D"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://scamrefundgov.com
vary: Origin, Accept-Encoding
x-ratelimit-reset: 1724370085
x-ratelimit-limit: 1000
cf-ray: 8b76d823de6b573b-SYD

GET
H2 200 c9633e90-0f17-41a1-a0f2-d7408506562d Show response
cdn.commoninja.com/api/v1/embed/ 4 KB
51 B 1557ms
37ms XHR
application/json 172.67.41.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.commoninja.com/api/v1/embed/c9633e90-0f17-41a1-a0f2-d7408506562d
Requested by: Host: cdn.commoninja.com
URL: https://cdn.commoninja.com/sdk/latest/commonninja.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.41.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 658a3ba48c12060b5eba99fbba6e4048562c90b6baf3015bbaf59a8978df108f

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:17 GMT
via: 1.1 vegur, 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 0
x-powered-by: Express
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724370048&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=AS%2F72qjseUiXHL7Q4ui6xL%2FA2NTdEQCRLzZyLrmMMOo%3D
server: cloudflare
etag: W/"ef0-08uOQJ4yHowb8VFDOR009OHChcs"
x-ratelimit-remaining: 985
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724370048&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=AS%2F72qjseUiXHL7Q4ui6xL%2FA2NTdEQCRLzZyLrmMMOo%3D"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://scamrefundgov.com
vary: Origin, Accept-Encoding
x-ratelimit-reset: 1724370085
x-ratelimit-limit: 1000
cf-ray: 8b76d82b6836573b-SYD

GET
H2 200 heatmaps.js Show response
heatmaps.monsido.com/v1/ 8 KB
3 KB 321ms
7ms Script
text/javascript 34.98.91.45
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://heatmaps.monsido.com/v1/heatmaps.js
Requested by: Host: app-script.monsido.com
URL: https://app-script.monsido.com/v2/monsido-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.91.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 45.91.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 699e1427474c3daa7932aa405a51762e6ab51ba12a19775321a7357deb31f384

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:00:33 GMT
content-encoding: gzip
age: 224
x-guploader-uploadid: AHxI1nMKUVVEpL4iQkePnQoVd5ed2rH8NgTyUdJ5K78_yUd7fOEV_fwepqn1XIxfeJcQtI20c_fm6vRKFg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2870
last-modified: Thu, 01 Jun 2023 07:10:33 GMT
server: UploadServer
etag: "6bd8810f93d4046aec0007f3db64ca67"
vary: Accept-Encoding
x-goog-generation: 1685603433813852
x-goog-hash: crc32c=uwyl4w==, md5=a9iBD5PUBGrsAAfz22TKZw==
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=300
x-goog-stored-content-length: 2870
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 23 Aug 2024 00:05:33 GMT

GET
H2 200 /
tracking.monsido.com/ 43 B
196 B 318ms
5ms Image
image/gif 35.190.93.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracking.monsido.com/?a=PV6Vxtn6x6O_A7KwncRZ8g&b=https%3A%2F%2Fscamrefundgov.com%2F&c=DB51724371456697&d=1600x1200&f=BCE1724371456698&h=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.93.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.93.190.35.bc.googleusercontent.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 23 Aug 2024 00:04:17 GMT
cache-control: private, no-store, max-age=0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: 2024-08-23T00:04:17Z

GET
H3 200 favicon.png
scamrefundgov.com/assets/images/logoIcon/ 12 KB
12 KB 153ms
153ms Other
image/png 173.252.167.180
ORANGEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://scamrefundgov.com/assets/images/logoIcon/favicon.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 173.252.167.180 Wilmington, United States, ASN19853 (ORANGEHOST, US),
Reverse DNS: server218.orangehost.com
Software: /
Resource Hash: 9d742a659c0472c35b00a48334b8e2a6b42a109fc26de7af41e2cb1daa665a07

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Fri, 30 Aug 2024 00:04:16 GMT
date: Fri, 23 Aug 2024 00:04:16 GMT
cache-control: public, max-age=604800
last-modified: Thu, 25 Apr 2024 21:41:11 GMT
accept-ranges: bytes
content-length: 12588
content-type: image/png

GET
H2 200 favicon_32.png
www.scamwatch.gov.au/sites/www.scamwatch.gov.au/themes/scamwatch_theme/images/favicons/ 466 B
678 B 36ms
10ms Other
image/png 202.14.188.23
VZB-AU-AS Verizon...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scamwatch.gov.au/sites/www.scamwatch.gov.au/themes/scamwatch_theme/images/favicons/favicon_32.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

202.14.188.23 , Australia, ASN9555 (VZB-AU-AS Verizon Australia PTY Limited, AU),

Reverse DNS

Software

Apache /

Resource Hash

9f4b5482ed2eccff459ed18fdf24d7b382c8e5bb7a2633b1db16508121629807

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 23 Aug 2024 00:04:16 GMT
x-content-type-options: nosniff
last-modified: Fri, 16 Aug 2024 06:30:28 GMT
server: Apache
etag: "1d2-61fc7185f9798"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 466
expires: Sat, 23 Aug 2025 00:04:16 GMT

GET
H3 200 PV6Vxtn6x6O_A7KwncRZ8g.json Show response
heatmaps.monsido.com/v1/settings/ 358 B
387 B 9ms
3ms XHR
application/json 34.98.91.45
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://heatmaps.monsido.com/v1/settings/PV6Vxtn6x6O_A7KwncRZ8g.json
Requested by: Host: heatmaps.monsido.com
URL: https://heatmaps.monsido.com/v1/heatmaps.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.91.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 45.91.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 151bcf2f4aaa15da55d059f2bad77ea263b632a1c96bba54072a01ec552c4c6f

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 23:59:27 GMT
age: 290
x-guploader-uploadid: AHxI1nPjWCQNW6_Plrrll3A5KXkDQPDwHAEXher-LYEYow4lubB6ZCQd5h4F_79nLuwOAtWCNBfYfz26Bg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 358
last-modified: Mon, 20 Nov 2023 21:59:07 GMT
server: UploadServer
etag: "37caee7fef8eef2052acbbf1bfae6e5f"
x-goog-generation: 1700517547594310
x-goog-hash: crc32c=b1hm4g==, md5=N8ruf++O7yBSrLvxv65uXw==
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=300
x-goog-stored-content-length: 358
accept-ranges: bytes
content-type: application/json
expires: Fri, 23 Aug 2024 00:04:27 GMT

GET
H2 200 22972.942a4c40.chunk.js Show response
cdn.commoninja.com/wr/static/js/ 273 KB
92 KB 30ms
30ms Script
application/javascript 172.67.41.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.commoninja.com/wr/static/js/22972.942a4c40.chunk.js
Requested by: Host: cdn.commoninja.com
URL: https://cdn.commoninja.com/scripts/sdk/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.41.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eed7e99aaf65c8d07f58213a00ebb0042ae55797fcd52129b25e5781b1818d37

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:17 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-request-id: GXVQTWV284F0PK78
age: 29369
cf-polished: origSize=279324
x-amz-server-side-encryption: AES256
x-amz-id-2: 4Yl0Ymuf+tdNlJs88J0zW3HGOkya9bNLgFJqtxbfNeM6ZliPZusdRmftDCKzylGEj/q+ZBUlolQ=
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724342088&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=2nZJDcS7bPHiR7ExBT1ImjN7WwhDILu%2FCCw4Dx7GzOI%3D
cf-bgj: minify
last-modified: Thu, 22 Aug 2024 13:53:58 GMT
server: cloudflare
etag: W/"a2a89b85c7198a4187a9a986181ed25b"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724342088&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=2nZJDcS7bPHiR7ExBT1ImjN7WwhDILu%2FCCw4Dx7GzOI%3D"}]}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 8b76d82b8f105509-SYD

GET
H2 200 17766.aadbc4de.chunk.js Show response
cdn.commoninja.com/wr/static/js/ 31 KB
10 KB 21ms
21ms Script
application/javascript 172.67.41.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.commoninja.com/wr/static/js/17766.aadbc4de.chunk.js
Requested by: Host: cdn.commoninja.com
URL: https://cdn.commoninja.com/scripts/sdk/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.41.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27c31a6ea5726bffc7ea290282ed5873cb06b39f826c145399e3f4b97fc8cb64

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:17 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-request-id: GXVY1NECKRFEG8WQ
age: 29369
cf-polished: origSize=31887
x-amz-server-side-encryption: AES256
x-amz-id-2: oIPz3L4CQDNZZhmaHMmO62DdZggLSNLJQdyM7Pevk8PuDmkBNpI103XPD4QwzqrvyzQtnKeaIlFt82AbQqkqx2oqMlUXRhz0tEmsZBSOaUk=
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724342088&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=2nZJDcS7bPHiR7ExBT1ImjN7WwhDILu%2FCCw4Dx7GzOI%3D
cf-bgj: minify
last-modified: Thu, 22 Aug 2024 13:53:57 GMT
server: cloudflare
etag: W/"d4a9da9166a19f34fffbfc84267fdc71"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724342088&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=2nZJDcS7bPHiR7ExBT1ImjN7WwhDILu%2FCCw4Dx7GzOI%3D"}]}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 8b76d82b8f135509-SYD

GET
H2 200 51344.a6f770a1.chunk.js Show response
cdn.commoninja.com/wr/static/js/ 9 KB
4 KB 23ms
23ms Script
application/javascript 172.67.41.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.commoninja.com/wr/static/js/51344.a6f770a1.chunk.js
Requested by: Host: cdn.commoninja.com
URL: https://cdn.commoninja.com/scripts/sdk/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.41.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 648c7baedae60b46ba147b5e7aea4344061d76f88e62f6fd663cef11ac744e18

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:17 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-request-id: GXVP3CVCJQRY5W9V
age: 29369
cf-polished: origSize=9349
x-amz-server-side-encryption: AES256
x-amz-id-2: qiXKm9+hidW+PQML15yzMY8BSv0MNkyc+beXnErb+s2ZDW6rk6CaaMqNf29nWKfGFKeyhbOpcYQ=
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724342088&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=2nZJDcS7bPHiR7ExBT1ImjN7WwhDILu%2FCCw4Dx7GzOI%3D
cf-bgj: minify
last-modified: Thu, 22 Aug 2024 13:54:04 GMT
server: cloudflare
etag: W/"6b70f8447ce3660fe2e8b1dcfd3cbd12"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724342088&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=2nZJDcS7bPHiR7ExBT1ImjN7WwhDILu%2FCCw4Dx7GzOI%3D"}]}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 8b76d82b8f145509-SYD

GET
H2 200 78362.15dff239.chunk.js Show response
cdn.commoninja.com/wr/static/js/ 69 KB
16 KB 25ms
25ms Script
application/javascript 172.67.41.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.commoninja.com/wr/static/js/78362.15dff239.chunk.js
Requested by: Host: cdn.commoninja.com
URL: https://cdn.commoninja.com/scripts/sdk/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.41.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1312a7001378f9f5aed3acbaa0c85abf8bf1fc18ca710ede896007791e7e9c6

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:17 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-request-id: GXVJJMSW9M5WHZ9F
age: 29369
cf-polished: origSize=70428
x-amz-server-side-encryption: AES256
x-amz-id-2: R40Sn3KKCXDSQDTlUY21AUQzAko6t/nvlTp7TOvrSypDeAiUfYSVyI/aITffIcVG38s1YJiCTXE=
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724342088&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=2nZJDcS7bPHiR7ExBT1ImjN7WwhDILu%2FCCw4Dx7GzOI%3D
cf-bgj: minify
last-modified: Thu, 22 Aug 2024 13:54:10 GMT
server: cloudflare
etag: W/"21c8399b3627d595b97fd8c591bb5b4b"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724342088&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=2nZJDcS7bPHiR7ExBT1ImjN7WwhDILu%2FCCw4Dx7GzOI%3D"}]}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 8b76d82b8f155509-SYD

GET
H2 200 98064.7b5d4496.chunk.js Show response
cdn.commoninja.com/wr/static/js/ 11 KB
5 KB 27ms
27ms Script
application/javascript 172.67.41.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.commoninja.com/wr/static/js/98064.7b5d4496.chunk.js
Requested by: Host: cdn.commoninja.com
URL: https://cdn.commoninja.com/scripts/sdk/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.41.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66f894ec0c3317b5116816b5eaf872b45dbe0adbbc478431bf62bdc593fd6ab9

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:17 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-request-id: GXVVD9SDJBJ2E23K
age: 29369
cf-polished: origSize=11149
x-amz-server-side-encryption: AES256
x-amz-id-2: HpKRrIR0BDvEhNyb90u2m+4CrFN4r8C/QlnKqW1z+lj0Tlvjr1CRHu8c5PAwn+IGUhUkwzpPGahOTsk+vVIo78cBbu1yu4wm4iykfrNpSNM=
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724342088&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=2nZJDcS7bPHiR7ExBT1ImjN7WwhDILu%2FCCw4Dx7GzOI%3D
cf-bgj: minify
last-modified: Thu, 22 Aug 2024 13:54:15 GMT
server: cloudflare
etag: W/"c6150e2ca0e83608ecc72eeeaacf0532"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724342088&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=2nZJDcS7bPHiR7ExBT1ImjN7WwhDILu%2FCCw4Dx7GzOI%3D"}]}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 8b76d82b8f175509-SYD

GET
H2 200 8538.1ef5d2e4.chunk.js Show response
cdn.commoninja.com/wr/static/js/ 12 KB
3 KB 37ms
37ms Script
application/javascript 172.67.41.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.commoninja.com/wr/static/js/8538.1ef5d2e4.chunk.js
Requested by: Host: cdn.commoninja.com
URL: https://cdn.commoninja.com/scripts/sdk/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.41.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7aa2a8ab90c1d850c3dbbe952980e6191d26c2eb0439e04dac673a4530189eec

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:17 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-request-id: T9V6G1VGVT74T57Z
age: 29332
cf-polished: origSize=12170
x-amz-server-side-encryption: AES256
x-amz-id-2: f3/FqpcMcBDIy3qv0pb+aygFa1RnqWHM0nRV8w/uTMvguqqrMoDhwSgQzJ2tvnWuDwBQ+iiJErZboG1vEjNpbLyGMGcrExIwVIEXDH2hHbg=
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724342125&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=8bw1f11T9Ryrfv84w9zipwhSs17%2BCkM5d%2F9OxzTRZC4%3D
cf-bgj: minify
last-modified: Thu, 22 Aug 2024 13:54:12 GMT
server: cloudflare
etag: W/"023dd553c5a4482c6c36af82b638a1cd"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724342125&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=8bw1f11T9Ryrfv84w9zipwhSs17%2BCkM5d%2F9OxzTRZC4%3D"}]}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 8b76d82b8f185509-SYD

GET
H2 200 11842.c7df6d40.chunk.js Show response
cdn.commoninja.com/wr/static/js/ 70 KB
26 KB 23ms
23ms Script
application/javascript 172.67.41.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.commoninja.com/wr/static/js/11842.c7df6d40.chunk.js
Requested by: Host: cdn.commoninja.com
URL: https://cdn.commoninja.com/scripts/sdk/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.41.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0950e5fc6bcd7dcdfca0b39354c47c8da251c26b5066b6106ecd53732501afa

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:17 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-request-id: 8JF1RGW3PYA53XBD
age: 29331
cf-polished: origSize=71826
x-amz-server-side-encryption: AES256
x-amz-id-2: cguqW4gzNEQtPR1jZK3lJiMyNsEsT5JGHDC+ZosmRRRkdzpHcXqSgB6CLO0uihG+Vl+kxKDhWaWrYuTJdGnpe44qDIGgaIyxOfw5SNLiNNY=
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724342126&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=05EagUiJsjxkKjWW1PAPx7%2B6FStmeYEXObV2mjRo4CM%3D
cf-bgj: minify
last-modified: Thu, 22 Aug 2024 13:53:56 GMT
server: cloudflare
etag: W/"f8bb16bc1390c56ae0971df5def5504c"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724342126&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=05EagUiJsjxkKjWW1PAPx7%2B6FStmeYEXObV2mjRo4CM%3D"}]}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 8b76d82b8f195509-SYD

GET
H2 200 90386.865b8611.chunk.js Show response
cdn.commoninja.com/wr/static/js/ 155 KB
37 KB 28ms
28ms Script
application/javascript 172.67.41.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.commoninja.com/wr/static/js/90386.865b8611.chunk.js
Requested by: Host: cdn.commoninja.com
URL: https://cdn.commoninja.com/scripts/sdk/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.41.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53beeec825bfe1ec17c970188ff2d73ac983d1d795b3b2a5b6cf817b360fbb92

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:17 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-request-id: QH8DTF4KZXHDQN64
age: 29376
cf-polished: origSize=158596
x-amz-server-side-encryption: AES256
x-amz-id-2: V0XL5BVBj/clKsSUb/q+dUh7/wGWZJ9r0kMcA+7ACO1IQ+sdbBK0/hGIT+syCrjyzwYj7Pdrz4A=
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724342081&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=U5jhae%2FJNCmIz4hWicDDvgmCWkiOrWEsM04UfrfYdV8%3D
cf-bgj: minify
last-modified: Thu, 22 Aug 2024 13:54:13 GMT
server: cloudflare
etag: W/"1e4dd2574f82f15859b28af328932730"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724342081&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=U5jhae%2FJNCmIz4hWicDDvgmCWkiOrWEsM04UfrfYdV8%3D"}]}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 8b76d82b8f1b5509-SYD

GET
H2 200 50525.44a5bcb7.chunk.js Show response
cdn.commoninja.com/wr/static/js/ 16 KB
5 KB 22ms
22ms Script
application/javascript 172.67.41.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.commoninja.com/wr/static/js/50525.44a5bcb7.chunk.js
Requested by: Host: cdn.commoninja.com
URL: https://cdn.commoninja.com/scripts/sdk/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.41.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 686e98ba73fdb559ecb67f784ffc0ae3c9644e019c874a9d9f61939cf2b6ddad

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:17 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-request-id: 98V74D86GSRT4DB1
age: 29374
cf-polished: origSize=16361
x-amz-server-side-encryption: AES256
x-amz-id-2: R+Sww5y3VwIghKHbRM1YDX/9cUTTBU1HIjJN6BA3WfIKPvaf+XiFrhngLcVJsoAyD7Ebl4IaITE=
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724342082&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=Kt47hCvLjdPL0aTL62T5NdIJb9iYDQSnOLI1T8GbIts%3D
cf-bgj: minify
last-modified: Thu, 22 Aug 2024 13:54:03 GMT
server: cloudflare
etag: W/"63b4e06825d8f0eec04028220fa98ab3"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724342082&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=Kt47hCvLjdPL0aTL62T5NdIJb9iYDQSnOLI1T8GbIts%3D"}]}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 8b76d82b9f1d5509-SYD

GET
H2 200 10721.1000f12e.chunk.js Show response
cdn.commoninja.com/wr/static/js/ 49 KB
14 KB 28ms
28ms Script
application/javascript 172.67.41.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.commoninja.com/wr/static/js/10721.1000f12e.chunk.js
Requested by: Host: cdn.commoninja.com
URL: https://cdn.commoninja.com/scripts/sdk/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.41.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70f26656029fab680f68470cba3fbffc3a1856afe6244c9e2cb900beb5e9b697

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:17 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-request-id: T9V02TA6N1SX5BAX
age: 29332
cf-polished: origSize=50489
x-amz-server-side-encryption: AES256
x-amz-id-2: b9jpg+noLuiYFNb10XCsACSq7rb2VRj5lisj/7kqo9Ums8r03alUFNWjKQQBaoCWlKgx6+BnRaTCJeS+Pn9TDVmCBmWA3w7Dj3PRBmwpA10=
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724342125&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=8bw1f11T9Ryrfv84w9zipwhSs17%2BCkM5d%2F9OxzTRZC4%3D
cf-bgj: minify
last-modified: Thu, 22 Aug 2024 13:53:55 GMT
server: cloudflare
etag: W/"208daee8f8261df75f22b0dd85a46ee4"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724342125&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=8bw1f11T9Ryrfv84w9zipwhSs17%2BCkM5d%2F9OxzTRZC4%3D"}]}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 8b76d82b9f1e5509-SYD

GET
H2 200 76006.4cf027ee.chunk.js Show response
cdn.commoninja.com/wr/static/js/ 39 KB
6 KB 35ms
34ms Script
application/javascript 172.67.41.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.commoninja.com/wr/static/js/76006.4cf027ee.chunk.js
Requested by: Host: cdn.commoninja.com
URL: https://cdn.commoninja.com/scripts/sdk/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.41.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b89f2891a9d68f9aa364680640a13163ece6df6021e3f254dafbe65f4ddcef6

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:17 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-request-id: W65KBQ54BNZ36RD4
age: 29373
cf-polished: origSize=40485
x-amz-server-side-encryption: AES256
x-amz-id-2: CO+fNGJI/9Ii0ZA8u2uvEZ8NimFuJm087TT7jroxPj0I0Cq2qydTDCR3Eek53kBrCyy6oawwOtA=
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724342084&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=tSxywXAm94xo7Y6hWNAeirohsf4%2FlVzQnhhTx3lzW8w%3D
cf-bgj: minify
last-modified: Thu, 22 Aug 2024 13:54:10 GMT
server: cloudflare
etag: W/"287ba305b439d9ce0e380844ddf4fbd4"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724342084&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=tSxywXAm94xo7Y6hWNAeirohsf4%2FlVzQnhhTx3lzW8w%3D"}]}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 8b76d82b9f255509-SYD

GET
H2 200 70106.ca25bbc4.chunk.js Show response
cdn.commoninja.com/wr/static/js/ 15 KB
5 KB 22ms
21ms Script
application/javascript 172.67.41.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.commoninja.com/wr/static/js/70106.ca25bbc4.chunk.js
Requested by: Host: cdn.commoninja.com
URL: https://cdn.commoninja.com/scripts/sdk/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.41.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 726e8d99788caf40bb6cced5ceb2d1cd09494afbbcb21c4409e552bdaec733cb

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:17 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-request-id: W65KP7Q9X35RKT4Z
age: 29373
cf-polished: origSize=15428
x-amz-server-side-encryption: AES256
x-amz-id-2: KaRVwAFMR6hR7x14+DgjZCDRjeZv6TCEPFW1OVcGamoT0gxLNNgT2TqYnMW2ulFwizYzd5rUIhUofQ74gMTsdFEkYi2ZcPlC
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724342084&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=tSxywXAm94xo7Y6hWNAeirohsf4%2FlVzQnhhTx3lzW8w%3D
cf-bgj: minify
last-modified: Thu, 22 Aug 2024 13:54:08 GMT
server: cloudflare
etag: W/"6be084e6539369cc69f34682659f575c"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724342084&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=tSxywXAm94xo7Y6hWNAeirohsf4%2FlVzQnhhTx3lzW8w%3D"}]}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 8b76d82b9f295509-SYD

GET
H2 200 57031.5ea29b1c.chunk.js Show response
cdn.commoninja.com/wr/static/js/ 29 KB
7 KB 35ms
34ms Script
application/javascript 172.67.41.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.commoninja.com/wr/static/js/57031.5ea29b1c.chunk.js
Requested by: Host: cdn.commoninja.com
URL: https://cdn.commoninja.com/scripts/sdk/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.41.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fb294571342b02cd72437fed77220618f661e08115e8158e72c570fb9571df6

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:17 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-request-id: SDPZFEXY02K83F42
age: 29372
cf-polished: origSize=29446
x-amz-server-side-encryption: AES256
x-amz-id-2: xP5HFWXQuNa6X8VW1HF8j0t04QBxcXQOiKoPXjMr11H2ahpaEJQFXolq7WiRZwNkCCGccQE35kw=
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724342085&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=rhDtF54IP9xPYsXs%2F9oZiFD5ohL%2BTsKn%2FMQJ1CynwYc%3D
cf-bgj: minify
last-modified: Thu, 22 Aug 2024 13:54:05 GMT
server: cloudflare
etag: W/"709dc2f3ae25f0aa034076d6dfe4cb41"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724342085&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=rhDtF54IP9xPYsXs%2F9oZiFD5ohL%2BTsKn%2FMQJ1CynwYc%3D"}]}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 8b76d82b9f2d5509-SYD

GET
H2 200 96569.cc586f7f.chunk.js Show response
cdn.commoninja.com/wr/static/js/ 27 KB
9 KB 28ms
28ms Script
application/javascript 172.67.41.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.commoninja.com/wr/static/js/96569.cc586f7f.chunk.js
Requested by: Host: cdn.commoninja.com
URL: https://cdn.commoninja.com/scripts/sdk/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.41.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: feb8bcc32b1bb43e9990d5be504f0ee5cd10e5f2ec6ec0fa74d3822431cd662b

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:17 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-request-id: Z7AC0TYDRG9N1MAJ
age: 29327
cf-polished: origSize=27417
x-amz-server-side-encryption: AES256
x-amz-id-2: uyLMZqSY6rIskUMTaOpa0S00ggRFGgSDXtqh9kFge9hrfCecdeNjGMkTvG4LmJBuIAnwtTgE3II=
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724342130&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=wpjgIPdL9I2teKip%2FrfSmD13R%2FZyvrbFtW0pwcs5r6o%3D
cf-bgj: minify
last-modified: Thu, 22 Aug 2024 13:54:14 GMT
server: cloudflare
etag: W/"bedfc9e7b16de7fd2792750141ceac87"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724342130&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=wpjgIPdL9I2teKip%2FrfSmD13R%2FZyvrbFtW0pwcs5r6o%3D"}]}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 8b76d82baf325509-SYD

GET
H2 200 50851.458b0bce.chunk.js Show response
cdn.commoninja.com/wr/static/js/ 30 KB
8 KB 25ms
24ms Script
application/javascript 172.67.41.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.commoninja.com/wr/static/js/50851.458b0bce.chunk.js
Requested by: Host: cdn.commoninja.com
URL: https://cdn.commoninja.com/scripts/sdk/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.41.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c894e5972e0e1f4f52913a78218c4e3a54f4facf67f9c6ab88e49a2d4fbddbb

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:17 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-request-id: Z7A2X9AZZW271P8F
age: 29326
cf-polished: origSize=31039
x-amz-server-side-encryption: AES256
x-amz-id-2: ZabWxqGQwOCukyjJlRkO7UgEGIJKprCDR83dD2TreQ0ylaPwZQUlfeohbfdPS7vVmHccAF54wR4=
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724342130&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=wpjgIPdL9I2teKip%2FrfSmD13R%2FZyvrbFtW0pwcs5r6o%3D
cf-bgj: minify
last-modified: Thu, 22 Aug 2024 13:54:03 GMT
server: cloudflare
etag: W/"4d94ea4b9511aae51828290c4a0c95e2"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724342130&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=wpjgIPdL9I2teKip%2FrfSmD13R%2FZyvrbFtW0pwcs5r6o%3D"}]}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 8b76d82baf335509-SYD

GET
H2 200 52224.14524fda.chunk.js Show response
cdn.commoninja.com/wr/static/js/ 104 KB
33 KB 39ms
39ms Script
application/javascript 172.67.41.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.commoninja.com/wr/static/js/52224.14524fda.chunk.js
Requested by: Host: cdn.commoninja.com
URL: https://cdn.commoninja.com/scripts/sdk/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.41.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24f8c401ee23df0cf6ec151c37a84fcc8eee4f3a6bf77b21f42f81951327984d

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:17 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-request-id: TB2NNDY90ZZ2XXPA
age: 28907
cf-polished: origSize=106447
x-amz-server-side-encryption: AES256
x-amz-id-2: br81vHjSoenlxDS0arQCtehAHZcmmlqrHIi2kdixK8rlC5Raa6p6NCN59VRc71PnOvS+6K9eNI8YX42kFxioR66OXa1SNtxbdXf6ZOuCP7I=
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724342550&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=6xP1jlS4wrb2VkEoVhEwL7k1qI25xkFgvzTqKxFAPCk%3D
cf-bgj: minify
last-modified: Thu, 22 Aug 2024 13:54:04 GMT
server: cloudflare
etag: W/"42a31df4ed13ddeca5017b6c1e4cb66c"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724342550&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=6xP1jlS4wrb2VkEoVhEwL7k1qI25xkFgvzTqKxFAPCk%3D"}]}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 8b76d82baf355509-SYD

GET
H2 200 94444.378b1b9b.chunk.js Show response
cdn.commoninja.com/wr/static/js/ 16 KB
7 KB 19ms
19ms Script
application/javascript 172.67.41.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.commoninja.com/wr/static/js/94444.378b1b9b.chunk.js
Requested by: Host: cdn.commoninja.com
URL: https://cdn.commoninja.com/scripts/sdk/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.41.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b32fde279c824680f52e2b6180497fa66b0706b724f866361c02661dcd8091a8

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:17 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-request-id: HA85162RNAX5DP2V
age: 29366
cf-polished: origSize=16796
x-amz-server-side-encryption: AES256
x-amz-id-2: qc2Tb8fpCgKwDIjkWRr2BMAvn9bd2ZxK/nKVRcqrv0m6ZX8j3sl0gTpUPJATzYkezx0s66a8G5/4LGm29FcQ1w==
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724342091&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=szZd35DlaA38pD7H9b7XssZmwLDdezgO4pj8GXm82XY%3D
cf-bgj: minify
last-modified: Thu, 22 Aug 2024 13:54:14 GMT
server: cloudflare
etag: W/"df778bfe9898d74aed28232236993744"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724342091&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=szZd35DlaA38pD7H9b7XssZmwLDdezgO4pj8GXm82XY%3D"}]}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 8b76d82c0f925509-SYD

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
648 B 151ms
150ms Stylesheet
text/css 142.251.221.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Quicksand:wght@200;300;400;500;600;700;800&display=swap

Requested by

Host: cdn.commoninja.com
URL: https://cdn.commoninja.com/scripts/sdk/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.42 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f10.1e100.net

Software

ESF /

Resource Hash

5bc5f6b6f1143cf8f2c71bae999538c21c7cf309f3f8a27b66c4f1928ea86d8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 23 Aug 2024 00:04:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 23 Aug 2024 00:04:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Aug 2024 00:04:18 GMT

GET
H2 200 c9633e90-0f17-41a1-a0f2-d7408506562d Show response
www.commoninja.com/api/v1/event/report/ 2 B
464 B 815ms
814ms Fetch
text/plain 172.67.41.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.commoninja.com/api/v1/event/report/c9633e90-0f17-41a1-a0f2-d7408506562d?groupType=client&eventType=IMPRESSION&refUrl=https%3A%2F%2Fscamrefundgov.com%2F
Requested by: Host: cdn.commoninja.com
URL: https://cdn.commoninja.com/scripts/sdk/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.41.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:18 GMT
via: 1.1 vegur, 1.1 vegur
cf-cache-status: DYNAMIC
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
server: cloudflare
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary: Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724371458&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=KEMJzj8i4XEMVG%2FO74mavqukJjg%2Fe%2BZRcj%2BXLEWmFv4%3D"}]}
content-type: text/plain; charset=utf-8
cross-origin-resource-policy: cross-origin
cf-ray: 8b76d82c697e573b-SYD
content-length: 2
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724371458&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=KEMJzj8i4XEMVG%2FO74mavqukJjg%2Fe%2BZRcj%2BXLEWmFv4%3D

GET
H2 200 c9633e90-0f17-41a1-a0f2-d7408506562d Show response
www.commoninja.com/api/v1/event/report/ 2 B
66 B 1101ms
286ms Fetch
text/plain 172.67.41.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.commoninja.com/api/v1/event/report/c9633e90-0f17-41a1-a0f2-d7408506562d?groupType=client&eventType=IMPRESSION&refUrl=https%3A%2F%2Fscamrefundgov.com%2F
Requested by: Host: cdn.commoninja.com
URL: https://cdn.commoninja.com/scripts/sdk/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.41.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:19 GMT
via: 1.1 vegur, 1.1 vegur
cf-cache-status: DYNAMIC
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
server: cloudflare
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary: Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724371458&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=KEMJzj8i4XEMVG%2FO74mavqukJjg%2Fe%2BZRcj%2BXLEWmFv4%3D"}]}
content-type: text/plain; charset=utf-8
cross-origin-resource-policy: cross-origin
cf-ray: 8b76d8317809573b-SYD
content-length: 2
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724371458&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=KEMJzj8i4XEMVG%2FO74mavqukJjg%2Fe%2BZRcj%2BXLEWmFv4%3D

GET
H2 200 c9633e90-0f17-41a1-a0f2-d7408506562d Show response
www.commoninja.com/api/v1/event/report/ 2 B
62 B 833ms
833ms Fetch
text/plain 172.67.41.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.commoninja.com/api/v1/event/report/c9633e90-0f17-41a1-a0f2-d7408506562d?groupType=client&eventType=VIEW&refUrl=https%3A%2F%2Fscamrefundgov.com%2F
Requested by: Host: cdn.commoninja.com
URL: https://cdn.commoninja.com/scripts/sdk/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.41.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:18 GMT
via: 1.1 vegur, 1.1 vegur
cf-cache-status: DYNAMIC
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
server: cloudflare
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary: Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724371458&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=KEMJzj8i4XEMVG%2FO74mavqukJjg%2Fe%2BZRcj%2BXLEWmFv4%3D"}]}
content-type: text/plain; charset=utf-8
cross-origin-resource-policy: cross-origin
cf-ray: 8b76d82c6987573b-SYD
content-length: 2
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724371458&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=KEMJzj8i4XEMVG%2FO74mavqukJjg%2Fe%2BZRcj%2BXLEWmFv4%3D

GET
H2 200 c9633e90-0f17-41a1-a0f2-d7408506562d Show response
www.commoninja.com/api/v1/event/report/ 2 B
62 B 868ms
868ms Fetch
text/plain 172.67.41.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.commoninja.com/api/v1/event/report/c9633e90-0f17-41a1-a0f2-d7408506562d?groupType=engagement&eventType=CLICK&eventVersion=&eventSubType=widget-view&entityPath=&refUrl=https%3A%2F%2Fscamrefundgov.com%2F
Requested by: Host: cdn.commoninja.com
URL: https://cdn.commoninja.com/scripts/sdk/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.41.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:18 GMT
via: 1.1 vegur, 1.1 vegur
cf-cache-status: DYNAMIC
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
server: cloudflare
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary: Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724371458&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=KEMJzj8i4XEMVG%2FO74mavqukJjg%2Fe%2BZRcj%2BXLEWmFv4%3D"}]}
content-type: text/plain; charset=utf-8
cross-origin-resource-policy: cross-origin
cf-ray: 8b76d82c6988573b-SYD
content-length: 2
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724371458&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=KEMJzj8i4XEMVG%2FO74mavqukJjg%2Fe%2BZRcj%2BXLEWmFv4%3D

GET
H2 200 c9633e90-0f17-41a1-a0f2-d7408506562d Show response
www.commoninja.com/api/v1/event/report/ 2 B
61 B 842ms
841ms Fetch
text/plain 172.67.41.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.commoninja.com/api/v1/event/report/c9633e90-0f17-41a1-a0f2-d7408506562d?groupType=engagement&eventType=CLICK&eventVersion=&eventSubType=chat-open&entityPath=&refUrl=https%3A%2F%2Fscamrefundgov.com%2F
Requested by: Host: cdn.commoninja.com
URL: https://cdn.commoninja.com/scripts/sdk/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.41.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:18 GMT
via: 1.1 vegur, 1.1 vegur
cf-cache-status: DYNAMIC
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
server: cloudflare
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary: Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724371458&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=KEMJzj8i4XEMVG%2FO74mavqukJjg%2Fe%2BZRcj%2BXLEWmFv4%3D"}]}
content-type: text/plain; charset=utf-8
cross-origin-resource-policy: cross-origin
cf-ray: 8b76d82d1a70573b-SYD
content-length: 2
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724371458&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=KEMJzj8i4XEMVG%2FO74mavqukJjg%2Fe%2BZRcj%2BXLEWmFv4%3D

GET
H2 200 c9633e90-0f17-41a1-a0f2-d7408506562d Show response
www.commoninja.com/api/v1/event/report/ 2 B
41 B 1673ms
832ms Fetch
text/plain 172.67.41.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.commoninja.com/api/v1/event/report/c9633e90-0f17-41a1-a0f2-d7408506562d?groupType=engagement&eventType=CLICK&eventVersion=&eventSubType=chat-open&entityPath=&refUrl=https%3A%2F%2Fscamrefundgov.com%2F
Requested by: Host: cdn.commoninja.com
URL: https://cdn.commoninja.com/scripts/sdk/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.41.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:19 GMT
via: 1.1 vegur, 1.1 vegur
cf-cache-status: DYNAMIC
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
server: cloudflare
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary: Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724371459&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=A7rrn7EdYVrwRnj7SeSlq6%2BYI1RTLX4xifT%2FomehNC8%3D"}]}
content-type: text/plain; charset=utf-8
cross-origin-resource-policy: cross-origin
cf-ray: 8b76d8325951573b-SYD
content-length: 2
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724371459&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=A7rrn7EdYVrwRnj7SeSlq6%2BYI1RTLX4xifT%2FomehNC8%3D

GET
H2 200 c9633e90-0f17-41a1-a0f2-d7408506562d Show response
www.commoninja.com/api/v1/event/report/ 2 B
61 B 806ms
806ms Fetch
text/plain 172.67.41.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.commoninja.com/api/v1/event/report/c9633e90-0f17-41a1-a0f2-d7408506562d?groupType=engagement&eventType=CLICK&eventVersion=&eventSubType=chat-close&entityPath=&refUrl=https%3A%2F%2Fscamrefundgov.com%2F
Requested by: Host: cdn.commoninja.com
URL: https://cdn.commoninja.com/scripts/sdk/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.41.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:18 GMT
via: 1.1 vegur, 1.1 vegur
cf-cache-status: DYNAMIC
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
server: cloudflare
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary: Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724371458&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=KEMJzj8i4XEMVG%2FO74mavqukJjg%2Fe%2BZRcj%2BXLEWmFv4%3D"}]}
content-type: text/plain; charset=utf-8
cross-origin-resource-policy: cross-origin
cf-ray: 8b76d82d1a73573b-SYD
content-length: 2
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724371458&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=KEMJzj8i4XEMVG%2FO74mavqukJjg%2Fe%2BZRcj%2BXLEWmFv4%3D

GET
H2 200 c9633e90-0f17-41a1-a0f2-d7408506562d Show response
www.commoninja.com/api/v1/event/report/ 2 B
434 B 1107ms
300ms Fetch
text/plain 172.67.41.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.commoninja.com/api/v1/event/report/c9633e90-0f17-41a1-a0f2-d7408506562d?groupType=engagement&eventType=CLICK&eventVersion=&eventSubType=chat-close&entityPath=&refUrl=https%3A%2F%2Fscamrefundgov.com%2F
Requested by: Host: cdn.commoninja.com
URL: https://cdn.commoninja.com/scripts/sdk/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.41.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:19 GMT
via: 1.1 vegur, 1.1 vegur
cf-cache-status: DYNAMIC
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
server: cloudflare
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary: Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724371459&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=A7rrn7EdYVrwRnj7SeSlq6%2BYI1RTLX4xifT%2FomehNC8%3D"}]}
content-type: text/plain; charset=utf-8
cross-origin-resource-policy: cross-origin
cf-ray: 8b76d8322901573b-SYD
content-length: 2
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724371459&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=A7rrn7EdYVrwRnj7SeSlq6%2BYI1RTLX4xifT%2FomehNC8%3D

GET
H2 200 1722500402529_telegram.svg Show response
website-assets.commoninja.com/distribution/ 995 B
788 B 866ms
864ms XHR
image/svg+xml 172.67.41.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://website-assets.commoninja.com/distribution/1722500402529_telegram.svg
Requested by: Host: cdn.commoninja.com
URL: https://cdn.commoninja.com/wr/static/js/22972.942a4c40.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.41.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 323fbf88c04501782932757c4bf1bf1720f9a52a6924c556d54ae133df7a54cb

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:19 GMT
via: 1.1 490b2d87256587a734fcd39d5d6c7392.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: DYNAMIC
x-amz-cf-pop: SYD3-P1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-meta-fieldname: file
last-modified: Thu, 01 Aug 2024 08:20:03 GMT
server: cloudflare
etag: W/"4eb660901034d68d3ea4b4cb9b43a327"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 8b76d82dfb69573b-SYD
x-amz-cf-id: JirrtUs7CmSNX_PkucVd7czk8Ga2LUFBMWPNg8Y6hybDa_yjckALPQ==

GET
H2 200 1699435350806_chat.svg Show response
website-assets.commoninja.com/distribution/ 2 KB
1 KB 856ms
854ms XHR
image/svg+xml 172.67.41.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://website-assets.commoninja.com/distribution/1699435350806_chat.svg
Requested by: Host: cdn.commoninja.com
URL: https://cdn.commoninja.com/wr/static/js/22972.942a4c40.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.41.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7e820eb5695ce77fc4b6e5badfda547408ecd7e3878eff7afeb656470aa229d

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:19 GMT
via: 1.1 612d6e38ca8a5e65776b064d65f27d36.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: DYNAMIC
x-amz-cf-pop: SYD3-P1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-meta-fieldname: file
last-modified: Wed, 08 Nov 2023 09:22:31 GMT
server: cloudflare
etag: W/"0e3f5dd2d3cec13b1350471c0b2ce706"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 8b76d82dfb67573b-SYD
x-amz-cf-id: EDCQVJzxlwzw4IEpH8unMtQ27AJwe3XiaG9jFf4fzt5ReRVapL9NWw==

GET
H2 200 photo-1417733403748-83bbc7c05140
images.unsplash.com/ 49 KB
49 KB 314ms
4ms Image
image/jpeg 151.101.130.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.unsplash.com/photo-1417733403748-83bbc7c05140?crop=entropy&cs=tinysrgb&fit=max&fm=jpg&ixid=M3wyMDM4Mjd8MHwxfHNlYXJjaHw2OHx8Y29tcHV0ZXJ8ZW58MHx8fHwxNzIyMzU1Njc0fDA&ixlib=rb-4.0.3&q=80&w=1080

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.208 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

53c9fdaba8c7c4e00af351ae5956aa5ddb24cb6cb5fd88158bdf7d573aa012d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:18 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2024 17:52:45 GMT
server: imgix
age: 2700693
x-cache: HIT, HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-imgix-id: 1a433390fa58909c22db22ae2bedd6fef9b7723b
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 49786
x-served-by: cache-sjc1000136-SJC, cache-chi-klot8100119-CHI, cache-syd10131-SYD

GET
H2 200 1677684284220_icon.png
website-assets.commoninja.com/distribution/ 3 KB
3 KB 841ms
840ms Image
image/png 172.67.41.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://website-assets.commoninja.com/distribution/1677684284220_icon.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.41.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1aeb4dcb969740eefe6059d79fb7b3c7c0a817f31fecd54ca966a84db4ac87e

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:19 GMT
via: 1.1 f1635e40dd33e4abcdd79d3670805a7a.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: SYD3-P1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 3226
x-amz-meta-fieldname: file
last-modified: Wed, 01 Mar 2023 15:24:45 GMT
server: cloudflare
etag: "b8791e8217faefa7202dfa7db171be3a"
vary: Origin
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8b76d82df9135509-SYD
x-amz-cf-id: bH_AY-gg_rXAsi1hcYbIItsytx9bz-3CFqIPnKKzNNf_JrAzrN1_OQ==

GET
H2 200 6xKtdSZaM9iE8KbpRA_hK1QN.woff2
fonts.gstatic.com/s/quicksand/v31/ 27 KB
28 KB 4ms
3ms Font
font/woff2 172.217.24.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v31/6xKtdSZaM9iE8KbpRA_hK1QN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Quicksand:wght@200;300;400;500;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f3.1e100.net

Software

sffe /

Resource Hash

5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://scamrefundgov.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 03:51:32 GMT
x-content-type-options: nosniff
age: 72766
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000
content-length: 28064
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:22:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Aug 2025 03:51:32 GMT

GET
H2 200 6xKtdSZaM9iE8KbpRA_hK1QN.woff2
fonts.gstatic.com/s/quicksand/v31/ 27 KB
0 4ms
4ms Font
font/woff2 172.217.24.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v31/6xKtdSZaM9iE8KbpRA_hK1QN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Quicksand:wght@200;300;400;500;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f3.1e100.net

Software

sffe /

Resource Hash

5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://scamrefundgov.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 03:51:32 GMT
x-content-type-options: nosniff
age: 72766
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000
content-length: 28064
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:22:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Aug 2025 03:51:32 GMT

GET
H2 200 c9633e90-0f17-41a1-a0f2-d7408506562d Show response
www.commoninja.com/api/v1/event/report/ 2 B
41 B 1252ms
287ms Fetch
text/plain 172.67.41.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.commoninja.com/api/v1/event/report/c9633e90-0f17-41a1-a0f2-d7408506562d?groupType=engagement&eventType=CLICK&eventVersion=&eventSubType=chat-close&entityPath=&refUrl=https%3A%2F%2Fscamrefundgov.com%2F
Requested by: Host: cdn.commoninja.com
URL: https://cdn.commoninja.com/scripts/sdk/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.41.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:19 GMT
via: 1.1 vegur, 1.1 vegur
cf-cache-status: DYNAMIC
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
server: cloudflare
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary: Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724371459&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=A7rrn7EdYVrwRnj7SeSlq6%2BYI1RTLX4xifT%2FomehNC8%3D"}]}
content-type: text/plain; charset=utf-8
cross-origin-resource-policy: cross-origin
cf-ray: 8b76d8340b57573b-SYD
content-length: 2
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724371459&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=A7rrn7EdYVrwRnj7SeSlq6%2BYI1RTLX4xifT%2FomehNC8%3D

GET
H2 200 c9633e90-0f17-41a1-a0f2-d7408506562d Show response
www.commoninja.com/api/v1/event/report/ 2 B
701 B 1544ms
302ms Fetch
text/plain 172.67.41.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.commoninja.com/api/v1/event/report/c9633e90-0f17-41a1-a0f2-d7408506562d?groupType=engagement&eventType=CLICK&eventVersion=&eventSubType=chat-close&entityPath=&refUrl=https%3A%2F%2Fscamrefundgov.com%2F
Requested by: Host: cdn.commoninja.com
URL: https://cdn.commoninja.com/scripts/sdk/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.41.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:19 GMT
via: 1.1 vegur, 1.1 vegur
cf-cache-status: DYNAMIC
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
server: cloudflare
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary: Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724371459&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=A7rrn7EdYVrwRnj7SeSlq6%2BYI1RTLX4xifT%2FomehNC8%3D"}]}, {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=dzKG2icCLv3pDk6KeLDMCUWxBrorkWGYs0RzqN6FdPg-1724371459-1.0.1.1-Mq457Mbk_YPiTol.OXGkXvt3NCBPBB7U73T_gzqWgkzmVj8iJoKGIvfPv7MATLG5RwKKN8YEKKF55S5e4rM1C20f8UzXdX0XU67uFuxj_nK0Ve3mNPZ.vutd4R1fPjZyzWlu6yjUgF8_l3AY71lthvtc_t6YxKW_swu0ehNOF3M"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: text/plain; charset=utf-8
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=dzKG2icCLv3pDk6KeLDMCUWxBrorkWGYs0RzqN6FdPg-1724371459-1.0.1.1-Mq457Mbk_YPiTol.OXGkXvt3NCBPBB7U73T_gzqWgkzmVj8iJoKGIvfPv7MATLG5RwKKN8YEKKF55S5e4rM1C20f8UzXdX0XU67uFuxj_nK0Ve3mNPZ.vutd4R1fPjZyzWlu6yjUgF8_l3AY71lthvtc_t6YxKW_swu0ehNOF3M; report-to cf-csp-endpoint
cross-origin-resource-policy: cross-origin
cf-ray: 8b76d835dde1573b-SYD
content-length: 2
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724371459&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=A7rrn7EdYVrwRnj7SeSlq6%2BYI1RTLX4xifT%2FomehNC8%3D

GET
H2 200 c9633e90-0f17-41a1-a0f2-d7408506562d Show response
www.commoninja.com/api/v1/event/report/ 2 B
148 B 1816ms
299ms Fetch
text/plain 172.67.41.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.commoninja.com/api/v1/event/report/c9633e90-0f17-41a1-a0f2-d7408506562d?groupType=engagement&eventType=CLICK&eventVersion=&eventSubType=chat-open&entityPath=&refUrl=https%3A%2F%2Fscamrefundgov.com%2F
Requested by: Host: cdn.commoninja.com
URL: https://cdn.commoninja.com/scripts/sdk/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.41.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:20 GMT
via: 1.1 vegur, 1.1 vegur
cf-cache-status: DYNAMIC
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
server: cloudflare
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary: Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724371459&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=A7rrn7EdYVrwRnj7SeSlq6%2BYI1RTLX4xifT%2FomehNC8%3D"}]}
content-type: text/plain; charset=utf-8
cross-origin-resource-policy: cross-origin
cf-ray: 8b76d8379803573b-SYD
content-length: 2
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724371459&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=A7rrn7EdYVrwRnj7SeSlq6%2BYI1RTLX4xifT%2FomehNC8%3D

GET
H2 200 c9633e90-0f17-41a1-a0f2-d7408506562d Show response
www.commoninja.com/api/v1/event/report/ 2 B
312 B 2111ms
296ms Fetch
text/plain 172.67.41.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.commoninja.com/api/v1/event/report/c9633e90-0f17-41a1-a0f2-d7408506562d?groupType=engagement&eventType=CLICK&eventVersion=&eventSubType=chat-open&entityPath=&refUrl=https%3A%2F%2Fscamrefundgov.com%2F
Requested by: Host: cdn.commoninja.com
URL: https://cdn.commoninja.com/scripts/sdk/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.41.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:20 GMT
via: 1.1 vegur, 1.1 vegur
cf-cache-status: DYNAMIC
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
server: cloudflare
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary: Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724371460&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=aK7SF8ZVH905s0ozx72ulXgbCyvwc2KRZmsJXaXLUtI%3D"}]}
content-type: text/plain; charset=utf-8
cross-origin-resource-policy: cross-origin
cf-ray: 8b76d8397a38573b-SYD
content-length: 2
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724371460&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=aK7SF8ZVH905s0ozx72ulXgbCyvwc2KRZmsJXaXLUtI%3D

GET
H2 200 c9633e90-0f17-41a1-a0f2-d7408506562d Show response
www.commoninja.com/api/v1/event/report/ 2 B
62 B 309ms
308ms Fetch
text/plain 172.67.41.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.commoninja.com/api/v1/event/report/c9633e90-0f17-41a1-a0f2-d7408506562d?groupType=engagement&eventType=CLICK&eventVersion=&eventSubType=widget-load&entityPath=&refUrl=https%3A%2F%2Fscamrefundgov.com%2F
Requested by: Host: cdn.commoninja.com
URL: https://cdn.commoninja.com/scripts/sdk/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.41.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:19 GMT
via: 1.1 vegur, 1.1 vegur
cf-cache-status: DYNAMIC
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
server: cloudflare
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary: Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724371459&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=A7rrn7EdYVrwRnj7SeSlq6%2BYI1RTLX4xifT%2FomehNC8%3D"}]}
content-type: text/plain; charset=utf-8
cross-origin-resource-policy: cross-origin
cf-ray: 8b76d8329998573b-SYD
content-length: 2
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724371459&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=A7rrn7EdYVrwRnj7SeSlq6%2BYI1RTLX4xifT%2FomehNC8%3D

GET
H2 200 c9633e90-0f17-41a1-a0f2-d7408506562d Show response
www.commoninja.com/api/v1/event/report/ 2 B
41 B 619ms
311ms Fetch
text/plain 172.67.41.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.commoninja.com/api/v1/event/report/c9633e90-0f17-41a1-a0f2-d7408506562d?groupType=engagement&eventType=CLICK&eventVersion=&eventSubType=widget-load&entityPath=&refUrl=https%3A%2F%2Fscamrefundgov.com%2F
Requested by: Host: cdn.commoninja.com
URL: https://cdn.commoninja.com/scripts/sdk/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.41.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://scamrefundgov.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 00:04:19 GMT
via: 1.1 vegur, 1.1 vegur
cf-cache-status: DYNAMIC
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
server: cloudflare
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary: Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724371459&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=A7rrn7EdYVrwRnj7SeSlq6%2BYI1RTLX4xifT%2FomehNC8%3D"}]}
content-type: text/plain; charset=utf-8
cross-origin-resource-policy: cross-origin
cf-ray: 8b76d8348c35573b-SYD
content-length: 2
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1724371459&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=A7rrn7EdYVrwRnj7SeSlq6%2BYI1RTLX4xifT%2FomehNC8%3D

Verdicts & Comments Add Verdict or Comment

Malicious page.url
Submitted on August 23rd 2024, 12:37:32 am UTC — From Australia

Threats: Social Engineering Brand Impersonation Scam
Brands: Australian Government AU
Comment: This website is impersonating the National Anti-Scam Centre for the purpose of running a Money Recovery Scam

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Scamwatch (Government)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
scamrefundgov.com/	1970-01-20 22:59:38	Name: XSRF-TOKEN Value: eyJpdiI6ImFQUzhJSUl4VXUyUncvTFdES1dlOVE9PSIsInZhbHVlIjoid0RORW1USGdZMk82c0FZWlVtNHVLLzd3NEJFdDFOd1FGMzVIRng1elJKcjNhZHJtbjlrSzlQc2NtUHNRM09PNE5IMnZCSjFBTEtlTk0wOGxzeVBVTHJWTWxLZmFTeWppZVVsREpnWWxqS2tvUVZOMEMvZElXOXJyQm1EK0NOVjkiLCJtYWMiOiIzYzY4ZmRiODhhMDIwZGUyMDg1ZWE0ZTY3YmQwNzM3MmIzZGUyYWNiNmVlOWEyNWE5YWJmNDQ4ZjFiMjY2ZTRmIiwidGFnIjoiIn0%3D
scamrefundgov.com/	1970-01-20 22:59:38	Name: hyiplab_session Value: eyJpdiI6IlA4dFEyU1RVUDJ2V3Rsbks4ck9TY1E9PSIsInZhbHVlIjoiTFRRYk9jS0psNWxqT3k3VnF2cFo4R2NIUmNqZzNZUmZYVzk0b3hIZEZWOVJKT3A0NzUyeVA2Zlk4bVM1MHp6VzJkaWNNdDg2NmVBSDlPbXd3MkRQSTU1VnRwa0p4SmRMRStJbmhKRlRSMXpENTlObE1vSXA2SGh0ODFwV0tURGkiLCJtYWMiOiJiYTg1NzJkYmJjMDA1MTQ5MDViZmI2ODc5YTU4ODIyNTgwZmIwZGE4MjFjYTA3NjQyNTA5MmZhMDRhOTE3M2I3IiwidGFnIjoiIn0%3D
scamrefundgov.com/	1970-01-20 23:42:43	Name: monsido Value: DB51724371456697

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://scamrefundgov.com/accc-user/internal Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://scamrefundgov.com/frontcss/themes/custom/accc_bootstrap/icons/icons.svg#fa-arrow-right Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://scamrefundgov.com/themes/custom/accc_bootstrap/icons/fontawesome-icons/solid/arrow-right.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://scamrefundgov.com/frontcss/themes/custom/accc_bootstrap/icons/icons.svg?sghzm4#fa-chevron-down Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app-script.monsido.com
cdn.commoninja.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
heatmaps.monsido.com
images.unsplash.com
scamrefundgov.com
tracking.monsido.com
website-assets.commoninja.com
www.commoninja.com
www.scamwatch.gov.au
104.17.24.14
142.251.221.42
151.101.130.208
172.217.24.35
172.67.41.30
173.252.167.180
202.14.188.23
34.98.105.146
34.98.91.45
35.190.93.146
04a9fc1ef08ff201239eac8d6bf18b150575dbf12339c575b6c9d167baded872
0a3c823c1ac52c8aab7404f6d950fbf21d12ee2651f0d57aab41f9c757d0ee22
0b89f2891a9d68f9aa364680640a13163ece6df6021e3f254dafbe65f4ddcef6
0df74a8c68b4fa3b0bcd344376e6ad2268b2f25f526908cf07a0d5cb5b24bfe9
151bcf2f4aaa15da55d059f2bad77ea263b632a1c96bba54072a01ec552c4c6f
15d47bceab3336774a34d2a88f58a4b965facbd4ecd458b0e68789268bad686e
1bde3943f5fe19a1008a1db96e2aa56255d766786f8ed6dfde2ea28a9056cbbe
1f06a10cba3ccd750550153c86b5a084abd186d111378816afcf9c51fae5495a
1fb294571342b02cd72437fed77220618f661e08115e8158e72c570fb9571df6
24f8c401ee23df0cf6ec151c37a84fcc8eee4f3a6bf77b21f42f81951327984d
27c31a6ea5726bffc7ea290282ed5873cb06b39f826c145399e3f4b97fc8cb64
2c894e5972e0e1f4f52913a78218c4e3a54f4facf67f9c6ab88e49a2d4fbddbb
323fbf88c04501782932757c4bf1bf1720f9a52a6924c556d54ae133df7a54cb
3669ce6bc67c3cd482a328fc68aba457549f46f800ced947537b071e650b9b9d
3a1b04d8d6e8ceed1979feb697d8d728d36accd7d76053b56c378d2da1dfb4ba
48c5a6bb9a2bf66c16620b9a24a280ffbf64c5f4d34df739fee29e959b797897
53beeec825bfe1ec17c970188ff2d73ac983d1d795b3b2a5b6cf817b360fbb92
53c9fdaba8c7c4e00af351ae5956aa5ddb24cb6cb5fd88158bdf7d573aa012d4
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b
5bc5f6b6f1143cf8f2c71bae999538c21c7cf309f3f8a27b66c4f1928ea86d8c
648c7baedae60b46ba147b5e7aea4344061d76f88e62f6fd663cef11ac744e18
64e8ce58f2d8ee4332cc27fcb759c31013f418b6523586b6441fd2f097107b35
658a3ba48c12060b5eba99fbba6e4048562c90b6baf3015bbaf59a8978df108f
66f894ec0c3317b5116816b5eaf872b45dbe0adbbc478431bf62bdc593fd6ab9
686e98ba73fdb559ecb67f784ffc0ae3c9644e019c874a9d9f61939cf2b6ddad
699e1427474c3daa7932aa405a51762e6ab51ba12a19775321a7357deb31f384
6fb98746d03e91c157c9ac7a3269df874f0eb197b90d374fbb2847afe806e058
70f26656029fab680f68470cba3fbffc3a1856afe6244c9e2cb900beb5e9b697
710837bbd0f471356c5ea8fa53770a38ad6e4ccb135168c90fdbc0f33aef0ad3
726e8d99788caf40bb6cced5ceb2d1cd09494afbbcb21c4409e552bdaec733cb
7aa2a8ab90c1d850c3dbbe952980e6191d26c2eb0439e04dac673a4530189eec
7fdfb888f170d3d8a68cfab7046dbbfc65384fdaaa2be6c5710598688b5d1cfa
8380c7efd6f77d6abbe546b675165a560270b214e34d0cc7cf6aa0c475b23708
862e01b623cfb27bda6d406b1d52b28fb675fbaa69311bbf48d58a6bb943b940
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
89f8517ee2b3661b93296f786ada77b756ff8128fc65a33005fc94f0b5eb7cad
95ab6cad65a712ff68281ceac2fa56ed94041c6d4d6fe52bb8293ce826d87331
965a0a3f311517e0c0cd493b5166560f848c52ecb4ae853c564ad5fa13f18e0d
9746f8a4d98418c02b1fbc08c26db135ccec7b520797b8b24f0d90ee9bb3e76b
9d742a659c0472c35b00a48334b8e2a6b42a109fc26de7af41e2cb1daa665a07
9f4b5482ed2eccff459ed18fdf24d7b382c8e5bb7a2633b1db16508121629807
a1312a7001378f9f5aed3acbaa0c85abf8bf1fc18ca710ede896007791e7e9c6
a61deebe71ad5f31deefeb47eee7fb8f685419125938e76e80a64f30873cf55f
ada06cc954101cda04cb64ec1574c80692247c34b4f232e089b449710b2b0b15
b0b5f7d60ab098d69717d39073ab8c81e4b1c4f4e27e244c3f0140a425fb44b0
b32fde279c824680f52e2b6180497fa66b0706b724f866361c02661dcd8091a8
b797bf52f3a8504894204cd92071aa8084611b233b2575639ec1aaac7d1e2fe3
bee5fa7876061cd2718708bb93a5e835e04d5974e30acaec5504060298daf002
c894b53906e5fecca9e55a665670443ad5d8afb18f1af140d1739b6152202a38
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0950e5fc6bcd7dcdfca0b39354c47c8da251c26b5066b6106ecd53732501afa
d7e820eb5695ce77fc4b6e5badfda547408ecd7e3878eff7afeb656470aa229d
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
e3482b8e7abb441ab3024d044ebadf18a779fceae0f4717572e1c4f0c5b6fe5f
e5e202e3c899507992952533f57b634722b69b34241d271963559d31aa33ef81
eed7e99aaf65c8d07f58213a00ebb0042ae55797fcd52129b25e5781b1818d37
f1aeb4dcb969740eefe6059d79fb7b3c7c0a817f31fecd54ca966a84db4ac87e
f43b0d4d0f5647671c895dce146120eb016f1cc63ee975d494b0932da39f5904
fb11730b8df831b0ebbd230f6f33b025c05afc08efb86608adebc4e30b664236
feb8bcc32b1bb43e9990d5be504f0ee5cd10e5f2ec6ec0fa74d3822431cd662b

scamrefundgov.com Open in urlscan Pro 173.252.167.180 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Malicious — 1 votes Show Verdicts

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

81 Requests

100 %HTTPS

0 %IPv6

8 Domains

12 Subdomains

10 IPs

3 Countries

1230 kBTransfer

2967 kBSize

3 Cookies

3 Outgoing links

Redirected requests

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

scamrefundgov.com Open in urlscan Pro
173.252.167.180 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

81
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

12
Subdomains

10
IPs

3
Countries

1230 kB
Transfer

2967 kB
Size

3
Cookies

81 HTTP transactions
0 data transactions