URL: https://www.refund.btcpater.site/
Submission: On December 31 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 75 HTTP transactions. The main IP is 185.173.36.3, located in Russian Federation and belongs to CLOUDASSETS, RU. The main domain is www.refund.btcpater.site.
TLS certificate: Issued by R3 on December 31st 2023. Valid for: 3 months.
This is the only time www.refund.btcpater.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
52 185.173.36.3 212441 (CLOUDASSETS)
1 192.229.133.221 15133 (EDGECAST)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:600... 54113 (FASTLY)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:e2:... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
75 10
Apex Domain
Subdomains
Transfer
52 btcpater.site
www.refund.btcpater.site
3 MB
8 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 340
fonts.googleapis.com — Cisco Umbrella Rank: 29
37 KB
7 gstatic.com
fonts.gstatic.com
134 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
8 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 988
31 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 971
12 KB
1 unpkg.com
unpkg.com — Cisco Umbrella Rank: 857
5 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 735
33 KB
1 w3schools.com
www.w3schools.com — Cisco Umbrella Rank: 18962
5 KB
75 9
Domain Requested by
52 www.refund.btcpater.site www.refund.btcpater.site
7 fonts.gstatic.com fonts.googleapis.com
7 fonts.googleapis.com www.refund.btcpater.site
2 cdnjs.cloudflare.com www.refund.btcpater.site
2 maxcdn.bootstrapcdn.com www.refund.btcpater.site
1 use.fontawesome.com www.refund.btcpater.site
1 unpkg.com www.refund.btcpater.site
1 code.jquery.com www.refund.btcpater.site
1 ajax.googleapis.com www.refund.btcpater.site
1 www.w3schools.com www.refund.btcpater.site
75 10

This site contains no links.

Subject Issuer Validity Valid
refund.btcpater.site
R3
2023-12-31 -
2024-03-30
3 months crt.sh
*.w3schools.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-05 -
2024-04-04
a year crt.sh
bootstrapcdn.com
GTS CA 1P5
2023-11-30 -
2024-02-28
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-03 -
2024-07-02
a year crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3
2023-10-12 -
2024-10-10
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.refund.btcpater.site/
Frame ID: 75D6B3C4C520FB86B99DB90FF8B704D1
Requests: 75 HTTP requests in this frame

Screenshot

Page Title

BITCOIN REFUND

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com


Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

75
Requests

100 %
HTTPS

80 %
IPv6

9
Domains

10
Subdomains

10
IPs

3
Countries

3604 kB
Transfer

4595 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

75 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.refund.btcpater.site/
24 KB
5 KB
Document
General
Full URL
https://www.refund.btcpater.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 / PHP/7.4.33
Resource Hash
d15107a04439a87057615cc746322fed8ad14f868c26f538e76ef93dba6347b2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sun, 31 Dec 2023 17:39:50 GMT
Server
nginx/1.24.0
Transfer-Encoding
chunked
X-Powered-By
PHP/7.4.33
redirect.js
www.refund.btcpater.site/js/
4 KB
2 KB
Script
General
Full URL
https://www.refund.btcpater.site/js/redirect.js
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
c64fdf4b7880c4dd570901fb7f1c2deddc66f506600f282b528d78d29187037f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Content-Encoding
gzip
Last-Modified
Tue, 26 Dec 2023 08:21:54 GMT
Server
nginx/1.24.0
ETag
W/"658a8d22-ed6"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
style.css
www.refund.btcpater.site/css/
210 KB
36 KB
Stylesheet
General
Full URL
https://www.refund.btcpater.site/css/style.css
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
4cd1ee31017733ddc9a52826313e699cdd8674853598d760b5f1e026bb525f19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Dec 2023 07:55:16 GMT
Server
nginx/1.24.0
ETag
W/"658bd864-34716"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
public.css
www.refund.btcpater.site/css/
21 KB
4 KB
Stylesheet
General
Full URL
https://www.refund.btcpater.site/css/public.css
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
d5ce66786ec19fb558d71649f84439be33810e0824074f86342f96c5d1f06329

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Sep 2023 06:07:56 GMT
Server
nginx/1.24.0
ETag
W/"64feaebc-55fd"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
admin.css
www.refund.btcpater.site/css/
24 KB
6 KB
Stylesheet
General
Full URL
https://www.refund.btcpater.site/css/admin.css
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
02452c11ae46b2559264d1ee6740bf931d941c9785838946b86c0a7dda94e036

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Sep 2023 06:08:18 GMT
Server
nginx/1.24.0
ETag
W/"64feaed2-5fd3"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
bootstrap.min.css
www.refund.btcpater.site/css/
122 KB
24 KB
Stylesheet
General
Full URL
https://www.refund.btcpater.site/css/bootstrap.min.css
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
0ee00f2d28b8601f08c9a586b2dbdb47702bca435f1ca0204c91f6c9de04895d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Sep 2023 06:08:48 GMT
Server
nginx/1.24.0
ETag
W/"64feaef0-1e649"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
hover.css
www.refund.btcpater.site/css/
24 KB
5 KB
Stylesheet
General
Full URL
https://www.refund.btcpater.site/css/hover.css
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 / PHP/7.4.33
Resource Hash
d15107a04439a87057615cc746322fed8ad14f868c26f538e76ef93dba6347b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Content-Encoding
gzip
Server
nginx/1.24.0
Connection
keep-alive
X-Powered-By
PHP/7.4.33
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
lity.css
www.refund.btcpater.site/css/
4 KB
1 KB
Stylesheet
General
Full URL
https://www.refund.btcpater.site/css/lity.css
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
cad2bcebc03ca6b937d0e882b569305e6999a23bbdb380e6b5b2171b9d2f7f7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Sep 2023 06:09:40 GMT
Server
nginx/1.24.0
ETag
W/"64feaf24-1073"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
bitcoin.css
www.refund.btcpater.site/css/
24 KB
5 KB
Stylesheet
General
Full URL
https://www.refund.btcpater.site/css/bitcoin.css
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 / PHP/7.4.33
Resource Hash
d15107a04439a87057615cc746322fed8ad14f868c26f538e76ef93dba6347b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Content-Encoding
gzip
Server
nginx/1.24.0
Connection
keep-alive
X-Powered-By
PHP/7.4.33
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
owl.carousel.min.css
www.refund.btcpater.site/css/
4 KB
2 KB
Stylesheet
General
Full URL
https://www.refund.btcpater.site/css/owl.carousel.min.css
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
1f186426459b0cc5f1b77b829ed5c99536ef7b5a4df2a5fcfed0b222615c6dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Sep 2023 06:10:26 GMT
Server
nginx/1.24.0
ETag
W/"64feaf52-11f2"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
owl.theme.default.min.css
www.refund.btcpater.site/css/
1 KB
821 B
Stylesheet
General
Full URL
https://www.refund.btcpater.site/css/owl.theme.default.min.css
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
792745d438454eab169d8747d4d149f4fab9b9080d8e9823e451e20fde6eb486

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Sep 2023 06:10:52 GMT
Server
nginx/1.24.0
ETag
W/"64feaf6c-4a7"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
jquery.fancybox.min.css
www.refund.btcpater.site/css/
24 KB
5 KB
Stylesheet
General
Full URL
https://www.refund.btcpater.site/css/jquery.fancybox.min.css
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 / PHP/7.4.33
Resource Hash
d15107a04439a87057615cc746322fed8ad14f868c26f538e76ef93dba6347b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Content-Encoding
gzip
Server
nginx/1.24.0
Connection
keep-alive
X-Powered-By
PHP/7.4.33
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
w3.css
www.w3schools.com/w3css/4/
23 KB
5 KB
Stylesheet
General
Full URL
https://www.w3schools.com/w3css/4/w3.css
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.133.221 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6796) / ASP.NET
Resource Hash
c4f2aba13970ecf8303fb9329f97c8824861569273b0aa27acce48abc61d04f5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://mycourses.w3schools.com;
X-Content-Security-Policy frame-ancestors 'self' https://mycourses.w3schools.com;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://mycourses.w3schools.com;
content-encoding
gzip
date
Sun, 31 Dec 2023 17:39:50 GMT
last-modified
Fri, 29 Dec 2023 11:25:04 GMT
server
ECS (frb/6796)
age
12127
etag
"02831ab493ada1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
public,max-age=14400,public
accept-ranges
bytes
content-length
5250
x-content-security-policy
frame-ancestors 'self' https://mycourses.w3schools.com;
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/
118 KB
20 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 31 Dec 2023 17:39:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
1078
age
2811980
cdn-cachedat
10/31/2023 18:59:36
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"ec3bb52a00e176a7181d454dffaea219"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
a99131ed71793c235969f4741b45dd0f
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
83e44dde8e9a047e-FRA
cdn-requestpullsuccess
True
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/
85 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 14:59:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
182399
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Dec 2024 14:59:51 GMT
jquery-latest.min.js
code.jquery.com/
94 KB
33 KB
Script
General
Full URL
https://code.jquery.com/jquery-latest.min.js
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 31 Dec 2023 17:39:50 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
7124182
x-cache
HIT, HIT
content-length
33202
x-served-by
cache-lga21983-LGA, cache-fra-eddf8230130-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1704044390.159660,VS0,VE0
etag
W/"28feccc0-1762a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
71, 1161311
lity.js
www.refund.btcpater.site/js/
18 KB
5 KB
Script
General
Full URL
https://www.refund.btcpater.site/js/lity.js
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
14dbc8e1b73215c7f65c2868f670d97c54f5a6c64413b918c6857d18422584c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Sep 2023 06:04:52 GMT
Server
nginx/1.24.0
ETag
W/"64feae04-4835"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
jquery.min.js
www.refund.btcpater.site/js/
84 KB
34 KB
Script
General
Full URL
https://www.refund.btcpater.site/js/jquery.min.js
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
8d43e17b5ed00f2de537a8847e7eb2df8d54ee1354c62748bbaa8dfea5ebf93d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Sep 2023 05:57:42 GMT
Server
nginx/1.24.0
ETag
W/"64feac56-14e9c"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
owl.carousel.js
www.refund.btcpater.site/js/
91 KB
25 KB
Script
General
Full URL
https://www.refund.btcpater.site/js/owl.carousel.js
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
93ab8ae2581efb90c20445709b7402e82bf74100b1446860305bb5d118917775

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Sep 2023 06:02:36 GMT
Server
nginx/1.24.0
ETag
W/"64fead7c-16d00"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
wow.min.js
cdnjs.cloudflare.com/ajax/libs/wow/0.1.12/
6 KB
2 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/wow/0.1.12/wow.min.js
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff8c1eeaabf27111c1f4a10651da1e10917e912db6a54cdc7a753d27bedde956
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 31 Dec 2023 17:39:50 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2641776
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1870
last-modified
Mon, 04 May 2020 16:17:55 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04033-17fb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J9b5tp17KPmRcO5ESuSFKO9OnzpeAHTkouyUyK%2Fzq1m4%2FAmACEtfln8QPFMimbGeJx8dUNULovCJ5i6OfGnCMDuOo4N3B%2BUqSgJbUuXvFFDUDe8qpSURsM7gpJeWMNu8NB%2FwzziliQnFROetxeIcocZF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83e44dde7d5b1989-FRA
expires
Fri, 20 Dec 2024 17:39:50 GMT
wow.js
www.refund.btcpater.site/js/
16 KB
4 KB
Script
General
Full URL
https://www.refund.btcpater.site/js/wow.js
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
9ab5f1868d663b2fcf356058bfabd23a9a428f29d226fa5ac93cc3269775e01c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Sep 2023 06:02:02 GMT
Server
nginx/1.24.0
ETag
W/"64fead5a-3ec2"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
jquery.fancybox.min.js
www.refund.btcpater.site/js/
67 KB
26 KB
Script
General
Full URL
https://www.refund.btcpater.site/js/jquery.fancybox.min.js
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
1c02caf2a0f16318965676fd4b265265728d64fba2794a20b07151a4e891fca6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Sep 2023 06:03:42 GMT
Server
nginx/1.24.0
ETag
W/"64feadbe-10aa9"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
aos.js
unpkg.com/aos@2.3.1/dist/
14 KB
5 KB
Script
General
Full URL
https://unpkg.com/aos@2.3.1/dist/aos.js
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 31 Dec 2023 17:39:50 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
2637086
last-modified
Thu, 17 May 2018 22:11:13 GMT
fly-request-id
01HGHWE9EMZ3S5X0NSKBN6CZ91-fra
server
cloudflare
etag
W/"379f-cNv9OKDx/DsafZ+tq1h4ZITDTxc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
83e44dde9e98bbaa-FRA
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/
30 KB
6 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 31 Dec 2023 17:39:50 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2821475
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DMTlYyUL3lP2db5r%2FW6ThZyp1ixHoVEbbgj4%2FgYYfSui1kiOTHkn%2Fi%2F8kTXx6k6HYuPhmJ70MyNa3bo05myANNYmbWo2s6sl7K31fXY%2BRgwxpoEf9rRxzl7vOnSoQ5vMbK8divmK%2BXQoN3qu7V2V61k9"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83e44dde7d591989-FRA
expires
Fri, 20 Dec 2024 17:39:50 GMT
all.css
use.fontawesome.com/releases/v5.7.2/css/
53 KB
12 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.7.2/css/all.css
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8d0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf

Request headers

Referer
https://www.refund.btcpater.site/
Origin
https://www.refund.btcpater.site
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 31 Dec 2023 17:39:50 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 22 Sep 2023 01:45:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"7b1d7f457d056ace7b230b587b9f3753"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NngpLVT4pYEkiJs42vd1D28XolyqfgkGe62t88PJjd3hyJYNUDEPTWKXonrExrAgfMRiOZousS85ycWS1XVm22pnPcjWiHEmS2P7Y5Loa7MW5WSynEuGmp281yg0QrKKQ0zV7so%2BR5XDtucCU0msMZ4V"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
83e44dde8ab36ade-FRA
alt-svc
h3=":443"; ma=86400
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/
36 KB
10 KB
Script
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 31 Dec 2023 17:39:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
1053
age
2734467
cdn-cachedat
10/31/2023 19:27:53
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"5869c96cc8f19086aee625d670d741f9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
1a04ea32b2f4b219188fda8349c8680c
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
83e44dde8e9e047e-FRA
cdn-requestpullsuccess
True
css2
fonts.googleapis.com/
6 KB
548 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Sora:wght@100;200;300;400;500;600;700;800&display=swap
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b810788f4ad84bac0eea9ba5031bcf14071bae9b93d49722908324f36a234db6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 31 Dec 2023 17:39:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 31 Dec 2023 17:39:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 31 Dec 2023 17:39:50 GMT
css2
fonts.googleapis.com/
34 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700;800&display=swap
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7f92fca171404f4c87d2cf676ae9ba011e869e03410a9cbc1e0e47a3c32406e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 31 Dec 2023 17:39:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 31 Dec 2023 17:39:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 31 Dec 2023 17:39:50 GMT
css2
fonts.googleapis.com/
16 KB
843 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800;900&display=swap
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a3328bc67f9ab80d6355d84ceb03d614a62a80b8264c4e494e0be95333d52e22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 31 Dec 2023 17:39:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 31 Dec 2023 15:40:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 31 Dec 2023 17:39:50 GMT
css2
fonts.googleapis.com/
10 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700;800;900&display=swap
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ad26ec8a3728c7ab759a937b415be68bb65886fb81ac6a3d1c050d2989c512a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 31 Dec 2023 17:39:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 31 Dec 2023 15:47:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 31 Dec 2023 17:39:50 GMT
css2
fonts.googleapis.com/
14 KB
867 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Rubik:wght@300;400;500;600;700;800;900&display=swap
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
274348f82cd9e820b1ffc412a2712f87b7c23506921b0eddebea11d10b6b28f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 31 Dec 2023 17:39:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 31 Dec 2023 16:52:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 31 Dec 2023 17:39:50 GMT
css2
fonts.googleapis.com/
16 KB
835 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Raleway:wght@100;200;300;400;500;600;700;800;900&display=swap
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4a1589e623c8c242c56354dd3003c3a9cb5d91d9d6057ea1c90a08bef99d8507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 31 Dec 2023 17:39:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 31 Dec 2023 17:30:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 31 Dec 2023 17:39:50 GMT
css2
fonts.googleapis.com/
4 KB
558 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@100;300;400;700;900&display=swap
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a781901393bd19811bef7ec44fe3715212110370a565ce384ff8a902de5eaf3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 31 Dec 2023 17:39:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 31 Dec 2023 17:09:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 31 Dec 2023 17:39:50 GMT
logo.png
www.refund.btcpater.site/images/
6 KB
6 KB
Image
General
Full URL
https://www.refund.btcpater.site/images/logo.png
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
297c530ec6f1db5e6fbdc4fd4ce62aaf97a8b40dcf2b0bff3c9d07bf672bd897

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Last-Modified
Mon, 11 Sep 2023 14:24:16 GMT
Server
nginx/1.24.0
ETag
"64ff2310-1809"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6153
Coins11.png
www.refund.btcpater.site/images/
167 KB
167 KB
Image
General
Full URL
https://www.refund.btcpater.site/images/Coins11.png
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
5a4e6d55db6d66a2bbe0abf208c5b8c98f78878cee0c748590f08ff9b2e14d18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Last-Modified
Mon, 11 Sep 2023 06:13:22 GMT
Server
nginx/1.24.0
ETag
"64feb002-29b36"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
170806
coin33.png
www.refund.btcpater.site/images/
425 KB
425 KB
Image
General
Full URL
https://www.refund.btcpater.site/images/coin33.png
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
3e20e246f7a4885670c322f5909a34221a57e8b5067b351d819c0fe0394d5c4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Last-Modified
Mon, 11 Sep 2023 13:50:52 GMT
Server
nginx/1.24.0
ETag
"64ff1b3c-6a41e"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
435230
p-line.png
www.refund.btcpater.site/images/
2 KB
3 KB
Image
General
Full URL
https://www.refund.btcpater.site/images/p-line.png
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
d4c3e477587501614c69d3e9f9a5dea593213fbba35e66f3ec1916d20e1ecb6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Last-Modified
Mon, 11 Sep 2023 06:15:02 GMT
Server
nginx/1.24.0
ETag
"64feb066-989"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2441
wrks-rght.png
www.refund.btcpater.site/images/
563 KB
564 KB
Image
General
Full URL
https://www.refund.btcpater.site/images/wrks-rght.png
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
08f60930e1f6a245e8d1d21b01c31d016a1a93132973547bbbe36c9e1d9a9138

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Last-Modified
Tue, 12 Sep 2023 05:59:06 GMT
Server
nginx/1.24.0
ETag
"64fffe2a-8cd92"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
576914
sta2.png
www.refund.btcpater.site/images/
4 KB
4 KB
Image
General
Full URL
https://www.refund.btcpater.site/images/sta2.png
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
c69308617553221c400a60526f09012aab49dcdc5e5a83fea57e618b8cc39c0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Last-Modified
Mon, 11 Sep 2023 06:17:10 GMT
Server
nginx/1.24.0
ETag
"64feb0e6-e3a"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3642
sta3.png
www.refund.btcpater.site/images/
3 KB
3 KB
Image
General
Full URL
https://www.refund.btcpater.site/images/sta3.png
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
e6408bcac33d58cbae97146a4bed2a68d9e25a45af665f6834cf592705c49d30

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Last-Modified
Mon, 11 Sep 2023 06:17:18 GMT
Server
nginx/1.24.0
ETag
"64feb0ee-b16"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2838
sta4.png
www.refund.btcpater.site/images/
4 KB
4 KB
Image
General
Full URL
https://www.refund.btcpater.site/images/sta4.png
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
c54d9b84724f305b8ffc85424e11fd6cc2c5e3c51b5ac2578cfecdf969c7adc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Last-Modified
Mon, 11 Sep 2023 06:17:22 GMT
Server
nginx/1.24.0
ETag
"64feb0f2-104e"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4174
sta5.png
www.refund.btcpater.site/images/
3 KB
3 KB
Image
General
Full URL
https://www.refund.btcpater.site/images/sta5.png
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
65c032dd1b95cd281048148c115786e45afaf55cb87be4d1c40d249c52a538ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Last-Modified
Mon, 11 Sep 2023 06:17:28 GMT
Server
nginx/1.24.0
ETag
"64feb0f8-b3a"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2874
secimg1.png
www.refund.btcpater.site/images/
7 KB
7 KB
Image
General
Full URL
https://www.refund.btcpater.site/images/secimg1.png
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
50a71916e69dedb3006a6d8d4bd34eb61a9bbd5b0b855deea339db5353a8b053

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Last-Modified
Mon, 11 Sep 2023 06:16:50 GMT
Server
nginx/1.24.0
ETag
"64feb0d2-1a14"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6676
secimg2.png
www.refund.btcpater.site/images/
10 KB
10 KB
Image
General
Full URL
https://www.refund.btcpater.site/images/secimg2.png
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
90e03459b70e54c789d5f93bcf5acdba764a2f8947845fb03095da792e019419

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Last-Modified
Mon, 11 Sep 2023 06:16:56 GMT
Server
nginx/1.24.0
ETag
"64feb0d8-277c"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10108
secimg3.png
www.refund.btcpater.site/images/
7 KB
7 KB
Image
General
Full URL
https://www.refund.btcpater.site/images/secimg3.png
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
f585ea5eb958a1bcabb4def40fd880a8bd35b46f23925123da124958cd79495c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Last-Modified
Mon, 11 Sep 2023 06:17:00 GMT
Server
nginx/1.24.0
ETag
"64feb0dc-1af6"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6902
secimg4.png
www.refund.btcpater.site/images/
9 KB
9 KB
Image
General
Full URL
https://www.refund.btcpater.site/images/secimg4.png
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
649f1ec919ad2a7141897f42156f777b81fb619ec083141899f1ca34859ace2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Last-Modified
Mon, 11 Sep 2023 06:17:04 GMT
Server
nginx/1.24.0
ETag
"64feb0e0-2333"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9011
pay6.png
www.refund.btcpater.site/images/
3 KB
4 KB
Image
General
Full URL
https://www.refund.btcpater.site/images/pay6.png
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
529885530d6836d23008cf9dbbb1d2f8fa3fa70b35f2336d37b4893cbe4b1149

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Last-Modified
Mon, 11 Sep 2023 06:15:36 GMT
Server
nginx/1.24.0
ETag
"64feb088-d29"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3369
pay7.png
www.refund.btcpater.site/images/
3 KB
3 KB
Image
General
Full URL
https://www.refund.btcpater.site/images/pay7.png
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
ada0f31132cbea01382a4b441dd9e4d66ac98bb15349329d0b6c09752540a513

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Last-Modified
Mon, 11 Sep 2023 06:15:40 GMT
Server
nginx/1.24.0
ETag
"64feb08c-c4c"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3148
pay8.png
www.refund.btcpater.site/images/
3 KB
3 KB
Image
General
Full URL
https://www.refund.btcpater.site/images/pay8.png
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
7e3036e2372b8b0748a07bae3ffef5836f1c142f9fb262c2c559a99f1b305610

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Last-Modified
Mon, 11 Sep 2023 06:15:46 GMT
Server
nginx/1.24.0
ETag
"64feb092-c81"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3201
pay10.png
www.refund.btcpater.site/images/
2 KB
3 KB
Image
General
Full URL
https://www.refund.btcpater.site/images/pay10.png
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
610129013f016ea728bcc392623f6393f33b536052fa5de9740bbea975f79f86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Last-Modified
Mon, 11 Sep 2023 06:15:50 GMT
Server
nginx/1.24.0
ETag
"64feb096-9e9"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2537
pay11.png
www.refund.btcpater.site/images/
4 KB
4 KB
Image
General
Full URL
https://www.refund.btcpater.site/images/pay11.png
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
ec5953fb1e9ee2ca4c8d7a505e3302f4fab9bec81d4d3c413165c1f12b1d5b1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Last-Modified
Mon, 11 Sep 2023 06:15:54 GMT
Server
nginx/1.24.0
ETag
"64feb09a-ecd"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3789
pay12.png
www.refund.btcpater.site/images/
3 KB
3 KB
Image
General
Full URL
https://www.refund.btcpater.site/images/pay12.png
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
aa9aefec4dcab6bb7b7599ad27fcd4665aff9cfdb8ec34a5d2e1493abd7b009a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Last-Modified
Mon, 11 Sep 2023 06:16:00 GMT
Server
nginx/1.24.0
ETag
"64feb0a0-c14"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3092
pay13.png
www.refund.btcpater.site/images/
3 KB
4 KB
Image
General
Full URL
https://www.refund.btcpater.site/images/pay13.png
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
905fce2331d0d9ed822a95768e6ad3e6265979be9b8fef737cd5e184f22ed6d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Last-Modified
Mon, 11 Sep 2023 06:16:04 GMT
Server
nginx/1.24.0
ETag
"64feb0a4-dd5"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3541
pay1.png
www.refund.btcpater.site/images/
3 KB
4 KB
Image
General
Full URL
https://www.refund.btcpater.site/images/pay1.png
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
39571d8a7a62044f62c396f28ea9a8a3c729aa66d9633a3c8419f6360a22db58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Last-Modified
Mon, 11 Sep 2023 06:15:08 GMT
Server
nginx/1.24.0
ETag
"64feb06c-d77"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3447
pay2.png
www.refund.btcpater.site/images/
3 KB
3 KB
Image
General
Full URL
https://www.refund.btcpater.site/images/pay2.png
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
0aaa556ad97129ea33074aeed89d4e93f67d65a9c4e50faf931773cb6478811f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Last-Modified
Mon, 11 Sep 2023 06:15:14 GMT
Server
nginx/1.24.0
ETag
"64feb072-bfc"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3068
pay3.png
www.refund.btcpater.site/images/
4 KB
4 KB
Image
General
Full URL
https://www.refund.btcpater.site/images/pay3.png
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
715fd18c9eaa34a793fe4610747b911c80f885fdf161de013aca1831f866f635

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Last-Modified
Mon, 11 Sep 2023 06:15:20 GMT
Server
nginx/1.24.0
ETag
"64feb078-ebb"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3771
pay4.png
www.refund.btcpater.site/images/
3 KB
3 KB
Image
General
Full URL
https://www.refund.btcpater.site/images/pay4.png
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
0050f10abb9679c62945c52f2a677c405d24154824d12eb739753c01038c8f42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Last-Modified
Mon, 11 Sep 2023 06:15:24 GMT
Server
nginx/1.24.0
ETag
"64feb07c-c2b"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3115
pay5.png
www.refund.btcpater.site/images/
4 KB
4 KB
Image
General
Full URL
https://www.refund.btcpater.site/images/pay5.png
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
d94e67a26f344c4eb054f4b771f591f4743d2ef5c382aa1b59147b29a8575138

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Last-Modified
Mon, 11 Sep 2023 06:15:30 GMT
Server
nginx/1.24.0
ETag
"64feb082-e76"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3702
cert-img.png
www.refund.btcpater.site/images/
45 KB
45 KB
Image
General
Full URL
https://www.refund.btcpater.site/images/cert-img.png
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
c43e05ea211a086c25517e3a0e1ce2700ff5c9afa867b38b74dc36e2192a4946

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Last-Modified
Mon, 11 Sep 2023 06:13:48 GMT
Server
nginx/1.24.0
ETag
"64feb01c-b225"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
45605
banner-bg.png
www.refund.btcpater.site/images/
652 KB
652 KB
Image
General
Full URL
https://www.refund.btcpater.site/images/banner-bg.png
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
9eba933e6501b8f004ddc2544a81de15a12f2063af34c25b6511734ea3e2417d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Last-Modified
Mon, 11 Sep 2023 06:13:36 GMT
Server
nginx/1.24.0
ETag
"64feb010-a2fa4"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
667556
about-bg.jpg
www.refund.btcpater.site/images/
35 KB
35 KB
Image
General
Full URL
https://www.refund.btcpater.site/images/about-bg.jpg
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
2e700ec722efe144884e188e6471d4fb7610a75e591c45db2f1285d26288eb3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Last-Modified
Mon, 11 Sep 2023 06:13:30 GMT
Server
nginx/1.24.0
ETag
"64feb00a-8c03"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35843
chse1.png
www.refund.btcpater.site/images/
42 KB
42 KB
Image
General
Full URL
https://www.refund.btcpater.site/images/chse1.png
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
da6640b05a50f8bd3ea45cf8d4bd30d7857b7b9fb617fbb800c44974b82074e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Last-Modified
Mon, 11 Sep 2023 06:13:54 GMT
Server
nginx/1.24.0
ETag
"64feb022-a63f"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42559
chse2.png
www.refund.btcpater.site/images/
50 KB
51 KB
Image
General
Full URL
https://www.refund.btcpater.site/images/chse2.png
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
bc5d073a63f6c38d8a0acbe720441cdcac0db9e611f474f87f91699811501285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Last-Modified
Mon, 11 Sep 2023 06:14:02 GMT
Server
nginx/1.24.0
ETag
"64feb02a-c9fe"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
51710
chse3.png
www.refund.btcpater.site/images/
46 KB
46 KB
Image
General
Full URL
https://www.refund.btcpater.site/images/chse3.png
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
371223f69da1d747c633d4d24d55ebf987567d4510febab4c1fe0161357cc222

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Last-Modified
Mon, 11 Sep 2023 06:14:22 GMT
Server
nginx/1.24.0
ETag
"64feb03e-b683"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
46723
wrks-ani.jpg
www.refund.btcpater.site/images/
526 KB
526 KB
Image
General
Full URL
https://www.refund.btcpater.site/images/wrks-ani.jpg
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
f501895ee715278c2732496748999f71f9bf2132f29e0cab968508a93456ed8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Last-Modified
Mon, 11 Sep 2023 06:17:42 GMT
Server
nginx/1.24.0
ETag
"64feb106-83745"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
538437
sta-bg.jpg
www.refund.btcpater.site/images/
200 KB
200 KB
Image
General
Full URL
https://www.refund.btcpater.site/images/sta-bg.jpg
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
6f96fa21dd6a25ca4aa959a1c38829139f082ea29d040be6ae42f16e6260b909

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Last-Modified
Mon, 11 Sep 2023 07:34:10 GMT
Server
nginx/1.24.0
ETag
"64fec2f2-320ca"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
205002
sta-li.png
www.refund.btcpater.site/images/
2 KB
2 KB
Image
General
Full URL
https://www.refund.btcpater.site/images/sta-li.png
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
059bba2ba02c381341b8d6213b2128b5b0bde86ef257d03d611621516293522e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Last-Modified
Mon, 11 Sep 2023 06:17:38 GMT
Server
nginx/1.24.0
ETag
"64feb102-7a9"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1961
foot-bg.png
www.refund.btcpater.site/images/
297 KB
297 KB
Image
General
Full URL
https://www.refund.btcpater.site/images/foot-bg.png
Requested by
Host: www.refund.btcpater.site
URL: https://www.refund.btcpater.site/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.173.36.3 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
host-185-173-36-3.macloud.host
Software
nginx/1.24.0 /
Resource Hash
166dfbd97aa1eeaa69220098a70f5204a6a8b8024cec79bddeabb2b64ed7baa6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refund.btcpater.site/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 31 Dec 2023 17:39:50 GMT
Last-Modified
Mon, 11 Sep 2023 06:14:52 GMT
Server
nginx/1.24.0
ETag
"64feb05c-4a3ce"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
304078
xMQbuFFYT72XzQUpDg.woff2
fonts.gstatic.com/s/sora/v12/
33 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sora/v12/xMQbuFFYT72XzQUpDg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Sora:wght@100;200;300;400;500;600;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
714cfbc8e4b3f224102a517dd5f39c85e114b27163602159deee4d8c4a8602f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.refund.btcpater.site
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 18:54:19 GMT
x-content-type-options
nosniff
age
513931
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33616
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:16:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Dec 2024 18:54:19 GMT
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Raleway:wght@100;200;300;400;500;600;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.refund.btcpater.site
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 08:54:04 GMT
x-content-type-options
nosniff
age
463546
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48208
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 08:54:04 GMT
pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.refund.btcpater.site
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 11:33:30 GMT
x-content-type-options
nosniff
age
108380
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7840
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:51:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Dec 2024 11:33:30 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.refund.btcpater.site
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 19:20:06 GMT
x-content-type-options
nosniff
age
166784
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Dec 2024 19:20:06 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.refund.btcpater.site
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 18:54:06 GMT
x-content-type-options
nosniff
age
513944
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:59:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Dec 2024 18:54:06 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@100;300;400;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.refund.btcpater.site
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 14:33:15 GMT
x-content-type-options
nosniff
age
529595
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Dec 2024 14:33:15 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.refund.btcpater.site
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 09:01:24 GMT
x-content-type-options
nosniff
age
463106
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 09:01:24 GMT

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture number| page_id string| CRedirectName boolean| redirectLastPage number| cookee_page_id object| pages function| setCookie function| readCookie function| redirectPage function| load function| init boolean| notificationHideShow number| notificationHideInt function| notificationShow function| notificationHide boolean| isAddNotificationPage function| addNotificationPage function| $ function| jQuery function| lity function| WOW object| AOS

4 Cookies

Domain/Path Name / Value
www.refund.btcpater.site/css Name: country
Value: Germany
www.refund.btcpater.site/css Name: ip
Value: 185.213.155.196
www.refund.btcpater.site/ Name: country
Value: Germany
www.refund.btcpater.site/ Name: ip
Value: 185.213.155.196

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
unpkg.com
use.fontawesome.com
www.refund.btcpater.site
www.w3schools.com
185.173.36.3
192.229.133.221
2606:4700::6810:7daf
2606:4700::6811:180e
2606:4700::6812:acf
2606:4700:e2::ac40:8d0d
2a00:1450:4001:812::200a
2a00:1450:4001:813::2003
2a00:1450:4001:831::200a
2a04:4e42:600::649
0050f10abb9679c62945c52f2a677c405d24154824d12eb739753c01038c8f42
02452c11ae46b2559264d1ee6740bf931d941c9785838946b86c0a7dda94e036
059bba2ba02c381341b8d6213b2128b5b0bde86ef257d03d611621516293522e
08f60930e1f6a245e8d1d21b01c31d016a1a93132973547bbbe36c9e1d9a9138
0aaa556ad97129ea33074aeed89d4e93f67d65a9c4e50faf931773cb6478811f
0ee00f2d28b8601f08c9a586b2dbdb47702bca435f1ca0204c91f6c9de04895d
14dbc8e1b73215c7f65c2868f670d97c54f5a6c64413b918c6857d18422584c9
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
166dfbd97aa1eeaa69220098a70f5204a6a8b8024cec79bddeabb2b64ed7baa6
1c02caf2a0f16318965676fd4b265265728d64fba2794a20b07151a4e891fca6
1f186426459b0cc5f1b77b829ed5c99536ef7b5a4df2a5fcfed0b222615c6dee
274348f82cd9e820b1ffc412a2712f87b7c23506921b0eddebea11d10b6b28f6
297c530ec6f1db5e6fbdc4fd4ce62aaf97a8b40dcf2b0bff3c9d07bf672bd897
2e700ec722efe144884e188e6471d4fb7610a75e591c45db2f1285d26288eb3f
371223f69da1d747c633d4d24d55ebf987567d4510febab4c1fe0161357cc222
39571d8a7a62044f62c396f28ea9a8a3c729aa66d9633a3c8419f6360a22db58
3e20e246f7a4885670c322f5909a34221a57e8b5067b351d819c0fe0394d5c4c
4a1589e623c8c242c56354dd3003c3a9cb5d91d9d6057ea1c90a08bef99d8507
4cd1ee31017733ddc9a52826313e699cdd8674853598d760b5f1e026bb525f19
50a71916e69dedb3006a6d8d4bd34eb61a9bbd5b0b855deea339db5353a8b053
529885530d6836d23008cf9dbbb1d2f8fa3fa70b35f2336d37b4893cbe4b1149
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5a4e6d55db6d66a2bbe0abf208c5b8c98f78878cee0c748590f08ff9b2e14d18
610129013f016ea728bcc392623f6393f33b536052fa5de9740bbea975f79f86
649f1ec919ad2a7141897f42156f777b81fb619ec083141899f1ca34859ace2a
65c032dd1b95cd281048148c115786e45afaf55cb87be4d1c40d249c52a538ce
6f96fa21dd6a25ca4aa959a1c38829139f082ea29d040be6ae42f16e6260b909
714cfbc8e4b3f224102a517dd5f39c85e114b27163602159deee4d8c4a8602f0
715fd18c9eaa34a793fe4610747b911c80f885fdf161de013aca1831f866f635
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
792745d438454eab169d8747d4d149f4fab9b9080d8e9823e451e20fde6eb486
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e3036e2372b8b0748a07bae3ffef5836f1c142f9fb262c2c559a99f1b305610
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
8d43e17b5ed00f2de537a8847e7eb2df8d54ee1354c62748bbaa8dfea5ebf93d
905fce2331d0d9ed822a95768e6ad3e6265979be9b8fef737cd5e184f22ed6d1
90e03459b70e54c789d5f93bcf5acdba764a2f8947845fb03095da792e019419
93ab8ae2581efb90c20445709b7402e82bf74100b1446860305bb5d118917775
9ab5f1868d663b2fcf356058bfabd23a9a428f29d226fa5ac93cc3269775e01c
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf
9eba933e6501b8f004ddc2544a81de15a12f2063af34c25b6511734ea3e2417d
a3328bc67f9ab80d6355d84ceb03d614a62a80b8264c4e494e0be95333d52e22
a781901393bd19811bef7ec44fe3715212110370a565ce384ff8a902de5eaf3e
aa9aefec4dcab6bb7b7599ad27fcd4665aff9cfdb8ec34a5d2e1493abd7b009a
ad26ec8a3728c7ab759a937b415be68bb65886fb81ac6a3d1c050d2989c512a8
ada0f31132cbea01382a4b441dd9e4d66ac98bb15349329d0b6c09752540a513
b810788f4ad84bac0eea9ba5031bcf14071bae9b93d49722908324f36a234db6
bc5d073a63f6c38d8a0acbe720441cdcac0db9e611f474f87f91699811501285
c43e05ea211a086c25517e3a0e1ce2700ff5c9afa867b38b74dc36e2192a4946
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c4f2aba13970ecf8303fb9329f97c8824861569273b0aa27acce48abc61d04f5
c54d9b84724f305b8ffc85424e11fd6cc2c5e3c51b5ac2578cfecdf969c7adc8
c64fdf4b7880c4dd570901fb7f1c2deddc66f506600f282b528d78d29187037f
c69308617553221c400a60526f09012aab49dcdc5e5a83fea57e618b8cc39c0d
cad2bcebc03ca6b937d0e882b569305e6999a23bbdb380e6b5b2171b9d2f7f7b
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d15107a04439a87057615cc746322fed8ad14f868c26f538e76ef93dba6347b2
d4c3e477587501614c69d3e9f9a5dea593213fbba35e66f3ec1916d20e1ecb6a
d5ce66786ec19fb558d71649f84439be33810e0824074f86342f96c5d1f06329
d7f92fca171404f4c87d2cf676ae9ba011e869e03410a9cbc1e0e47a3c32406e
d94e67a26f344c4eb054f4b771f591f4743d2ef5c382aa1b59147b29a8575138
da6640b05a50f8bd3ea45cf8d4bd30d7857b7b9fb617fbb800c44974b82074e9
e6408bcac33d58cbae97146a4bed2a68d9e25a45af665f6834cf592705c49d30
ec5953fb1e9ee2ca4c8d7a505e3302f4fab9bec81d4d3c413165c1f12b1d5b1f
f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f501895ee715278c2732496748999f71f9bf2132f29e0cab968508a93456ed8c
f585ea5eb958a1bcabb4def40fd880a8bd35b46f23925123da124958cd79495c
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
ff8c1eeaabf27111c1f4a10651da1e10917e912db6a54cdc7a753d27bedde956