refundmore.com Open in urlscan Pro
2606:4700:20::ac43:4664 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://rightchoicefundsmail.com/jp.php/2357524/64745/37918743/a1f9716f
Effective URL:
https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
Submission: On March 12 via manual (March 12th 2024, 4:35:48 pm UTC) from IN — Scanned from DE

Summary HTTP 92 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 17 domains to perform 92 HTTP transactions. The main IP is 2606:4700:20::ac43:4664, located in United States and belongs to CLOUDFLARENET, US. The main domain is refundmore.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 18th 2023. Valid for: a year.

This is the only time refundmore.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	216.189.19.66 216.189.19.66	6921 (ARACHNITEC) (ARACHNITEC)
1 1	52.51.176.35 52.51.176.35	16509 (AMAZON-02) (AMAZON-02)
1 1	52.214.92.19 52.214.92.19	16509 (AMAZON-02) (AMAZON-02)
1 37	2606:4700:20:... 2606:4700:20::ac43:4664	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2400:52e0:1e0... 2400:52e0:1e00::1081:1	200325 (BUNNYCDN) (BUNNYCDN)
5	52.222.236.71 52.222.236.71	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
3	18.66.112.79 18.66.112.79	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:350... 2a02:26f0:3500:18::1724:a29d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	13.224.189.76 13.224.189.76	16509 (AMAZON-02) (AMAZON-02)
1	34.237.252.135 34.237.252.135	14618 (AMAZON-AES) (AMAZON-AES)
2	2a02:26f0:350... 2a02:26f0:3500:887::f09	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2600:1901:0:7... 2600:1901:0:7a0b::	15169 (GOOGLE) (GOOGLE)
1	13.224.189.111 13.224.189.111	16509 (AMAZON-02) (AMAZON-02)
8	52.213.156.14 52.213.156.14	16509 (AMAZON-02) (AMAZON-02)
2	18.244.18.51 18.244.18.51	16509 (AMAZON-02) (AMAZON-02)
92	20

1 216.189.19.66 (United States) 1 redirects

ASN6921 (ARACHNITEC, US)
PTR: rightchoicefundsmail.com

rightchoicefundsmail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.176.35 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-176-35.eu-west-1.compute.amazonaws.com

monetisetrk5.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.214.92.19 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-92-19.eu-west-1.compute.amazonaws.com

monetisetrk.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2606:4700:20::ac43:4664 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

refundmore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:52e0:1e00::1081:1 (Germany)

ASN200325 (BUNNYCDN, SI)

cdn.usefathom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.222.236.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-71.fra56.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.112.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-79.fra56.r.cloudfront.net

cdn.elev.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:18::1724:a29d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

consent.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.189.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-76.fra2.r.cloudfront.net

chat-assets.frontapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.237.252.135 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-252-135.compute-1.amazonaws.com

ipa.elev.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:887::f09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

consentcdn.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imgsct.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-111.fra2.r.cloudfront.net

chat.frontapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.213.156.14 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-156-14.eu-west-1.compute.amazonaws.com

eu-west-1-chat-server.frontapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.244.18.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-51.fra56.r.cloudfront.net

events.elev.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	refundmore.com 1 redirects refundmore.com	546 KB
11	frontapp.com chat-assets.frontapp.com — Cisco Umbrella Rank: 62790 chat.frontapp.com — Cisco Umbrella Rank: 67519 eu-west-1-chat-server.frontapp.com — Cisco Umbrella Rank: 125722	451 KB
6	elev.io cdn.elev.io — Cisco Umbrella Rank: 27656 ipa.elev.io — Cisco Umbrella Rank: 27090 events.elev.io — Cisco Umbrella Rank: 158811	119 KB
5	trustpilot.com widget.trustpilot.com — Cisco Umbrella Rank: 5444	46 KB
4	cookiebot.com consent.cookiebot.com — Cisco Umbrella Rank: 4106 consentcdn.cookiebot.com — Cisco Umbrella Rank: 4763 imgsct.cookiebot.com — Cisco Umbrella Rank: 4866	118 KB
2	bugsnag.com sessions.bugsnag.com — Cisco Umbrella Rank: 844	131 B
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 228	56 KB
2	gstatic.com fonts.gstatic.com	39 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	2 KB
2	usefathom.com cdn.usefathom.com — Cisco Umbrella Rank: 19507	3 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104	455 B
1	youtube.com img.youtube.com — Cisco Umbrella Rank: 3344	35 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	91 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 788	7 KB
1	monetisetrk.co.uk 1 redirects monetisetrk.co.uk	867 B
1	monetisetrk5.co.uk 1 redirects monetisetrk5.co.uk	265 B
1	rightchoicefundsmail.com 1 redirects rightchoicefundsmail.com	324 B
92	17

	Domain	Requested by
37	refundmore.com	1 redirects refundmore.com static.cloudflareinsights.com
8	eu-west-1-chat-server.frontapp.com	chat-assets.frontapp.com
5	widget.trustpilot.com	refundmore.com widget.trustpilot.com
3	cdn.elev.io	refundmore.com cdn.elev.io
2	events.elev.io	cdn.elev.io
2	sessions.bugsnag.com	chat-assets.frontapp.com
2	chat-assets.frontapp.com	www.googletagmanager.com srcdoc
2	consent.cookiebot.com	www.googletagmanager.com consent.cookiebot.com
2	cdnjs.cloudflare.com	refundmore.com cdnjs.cloudflare.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	refundmore.com
2	cdn.usefathom.com	refundmore.com
1	imgsct.cookiebot.com
1	chat.frontapp.com	chat-assets.frontapp.com
1	consentcdn.cookiebot.com	consent.cookiebot.com
1	ipa.elev.io	cdn.elev.io
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	img.youtube.com	refundmore.com
1	www.googletagmanager.com	refundmore.com
1	static.cloudflareinsights.com	refundmore.com
1	monetisetrk.co.uk	1 redirects
1	monetisetrk5.co.uk	1 redirects
1	rightchoicefundsmail.com	1 redirects
92	23

This site contains links to these domains. Also see Links.

Domain
www.cookiebot.com
policies.google.com
frontapp.com
www.facebook.com
privacy.microsoft.com
flyhjaelp.dk
flyghjalp.se
flyhjelp.no
lentoapu.fi
www.trustpilot.com
www.dr.dk
www.berlingske.dk
www.bt.dk
jyllands-posten.dk
nyheder.tv2.dk
www.linkedin.com
www.youtube.com
www.twitter.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-18` - `2024-04-17`	a year	crt.sh
cdn.usefathom.com R3	`2024-02-24` - `2024-05-24`	3 months	crt.sh
*.trustpilot.com Amazon RSA 2048 M03	`2024-01-03` - `2025-01-31`	a year	crt.sh
cloudflareinsights.com GTS CA 1P5	`2024-03-10` - `2024-06-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
cdn.elev.io Amazon RSA 2048 M02	`2023-04-28` - `2024-05-26`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
consent.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-28` - `2025-02-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
frontapp.com Amazon RSA 2048 M03	`2023-12-31` - `2025-01-28`	a year	crt.sh
*.elev.io Amazon RSA 2048 M02	`2023-07-11` - `2024-08-08`	a year	crt.sh
*.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-26` - `2025-02-26`	a year	crt.sh
*.bugsnag.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-04-12`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
Frame ID: 6202C16D552BABB4B2610F5487E86318
Requests: 58 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=5c347395dc25ca0001b7c76f
Frame ID: 1EF7098548FBF92DB6F854C67B5CDC9B
Requests: 4 HTTP requests in this frame

Frame: https://refundmore.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/main.js
Frame ID: ABEB8DDA9F452E17FC6806B5F35CECC7
Requests: 2 HTTP requests in this frame

Frame: https://chat-assets.frontapp.com/v1/app.bundle.js?v=7a4e2471
Frame ID: A1A48D2BA3B12D8DA60DE053B74BCA0F
Requests: 23 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: 025BE4B4A93BEC48C6FEA770F137BA8E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Delayed or cancelled flight? The airline should compensate you!Powered by Cookiebot

Page URL History Show full URLs

https://rightchoicefundsmail.com/jp.php/2357524/64745/37918743/a1f9716f HTTP 301
https://monetisetrk5.co.uk/?a=6292&c=47869&s1= HTTP 302
https://monetisetrk.co.uk/?a=6292&c=47869&s1=&ckmguid=3f032149-b876-430e-876b-31fe2c9bd937 HTTP 302
https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_mediu... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Cookiebot (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.cookiebot\.com

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

92
Requests

82 %
HTTPS

55 %
IPv6

17
Domains

23
Subdomains

20
IPs

3
Countries

1512 kB
Transfer

4377 kB
Size

13
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cookiebot.com/en/what-is-behind-powered-by-cookiebot/
Title: Powered by Cookiebot

Search URL Search Domain Scan URL

URL: https://www.cookiebot.com/goto/privacy-policy/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://frontapp.com/privacy-policy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.facebook.com/policy.php/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com/en-US/privacystatement
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.cookiebot.com/
Title: Cookiebot

Search URL Search Domain Scan URL

URL: https://flyhjaelp.dk/
Title: DK

Search URL Search Domain Scan URL

URL: https://flyghjalp.se/
Title: SE

Search URL Search Domain Scan URL

URL: https://flyhjelp.no/
Title: NO

Search URL Search Domain Scan URL

URL: https://lentoapu.fi/
Title: FI

Search URL Search Domain Scan URL

URL: https://www.trustpilot.com/review/www.refundmore.com?stars=5
Title: 4.4 Out of 5 based on 50 reviews 4.4 Out of 5 based on 50 reviews

Search URL Search Domain Scan URL

URL: https://www.dr.dk/nyheder/penge/kontant/flypassagerer-har-krav-paa-millioner-af-kroner

Search URL Search Domain Scan URL

URL: https://www.berlingske.dk/virksomheder/fire-flytninger-paa-fire-aar-ung-ivaerksaettervirksomhed-paa-flyvende

Search URL Search Domain Scan URL

URL: https://www.bt.dk/samfund/flyhjaelp-direktoer-vurderer-erstatningsmuligheder-efter-flykonkurs-udsigterne-er

Search URL Search Domain Scan URL

URL: https://jyllands-posten.dk/livsstil/rejser/ECE8260596/Unge-fynboer-hj%C3%A6lper-flypassagerer-med-at-f%C3%A5-pengene-tilbage/

Search URL Search Domain Scan URL

URL: http://nyheder.tv2.dk/udland/2018-03-21-danskere-forsinket-i-over-40-timer-paa-flyrejse

Search URL Search Domain Scan URL

URL: https://www.facebook.com/refundmore/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/flyhj%C3%A6lp/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCXWY8r4oYsn-CQEie_h0m9g

Search URL Search Domain Scan URL

URL: https://www.twitter.com/flyhjaelp?lang=en

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://rightchoicefundsmail.com/jp.php/2357524/64745/37918743/a1f9716f HTTP 301
https://monetisetrk5.co.uk/?a=6292&c=47869&s1= HTTP 302
https://monetisetrk.co.uk/?a=6292&c=47869&s1=&ckmguid=3f032149-b876-430e-876b-31fe2c9bd937 HTTP 302
https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://refundmore.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://refundmore.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/main.js

92 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
refundmore.com/
Redirect Chain

https://rightchoicefundsmail.com/jp.php/2357524/64745/37918743/a1f9716f
https://monetisetrk5.co.uk/?a=6292&c=47869&s1=
https://monetisetrk.co.uk/?a=6292&c=47869&s1=&ckmguid=3f032149-b876-430e-876b-31fe2c9bd937
https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate

85 KB
18 KB

404ms
290ms

Document
text/html

2606:4700:20::ac43:4664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1869be115473225ef710734996c866b92e078ad4f720378b8bc98f9a31bfbc05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	sameorigin SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 863532e8ae994da4-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 12 Mar 2024 16:35:41 GMT
feature-policy: vibrate 'self'
font-src: https://fonts.gstatic.com
frame-src: https://optimize.google.com
img-src: https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OA1ko3pGAAKIMXC2T2tOf49cj%2Fq2hbj8u3rKqWkIUMYNhhF0SZKDk8GjNff5LqunKP4P97YqZqT6nhptRqFkcgOpk2mptfDcUVAQSR36lC0jDmCHX%2F97wuBjLF2Wn%2FSmAhEl67CJWm95XVPb"}],"group":"cf-nel","max_age":604800}
script-src: https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com 'unsafe-inline'
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
style-src: https://optimize.google.com https://fonts.googleapis.com 'unsafe-inline'
vary: Accept-Encoding
x-content-type-options: nosniff nosniff
x-frame-options: sameorigin SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 239
Content-Type: text/html; charset=utf-8
Date: Tue, 12 Mar 2024 16:35:41 GMT
Location: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 cabin.css
refundmore.com/cabin-build/css/ 75 KB
15 KB 98ms
97ms Stylesheet
text/css 2606:4700:20::ac43:4664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://refundmore.com/cabin-build/css/cabin.css?id=3e4f797610ebef98c6fb78f6f9b8d372

Requested by

Host: refundmore.com
URL: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44f2d4cb1cc7478ccf340ae68984394ea51008f82f2724a2078890e1536e25a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:35:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 11 Jul 2023 13:08:24 GMT
server: cloudflare
etag: W/"64ad5448-12be7"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iFB3nNb4AhPMf5K%2BbCQLRVoBB58hlVH%2BAIOfxGeBT0fMgoiEOHWmlTkg8xmB69rG%2Bitq%2Bu8yhJD3URei5kTUkqTSLb3Pb4Tj%2FkGsqXiCkibjUClwUjXmc%2FyEAenjFL2EflVAHEI4qj%2BfUrVf"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 863532ea893d4da4-FRA

GET
H2 200 fonts.css
refundmore.com/cabin-build/fonts/proxima-nova-full/ 850 B
570 B 122ms
121ms Stylesheet
text/css 2606:4700:20::ac43:4664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://refundmore.com/cabin-build/fonts/proxima-nova-full/fonts.css

Requested by

Host: refundmore.com
URL: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcfb1b8d48381410837b94ed0064450d48678d75dad6d9bd48479537e8f8cb0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:35:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 22 Nov 2019 08:25:12 GMT
server: cloudflare
etag: W/"5dd79b68-352"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g8DPDpMo3p0uDG3f9UjAbvMEPMJtX2%2B2zynvKwlX%2FYIkk9ykFHawM%2FzJKpOeMqq%2BNRxP2wpiQLtB7bHB%2FAwYHI%2F67yMxDM9g67P8rzwKVffXK%2BbdzXy5GAdYJUtxo%2FknF0Wgn%2Bi2lqmrhXjY"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 863532ea89404da4-FRA

GET
H2 200 fonts.min.css
refundmore.com/cabin-build/fonts/proxima-nova/ 3 KB
768 B 57ms
56ms Stylesheet
text/css 2606:4700:20::ac43:4664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://refundmore.com/cabin-build/fonts/proxima-nova/fonts.min.css

Requested by

Host: refundmore.com
URL: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d009f00617bc64f4f705eb6e54458e57a36567964209069c15c72ca8b32d586f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:35:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3941
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 17 Sep 2020 09:34:08 GMT
server: cloudflare
etag: W/"5f632d90-d76"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Az6As%2FohAuDYHWQWvoLIC7SmXgAWikLq160KmBdjn2WmTZqvuXUBP2JOm9qNrLROO6xJkkOINJc%2Far6I1vlyW9VkjOpzXj%2BINFBPIvQE54KMBbaN7Ckl6efZg12gUGFOyrCkCVLV29Bv%2FRRp"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 863532ea89424da4-FRA

GET
H2 200 script.js Show response
cdn.usefathom.com/ 6 KB
2 KB 132ms
43ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.usefathom.com/script.js
Requested by: Host: refundmore.com
URL: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 19ddbd3f35a8f49ec6c6b5074c782c5b9324b8fda7859ee5f632d10e95c02e81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:35:42 GMT
content-encoding: br
cdn-edgestorageid: 1082
x-vapor-base64-encode: True
cdn-cachedat: 03/07/2024 18:32:06
cdn-pullzone: 506217
last-modified: Fri, 01 Mar 2024 17:37:08 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: aa90c48b-f401-4fa1-aac1-c94c8f3ae560
cache-control: public, max-age=0
cdn-requestid: a7495a91b0f1730bd7268924cfb96b4a
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 21 KB
7 KB 127ms
40ms Script
application/x-javascript 52.222.236.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Host: refundmore.com
URL: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-71.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 02:42:11 GMT
content-encoding: gzip
via: 1.1 2ba7b49ec4c4de4e67297e603c89a5e4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P4
age: 50012
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6759
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Oct 2023 12:27:20 GMT
server: AmazonS3
etag: "15864ce88fa79a3e954417d0c3396798"
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: Jf8L3Kz_-gmOMjR1LOasiO96sRutMDDpbXzKqyw2TsP1_6XbglvOyg==

GET
H2 200 logo_white.svg
refundmore.com/storage/media/ 9 KB
3 KB 114ms
113ms Image
image/svg+xml 2606:4700:20::ac43:4664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refundmore.com/storage/media/logo_white.svg

Requested by

Host: refundmore.com
URL: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbd3b0cdf1788631c5103de09ee7e20bf1903a5800ce89478817c2341ea5524c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:35:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 22 Nov 2019 08:55:48 GMT
server: cloudflare
etag: W/"5dd7a294-2292"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4OZNmdBmimMo7g3Ku2z2vBFUH5av9k%2FPd9VPJpJLm1DK4ADVJdAxheqE%2FQZvLsQTqvDD813O9x7kdjW9JbAh8jGqRs6os4ovjVboI6JLjoJR0Orq2RDt74lW%2BuJF%2BJK3LQVs32HF4qWjmM%2Bl"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 863532ea89434da4-FRA

GET
H3 200 en-flag.png
refundmore.com/cabin-build/images/icons/flags/ 350 B
908 B 136ms
135ms Image
image/webp 2606:4700:20::ac43:4664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refundmore.com/cabin-build/images/icons/flags/en-flag.png

Requested by

Host: refundmore.com
URL: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a95c9a2469cf43edffc97c9e12f28d999ce0feb2e44887c3fca8d5351d484b7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:35:42 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=437
content-disposition: inline; filename="en-flag.webp"
alt-svc: h3=":443"; ma=86400
content-length: 350
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Wed, 16 Feb 2022 10:05:25 GMT
server: cloudflare
etag: "620ccc65-1b5"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VcRUAp2dNeAfWE0f3zuDTODat6Tt8p6dMwJ6%2BuAuFZFs24EgS6zTbWHZGLi5%2B5U6oHuyWFNsJnFSUY1Si35MN7lvO%2BPw%2FZcZN86iSgwRjLGCf6c1Tp30%2B%2FTZAfWE561wINib8qTU5fSrKK%2BK"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 863532eecd1abbb6-FRA

GET
H3 200 da-flag.png
refundmore.com/cabin-build/images/icons/flags/ 138 B
695 B 113ms
111ms Image
image/webp 2606:4700:20::ac43:4664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refundmore.com/cabin-build/images/icons/flags/da-flag.png

Requested by

Host: refundmore.com
URL: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

468fd5ad8ec10d92aa72288bf49e2b94b27e3cecc60109d798c8ef3572929296

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:35:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4675
cf-polished: origFmt=png, origSize=183
content-disposition: inline; filename="da-flag.webp"
alt-svc: h3=":443"; ma=86400
content-length: 138
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Wed, 16 Feb 2022 10:05:25 GMT
server: cloudflare
etag: "620ccc65-b7"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZjUobu9K5hQ0zPBPKY%2FqRVe4X%2Bc%2BXQZHPI3vs6vdwGbXEmH2OB%2B7LaU0PEBLH6D1QFvPtclNG5JLUEuNZfDEgYNa%2BPdoS%2BasNUq5Et6tH1cSX8Vn8aKZEwWdYQJW4BRRg72Cjqni6e%2Bsjui9"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 863532eecd1ebbb6-FRA

GET
H3 200 se-flag.png
refundmore.com/cabin-build/images/icons/flags/ 154 B
705 B 143ms
141ms Image
image/webp 2606:4700:20::ac43:4664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refundmore.com/cabin-build/images/icons/flags/se-flag.png

Requested by

Host: refundmore.com
URL: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1af26ab113273befa62cff2eef45f0cba9e0abf8d57db93dfc42ba10ce24c046

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:35:42 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=195
content-disposition: inline; filename="se-flag.webp"
alt-svc: h3=":443"; ma=86400
content-length: 154
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Wed, 16 Feb 2022 10:05:25 GMT
server: cloudflare
etag: "620ccc65-c3"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FcvSJ0Gl5Xk%2FjmDytVYc2dQfOYHtQBBi0YErMNef9qP5qMY0lBPvAUX0W8zqDzdfS0sPDM9U3NScCHLMhScKD0JnVjGtnSBxTZb9rCsgxTOfhmWVdX5srwZZtGiR2u5nyXqFVhYtz%2BahsoC1"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 863532eecd20bbb6-FRA

GET
H3 200 no-flag.png
refundmore.com/cabin-build/images/icons/flags/ 192 B
743 B 74ms
72ms Image
image/webp 2606:4700:20::ac43:4664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refundmore.com/cabin-build/images/icons/flags/no-flag.png

Requested by

Host: refundmore.com
URL: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80bdf7131df33e3c1a3d3d5d57be1c4b6e8359632276773bbba744f816ace819

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:35:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3934
cf-polished: origFmt=png, origSize=236
content-disposition: inline; filename="no-flag.webp"
alt-svc: h3=":443"; ma=86400
content-length: 192
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Wed, 16 Feb 2022 10:05:25 GMT
server: cloudflare
etag: "620ccc65-ec"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aZVb1QXy%2F5kLhQzTBSEz41PbOwD6DYsq3dPPz2%2FwO7igtP%2FsgOkEBrGZycAl%2Bwmbsv8gP7Nnj%2FbV7fy3tzwhNivC2iK%2Ft9eoPTKimg0ZNMNOici1NMMA5rhirPdpe7dE7HQbYcOfq8RuyBo0"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 863532eecd23bbb6-FRA

GET
H3 200 fi-flag.png
refundmore.com/cabin-build/images/icons/flags/ 122 B
668 B 113ms
111ms Image
image/webp 2606:4700:20::ac43:4664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refundmore.com/cabin-build/images/icons/flags/fi-flag.png

Requested by

Host: refundmore.com
URL: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f419dc93acfe5fd1da8b7efd04e54a45b34ce3bb7d4a89a194b71533018c037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:35:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3123
cf-polished: origFmt=png, origSize=158
content-disposition: inline; filename="fi-flag.webp"
alt-svc: h3=":443"; ma=86400
content-length: 122
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Wed, 16 Feb 2022 10:05:25 GMT
server: cloudflare
etag: "620ccc65-9e"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sYWX5MyuHWAHVL02SLuqRFXNpbded23mHNDj1SuOSBFPnD7KKpUsTvAWbr%2BS3miwwtw9xymJ47FARtdcBJ32OUGaKnQvvuBo7KisdJ6WglmnvRdew7VMegYoh4qnyLRPKp5R9KWndk8vfVvO"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 863532eecd26bbb6-FRA

GET
H2 200 refundmore-v-white.png
refundmore.com/storage/media/ 6 KB
6 KB 123ms
122ms Image
image/png 2606:4700:20::ac43:4664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refundmore.com/storage/media/refundmore-v-white.png

Requested by

Host: refundmore.com
URL: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e55ca5dd3fb9f932cf88fa680d5d5fcfef6ac9e766155c4e17c9db803654ea1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:35:41 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 6070
x-xss-protection: 1; mode=block
last-modified: Fri, 22 Nov 2019 08:55:49 GMT
server: cloudflare
etag: "5dd7a295-17b6"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dNWaa6W0E0Hc1P%2FDuMdS4PWrMCF%2FwpSCwODUgsX7CzRkyX0KXIxxiaCnHLVjin3gKkH39%2FqVgGe%2Ben2DEXbZfrudA3LTftvRavbjAoyAeSWRu28F2Vu6odKXr27Px1ReybhMb3qjDHdgbLh%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 863532ea89444da4-FRA

GET
H3 200 tp-white-text.svg
refundmore.com/cabin-build/images/cabin/trustpilot/ 4 KB
2 KB 115ms
112ms Image
image/svg+xml 2606:4700:20::ac43:4664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refundmore.com/cabin-build/images/cabin/trustpilot/tp-white-text.svg

Requested by

Host: refundmore.com
URL: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

860f3d82e7c3fa3faf23f9b8ac369a5afad68f2d8de1c18fc78de511c6ab6126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:35:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Feb 2022 10:05:25 GMT
server: cloudflare
etag: W/"620ccc65-104e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XRwwIOMIRIXNShg1kY5gDXBy1DBV%2FYoOmVzG8bk%2Bxra8FNS5moCaNTn1ij2zK36WhMLfSA0oBIYF%2FB665VieJhL9SOmBfyeap7A0KWw%2F%2FQCdUUk2Ak0iqYgCNMpXsrLXHL3lWYFS4VcnZY6z"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 863532eecd27bbb6-FRA

GET
H3 200 4.5.png
refundmore.com/cabin-build/images/cabin/trustpilot/stars/ 1 KB
2 KB 152ms
150ms Image
image/webp 2606:4700:20::ac43:4664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refundmore.com/cabin-build/images/cabin/trustpilot/stars/4.5.png

Requested by

Host: refundmore.com
URL: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c07888d3925b883d2e0bb24d2196869721d1bb66b910068bf28e055107418363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:35:42 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=1637
content-disposition: inline; filename="4.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1406
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Wed, 16 Feb 2022 10:05:25 GMT
server: cloudflare
etag: "620ccc65-665"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=StCHmtumv%2B8cH3BVGdTQAte%2FgjlePMTHpHw%2BKo%2FIHw91El%2F2xNHc37ubguGgbjHBknNKHVEZ%2FYAdWqpBgDJI6hM92yDqDycF5%2Bh%2B0ap6%2BZB1UJswBFhzZ7ufCOt1v3QJDuIUa%2ByBvSHZ%2FqKt"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 863532eecd2abbb6-FRA

GET
H3 200 dr-logo.png
refundmore.com/storage/media/ 646 B
1 KB 138ms
136ms Image
image/webp 2606:4700:20::ac43:4664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refundmore.com/storage/media/dr-logo.png

Requested by

Host: refundmore.com
URL: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799a095ce83dfd1da6c29795e794d848a857264dc202b0954b26d017b3bc5f2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:35:42 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=991
content-disposition: inline; filename="dr-logo.webp"
alt-svc: h3=":443"; ma=86400
content-length: 646
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 03 Mar 2020 09:48:13 GMT
server: cloudflare
etag: "5e5e27dd-3df"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GHWGcdQJg7cH3oJ8s2SaZopgMRzH9u63ti9op0K1IjJCkZ%2Bvu3SEMYMK2cmTogmCq6zeJeJQXc%2BXGMAQ289I7gbMg7PW5tGTtV9v2nrCSRV3HWuqtzIPrwQJzgUzSddbOFiRUScUWajTEuJ%2B"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 863532eecd2ebbb6-FRA

GET
H3 200 berlingske-logo.png
refundmore.com/storage/media/ 4 KB
5 KB 74ms
72ms Image
image/webp 2606:4700:20::ac43:4664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refundmore.com/storage/media/berlingske-logo.png

Requested by

Host: refundmore.com
URL: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b1bd7987dd6cddac0f63c0cbd0cb2fa4a43c1f14e56908517fffb8fe7686762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:35:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5271
cf-polished: origFmt=png, origSize=6894
content-disposition: inline; filename="berlingske-logo.webp"
alt-svc: h3=":443"; ma=86400
content-length: 4554
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 03 Mar 2020 09:48:07 GMT
server: cloudflare
etag: "5e5e27d7-1aee"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y0jpt4Q0G6YK9JTaZFStXdY0X8ULAkVWeY1kr2VioMDaGoIaGv59Js7FHpZjozhNJ3Fxnn0cdlzb%2FUMdAGxXwmnswq3iYol0yVUUDykqaYIdIhlHddmrmp1yj0qyYo8df4D%2FkfqNX0Tg74bH"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 863532eecd30bbb6-FRA

GET
H3 200 bt-logo.png
refundmore.com/storage/media/ 6 KB
7 KB 115ms
113ms Image
image/webp 2606:4700:20::ac43:4664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refundmore.com/storage/media/bt-logo.png

Requested by

Host: refundmore.com
URL: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b3174ef2e48ef4f1a28aae401a9dcfd848f73ac0c5048a7270665d01d5637da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:35:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3121
cf-polished: origFmt=png, origSize=18244
content-disposition: inline; filename="bt-logo.webp"
alt-svc: h3=":443"; ma=86400
content-length: 6608
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 03 Mar 2020 09:48:08 GMT
server: cloudflare
etag: "5e5e27d8-4744"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k8sa1zEGMyWvqmNIWWJbZ%2F5gOHRpBDWSRjFFmQu4BQliA6fH2%2Bt7iOE06Db0zumSRUE5%2FD%2F5TAAOHwuOWz9%2B2TyYBupFsEaavoNFTdPaFdipUiIryMNukfD%2BgPxQVxhr7Oy7aiJLTy0ov5ue"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 863532eecd33bbb6-FRA

GET
H3 200 jyllands-posten-logo.png
refundmore.com/storage/media/ 3 KB
3 KB 76ms
74ms Image
image/webp 2606:4700:20::ac43:4664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refundmore.com/storage/media/jyllands-posten-logo.png

Requested by

Host: refundmore.com
URL: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd5c7cd43c27400f0cb9f79ce259c104791ad7897284fb1220761f89e6af727

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:35:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5270
cf-polished: origFmt=png, origSize=3306
content-disposition: inline; filename="jyllands-posten-logo.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2706
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 03 Mar 2020 09:48:14 GMT
server: cloudflare
etag: "5e5e27de-cea"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BxstNC1fad6VIslr4smIh0Vih9AGuo6v7C%2F4huDIF09M%2FmZ4Z8481h2rEej5feAzScvAaRTzgK9MyAeDPyUQrZrT57%2BWu1IVAykhK%2Bee7UZ5rjFg%2FUURqua3jzfTWH0RV85WdjZRBiYFg0hw"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 863532eecd36bbb6-FRA

GET
H3 200 tv2-logo.png
refundmore.com/storage/media/ 1 KB
2 KB 116ms
114ms Image
image/webp 2606:4700:20::ac43:4664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refundmore.com/storage/media/tv2-logo.png

Requested by

Host: refundmore.com
URL: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9226ab634c1d648d8d727e9258162bd8cc7a8099847fe54e4614dfca29ab1495

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:35:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5271
cf-polished: origFmt=png, origSize=1560
content-disposition: inline; filename="tv2-logo.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1070
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 03 Mar 2020 09:48:14 GMT
server: cloudflare
etag: "5e5e27de-618"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9R%2Bm1lr7YjQjdRe%2FsIwy3YbZE0Xkj6JSD708KPQbDURXEgS67byboVTElaTfpcAA46oB5MPAccOm4m23DVqSSI7p9G2k1YE4LykZiOvsO3eqBufYtdJiPFPlWPGg40KfyS0JoIJv%2Bxj5T45M"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 863532eecd38bbb6-FRA

GET
H3 200 tryg-en.png
refundmore.com/cabin-build/images/cabin/tryg-logos/ 2 KB
2 KB 138ms
136ms Image
image/webp 2606:4700:20::ac43:4664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refundmore.com/cabin-build/images/cabin/tryg-logos/tryg-en.png

Requested by

Host: refundmore.com
URL: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d38c4482f83c30c62828e22a70c556a5b0eff02f287fec24b2365085eb1d7c6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:35:42 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=2352
content-disposition: inline; filename="tryg-en.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1944
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Wed, 16 Feb 2022 10:05:25 GMT
server: cloudflare
etag: "620ccc65-930"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ahgGMKpKdTG1G%2FBPMmmYomxEZmT8Ik%2BuVYXPSTTpCzSUGn6sepUDVI0uyH5KRL9%2BgP5Gxe%2FiOo47r4s6UPcEF2LfKomv7GKvP%2BWcklbQmVc38GXdIzHFpMxmb1t7pLBvvlIXP%2B0B5gdj5dGs"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 863532eecd3bbbb6-FRA

GET
H3 200 benedikte.jpeg
refundmore.com/cabin-build/images/cabin/widgets/why-choose-us/ 18 KB
19 KB 117ms
115ms Image
image/jpeg 2606:4700:20::ac43:4664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refundmore.com/cabin-build/images/cabin/widgets/why-choose-us/benedikte.jpeg

Requested by

Host: refundmore.com
URL: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f5a6f0cb7a2997342232293a3ace736990ba135386d37f0be13b930ec017c2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:35:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3924
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 18701
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Wed, 16 Feb 2022 10:05:25 GMT
server: cloudflare
etag: "620ccc65-490d"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M1bnMkqA1X5NuC8AoinIqQ8hf474uKCQxkYIYFrflKxLkMBLASkCUPlw9v%2BBxEE8bhInc7jPl0DJIcGW8wBgKFcOS1MVVIkWXeGFqW%2FdeVWxBDkenpav1LGxPzVIyimxH8jeqj6tP4zTLhmF"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 863532eecd3dbbb6-FRA

GET
H3 200 gustav.jpeg
refundmore.com/cabin-build/images/cabin/widgets/why-choose-us/ 46 KB
46 KB 132ms
130ms Image
image/jpeg 2606:4700:20::ac43:4664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refundmore.com/cabin-build/images/cabin/widgets/why-choose-us/gustav.jpeg

Requested by

Host: refundmore.com
URL: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e11a0c02496dfb00597d6808ec05dc90e025791b9441dc8c60d2d4f4ef4aa13e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:35:42 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 46859
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 29 Nov 2022 11:26:18 GMT
server: cloudflare
etag: "6385ec5a-b70b"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2FhdIAB4pI5tVcT%2Bcy%2B6mWsJrEmc7wpJ6usnDJ0n4VVWnFXP%2FncMxUgaPN6Ut%2FsXeGtzzXMB41bHdxOdqEhhPcl3MloHJrQYR2Q8aEJzzJ3vm18dk6axOFPHQxXp0kjYRVSxKsvRaXXOqAHA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 863532eecd3ebbb6-FRA

GET
H3 200 JohanO.jpeg
refundmore.com/cabin-build/images/cabin/widgets/why-choose-us/ 26 KB
26 KB 76ms
75ms Image
image/jpeg 2606:4700:20::ac43:4664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refundmore.com/cabin-build/images/cabin/widgets/why-choose-us/JohanO.jpeg

Requested by

Host: refundmore.com
URL: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f700b04072da3635e99e9e5e9c57b851863633d9c1bff173339f85464c8fb9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:35:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5270
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 26441
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 08 Mar 2022 10:54:40 GMT
server: cloudflare
etag: "622735f0-6749"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KSH1dfK2cTYnDukc%2Fdw3dNf3wGFfJyVy%2F1YDGm%2B7epk17aAXvcYD5IHcbbkhwbjuj0GPs1M0ZLaPPGMjrnrB7kiBLjuGp5F8OFq1qFkwXtn8njyjTwRHDVU5b4jDS3bHrKw6OCnXhdMt0kOQ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 863532eecd3fbbb6-FRA

GET
H3 200 download-thumb-medium.jpg
refundmore.com/storage/spatie_media/254/conversions/ 35 KB
36 KB 70ms
68ms Image
image/jpeg 2606:4700:20::ac43:4664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refundmore.com/storage/spatie_media/254/conversions/download-thumb-medium.jpg

Requested by

Host: refundmore.com
URL: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44f472034e5878bf04e184b19069a401c727ff50a74e2f691686b6d6461429c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:35:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4671
cf-polished: origSize=36758
alt-svc: h3=":443"; ma=86400
content-length: 36229
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 19 Apr 2022 09:39:47 GMT
server: cloudflare
etag: "625e8363-8f96"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XAUsuWv04SwJYLRE%2FeLk4a6r5xi6QwXQOyuUdo39rTi3MRkQC3Mre8ty20w7OLIwq18l%2Fxfex5SB6KVMd1kT5x6dp1pYFZNFk4tPN2EPKJ2zCLfOvAbQ2qqWP9B%2Fmncz15iMji9nxQss%2BKk%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 863532eecd41bbb6-FRA

GET
H3 200 bgr_outline.svg
refundmore.com/cabin-build/images/cabin/widgets/join-us/ 31 KB
8 KB 152ms
150ms Image
image/svg+xml 2606:4700:20::ac43:4664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refundmore.com/cabin-build/images/cabin/widgets/join-us/bgr_outline.svg

Requested by

Host: refundmore.com
URL: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b515858a2f8a8f3846408795bab0b6edbadd19abd87de4fa9ab2c791917b698c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:35:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Feb 2022 10:05:25 GMT
server: cloudflare
etag: W/"620ccc65-7bd1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=64FsC4j22aJpjTmgVvsQwnhoLy67oW91LzlagU%2BVqW84juN8y8SxUUoVcLO%2FmW%2FbzN7ULRQwJdNX3n%2Bdyxo1XdrT6%2FI5sOQQb%2FU5FXvySVaDhg2tJE3HMS43nk8T7CkbAepEZ%2F%2F%2FobVGHf2L"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 863532eecd42bbb6-FRA

GET
H3 200 bgr_mobile.svg
refundmore.com/cabin-build/images/cabin/widgets/join-us/ 16 KB
5 KB 118ms
116ms Image
image/svg+xml 2606:4700:20::ac43:4664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refundmore.com/cabin-build/images/cabin/widgets/join-us/bgr_mobile.svg

Requested by

Host: refundmore.com
URL: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5262da07c075d3129b62caf94f05f76d9f99af19bd39d63731ca01cbc6bd636c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:35:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3920
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Feb 2022 10:05:25 GMT
server: cloudflare
etag: W/"620ccc65-40ac"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E9s9i300fVbS9oW8xp%2FA1I%2FQ2LN7VeOM021%2FC8djRUToqC%2BzbwLdD5%2FRh%2BFMrPYPIXub%2BR0%2Bmg3L1tSpOdDtWVPSgWlF8%2FkyJkdorvEVKNQp%2F42tHFqWqxLSF5kdVFJ0%2BG2YfXAUFMdCL%2Bq8"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 863532eecd43bbb6-FRA

GET
H3 200 Refundmore%20blue%20cuttet.png
refundmore.com/storage/media/ 14 KB
14 KB 71ms
70ms Image
image/webp 2606:4700:20::ac43:4664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refundmore.com/storage/media/Refundmore%20blue%20cuttet.png

Requested by

Host: refundmore.com
URL: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84e1b12ccf5d64b6a6197251fe93afd4996bbb132c8d86f82ae11e0b375e25d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:35:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4671
cf-polished: origFmt=png, origSize=16544
content-disposition: inline; filename="Refundmore%20blue%20cuttet.webp"
alt-svc: h3=":443"; ma=86400
content-length: 14256
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Fri, 22 Nov 2019 08:55:49 GMT
server: cloudflare
etag: "5dd7a295-40a0"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FtX6qPzDcCoNACQvm1UYieg%2FAMd9CB3pdrInxAwOxz0ZRwYrWLWitQTRPvPLZxd%2FEuyBF7%2Bg0vpqXmQ7A4Qwm5QZIu8tlXc1iOaRCQ9Wj1ygoItBIHRbZjGrGud415OSlim3UG8NqRENmrak"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 863532eecd46bbb6-FRA

GET
H3 200 email-decode.min.js Show response
refundmore.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 44ms
44ms Script
application/javascript 2606:4700:20::ac43:4664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://refundmore.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: refundmore.com
URL: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:35:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Mar 2024 17:52:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65e75beb-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b7H7ZYvptbECWy%2B4Ef%2F7LRC4KqO6iBB3DMg9kzepM5C1oL9wAZfqPWYUJBNIhuM1xRrwxaI%2FSTwTiQzOxuM5QNywTR3oIwjI6ekxAopPnUuAaw0w3hxvhD2xcW5yiP7p2ZNmkYAnhgJyae6u"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 863532eb3fa9bbb6-FRA
expires: Thu, 14 Mar 2024 16:35:41 GMT

GET
H3 200 cabin.js Show response
refundmore.com/cabin-build/js/ 647 KB
177 KB 124ms
123ms Script
application/javascript 2606:4700:20::ac43:4664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://refundmore.com/cabin-build/js/cabin.js?id=72f28a76ad21151ca5e344e1a820ceb9

Requested by

Host: refundmore.com
URL: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41b516e6d26ed051915a445cbb549aac5dcf3381a12bccce1d57985c09d49df1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:35:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 26 Jan 2024 07:56:07 GMT
server: cloudflare
etag: W/"65b36597-a1cef"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zpmgt%2F1oSq9WODKXAlf3AhqD2%2BTD7qWgbv5fIMaYHG6cR9i%2BU1uS4yBWbKP26m9eOMeBNexyKqHOLFFjOyHRif2fAf7TiewgPRVjHLXdVs1n3A2jQdrPmRQWSp%2BQr%2BY4QwcMK2enk2TZmV2q"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 863532eb4fbbbbb6-FRA

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 182ms
88ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: refundmore.com
URL: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
Origin: https://refundmore.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:35:42 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 863532ef5fc99b8e-FRA

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 572ms
50ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather:400,700,900|Playfair+Display:400,700,900

Requested by

Host: refundmore.com
URL: https://refundmore.com/cabin-build/css/cabin.css?id=3e4f797610ebef98c6fb78f6f9b8d372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

135b5aa61cb03b5ef29cf35a9979448d5298e5485240b330a082df37a9a51145

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/cabin-build/css/cabin.css?id=3e4f797610ebef98c6fb78f6f9b8d372
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 12 Mar 2024 16:35:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 12 Mar 2024 16:35:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Mar 2024 16:35:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
630 B 573ms
52ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Work+Sans:300,400,500,600,700,800

Requested by

Host: refundmore.com
URL: https://refundmore.com/cabin-build/css/cabin.css?id=3e4f797610ebef98c6fb78f6f9b8d372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a7aa6f63d69dfc0d8f7202a87ddf63820d9b8b0ac3fa552bb19d424c3888ff82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/cabin-build/css/cabin.css?id=3e4f797610ebef98c6fb78f6f9b8d372
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 12 Mar 2024 16:35:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 12 Mar 2024 16:35:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Mar 2024 16:35:42 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 264 KB
91 KB 160ms
73ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PFKBMFW

Requested by

Host: refundmore.com
URL: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3771c2a615588e5997b47e8f011a22bb8e6877a1c0c38f684ef84f4178cd7250

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:35:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92831
x-xss-protection: 0
last-modified: Tue, 12 Mar 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 12 Mar 2024 16:35:42 GMT

GET
H2 200 elevio-bootloader.js Show response
cdn.elev.io/sdk/bootloader/v4/ 794 B
1 KB 159ms
40ms Script
application/javascript 18.66.112.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.elev.io/sdk/bootloader/v4/elevio-bootloader.js?cid=5e3165d9250b1
Requested by: Host: refundmore.com
URL: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-79.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0d0b9c6a4e12ea204fbc097f33bb003debd35614e7da13ba3a39d9dd43df71a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: JsU7DVK8giO1oFGECiZ0i3K4flrJSpKt
date: Tue, 12 Mar 2024 05:46:40 GMT
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
age: 38943
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 794
last-modified: Fri, 01 Mar 2024 01:10:24 GMT
server: AmazonS3
etag: "f2977d36661691b2ae7cd6078796d570"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: EUtNCo39Uw8GNP5i-dUxI6_ZnQ2F4GI86m8hVtLLFwDUiQra9h8xMw==

GET
H3 200 Mark%20Simonson%20-%20Proxima%20Nova%20Alt%20Regular-webfont.woff2
refundmore.com/cabin-build/fonts/proxima-nova/ 34 KB
34 KB 85ms
85ms Font
application/octet-stream 2606:4700:20::ac43:4664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://refundmore.com/cabin-build/fonts/proxima-nova/Mark%20Simonson%20-%20Proxima%20Nova%20Alt%20Regular-webfont.woff2

Requested by

Host: refundmore.com
URL: https://refundmore.com/cabin-build/fonts/proxima-nova/fonts.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59de84b4c4f9dc0b6a39bb62b880368293be1c5b3de954732eeae8a8cf7d1c0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://refundmore.com/cabin-build/fonts/proxima-nova/fonts.min.css
Origin: https://refundmore.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:35:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5268
alt-svc: h3=":443"; ma=86400
content-length: 34688
x-xss-protection: 1; mode=block
last-modified: Fri, 22 Nov 2019 08:25:12 GMT
server: cloudflare
etag: "5dd79b68-8780"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sWocv3n0S9O%2B2rax5ByKpcUs%2BrnNBJnAo3SKqpkpa1i%2FRCTAd0G3ryFMYtpFmDX%2Bp1lJX2DiVYIsPzlhWodlERfE9tfqyOHr9UDYnrJigqs%2F%2F6tcTcLJn%2FbWZ2CCLeL8lyPRwiXr%2FXC536J4"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
vary: Accept-Encoding
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 863532eefd86bbb6-FRA

GET
H3 200 Proxima%20Nova%20Bold.otf
refundmore.com/cabin-build/fonts/proxima-nova-full/ 94 KB
95 KB 109ms
108ms Font
application/octet-stream 2606:4700:20::ac43:4664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://refundmore.com/cabin-build/fonts/proxima-nova-full/Proxima%20Nova%20Bold.otf

Requested by

Host: refundmore.com
URL: https://refundmore.com/cabin-build/fonts/proxima-nova-full/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa617e6195b48622cd13742f0a33f41bd0a3f8b5689424c90f6cba97d4679644

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://refundmore.com/cabin-build/fonts/proxima-nova-full/fonts.css
Origin: https://refundmore.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:35:42 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 96640
x-xss-protection: 1; mode=block
last-modified: Fri, 22 Nov 2019 08:25:12 GMT
server: cloudflare
etag: "5dd79b68-17980"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BQo%2B3QDAVhX%2Bn0k6Q6q%2BTRlOEh%2Bx9IIWOz4XoEO7mRvBkmnmjWi0ieJ1c1PD9Zh5sd%2F%2FUwtkU%2FjwVQm9%2BLM4tN9W7izwbnka06k%2B1sI7yvwIYYUJYhUgDVD2zENwjBgwA9AGwmbF%2Fu2DOEXG"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
vary: Accept-Encoding
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 863532eefd89bbb6-FRA

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
19 KB 166ms
77ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,700,900|Playfair+Display:400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://refundmore.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 02:27:03 GMT
x-content-type-options: nosniff
age: 50919
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19740
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Mar 2025 02:27:03 GMT

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ 20 KB
20 KB 127ms
39ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,700,900|Playfair+Display:400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://refundmore.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:38:30 GMT
x-content-type-options: nosniff
age: 79032
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20028
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:41:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Mar 2025 18:38:30 GMT

GET
H3 403 /
refundmore.com/cabin-build/images/cabin/trustpilot/users/ 2 KB
2 KB 121ms
120ms Image
text/html 2606:4700:20::ac43:4664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://refundmore.com/cabin-build/images/cabin/trustpilot/users/
Requested by: Host: refundmore.com
URL: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4664 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61974f5473ade73e921db94caaf9bf3163e2df2f25ab1f53300c27ccd082709c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:35:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=paK0MVuvtH1YTu2nk%2FLc7JT5ULB7cEDM5utEupMKmJNoDoDNDr414W%2ByygLu8wgUSsrQeUAbgwtQq%2BjST%2BB8ErDdEfOv5cOy9UIi4sTcJnlNIGwBoDa2HHHtuy5wdwR2mOYAa%2BQZUUYas6cE"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 863532ef3de2bbb6-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 sddefault.jpg
img.youtube.com/vi/ikBmnFd4xPI/ 34 KB
35 KB 130ms
40ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/ikBmnFd4xPI/sddefault.jpg

Requested by

Host: refundmore.com
URL: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5b06eb64065e10a9585ffa4b5c8d2ae1a780c7a31ed59d6b2534f589c7ea865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 15:18:21 GMT
x-content-type-options: nosniff
age: 4641
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35159
x-xss-protection: 0
server: sffe
etag: "1606978227"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 12 Mar 2024 17:18:21 GMT

GET
H2 200 ionicons.min.css
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.5/css/ 45 KB
6 KB 131ms
50ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.5/css/ionicons.min.css

Requested by

Host: refundmore.com
URL: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

057bb1905a283c2d6f0a097301ee734776f51ddcf903bffe422cbdbc02d98c23

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:35:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 11448061
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5229
last-modified: Mon, 04 May 2020 16:11:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03eae-b5ff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2xMYHd1Nbskhvk7QoQkSx%2BjsF3Rt%2FgZT5FooXB2y%2FfnASwwKnh8LCrKk3r0Xk%2FCygbFMP6EDzkIxyf0%2FyEMYAhhuac0yGkt4JndrUxAbCkmDwYWjkiy3RjOMCkFZvRiA14gpRv0pgvO5gOj4rCsOpAhq"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 863532efcab00497-FRA
expires: Sun, 02 Mar 2025 16:35:42 GMT

GET
H2 200 index.html Show response
widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/ Frame 1EF7 14 KB
4 KB 42ms
42ms Document
text/html 52.222.236.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=5c347395dc25ca0001b7c76f

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-71.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6146aa599d7389810437d5ae488f919f8858d9744f31d501ec2d1e89824d8d60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 50414
cache-control: max-age=86400
content-encoding: gzip
content-length: 3267
content-type: text/html
date: Tue, 12 Mar 2024 02:35:29 GMT
etag: "2922a85ce6caf46f828c097bf7aa1036"
last-modified: Mon, 30 Oct 2023 13:11:24 GMT
server: AmazonS3
strict-transport-security: max-age=31536000
via: 1.1 2ba7b49ec4c4de4e67297e603c89a5e4.cloudfront.net (CloudFront)
x-amz-cf-id: wM0Zx4YOcoJhkI_S2Srm-faznkOXctHHeRHA_DERdo1ruefMWqbviQ==
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 /
cdn.usefathom.com/ 43 B
427 B 47ms
47ms Image
image/gif 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.usefathom.com/?h=https%3A%2F%2Frefundmore.com&p=%2F&r=&sid=HPKGWSVX&qs=%7B%22utm_source%22%3A%22monetise%22%2C%22utm_medium%22%3A%22affiliate%22%7D&cid=87168924
Requested by: Host: refundmore.com
URL: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:35:42 GMT
cdn-edgestorageid: 1081
cdn-cachedat: 03/12/2024 16:35:42
cdn-pullzone: 506217
content-length: 43
pragma: no-cache
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
tk: N
content-type: text/plain; charset=utf-8, image/gif
cdn-cache: MISS
cdn-uid: aa90c48b-f401-4fa1-aac1-c94c8f3ae560
cache-control: public, max-age=0
cdn-requestid: e3dfbde40a0cc672b9b5cb6da79c7f2d
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 elevio-main.js Show response
cdn.elev.io/sdk/main/v4/1709255421785/ 392 KB
102 KB 45ms
45ms Script
application/javascript 18.66.112.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.elev.io/sdk/main/v4/1709255421785/elevio-main.js
Requested by: Host: cdn.elev.io
URL: https://cdn.elev.io/sdk/bootloader/v4/elevio-bootloader.js?cid=5e3165d9250b1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-79.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b9b720e67606ddb1c4d4ad146d7cf107dc7de75874779693b21cc01c7416aa69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: 1NpSJ_Q7ZznbPimGORFw_7fzmgZqnj9n
content-encoding: gzip
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
date: Tue, 12 Mar 2024 04:40:35 GMT
age: 42908
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Fri, 01 Mar 2024 01:10:24 GMT
server: AmazonS3
etag: W/"17d7371976ab4fecefd3a6503b14798a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public, immutable
x-amz-cf-id: TbrXAW5cSXz2qzQDfivEh56Cxj7eeDGvabBCzgVl4a9g-qCmw3-1pQ==

GET
H2 200 main.js Show response
widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/ Frame 1EF7 112 KB
31 KB 45ms
45ms Script
application/x-javascript 52.222.236.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/main.js

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=5c347395dc25ca0001b7c76f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-71.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

192200684e5fefa431cc2256e24dd195fb231b961554eaaee1900acec95e3101

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=5c347395dc25ca0001b7c76f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 00:32:26 GMT
content-encoding: gzip
via: 1.1 2ba7b49ec4c4de4e67297e603c89a5e4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P4
age: 57797
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 31409
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Oct 2023 13:11:26 GMT
server: AmazonS3
etag: "60fe166092712d93cc87039640675ef6"
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: iU_eeFdQfFyFk23prZXNiQbX4qHLvHiGvJ03_sGLx64Y1MKn2KwhiQ==

GET
H3

200

main.js Show response
refundmore.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/ Frame ABEB
Redirect Chain

https://refundmore.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://refundmore.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/main.js

8 KB
4 KB

49ms
48ms

Script
application/javascript

2606:4700:20::ac43:4664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://refundmore.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/main.js

Requested by

Host: refundmore.com
URL: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate

Protocol

Server

2606:4700:20::ac43:4664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

288fdc34d64e603e5cfa99584775d91061e0bc2f5b9c6e61331b2977a78832af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:35:42 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qzvFVLtyj8%2FFmk5R6TSMZ3Z%2FjnuvA%2FpRKr7oW0eqBKJM9MEaXQGotvvFtpt%2FzGG7ZKC%2BYhsB21bnuT0B4oxBi7Nx0N64dkYfAG88lFD6XRBMVHrvRchXixHU7gFn9KIaV7nZDhGmP0juDFin"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 863532f04f52bbb6-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 12 Mar 2024 16:35:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HOr0G2absBgnYB7uk35vcLUzKxpVag6%2B6T%2FSh8pw0KZrIab54gHBLrHJIK553MzdlvwcraAxgGRXXK5xG30ze7Cck%2BGuWnq3ly9kOXWFBUMiGpuJviMjVSJZwoPjSbqj%2BVTJs1w%2B5MhLtval"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 863532effed6bbb6-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 ionicons.woff2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.5/fonts/ 49 KB
50 KB 95ms
51ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.5/fonts/ionicons.woff2?v=4.5.4

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.5/css/ionicons.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d02d165cb720aec2fde78a93113a459729e0503951353f719076bc5b4a7a845

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.5/css/ionicons.min.css
Origin: https://refundmore.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:35:42 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7155183
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 50556
last-modified: Mon, 04 May 2020 16:11:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03eae-c57c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3rOJB8qtH6vcYvkT4%2Bb4QtKNG1cdhmUCQKnwVs1E5SOfFeWiEtEYhToMTNc2c1eMqv2h%2FhHwwiDADrezmWMktgJCzCC%2FHL9HNr5I5shEmKC%2BPSnjyFqqbQupMFx%2FaBxn5D16WEQHeIkEYFWejsdcpURQ"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 863532f069a99bdc-FRA
expires: Sun, 02 Mar 2025 16:35:42 GMT

GET
H2 200 53aa8912dec7e10d38f59f36 Show response
widget.trustpilot.com/trustbox-data/ Frame 1EF7 9 KB
4 KB 135ms
134ms XHR
application/json 52.222.236.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustbox-data/53aa8912dec7e10d38f59f36?businessUnitId=5c347395dc25ca0001b7c76f&locale=en-GB&reviewLanguages=en&reviewStars=5&includeReviews=true&reviewsPerPage=15

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-71.fra56.r.cloudfront.net

Software

Kestrel /

Resource Hash

7b08235f8c515f82146f169ca2d8ce057dbd1dfc69c6e39084d02cbab3d06ee4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=5c347395dc25ca0001b7c76f
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 12 Mar 2024 16:35:42 GMT
via: 1.1 2ba7b49ec4c4de4e67297e603c89a5e4.cloudfront.net (CloudFront)
server: Kestrel
x-amz-cf-pop: FRA56-P4
etag: "ba9da7cb594d21c67f32259c567516f7"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/json; charset=utf-8
cache-control: public,max-age=1800
x-amz-cf-id: y6Bvlgw_NivxD_KQYb2pttCdQ6Z-JAvUTdwyYwgIp-voyLQBXn8EZw==
x-xss-protection: 1; mode=block

GET
H2 204 TrustboxImpression Show response
widget.trustpilot.com/stats/ Frame 1EF7 0
321 B 66ms
66ms XHR
text/plain 52.222.236.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/stats/TrustboxImpression?locale=en-GB&reviewLanguages=en&styleHeight=220px&styleWidth=100%25&theme=light&stars=5&url=https%3A%2F%2Frefundmore.com%2F%3F%2Fmonetiseaffid%3D6292%26monetiseclickid%3D315219633%26utm_source%3Dmonetise%26utm_medium%3Daffiliate&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F122.0.6261.111%20Safari%2F537.36&language=en-US&platform=Win32&nosettings=1&businessUnitId=5c347395dc25ca0001b7c76f&widgetId=53aa8912dec7e10d38f59f36

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-71.fra56.r.cloudfront.net

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=5c347395dc25ca0001b7c76f
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 12 Mar 2024 16:35:42 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: 1.1 2ba7b49ec4c4de4e67297e603c89a5e4.cloudfront.net (CloudFront)
server: Kestrel
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
cache-control: no-store,no-cache
x-amz-cf-id: AUfisyEQJymu_hs-T78styKn27INFKPSRSiQ3D8e95vbfE1bMrY9gg==
x-xss-protection: 1; mode=block

GET
H2 200 uc.js Show response
consent.cookiebot.com/ 109 KB
34 KB 256ms
70ms Script
application/javascript 2a02:26f0:3500:18::1724:a29d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/uc.js?cbid=c534c4ce-d56b-4ccf-b945-5466ff1c5451&implementation=gtm&consentmode-dataredaction=dynamic
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PFKBMFW
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:18::1724:a29d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 341f707ebe00267db1fd017fe3c780ce991dc4b271e94e2bcd1b0988eb1db06a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
date: Tue, 12 Mar 2024 16:35:42 GMT
content-encoding: gzip
last-modified: Mon, 11 Mar 2024 10:50:26 GMT
etag: "92efefeca173da1:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=572
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 34338
expires: Tue, 12 Mar 2024 16:45:14 GMT

POST
H2 200 landing
pagead2.googlesyndication.com/pagead/ 42 B
455 B 258ms
74ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=13p3p3p2p5&rnd=1283304197.1710261343&url=https%3A%2F%2Frefundmore.com%2F&dma_cps=-&dma=1&npa=1&gtm=45He4360n81PFKBMFWv830896570za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PFKBMFW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Mar 2024 16:35:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 chat.bundle.js Show response
chat-assets.frontapp.com/v1/ 22 KB
6 KB 225ms
42ms Script
application/javascript 13.224.189.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat-assets.frontapp.com/v1/chat.bundle.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PFKBMFW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-76.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fd26dee085a98b7483761bd641615782558bb20ddeaab90d34fe587626d60259

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: IgE1zw14csOmOL33DWS4dMofge8M8AJG
content-encoding: gzip
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
date: Tue, 12 Mar 2024 16:35:17 GMT
x-amz-cf-pop: FRA2-C1
age: 25
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 08 Mar 2024 22:06:16 GMT
server: AmazonS3
etag: W/"d0e9929c7be3c72d422603d1fa9c4fef"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600, must-revalidate
x-amz-cf-id: -bia_U0p94Spdh2fkZhW8Wpdg9-Q-cW18m5MbcLLr1jpCuXtYMdaqA==
expires: Fri, 08 Mar 2024 22:16:15 GMT

POST
H3 200 863532e8ae994da4 Show response
refundmore.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame ABEB 0
599 B 67ms
65ms XHR
text/plain 2606:4700:20::ac43:4664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refundmore.com/cdn-cgi/challenge-platform/h/g/jsd/r/863532e8ae994da4
Requested by: Host: refundmore.com
URL: https://refundmore.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4664 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 12 Mar 2024 16:35:42 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q6oL3gV8Z9WIgmVWQF5nKpijm%2FZqHxo%2B%2BLN1D8Yix9WbM6Xsxo9tZMgcayAUi%2BEe%2FJUhd1z6QQ03x1TB7LyYcxm4J8dWDEGMm%2BubmsR9qqV6QmPXr3HQBF8fJKhot0VRG9BOh29l3K7ojXzg"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 863532f0e84cbbb6-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 en Show response
ipa.elev.io/api/settings/5e3165d9250b1/ 825 B
594 B 422ms
168ms XHR
application/json 34.237.252.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ipa.elev.io/api/settings/5e3165d9250b1/en?is_init_load=true&loggedin_only=false&first_name=null&last_name=null&registered_at=null&previewMode=false&url=https%3A%2F%2Frefundmore.com%2F%3F%2Fmonetiseaffid%3D6292%26monetiseclickid%3D315219633%26utm_source%3Dmonetise%26utm_medium%3Daffiliate
Requested by: Host: cdn.elev.io
URL: https://cdn.elev.io/sdk/main/v4/1709255421785/elevio-main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.252.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-252-135.compute-1.amazonaws.com
Software: /
Resource Hash: 50eb857c6494fde8583208e97ccab312aba0a235b6cc7533bd6de559dc174667

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 12 Mar 2024 16:35:43 GMT
content-encoding: gzip
content-type: application/json

GET
H3 200 user_male_01.jpeg
refundmore.com/cabin-build/images/cabin/trustpilot/users/ 2 KB
3 KB 55ms
55ms Image
image/jpeg 2606:4700:20::ac43:4664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refundmore.com/cabin-build/images/cabin/trustpilot/users/user_male_01.jpeg

Requested by

Host: refundmore.com
URL: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ad0b7cf4c1f89a1e338c2f2bd23d0fcd376262238058be19a58f096ef27fd85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:35:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4636
cf-polished: origSize=2301
alt-svc: h3=":443"; ma=86400
content-length: 2265
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Wed, 16 Feb 2022 10:05:25 GMT
server: cloudflare
etag: "620ccc65-8fd"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TXnglSI%2FuXr6ddqmAK0dlCtpiVQgxoHDqgi2s0TT%2BIfFC0o8XX7EIcZjEe7i1Hro2R3u%2FwuJTFGStQ%2BiWZ7McLSDBSiXVfTtSmreLnOmkMwyLfwiXN8t8meBmEV6Z17xNB3AwAiYqz9q8lIe"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 863532f1b9acbbb6-FRA

GET
H3 200 user_female_01.jpeg
refundmore.com/cabin-build/images/cabin/trustpilot/users/ 3 KB
3 KB 66ms
66ms Image
image/jpeg 2606:4700:20::ac43:4664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refundmore.com/cabin-build/images/cabin/trustpilot/users/user_female_01.jpeg

Requested by

Host: refundmore.com
URL: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e62ef35c324801d6af7f53aa51b4690100c42212a99c66740377e3975f32e582

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:35:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5168
cf-polished: origSize=2609
alt-svc: h3=":443"; ma=86400
content-length: 2575
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Wed, 16 Feb 2022 10:05:25 GMT
server: cloudflare
etag: "620ccc65-a31"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3E6y7jvtE8b%2F5rXH2Vtl0c6TX%2B94Mz1gIbQfbBXq2MdOSG%2FKc7zhRP5giJymNb%2FzRtlIfvNc5ATlE0DYWrXL%2BQbjVe3a5o5jcgp%2B8XbV%2FN3KpWmLc0nFZHZrr8BrcO%2FMAyke7UkGoTAHYwRi"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 863532f1b9afbbb6-FRA

GET
H2 200 app.bundle.js Show response
chat-assets.frontapp.com/v1/ Frame A1A4 2 MB
441 KB 47ms
47ms Script
application/javascript 13.224.189.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat-assets.frontapp.com/v1/app.bundle.js?v=7a4e2471
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-76.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0ddc4b768d56e3d86c874a6881b6eba4175979452c48d2303e61efd5fffc721b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: 1ElX0lRhkjGS7Nmaj6qpw3MmJxzWny4s
content-encoding: gzip
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
date: Tue, 12 Mar 2024 16:33:52 GMT
x-amz-cf-pop: FRA2-C1
age: 112
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 08 Mar 2024 22:06:16 GMT
server: AmazonS3
etag: W/"ae710b8521c8506c6440bb6edcd81d49"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600, must-revalidate
x-amz-cf-id: QrtZ3rNwliOvARLak03dGa_qeCaXdMM9BBMM3xrb3J-gXmo1ARzbHg==
expires: Fri, 08 Mar 2024 22:16:15 GMT

GET
H2 200 bc-v4.min.html Show response
consentcdn.cookiebot.com/sdk/ Frame 025B 627 B
812 B 139ms
52ms Document
text/html 2a02:26f0:3500:887::f09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=c534c4ce-d56b-4ccf-b945-5466ff1c5451&implementation=gtm&consentmode-dataredaction=dynamic
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:887::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104

Request headers

Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=29852610
content-encoding: gzip
content-length: 392
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 12 Mar 2024 16:35:43 GMT
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires: Fri, 21 Feb 2025 04:59:13 GMT
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
server-timing: cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1710261343143_388276618_384995008_24_1056_38_40_255";dur=1
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,1

GET
H2 200 cc.js Show response
consent.cookiebot.com/c534c4ce-d56b-4ccf-b945-5466ff1c5451/ 314 KB
83 KB 97ms
97ms Script
application/x-javascript 2a02:26f0:3500:18::1724:a29d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/c534c4ce-d56b-4ccf-b945-5466ff1c5451/cc.js?renew=false&referer=refundmore.com&dnt=false&init=false
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=c534c4ce-d56b-4ccf-b945-5466ff1c5451&implementation=gtm&consentmode-dataredaction=dynamic
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:18::1724:a29d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 7397f625a25525415b4e3fc6933fce77a839da72d4dc6e09c12cabc9a51154ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:35:43 GMT
content-encoding: gzip
last-modified: Tue, 12 Mar 2024 16:35:43 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: private, max-age=1200
cross-origin-resource-policy: cross-origin
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef

GET
BLOB 200
OK 1117102a-5c4d-4c44-8613-7bba1987ca3c
https://refundmore.com/ Frame A1A4 3 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://refundmore.com/1117102a-5c4d-4c44-8613-7bba1987ca3c
Requested by: Host: chat-assets.frontapp.com
URL: https://chat-assets.frontapp.com/v1/app.bundle.js?v=7a4e2471
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37f83b983863dd72fc81ce98255cba071ab12ae4dc355a6a5d5662c125384ad3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Length: 3145
Content-Type: text/css

GET
BLOB 200
OK 3f11ba4d-849b-4de8-bda0-1dde7b3b2603
https://refundmore.com/ Frame A1A4 4 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://refundmore.com/3f11ba4d-849b-4de8-bda0-1dde7b3b2603
Requested by: Host: chat-assets.frontapp.com
URL: https://chat-assets.frontapp.com/v1/app.bundle.js?v=7a4e2471
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b2a49bd0c93eeac458235794de63456e34277be0ef4031d41548b314d1955b9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Length: 4549
Content-Type: text/css

GET
BLOB 200
OK 58f13ddd-0804-4a26-8271-abb774a2b130
https://refundmore.com/ Frame A1A4 1 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://refundmore.com/58f13ddd-0804-4a26-8271-abb774a2b130
Requested by: Host: chat-assets.frontapp.com
URL: https://chat-assets.frontapp.com/v1/app.bundle.js?v=7a4e2471
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8bfb026a7a7c9cf979cabdb085523f1f2153a99e73fb2a6f3b18fef75f4600d8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Length: 1532
Content-Type: text/css

GET
BLOB 200
OK aab79f60-7ebb-4d45-977e-c5f73f0632c5
https://refundmore.com/ Frame A1A4 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://refundmore.com/aab79f60-7ebb-4d45-977e-c5f73f0632c5
Requested by: Host: chat-assets.frontapp.com
URL: https://chat-assets.frontapp.com/v1/app.bundle.js?v=7a4e2471
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f884686cafdc210e3d382c564d5bb59ad61e0fb4d8ad024214b54b14883da0c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Length: 5076
Content-Type: text/css

GET
BLOB 200
OK 293ff365-a953-4d9b-a903-83adeb2d4db1
https://refundmore.com/ Frame A1A4 1 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://refundmore.com/293ff365-a953-4d9b-a903-83adeb2d4db1
Requested by: Host: chat-assets.frontapp.com
URL: https://chat-assets.frontapp.com/v1/app.bundle.js?v=7a4e2471
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b897f6ef22ef63f63049b72a3c719fc463a9b5adda133a97b70acc6853333dfe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Length: 1226
Content-Type: text/css

GET
BLOB 200
OK d8223495-c76a-4a41-af2b-795e260f4ec3
https://refundmore.com/ Frame A1A4 3 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://refundmore.com/d8223495-c76a-4a41-af2b-795e260f4ec3
Requested by: Host: chat-assets.frontapp.com
URL: https://chat-assets.frontapp.com/v1/app.bundle.js?v=7a4e2471
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7489f7ba4e6b9b7132955bb54b4602acd4a39fa3319be4e79066516674e27b9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Length: 3214
Content-Type: text/css

GET
BLOB 200
OK 6326c016-4d2b-4c1d-8675-b25fba63e641
https://refundmore.com/ Frame A1A4 493 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://refundmore.com/6326c016-4d2b-4c1d-8675-b25fba63e641
Requested by: Host: chat-assets.frontapp.com
URL: https://chat-assets.frontapp.com/v1/app.bundle.js?v=7a4e2471
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b3cca2d4f39a2ddde72f0cf7bae89e81b4818f6754f6fea3108e363e340779a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Length: 493
Content-Type: text/css

GET
BLOB 200
OK 33179b9e-675c-4740-adb4-ce26ee78e9e1
https://refundmore.com/ Frame A1A4 9 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://refundmore.com/33179b9e-675c-4740-adb4-ce26ee78e9e1
Requested by: Host: chat-assets.frontapp.com
URL: https://chat-assets.frontapp.com/v1/app.bundle.js?v=7a4e2471
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 082103be4c9f971a8d1e7223dffe7fec0b976ecaa6b764ad35022a148ac647f6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Length: 9082
Content-Type: text/css

GET
BLOB 200
OK 878789d6-865f-4ee5-86a6-091b287001b6
https://refundmore.com/ Frame A1A4 959 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://refundmore.com/878789d6-865f-4ee5-86a6-091b287001b6
Requested by: Host: chat-assets.frontapp.com
URL: https://chat-assets.frontapp.com/v1/app.bundle.js?v=7a4e2471
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a32c93e44737e37b55b93d20c50e2468a72f934fc178d044233bde2f06f5dae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Length: 959
Content-Type: text/css

GET
BLOB 200
OK 65701eff-3dfd-4666-833f-5fe84dafd07f
https://refundmore.com/ Frame A1A4 2 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://refundmore.com/65701eff-3dfd-4666-833f-5fe84dafd07f
Requested by: Host: chat-assets.frontapp.com
URL: https://chat-assets.frontapp.com/v1/app.bundle.js?v=7a4e2471
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3a1068239daa46f1fe7ddfa5a33b6477f97e2eebf9b41822fb525b19c46785b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Length: 1900
Content-Type: text/css

GET
BLOB 200
OK 965a17ef-a81d-405e-aed8-1116e5509a9c
https://refundmore.com/ Frame A1A4 8 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://refundmore.com/965a17ef-a81d-405e-aed8-1116e5509a9c
Requested by: Host: chat-assets.frontapp.com
URL: https://chat-assets.frontapp.com/v1/app.bundle.js?v=7a4e2471
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ed75f81a94d08a8ff80e2e3476401d276decd6121655914c52cf7885b837e11

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Length: 8280
Content-Type: text/css

GET
BLOB 200
OK 58486e91-f3bb-4b53-84f1-bb7fab876ace
https://refundmore.com/ Frame A1A4 10 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://refundmore.com/58486e91-f3bb-4b53-84f1-bb7fab876ace
Requested by: Host: chat-assets.frontapp.com
URL: https://chat-assets.frontapp.com/v1/app.bundle.js?v=7a4e2471
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f1a6d5c93b195ed74cfe2b638e13ac87565aa82c3230f08f5e3b15ac00de402e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Length: 9853
Content-Type: text/css

GET
BLOB 200
OK c85d5b33-3810-486c-bdf1-cf313be8ddd8
https://refundmore.com/ Frame A1A4 2 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://refundmore.com/c85d5b33-3810-486c-bdf1-cf313be8ddd8
Requested by: Host: chat-assets.frontapp.com
URL: https://chat-assets.frontapp.com/v1/app.bundle.js?v=7a4e2471
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4cf6b04974ed002c647304beef8d2bd237ba99b0d0a8b632b13775c3cfac444

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Length: 2016
Content-Type: text/css

GET
BLOB 200
OK 0971f5cc-4410-4390-ae72-d0fcd10cd7f9
https://refundmore.com/ Frame A1A4 2 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://refundmore.com/0971f5cc-4410-4390-ae72-d0fcd10cd7f9
Requested by: Host: chat-assets.frontapp.com
URL: https://chat-assets.frontapp.com/v1/app.bundle.js?v=7a4e2471
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d58b89ca78d47332fc0b84d56724675feac38e7c77dea132a0a1d8cb2ae355c1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Length: 2073
Content-Type: text/css

GET
BLOB 200
OK 5fa7a9ee-5ef8-466b-bbe9-64680b711eb8
https://refundmore.com/ Frame A1A4 470 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://refundmore.com/5fa7a9ee-5ef8-466b-bbe9-64680b711eb8
Requested by: Host: chat-assets.frontapp.com
URL: https://chat-assets.frontapp.com/v1/app.bundle.js?v=7a4e2471
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f384d2580eeb0a327291f41a8aacdb0db11fe7efbf1b8a7821aa65683f649856

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Length: 470
Content-Type: text/css

GET
BLOB 200
OK 543843b1-205f-4615-a01d-612ba991fad7
https://refundmore.com/ Frame A1A4 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://refundmore.com/543843b1-205f-4615-a01d-612ba991fad7
Requested by: Host: chat-assets.frontapp.com
URL: https://chat-assets.frontapp.com/v1/app.bundle.js?v=7a4e2471
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: acb5bb17dbece2dd5369e26b5f957f161b6d81cadde9ff6dad47671c869a4907

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Length: 4710
Content-Type: text/css

GET
H2 200 elevio-noto-sans-400.woff
cdn.elev.io/sdk/fonts/ 14 KB
14 KB 125ms
47ms Font
application/font-woff 18.66.112.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.elev.io/sdk/fonts/elevio-noto-sans-400.woff
Requested by: Host: refundmore.com
URL: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-79.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0ec90d231372019fbb27c844ccefdc46a6837f62906fd4c9adefab05fa10c963

Request headers

Referer: https://refundmore.com/
Origin: https://refundmore.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: null
date: Tue, 12 Mar 2024 08:10:37 GMT
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
age: 30307
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 13976
last-modified: Tue, 07 Jul 2020 06:02:44 GMT
server: AmazonS3
etag: "66388ef84ff4c5d874ed3875ea4c110b"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, PUT
content-type: application/font-woff
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: g5stOI6NKq2jWVpji6IQNgwIWtKKYLO2vrA80rHmTymMPx3MOpQz_A==

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 269ms
182ms Preflight 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://refundmore.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 12 Mar 2024 16:35:43 GMT
via: 1.1 google

POST
H2 202 / Show response
sessions.bugsnag.com/ Frame A1A4 21 B
131 B 185ms
185ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: chat-assets.frontapp.com
URL: https://chat-assets.frontapp.com/v1/app.bundle.js?v=7a4e2471
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
Bugsnag-Sent-At: 2024-03-12T16:35:43.491Z
accept-language: de-DE,de;q=0.9
Bugsnag-Api-Key: 09cd7060698418978d6775e5822061af
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 12 Mar 2024 16:35:43 GMT
via: 1.1 google
bugsnag-session-uuid: 44e2b019-66aa-4374-b62f-52f9df880803
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
content-type: application/json

GET
H2 200 settings Show response
chat.frontapp.com/f18f196603e58c2c7cf84f128037bb63/ Frame A1A4 1 KB
1 KB 745ms
653ms XHR
application/json 13.224.189.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.frontapp.com/f18f196603e58c2c7cf84f128037bb63/settings?v=1710261343504
Requested by: Host: chat-assets.frontapp.com
URL: https://chat-assets.frontapp.com/v1/app.bundle.js?v=7a4e2471
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-111.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fdd7aeb983f4d1373bb177b8e4af903a26f121b0d23a252d750cfb98d9a9952b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: 7Rlp8gI5IhCuNAMekcg_HgLXmilJTqSg
content-encoding: gzip
via: 1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
date: Tue, 12 Mar 2024 16:35:45 GMT
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
last-modified: Tue, 13 Feb 2024 11:17:51 GMT
server: AmazonS3
etag: W/"6948ad47b0ca0dd67249639326095330"
access-control-max-age: 60
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: no-cache
vary: Accept-Encoding,Origin
x-amz-cf-id: 1KaQf0sRHR2WKuzMn3KwK_-rKNv6N54OlLg5OcUL8n4YrQzhMB5Kvw==

GET
DATA 200
OK truncated
/ 921 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15c001519dc1296f39660e3857f63ee90b0196835ec033c7026435de0cb752ce

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 293 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8181a739bd0ed0fd64624c4aa15b7847bc9d4fd0660bff56c8c9192c4ef75979

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 1.gif
imgsct.cookiebot.com/ 35 B
473 B 45ms
45ms Image
image/gif 2a02:26f0:3500:887::f09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgsct.cookiebot.com/1.gif?dgi=c534c4ce-d56b-4ccf-b945-5466ff1c5451
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:887::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:35:43 GMT
x-guploader-uploadid: ABPtcPoKwWAUXQ2EBw_abAf8V9GQFOWH8iiaAAQ_jY_wAsV0kk0VbLOm9z2xSpAlAeAe0GN6qRI
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 35
last-modified: Mon, 23 Oct 2023 11:39:32 GMT
server: UploadServer
etag: "c2196de8ba412c60c22ab491af7b1409"
x-goog-generation: 1698061172769999
x-goog-hash: crc32c=rX4K2g==, md5=whlt6LpBLGDCKrSRr3sUCQ==
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public,max-age=1800
x-goog-stored-content-length: 35
accept-ranges: bytes
content-type: image/gif

POST
H3 204 rum Show response
refundmore.com/cdn-cgi/ 0
140 B 47ms
45ms XHR
text/plain 2606:4700:20::ac43:4664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://refundmore.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
content-type: application/json

Response headers

date: Tue, 12 Mar 2024 16:35:43 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://refundmore.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 863532f59edcbbb6-FRA

OPTIONS
H2 204 initialize
eu-west-1-chat-server.frontapp.com/ Frame 0
0 175ms
55ms Preflight 52.213.156.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-west-1-chat-server.frontapp.com/initialize
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.156.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-156-14.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://refundmore.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Tue, 12 Mar 2024 16:35:44 GMT
vary: Access-Control-Request-Headers

POST
H2 200 initialize Show response
eu-west-1-chat-server.frontapp.com/ Frame A1A4 938 B
1 KB 739ms
739ms XHR
application/json 52.213.156.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-west-1-chat-server.frontapp.com/initialize
Requested by: Host: chat-assets.frontapp.com
URL: https://chat-assets.frontapp.com/v1/app.bundle.js?v=7a4e2471
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.156.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-156-14.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: f50a82c1023e9755fa5049008536c2f63a19feffb0cad5c0acd11eaa41bdb100

Request headers

Accept: application/json, text/plain, */*
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 12 Mar 2024 16:35:45 GMT
etag: W/"3aa-559miGtFQrOllfQkXExS/c3MVaw"
content-length: 938
content-type: application/json; charset=utf-8

OPTIONS
H2 200 events
events.elev.io/v1/ Frame 0
0 402ms
313ms Preflight
application/json 18.244.18.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.elev.io/v1/events
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-51.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://refundmore.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,x-elevio-debug-temp
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
content-type: application/json
date: Tue, 12 Mar 2024 16:35:44 GMT
via: 1.1 29ed57baf1bb91e71e6ca8861a9fe040.cloudfront.net (CloudFront)
x-amz-apigw-id: UhmfLE6IoAMEH0A=
x-amz-cf-id: _1z6uLDwM1MIYOwW6y1slW9CPB-T6xEeSU9MLu27CzHcnCmaOUa5yw==
x-amz-cf-pop: FRA56-P11
x-amzn-requestid: 8879d9d6-554b-4a53-817e-210de2d22bef
x-cache: Miss from cloudfront

POST
H2 200 events Show response
events.elev.io/v1/ 13 B
605 B 455ms
454ms XHR
application/json 18.244.18.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.elev.io/v1/events
Requested by: Host: cdn.elev.io
URL: https://cdn.elev.io/sdk/main/v4/1709255421785/elevio-main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-51.fra56.r.cloudfront.net
Software: /
Resource Hash: f40a853e58a18759e1f7321d266d63494e320e9651af27d9373ec16380e414b6

Request headers

Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 12 Mar 2024 16:35:45 GMT
via: 1.1 29ed57baf1bb91e71e6ca8861a9fe040.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
x-amzn-requestid: 94b793dd-f0e5-46d3-94a8-ebd2964427b4
x-amzn-trace-id: Root=1-65f08461-708aae0631b4fc4d47fd7ce7;Parent=6a2184e256aafccb;Sampled=0;lineage=ba02c674:0
access-control-max-age: 86400
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
access-control-allow-credentials: true
x-amz-apigw-id: UhmfOGlaIAMEFgQ=
content-length: 13
x-amz-cf-id: exYv1rZtducW9q7sjV9vu-px5kiNEWFJAvHrcFSZCmbUG87NGpju6w==
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

OPTIONS
H2 204 c7fc213dbeb074aa28f9e0876be3c56defd5a198f085d86538a2bf5fd61e01a7
eu-west-1-chat-server.frontapp.com/billing_settings/ Frame 0
0 54ms
54ms Preflight 52.213.156.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-west-1-chat-server.frontapp.com/billing_settings/c7fc213dbeb074aa28f9e0876be3c56defd5a198f085d86538a2bf5fd61e01a7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.156.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-156-14.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://refundmore.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers: authorization
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Tue, 12 Mar 2024 16:35:45 GMT
vary: Access-Control-Request-Headers

OPTIONS
H2 204 flags
eu-west-1-chat-server.frontapp.com/ Frame 0
0 55ms
54ms Preflight 52.213.156.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-west-1-chat-server.frontapp.com/flags
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.156.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-156-14.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://refundmore.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers: authorization
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Tue, 12 Mar 2024 16:35:45 GMT
vary: Access-Control-Request-Headers

OPTIONS
H2 204 685ee761-6ef0-44bd-b0ee-4a1dc5fb6ff4
eu-west-1-chat-server.frontapp.com/conversations/ Frame 0
0 55ms
55ms Preflight 52.213.156.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-west-1-chat-server.frontapp.com/conversations/685ee761-6ef0-44bd-b0ee-4a1dc5fb6ff4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.156.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-156-14.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://refundmore.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers: authorization
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Tue, 12 Mar 2024 16:35:45 GMT
vary: Access-Control-Request-Headers

GET
H2 200 c7fc213dbeb074aa28f9e0876be3c56defd5a198f085d86538a2bf5fd61e01a7 Show response
eu-west-1-chat-server.frontapp.com/billing_settings/ Frame A1A4 154 B
292 B 74ms
74ms XHR
application/json 52.213.156.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-west-1-chat-server.frontapp.com/billing_settings/c7fc213dbeb074aa28f9e0876be3c56defd5a198f085d86538a2bf5fd61e01a7
Requested by: Host: chat-assets.frontapp.com
URL: https://chat-assets.frontapp.com/v1/app.bundle.js?v=7a4e2471
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.156.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-156-14.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a9152dbeb523d09b45482709f7455e22876ff87f4c849e3d90f7f078cc485b29

Request headers

Accept: application/json, text/plain, */*
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImN0eSI6ImxheWVyLWVpdDt2PTEiLCJraWQiOiJjNGNmODc2MC00OGVjLTExZTgtYTU0OS05MzI2MDAwMDAwZTQifQ.eyJ1c2VyX2lkIjoiZTFmNTJlZDAtYjlhZC00YTFjLWE1Y2EtZWY1YzM3MzNhYjZhIiwidXNlcl9pZF92MyI6ImUxZjUyZWQwLWI5YWQtNGExYy1hNWNhLWVmNWMzNzMzYWI2YSIsInZlcmlmaWVkIjpmYWxzZSwiY2hhdF9pZCI6ImM3ZmMyMTNkYmViMDc0YWEyOGY5ZTA4NzZiZTNjNTZkZWZkNWExOThmMDg1ZDg2NTM4YTJiZjVmZDYxZTAxYTciLCJjb21wYW55X2lkIjo1NzU0MDU4LCJpYXQiOjE3MTAyNjEzNDUsImV4cCI6MTcxMDI2NDk0NSwiaXNzIjoiYzdmYzIxM2RiZWIwNzRhYTI4ZjllMDg3NmJlM2M1NmRlZmQ1YTE5OGYwODVkODY1MzhhMmJmNWZkNjFlMDFhNyJ9.dAPzzfBhx_Ach0pLsIBePdVN6aWqyuVmtXJhiqL6x1g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 12 Mar 2024 16:35:45 GMT
etag: W/"9a-99Wp81DFqReeM0HTq93MZgwp78A"
content-length: 154
content-type: application/json; charset=utf-8

GET
H2 200 flags Show response
eu-west-1-chat-server.frontapp.com/ Frame A1A4 68 B
207 B 60ms
60ms XHR
application/json 52.213.156.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-west-1-chat-server.frontapp.com/flags
Requested by: Host: chat-assets.frontapp.com
URL: https://chat-assets.frontapp.com/v1/app.bundle.js?v=7a4e2471
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.156.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-156-14.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2dadd25cfda53f64f397c978cf99f84dec5cf2be5c00a30a10c2ff55e38bea6f

Request headers

Accept: application/json, text/plain, */*
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImN0eSI6ImxheWVyLWVpdDt2PTEiLCJraWQiOiJjNGNmODc2MC00OGVjLTExZTgtYTU0OS05MzI2MDAwMDAwZTQifQ.eyJ1c2VyX2lkIjoiZTFmNTJlZDAtYjlhZC00YTFjLWE1Y2EtZWY1YzM3MzNhYjZhIiwidXNlcl9pZF92MyI6ImUxZjUyZWQwLWI5YWQtNGExYy1hNWNhLWVmNWMzNzMzYWI2YSIsInZlcmlmaWVkIjpmYWxzZSwiY2hhdF9pZCI6ImM3ZmMyMTNkYmViMDc0YWEyOGY5ZTA4NzZiZTNjNTZkZWZkNWExOThmMDg1ZDg2NTM4YTJiZjVmZDYxZTAxYTciLCJjb21wYW55X2lkIjo1NzU0MDU4LCJpYXQiOjE3MTAyNjEzNDUsImV4cCI6MTcxMDI2NDk0NSwiaXNzIjoiYzdmYzIxM2RiZWIwNzRhYTI4ZjllMDg3NmJlM2M1NmRlZmQ1YTE5OGYwODVkODY1MzhhMmJmNWZkNjFlMDFhNyJ9.dAPzzfBhx_Ach0pLsIBePdVN6aWqyuVmtXJhiqL6x1g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 12 Mar 2024 16:35:45 GMT
etag: W/"44-+SCCl4HO4FdTkcsDYNIOZ4v74/k"
content-length: 68
content-type: application/json; charset=utf-8

GET
H2 200 685ee761-6ef0-44bd-b0ee-4a1dc5fb6ff4 Show response
eu-west-1-chat-server.frontapp.com/conversations/ Frame A1A4 30 B
167 B 194ms
194ms XHR
application/json 52.213.156.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-west-1-chat-server.frontapp.com/conversations/685ee761-6ef0-44bd-b0ee-4a1dc5fb6ff4
Requested by: Host: chat-assets.frontapp.com
URL: https://chat-assets.frontapp.com/v1/app.bundle.js?v=7a4e2471
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.156.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-156-14.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: b096d59524e25d94481e4d35b52d85324f3f892ddbc1197c298d3bed48960d01

Request headers

Accept: application/json, text/plain, */*
Referer: https://refundmore.com/?/monetiseaffid=6292&monetiseclickid=315219633&utm_source=monetise&utm_medium=affiliate
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImN0eSI6ImxheWVyLWVpdDt2PTEiLCJraWQiOiJjNGNmODc2MC00OGVjLTExZTgtYTU0OS05MzI2MDAwMDAwZTQifQ.eyJ1c2VyX2lkIjoiZTFmNTJlZDAtYjlhZC00YTFjLWE1Y2EtZWY1YzM3MzNhYjZhIiwidXNlcl9pZF92MyI6ImUxZjUyZWQwLWI5YWQtNGExYy1hNWNhLWVmNWMzNzMzYWI2YSIsInZlcmlmaWVkIjpmYWxzZSwiY2hhdF9pZCI6ImM3ZmMyMTNkYmViMDc0YWEyOGY5ZTA4NzZiZTNjNTZkZWZkNWExOThmMDg1ZDg2NTM4YTJiZjVmZDYxZTAxYTciLCJjb21wYW55X2lkIjo1NzU0MDU4LCJpYXQiOjE3MTAyNjEzNDUsImV4cCI6MTcxMDI2NDk0NSwiaXNzIjoiYzdmYzIxM2RiZWIwNzRhYTI4ZjllMDg3NmJlM2M1NmRlZmQ1YTE5OGYwODVkODY1MzhhMmJmNWZkNjFlMDFhNyJ9.dAPzzfBhx_Ach0pLsIBePdVN6aWqyuVmtXJhiqL6x1g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 12 Mar 2024 16:35:45 GMT
etag: W/"1e-ac80YNKhH3xf0SUTRqY1jLywa48"
content-length: 30
content-type: application/json; charset=utf-8

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
rightchoicefundsmail.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 855c0a224f0ea3294dcc6ac55508c2ac
rightchoicefundsmail.com/	1970-01-20 20:30:45	Name: ezconvert Value: Mzc5MTg3NDMsMjM1NzUyNCw2NDc0NSxhMWY5NzE2Zg%3D%3D
.monetisetrk.co.uk/	1969-12-31 23:59:59	Name: sid Value: 4uY/Oo/XhYbJoYwuD45XUVMM2n60V0FFEJry7SLTYGmILXfnsZSMcg==
.monetisetrk.co.uk/	1970-01-21 04:40:21	Name: trk Value: c66EeIIh0Uf/hYha++wpzlMM2n60V0FFEJry7SLTYGmILXfnsZSMcg==
.monetisetrk.co.uk/	1970-01-20 19:47:33	Name: c7935 Value: 4uY/Oo/XhYaG0M/QJQDMEsd4rSdHc3/bpsJccP9gBf5KEjLC1qZmzA==
refundmore.com/	1970-01-20 19:04:28	Name: XSRF-TOKEN Value: eyJpdiI6IlRiK2hKVTNMQ3JhWEM3UGlxc1I1S0E9PSIsInZhbHVlIjoiVFlQQ1FIT3pidE1ZeUY2Myt3bDZkMkd1YnZ3dXlJNXgvQWk1RnZybldqOWZWbnlVdURONWJVSXFBcHo5Q3MrSUVNN3lRblFKYzFBV3BmOFNMWm5ieXF4MW94Tjh1VzEwUFhTeU5ybzRjRWphTnhDdEV3U0lZa0ZIdVB3eThiVFQiLCJtYWMiOiJmYTM0MjkzZGMxMGMxNzliMzQ0YmEyNWNlN2ZmYzU5M2Y2ODI0MGNjMTVmYWE1M2M3YTcxMzQwYzYyZmZlNWQ2IiwidGFnIjoiIn0%3D
refundmore.com/	1970-01-20 19:04:28	Name: refundmore_session Value: eyJpdiI6Inp6V05obklKWUxMY3FHRkRSK2x4Q1E9PSIsInZhbHVlIjoic2JmQkRUTjhDT0N1MzhETmRhRTRFaXB2N3o2Ri9lcmpnbzBWNm9mTXBDZmR4MnFabnZwSDlZZnFacFdoNDBJRzh0UUkySnI1VWJYb3VKZWNtbmM0VUJIN1BSNXBTWnBKczh1YjlyNmp6UlVrUDJWR1hhUkxnUytHMmFwMDJQeVciLCJtYWMiOiIxY2VjNDNlMWE5ZDVlMmI4NWQ0NGRmMzZkNzE2ZDk2ZmMwNjc1OWEyMDczMTU5ZWQ5NTFkNGU5NjFmMTI2YWM3IiwidGFnIjoiIn0%3D
.refundmore.com/	1970-01-21 03:49:57	Name: cf_clearance Value: l_s_bfsUYBgrU2FR5YE7mDG5LiQG0ceUpglzCBf6ZCk-1710261342-1.0.1.1-c515aWWbO1VkjOitmfNKGdrsgXBPqqW3RG0m1.dUzqvLZxzQKMuAn.n5o0O9GXy4MYzlxzTeJnsYmJkQ4H_Mww
refundmore.com/	1970-01-20 19:14:26	Name: fcaid Value: c7fc213dbeb074aa28f9e0876be3c56defd5a198f085d86538a2bf5fd61e01a7
refundmore.com/	1970-01-20 19:14:26	Name: frontChatChannelToken Value: TgYyfoDYCUVsSqDziHRcxwKfVW1JNB1fPnhsxP-q_0E5yMXZ9f6VoSmjm6tde9uAEVmDfotqSYmMocpl-JFrd4ykK64
refundmore.com/	1970-01-20 19:14:26	Name: fcuid Value: e1f52ed0-b9ad-4a1c-a5ca-ef5c3733ab6a
refundmore.com/	1970-01-20 19:14:26	Name: fccid Value: 685ee761-6ef0-44bd-b0ee-4a1dc5fb6ff4
refundmore.com/	1970-01-20 19:04:22	Name: _dd_s Value: logs=1&id=02b6bdde-dced-4650-9b67-04e3be810cfd&created=1710261343494&expire=1710262243495

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'vibrate'.
network	error	URL: https://refundmore.com/cabin-build/images/cabin/trustpilot/users/ Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	sameorigin SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.elev.io
cdn.usefathom.com
cdnjs.cloudflare.com
chat-assets.frontapp.com
chat.frontapp.com
consent.cookiebot.com
consentcdn.cookiebot.com
eu-west-1-chat-server.frontapp.com
events.elev.io
fonts.googleapis.com
fonts.gstatic.com
img.youtube.com
imgsct.cookiebot.com
ipa.elev.io
monetisetrk.co.uk
monetisetrk5.co.uk
pagead2.googlesyndication.com
refundmore.com
rightchoicefundsmail.com
sessions.bugsnag.com
static.cloudflareinsights.com
widget.trustpilot.com
www.googletagmanager.com
13.224.189.111
13.224.189.76
18.244.18.51
18.66.112.79
216.189.19.66
2400:52e0:1e00::1081:1
2600:1901:0:7a0b::
2606:4700:20::ac43:4664
2606:4700::6810:4f49
2606:4700::6811:180e
2a00:1450:4001:802::200a
2a00:1450:4001:806::2003
2a00:1450:4001:80e::2008
2a00:1450:4001:830::2002
2a00:1450:4001:831::200e
2a02:26f0:3500:18::1724:a29d
2a02:26f0:3500:887::f09
34.237.252.135
52.213.156.14
52.214.92.19
52.222.236.71
52.51.176.35
02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9
057bb1905a283c2d6f0a097301ee734776f51ddcf903bffe422cbdbc02d98c23
082103be4c9f971a8d1e7223dffe7fec0b976ecaa6b764ad35022a148ac647f6
0ad0b7cf4c1f89a1e338c2f2bd23d0fcd376262238058be19a58f096ef27fd85
0b1bd7987dd6cddac0f63c0cbd0cb2fa4a43c1f14e56908517fffb8fe7686762
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0d0b9c6a4e12ea204fbc097f33bb003debd35614e7da13ba3a39d9dd43df71a4
0ddc4b768d56e3d86c874a6881b6eba4175979452c48d2303e61efd5fffc721b
0ec90d231372019fbb27c844ccefdc46a6837f62906fd4c9adefab05fa10c963
0ed75f81a94d08a8ff80e2e3476401d276decd6121655914c52cf7885b837e11
135b5aa61cb03b5ef29cf35a9979448d5298e5485240b330a082df37a9a51145
15c001519dc1296f39660e3857f63ee90b0196835ec033c7026435de0cb752ce
1869be115473225ef710734996c866b92e078ad4f720378b8bc98f9a31bfbc05
192200684e5fefa431cc2256e24dd195fb231b961554eaaee1900acec95e3101
19ddbd3f35a8f49ec6c6b5074c782c5b9324b8fda7859ee5f632d10e95c02e81
1af26ab113273befa62cff2eef45f0cba9e0abf8d57db93dfc42ba10ce24c046
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
288fdc34d64e603e5cfa99584775d91061e0bc2f5b9c6e61331b2977a78832af
2d02d165cb720aec2fde78a93113a459729e0503951353f719076bc5b4a7a845
2dadd25cfda53f64f397c978cf99f84dec5cf2be5c00a30a10c2ff55e38bea6f
2f5a6f0cb7a2997342232293a3ace736990ba135386d37f0be13b930ec017c2b
341f707ebe00267db1fd017fe3c780ce991dc4b271e94e2bcd1b0988eb1db06a
3771c2a615588e5997b47e8f011a22bb8e6877a1c0c38f684ef84f4178cd7250
37f83b983863dd72fc81ce98255cba071ab12ae4dc355a6a5d5662c125384ad3
3b2a49bd0c93eeac458235794de63456e34277be0ef4031d41548b314d1955b9
41b516e6d26ed051915a445cbb549aac5dcf3381a12bccce1d57985c09d49df1
44f2d4cb1cc7478ccf340ae68984394ea51008f82f2724a2078890e1536e25a8
44f472034e5878bf04e184b19069a401c727ff50a74e2f691686b6d6461429c6
468fd5ad8ec10d92aa72288bf49e2b94b27e3cecc60109d798c8ef3572929296
4a32c93e44737e37b55b93d20c50e2468a72f934fc178d044233bde2f06f5dae
4b3174ef2e48ef4f1a28aae401a9dcfd848f73ac0c5048a7270665d01d5637da
4b3cca2d4f39a2ddde72f0cf7bae89e81b4818f6754f6fea3108e363e340779a
4f419dc93acfe5fd1da8b7efd04e54a45b34ce3bb7d4a89a194b71533018c037
50eb857c6494fde8583208e97ccab312aba0a235b6cc7533bd6de559dc174667
5262da07c075d3129b62caf94f05f76d9f99af19bd39d63731ca01cbc6bd636c
59de84b4c4f9dc0b6a39bb62b880368293be1c5b3de954732eeae8a8cf7d1c0b
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
6146aa599d7389810437d5ae488f919f8858d9744f31d501ec2d1e89824d8d60
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61974f5473ade73e921db94caaf9bf3163e2df2f25ab1f53300c27ccd082709c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f884686cafdc210e3d382c564d5bb59ad61e0fb4d8ad024214b54b14883da0c
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104
7397f625a25525415b4e3fc6933fce77a839da72d4dc6e09c12cabc9a51154ac
799a095ce83dfd1da6c29795e794d848a857264dc202b0954b26d017b3bc5f2f
7b08235f8c515f82146f169ca2d8ce057dbd1dfc69c6e39084d02cbab3d06ee4
80bdf7131df33e3c1a3d3d5d57be1c4b6e8359632276773bbba744f816ace819
8181a739bd0ed0fd64624c4aa15b7847bc9d4fd0660bff56c8c9192c4ef75979
84e1b12ccf5d64b6a6197251fe93afd4996bbb132c8d86f82ae11e0b375e25d3
860f3d82e7c3fa3faf23f9b8ac369a5afad68f2d8de1c18fc78de511c6ab6126
8bfb026a7a7c9cf979cabdb085523f1f2153a99e73fb2a6f3b18fef75f4600d8
9226ab634c1d648d8d727e9258162bd8cc7a8099847fe54e4614dfca29ab1495
a7aa6f63d69dfc0d8f7202a87ddf63820d9b8b0ac3fa552bb19d424c3888ff82
a9152dbeb523d09b45482709f7455e22876ff87f4c849e3d90f7f078cc485b29
a95c9a2469cf43edffc97c9e12f28d999ce0feb2e44887c3fca8d5351d484b7f
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
acb5bb17dbece2dd5369e26b5f957f161b6d81cadde9ff6dad47671c869a4907
b096d59524e25d94481e4d35b52d85324f3f892ddbc1197c298d3bed48960d01
b4cf6b04974ed002c647304beef8d2bd237ba99b0d0a8b632b13775c3cfac444
b515858a2f8a8f3846408795bab0b6edbadd19abd87de4fa9ab2c791917b698c
b5b06eb64065e10a9585ffa4b5c8d2ae1a780c7a31ed59d6b2534f589c7ea865
b897f6ef22ef63f63049b72a3c719fc463a9b5adda133a97b70acc6853333dfe
b9b720e67606ddb1c4d4ad146d7cf107dc7de75874779693b21cc01c7416aa69
c07888d3925b883d2e0bb24d2196869721d1bb66b910068bf28e055107418363
d009f00617bc64f4f705eb6e54458e57a36567964209069c15c72ca8b32d586f
d38c4482f83c30c62828e22a70c556a5b0eff02f287fec24b2365085eb1d7c6e
d58b89ca78d47332fc0b84d56724675feac38e7c77dea132a0a1d8cb2ae355c1
d7489f7ba4e6b9b7132955bb54b4602acd4a39fa3319be4e79066516674e27b9
dbd3b0cdf1788631c5103de09ee7e20bf1903a5800ce89478817c2341ea5524c
dcfb1b8d48381410837b94ed0064450d48678d75dad6d9bd48479537e8f8cb0e
ddd5c7cd43c27400f0cb9f79ce259c104791ad7897284fb1220761f89e6af727
e11a0c02496dfb00597d6808ec05dc90e025791b9441dc8c60d2d4f4ef4aa13e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55ca5dd3fb9f932cf88fa680d5d5fcfef6ac9e766155c4e17c9db803654ea1e
e62ef35c324801d6af7f53aa51b4690100c42212a99c66740377e3975f32e582
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1a6d5c93b195ed74cfe2b638e13ac87565aa82c3230f08f5e3b15ac00de402e
f384d2580eeb0a327291f41a8aacdb0db11fe7efbf1b8a7821aa65683f649856
f3a1068239daa46f1fe7ddfa5a33b6477f97e2eebf9b41822fb525b19c46785b
f40a853e58a18759e1f7321d266d63494e320e9651af27d9373ec16380e414b6
f50a82c1023e9755fa5049008536c2f63a19feffb0cad5c0acd11eaa41bdb100
f700b04072da3635e99e9e5e9c57b851863633d9c1bff173339f85464c8fb9db
fa617e6195b48622cd13742f0a33f41bd0a3f8b5689424c90f6cba97d4679644
fd26dee085a98b7483761bd641615782558bb20ddeaab90d34fe587626d60259
fdd7aeb983f4d1373bb177b8e4af903a26f121b0d23a252d750cfb98d9a9952b

refundmore.com Open in urlscan Pro 2606:4700:20::ac43:4664 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

92 Requests

82 %HTTPS

55 %IPv6

17 Domains

23 Subdomains

20 IPs

3 Countries

1512 kBTransfer

4377 kBSize

13 Cookies

21 Outgoing links

Page URL History

Redirected requests

92 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

refundmore.com Open in urlscan Pro
2606:4700:20::ac43:4664 Public Scan

Screenshot
Live screenshot

Full Image

92
Requests

82 %
HTTPS

55 %
IPv6

17
Domains

23
Subdomains

20
IPs

3
Countries

1512 kB
Transfer

4377 kB
Size

13
Cookies

92 HTTP transactions
2 data transactions