urlscan.io logo urlscan.io
SecurityTrails logo

refund-delivery.com Open in urlscan Pro
136.0.141.246  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://refund-delivery.com/
Effective URL: https://refund-delivery.com/
Submission: On December 03 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 10 domains to perform 91 HTTP transactions. The main IP is 136.0.141.246, located in United States and belongs to EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY. The main domain is refund-delivery.com.
TLS certificate: Issued by R10 on November 14th 2024. Valid for: 3 months.
This is the only time refund-delivery.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
48 136.0.141.246 149440 (EVOXTENTE...)
5 2a00:1450:400... 15169 (GOOGLE)
2 212.34.149.26 216071 (VDSINA SE...)
4 2a00:1450:400... 15169 (GOOGLE)
1 57.128.74.67 16276 (OVH OVH SAS)
25 172.67.15.14 13335 (CLOUDFLAR...)
2 216.58.206.68 15169 (GOOGLE)
1 142.250.181.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.99 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
91 11
48    136.0.141.246 (United States)

ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY)
refund-delivery.com
5    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    212.34.149.26 (Spain)

ASN216071 (VDSINA SERVERS TECH FZCO, AE)
PTR: v191865.hosted-by-vdsina.com
kt.adgetpro.com
4    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    57.128.74.67 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ns3227037.ip-57-128-74.eu
err.jivosite.com
25    172.67.15.14 (United States)

ASN13335 (CLOUDFLARENET, US)
embed.tawk.to
va.tawk.to
2    216.58.206.68 (United States)

ASN15169 (GOOGLE, US)
PTR: tzfraa-aa-in-f4.1e100.net
www.google.com
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
googleads.g.doubleclick.net
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
td.doubleclick.net
1    142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net
www.google.co.uk
1    2606:4700::6812:bb1f (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
Apex Domain
Subdomains		 Transfer
48 refund-delivery.com
refund-delivery.com
1 MB
25 tawk.to
embed.tawk.to — Cisco Umbrella Rank: 11098
va.tawk.to — Cisco Umbrella Rank: 10657
274 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
341 KB
4 youtube.com
www.youtube.com — Cisco Umbrella Rank: 79
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
td.doubleclick.net — Cisco Umbrella Rank: 182
2 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 3
64 B
2 adgetpro.com
kt.adgetpro.com
3 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 318
41 KB
1 google.co.uk
www.google.co.uk — Cisco Umbrella Rank: 4906
64 B
1 jivosite.com
err.jivosite.com
91 10
Domain Requested by
48 refund-delivery.com refund-delivery.com
20 embed.tawk.to refund-delivery.com
embed.tawk.to
5 va.tawk.to embed.tawk.to
5 www.googletagmanager.com refund-delivery.com
www.googletagmanager.com
4 www.youtube.com refund-delivery.com
2 www.google.com www.googletagmanager.com
refund-delivery.com
2 kt.adgetpro.com refund-delivery.com
kt.adgetpro.com
1 cdn.jsdelivr.net embed.tawk.to
1 www.google.co.uk refund-delivery.com
1 td.doubleclick.net www.googletagmanager.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 err.jivosite.com refund-delivery.com
91 12

This site contains no links.

Subject Issuer Validity Valid
refund-delivery.com
R10		 2024-11-14 -
2025-02-12		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
kt.adgetpro.com
E6		 2024-11-09 -
2025-02-07		 3 months crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.jivosite.com
Go Daddy Secure Certificate Authority - G2		 2024-04-05 -
2025-05-07		 a year crt.sh
tawk.to
WE1		 2024-11-19 -
2025-02-17		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google.co.uk
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2024-05-04 -
2025-05-04		 a year crt.sh

This page contains 10 frames:

Primary Page: https://refund-delivery.com/
Frame ID: D95503E69399446FE7AFB0E26BDA6B23
Requests: 78 HTTP requests in this frame

Frame: https://www.youtube.com/embed/CHc3dA-KUig
Frame ID: E58A3905162BFF3F893098CA4D192BCE
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Xsb0vsRncC0?rel=0&fmt=18&html5=1&showinfo=0
Frame ID: 8D8BFDAC6BBE7D0E4B1F26283C2A46F8
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/dvkIcYDRyRE?rel=0&fmt=18&html5=1&showinfo=0
Frame ID: 41C2A52347A2A646885F1D638CCF5E54
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/EeFH93QuoDo?rel=0&fmt=18&html5=1&showinfo=0
Frame ID: 7039358C0B0FB54549ED23B2C0ABDF4C
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/16696712236?random=1733220369683&cv=11&fst=1733220369683&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0za200zb896078081&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Frefund-delivery.com%2F&hn=www.googleadservices.com&frm=0&tiba=Refund%20Delivery&npa=0&pscdl=noapi&auid=91822447.1733220370&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 80E529AE0B668DCE95D58AB5311DEBC0
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Frefund-delivery.com
Frame ID: 3B45202CCD441A2ED990CE67EDC29295
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/67354992019/css/min-widget.css
Frame ID: 5CEAD2BAACA66AEC98A612DF5CEA3CFC
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/67354992019/css/message-preview.css
Frame ID: A3C4DEFE97DD588B13F56669AFCCD3DB
Requests: 3 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/67354992019/css/max-widget.css
Frame ID: EAD325BD283B1F6E8850A182F34B16CA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Refund Delivery

Page URL History Show full URLs

  1. http://refund-delivery.com/ HTTP 307
    https://refund-delivery.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Overall confidence: 100%
Detected patterns
  • //embed\.tawk\.to
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?slick-theme\.css
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

91
Requests

100 %
HTTPS

36 %
IPv6

10
Domains

12
Subdomains

11
IPs

4
Countries

1784 kB
Transfer

3400 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://refund-delivery.com/ HTTP 307
    https://refund-delivery.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

91 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
refund-delivery.com/
Redirect Chain
  • http://refund-delivery.com/
  • https://refund-delivery.com/
24 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://refund-delivery.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
b4ed45f20c3dbf9374bbc59ebc6537e332b0622d2208869da357f0591c45d0d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
cache-control
max-age=600
content-encoding
gzip
content-length
6166
content-type
text/html; charset=UTF-8
date
Tue, 03 Dec 2024 10:06:09 GMT
etag
"5efd-6280b996fdfd8-gzip"
expires
Tue, 03 Dec 2024 10:16:09 GMT
last-modified
Fri, 29 Nov 2024 11:35:44 GMT
server
nginx/1.26.2
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

Location
https://refund-delivery.com/
Non-Authoritative-Reason
HttpsUpgrades
slick.css
refund-delivery.com/ajax/libs/slick-carousel/1.9.0/ 		2 KB
792 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund-delivery.com/ajax/libs/slick-carousel/1.9.0/slick.css
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Origin
https://refund-delivery.com
Referer

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
etag
W/"670fd6ce-6f0"
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
text/css
last-modified
Wed, 16 Oct 2024 15:07:58 GMT
server
nginx/1.26.2
slick-theme.css
refund-delivery.com/ajax/libs/slick-carousel/1.9.0/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund-delivery.com/ajax/libs/slick-carousel/1.9.0/slick-theme.css
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
bbeee1eb2ffddddea10d91055e95060461e5fb97a2db27966c07c27875f0ff43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Origin
https://refund-delivery.com
Referer

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
etag
W/"670fd6ce-c35"
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
text/css
last-modified
Wed, 16 Oct 2024 15:07:58 GMT
server
nginx/1.26.2
burger.css
refund-delivery.com/css/ 		3 KB
943 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund-delivery.com/css/burger.css
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
ea27472945b52eded21b541cdda73a9a546a854f212f6b3f34849a0059fde154
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
etag
W/"670fd6d5-a59"
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
text/css
last-modified
Wed, 16 Oct 2024 15:08:05 GMT
server
nginx/1.26.2
styles.css
refund-delivery.com/css/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund-delivery.com/css/styles.css?v=1
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
30ca0ef179d8049c37c2e9cf698592f13ce2a1717c7a06450dd6d00324b1665c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
etag
W/"670fd6d4-37dd"
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
text/css
last-modified
Wed, 16 Oct 2024 15:08:04 GMT
server
nginx/1.26.2
media.css
refund-delivery.com/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund-delivery.com/css/media.css
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
9baf6a74c8ea1c8cf3f85e90611eef9605a524c8d9dd375a4e3fa297d1a08699
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
etag
W/"670fd6d4-2cf9"
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
text/css
last-modified
Wed, 16 Oct 2024 15:08:04 GMT
server
nginx/1.26.2
GPpPe0fdLm
refund-delivery.com/widget/ 		17 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refund-delivery.com/widget/GPpPe0fdLm
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
ef76b7b96b8ff4bb7ccbbd21a03a72a6b3eae87e382dae374afe4a55de438785
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=5
etag
"44f9-6249971f8f040"
expires
Tue, 03 Dec 2024 10:06:14 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
17657
date
Tue, 03 Dec 2024 10:06:09 GMT
last-modified
Wed, 16 Oct 2024 15:08:41 GMT
server
nginx/1.26.2
js
www.googletagmanager.com/gtag/ 		281 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-16696712236
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
96965538c189637d30ac2fcfcebe4566be982911e9c7ddf322f332526264692a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 03 Dec 2024 10:06:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 03 Dec 2024 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
99433
x-xss-protection
0
server
Google Tag Manager
logo.svg
refund-delivery.com/img/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refund-delivery.com/img/logo.svg
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
b35b33f50342351681e1428ab164030e7441da93e4169eb989d9e5de95f32996
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
etag
W/"67326d64-205f"
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
image/svg+xml
last-modified
Mon, 11 Nov 2024 20:47:32 GMT
server
nginx/1.26.2
intro.png
refund-delivery.com/img/ 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refund-delivery.com/img/intro.png
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
634059224ca63edd11c0cc317c70db61bd3d00b3f763e3eeab130dacd1cebdf1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

strict-transport-security
max-age=31536000
etag
"670fd6ec-182b5"
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
98997
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
image/png
last-modified
Wed, 16 Oct 2024 15:08:28 GMT
server
nginx/1.26.2
info.svg
refund-delivery.com/img/ 		266 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refund-delivery.com/img/info.svg
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
7be5fc89cfa33d930e8c5e34e1c176842a98359cb08b0b930d315ead9a58a4a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
etag
W/"670fd6ec-10a"
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
image/svg+xml
last-modified
Wed, 16 Oct 2024 15:08:28 GMT
server
nginx/1.26.2
1.png
refund-delivery.com/img/about/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refund-delivery.com/img/about/1.png
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
9674d618c6c8eb59aef303fec18bce0cf6feac43244ef9e6087a7a966640d74b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

strict-transport-security
max-age=31536000
etag
"670fd6f1-9bd"
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
2493
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
image/png
last-modified
Wed, 16 Oct 2024 15:08:33 GMT
server
nginx/1.26.2
2.png
refund-delivery.com/img/about/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refund-delivery.com/img/about/2.png
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
68e328f085c2af6e19ac7e83eb2501e77a0933ad482d01e7de366f1e3577a406
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

strict-transport-security
max-age=31536000
etag
"670fd6f1-c69"
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
3177
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
image/png
last-modified
Wed, 16 Oct 2024 15:08:33 GMT
server
nginx/1.26.2
3.png
refund-delivery.com/img/about/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refund-delivery.com/img/about/3.png
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
0fceeb5d9309ace8abffa7eff4c21282144783196a8a6881547fcff5438988e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

strict-transport-security
max-age=31536000
etag
"670fd6f1-88a"
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
2186
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
image/png
last-modified
Wed, 16 Oct 2024 15:08:33 GMT
server
nginx/1.26.2
9.png
refund-delivery.com/img/about/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refund-delivery.com/img/about/9.png
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
9664ddd0d7c347f1a281b340b70ee5ebdf46b49457c09b2023c31df2b2c0d7ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

strict-transport-security
max-age=31536000
etag
"670fd6ef-2101"
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
8449
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
image/png
last-modified
Wed, 16 Oct 2024 15:08:31 GMT
server
nginx/1.26.2
4.png
refund-delivery.com/img/about/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refund-delivery.com/img/about/4.png
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
21ac26466e87cc17800888d875ddc2e6d85805a6c71babbe37ce67b8cfcab867
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

strict-transport-security
max-age=31536000
etag
"670fd6f0-73c"
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
1852
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
image/png
last-modified
Wed, 16 Oct 2024 15:08:32 GMT
server
nginx/1.26.2
5.png
refund-delivery.com/img/about/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refund-delivery.com/img/about/5.png
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
b19e343919e899ec708fa6b30c982761008911efeed24449822e98a9d27e5b53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

strict-transport-security
max-age=31536000
etag
"670fd6f0-9c0"
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
2496
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
image/png
last-modified
Wed, 16 Oct 2024 15:08:32 GMT
server
nginx/1.26.2
6.png
refund-delivery.com/img/about/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refund-delivery.com/img/about/6.png
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
9e55c5bb08df21f090df7642a5b7f47861a5f5a5df89e5435e3861ede3140a92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

strict-transport-security
max-age=31536000
etag
"670fd6f0-8ba"
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
2234
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
image/png
last-modified
Wed, 16 Oct 2024 15:08:32 GMT
server
nginx/1.26.2
7.png
refund-delivery.com/img/about/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refund-delivery.com/img/about/7.png
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
fd0dfe6e4bbe245573261c69bcf97bb26ae4d5811bbdd9d727a3ec4ce16627f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

strict-transport-security
max-age=31536000
etag
"670fd6f0-9f2"
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
2546
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
image/png
last-modified
Wed, 16 Oct 2024 15:08:32 GMT
server
nginx/1.26.2
8.png
refund-delivery.com/img/about/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refund-delivery.com/img/about/8.png
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
e22c6c577146e2e90c3f5ac813d8d1e7fcfde67cf8420a074632b36ff15cba20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

strict-transport-security
max-age=31536000
etag
"670fd6ef-d2f"
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
3375
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
image/png
last-modified
Wed, 16 Oct 2024 15:08:31 GMT
server
nginx/1.26.2
10.png
refund-delivery.com/img/about/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refund-delivery.com/img/about/10.png
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
497382737591c581cc1843d9a9591b010b7dca3fbc19e845a3a308e13e53ef85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

strict-transport-security
max-age=31536000
etag
"670fd6f0-dec"
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
3564
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
image/png
last-modified
Wed, 16 Oct 2024 15:08:32 GMT
server
nginx/1.26.2
11.png
refund-delivery.com/img/about/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refund-delivery.com/img/about/11.png
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
dc1700e524476a76848dd180af603d1193b2de4a67f12c8422ee554a43e5f3ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

strict-transport-security
max-age=31536000
etag
"670fd6f0-693"
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
1683
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
image/png
last-modified
Wed, 16 Oct 2024 15:08:32 GMT
server
nginx/1.26.2
12.png
refund-delivery.com/img/about/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refund-delivery.com/img/about/12.png
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
8b52821f17aac9487965a4d1ea4345c7ae8a4b3041b012d14635fd694a6c83cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

strict-transport-security
max-age=31536000
etag
"670fd6f0-c57"
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
3159
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
image/png
last-modified
Wed, 16 Oct 2024 15:08:32 GMT
server
nginx/1.26.2
team-1.png
refund-delivery.com/img/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refund-delivery.com/img/team-1.png
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
ca3978626130454bcf83505b5a57d661ea0626e2a3174a254df6bc44f6aea6ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

strict-transport-security
max-age=31536000
etag
"670fd6ee-d6c5"
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
54981
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
image/png
last-modified
Wed, 16 Oct 2024 15:08:30 GMT
server
nginx/1.26.2
team-2.png
refund-delivery.com/img/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refund-delivery.com/img/team-2.png
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
646a79ae39eb2c541b80af66d8cce34422ef52926e1c14dbfe5960f51b6c530d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

strict-transport-security
max-age=31536000
etag
"670fd6ee-12234"
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
74292
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
image/png
last-modified
Wed, 16 Oct 2024 15:08:30 GMT
server
nginx/1.26.2
team-3.png
refund-delivery.com/img/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refund-delivery.com/img/team-3.png
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
c3f6584d0f39a660880db6449a2da7f5164de5283b08e6fb3d7f624ccb1d87b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

strict-transport-security
max-age=31536000
etag
"670fd6ee-14ceb"
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
85227
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
image/png
last-modified
Wed, 16 Oct 2024 15:08:30 GMT
server
nginx/1.26.2
team-4.png
refund-delivery.com/img/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refund-delivery.com/img/team-4.png
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
0f083b7c95c9aeb272bdf8fbcdafbdbaae617f3d7cbdd5103c8852135e825c7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

strict-transport-security
max-age=31536000
etag
"670fd6ee-12095"
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
73877
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
image/png
last-modified
Wed, 16 Oct 2024 15:08:30 GMT
server
nginx/1.26.2
how-1.svg
refund-delivery.com/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refund-delivery.com/img/how-1.svg
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
c8ca153806c6f1a603653f3b0e4b4c22d0df78412f71fe853170f13e1160fb18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
etag
W/"670fd6ec-68e"
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
image/svg+xml
last-modified
Wed, 16 Oct 2024 15:08:28 GMT
server
nginx/1.26.2
how-2.svg
refund-delivery.com/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refund-delivery.com/img/how-2.svg
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
982279973012d6006ab23cfaee65d496960b9d373889e335c6573c7e297fb4de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
etag
W/"670fd6ed-6ef"
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
image/svg+xml
last-modified
Wed, 16 Oct 2024 15:08:29 GMT
server
nginx/1.26.2
how-3.svg
refund-delivery.com/img/ 		1 KB
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refund-delivery.com/img/how-3.svg
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
8584fa28d5b6561325e29ea4d13451621ca4d057f673e402515f1dd045ce29d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
etag
W/"670fd6ec-414"
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
image/svg+xml
last-modified
Wed, 16 Oct 2024 15:08:28 GMT
server
nginx/1.26.2
situation.png
refund-delivery.com/img/ 		112 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refund-delivery.com/img/situation.png
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
e87383069e19d67f8976c20100a8b744ad5244bee7ed682a4cba2ee704b5891f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

strict-transport-security
max-age=31536000
etag
"670fd6eb-1c133"
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
114995
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
image/png
last-modified
Wed, 16 Oct 2024 15:08:27 GMT
server
nginx/1.26.2
gclid-save.js
refund-delivery.com/ 		2 KB
990 B 		Script
General
Check archive.org
Download Go to
Full URL
https://refund-delivery.com/gclid-save.js
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
a4a989b6f26e535fec1e1ce20411fd0b6e303e8b2ce82bc106008796a7ada919
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
etag
W/"6749a504-693"
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 29 Nov 2024 11:27:00 GMT
server
nginx/1.26.2
jquery.min.js
refund-delivery.com/ajax/libs/jquery/3.6.1/ 		88 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refund-delivery.com/ajax/libs/jquery/3.6.1/jquery.min.js
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Origin
https://refund-delivery.com
Referer

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
etag
W/"670fd6ce-15e40"
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 16 Oct 2024 15:07:58 GMT
server
nginx/1.26.2
slick.min.js
refund-delivery.com/ajax/libs/slick-carousel/1.9.0/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refund-delivery.com/ajax/libs/slick-carousel/1.9.0/slick.min.js
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Origin
https://refund-delivery.com
Referer

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
etag
W/"670fd6cf-ab69"
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 16 Oct 2024 15:07:59 GMT
server
nginx/1.26.2
app.js
refund-delivery.com/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refund-delivery.com/js/app.js
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
d910bb9b78a1e9df89154036f1d0d179d1b58b533065592648e50f7bb6021d6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
etag
W/"670fd6f3-859"
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 16 Oct 2024 15:08:35 GMT
server
nginx/1.26.2
jost-3
refund-delivery.com/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund-delivery.com/css/jost-3
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/css/styles.css?v=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
36f93040c29cdd6b847ee22db0c731893816c1bd3e605083c48a016e90d7e82a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/css/styles.css?v=1

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=5
etag
"a3f-624996fa5d880"
expires
Tue, 03 Dec 2024 10:06:14 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
2623
date
Tue, 03 Dec 2024 10:06:09 GMT
last-modified
Wed, 16 Oct 2024 15:08:02 GMT
server
nginx/1.26.2
gtm.js
www.googletagmanager.com/ 		209 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NZMH55P
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
93ded822c957336a01592e6562739991749d920bef2df936590b33c1b43b89ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Tue, 03 Dec 2024 10:06:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 03 Dec 2024 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
76583
x-xss-protection
0
server
Google Tag Manager
gtm.js
www.googletagmanager.com/ 		197 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MPXBT3Z5
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6a60f1a6cba892130c2f081fb120c3fc669735ed7e25a43a3eb95191baaaa5e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Tue, 03 Dec 2024 10:06:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 03 Dec 2024 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
72377
x-xss-protection
0
server
Google Tag Manager
k.min.js
kt.adgetpro.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kt.adgetpro.com/js/k.min.js
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
212.34.149.26 , Spain, ASN216071 (VDSINA SERVERS TECH FZCO, AE),
Reverse DNS
v191865.hosted-by-vdsina.com
Software
nginx /
Resource Hash
99e99b3f49fc92d97a1bddd1ac43923d99bf51bff48c316a94dcd039218daff6

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=864000
Content-Encoding
gzip
ETag
W/"610813ea-1ad0"
Connection
keep-alive
Expires
Fri, 13 Dec 2024 10:06:09 GMT
Access-Control-Allow-Origin
*
Date
Tue, 03 Dec 2024 10:06:09 GMT
Content-Type
application/javascript
Last-Modified
Mon, 02 Aug 2021 15:48:58 GMT
Server
nginx
CHc3dA-KUig
www.youtube.com/embed/ Frame E58A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/CHc3dA-KUig?
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://refund-delivery.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy
require-trusted-types-for 'script';report-uri /cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Tue, 03 Dec 2024 10:06:09 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
Xsb0vsRncC0
www.youtube.com/embed/ Frame 8D8B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/Xsb0vsRncC0?rel=0&fmt=18&html5=1&showinfo=0
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://refund-delivery.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy
require-trusted-types-for 'script'
content-security-policy-report-only
base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce-BweXf2L2-Ng-BRpLQxmwyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Tue, 03 Dec 2024 10:06:09 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
dvkIcYDRyRE
www.youtube.com/embed/ Frame 41C2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/dvkIcYDRyRE?rel=0&fmt=18&html5=1&showinfo=0
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://refund-delivery.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy
require-trusted-types-for 'script'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Tue, 03 Dec 2024 10:06:09 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
EeFH93QuoDo
www.youtube.com/embed/ Frame 7039 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/EeFH93QuoDo?rel=0&fmt=18&html5=1&showinfo=0
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://refund-delivery.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy
require-trusted-types-for 'script'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Tue, 03 Dec 2024 10:06:09 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
intro-bg.png
refund-delivery.com/img/ 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refund-delivery.com/img/intro-bg.png
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/css/styles.css?v=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
837ca326a685b073ecd1f75f22ba8a701904a155bc4ec031fa73a07eabfabd18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/css/styles.css?v=1

Response headers

strict-transport-security
max-age=31536000
etag
"670fd6ed-15f96"
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
90006
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
image/png
last-modified
Wed, 16 Oct 2024 15:08:29 GMT
server
nginx/1.26.2
about-bg.svg
refund-delivery.com/img/ 		306 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refund-delivery.com/img/about-bg.svg
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/css/styles.css?v=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
53298677ccfcfbb9a8867c6fb9504e8aa785beedfab064895e0ec74756868ec1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/css/styles.css?v=1

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
etag
W/"670fd6eb-132"
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
image/svg+xml
last-modified
Wed, 16 Oct 2024 15:08:27 GMT
server
nginx/1.26.2
team-bg.png
refund-delivery.com/img/ 		152 KB
152 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refund-delivery.com/img/team-bg.png
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/css/styles.css?v=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
430f3efaf23fd6b57a3175d4fd98f9fa4a1c63e7a5abd39cf5c10e4a115b43b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/css/styles.css?v=1

Response headers

strict-transport-security
max-age=31536000
etag
"670fd6e8-2605d"
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
155741
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
image/png
last-modified
Wed, 16 Oct 2024 15:08:24 GMT
server
nginx/1.26.2
results-bg.svg
refund-delivery.com/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refund-delivery.com/img/results-bg.svg
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/css/styles.css?v=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
76c827f8db9f2f863ca6081c4bed96e06362a296fb2c1834eb93684ec5bd7854
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/css/styles.css?v=1

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
etag
W/"670fd6ec-5da"
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
image/svg+xml
last-modified
Wed, 16 Oct 2024 15:08:28 GMT
server
nginx/1.26.2
offer-bg.png
refund-delivery.com/img/ 		130 KB
131 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refund-delivery.com/img/offer-bg.png
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/css/styles.css?v=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
ed15a358418983c04fa2ddf813cadfb376dfbc7f8110970832f894acce4730d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/css/styles.css?v=1

Response headers

strict-transport-security
max-age=31536000
etag
"670fd6eb-208fe"
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
133374
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
image/png
last-modified
Wed, 16 Oct 2024 15:08:27 GMT
server
nginx/1.26.2
Jost-Regular.woff
refund-delivery.com/s/46643/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://refund-delivery.com/s/46643/Jost-Regular.woff
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/css/jost-3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
3e229d8fd116953d1e3238fc5fb1a06c01919435dd26e3cab25cd537f8be9927
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Origin
https://refund-delivery.com
Referer
https://refund-delivery.com/css/jost-3

Response headers

strict-transport-security
max-age=31536000
etag
"670fd6f4-95e4"
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
38372
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
font/woff
last-modified
Wed, 16 Oct 2024 15:08:36 GMT
server
nginx/1.26.2
Jost-Bold.woff
refund-delivery.com/s/46643/ 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://refund-delivery.com/s/46643/Jost-Bold.woff
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/css/jost-3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
8dc5c88744b8834790b97e5d030e2966984e95f2c6272c7bd37393afc4b2afdf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Origin
https://refund-delivery.com
Referer
https://refund-delivery.com/css/jost-3

Response headers

strict-transport-security
max-age=31536000
etag
"670fd6f3-b468"
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
46184
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
font/woff
last-modified
Wed, 16 Oct 2024 15:08:35 GMT
server
nginx/1.26.2
Jost-Medium.woff
refund-delivery.com/s/46643/ 		42 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://refund-delivery.com/s/46643/Jost-Medium.woff
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/css/jost-3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
0be201a894031d5000d70d6544fb95a2cd58b8f99e8b7679e777098981b4974d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Origin
https://refund-delivery.com
Referer
https://refund-delivery.com/css/jost-3

Response headers

strict-transport-security
max-age=31536000
etag
"670fd6f4-a640"
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
42560
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
font/woff
last-modified
Wed, 16 Oct 2024 15:08:36 GMT
server
nginx/1.26.2
GPpPe0fdLm
refund-delivery.com/script/widget/config/ 		282 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://refund-delivery.com/script/widget/config/GPpPe0fdLm
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/widget/GPpPe0fdLm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
55c9418ce8ed243da3202e98b7d18b24e748017b7099a382f9be118f3b1c6228
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
text/html; charset=iso-8859-1
server
nginx/1.26.2
GPpPe0fdLm
refund-delivery.com/script/widget/config/ 		282 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://refund-delivery.com/script/widget/config/GPpPe0fdLm
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/widget/GPpPe0fdLm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
55c9418ce8ed243da3202e98b7d18b24e748017b7099a382f9be118f3b1c6228
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
text/html; charset=iso-8859-1
server
nginx/1.26.2
GPpPe0fdLm
refund-delivery.com/script/widget/config/ 		282 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://refund-delivery.com/script/widget/config/GPpPe0fdLm
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/widget/GPpPe0fdLm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
55c9418ce8ed243da3202e98b7d18b24e748017b7099a382f9be118f3b1c6228
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
text/html; charset=iso-8859-1
server
nginx/1.26.2
GPpPe0fdLm
refund-delivery.com/script/widget/config/ 		282 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://refund-delivery.com/script/widget/config/GPpPe0fdLm
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/widget/GPpPe0fdLm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
55c9418ce8ed243da3202e98b7d18b24e748017b7099a382f9be118f3b1c6228
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
text/html; charset=iso-8859-1
server
nginx/1.26.2
widget
err.jivosite.com/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://err.jivosite.com/widget
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/widget/GPpPe0fdLm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
57.128.74.67 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3227037.ip-57-128-74.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type
text/plain;charset=UTF-8
Referer
https://refund-delivery.com/

Response headers
js
www.googletagmanager.com/gtag/ 		281 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-16696712236&l=dataLayer&cx=c&gtm=45He4bk0v896078081za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZMH55P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3e40e40dba24b5319a599609aefb598311e34f828468667a10159f6217c6b6fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 03 Dec 2024 10:06:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 10:06:09 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 03 Dec 2024 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
99415
x-xss-protection
0
server
Google Tag Manager
1hovuu0bd
embed.tawk.to/65f3b1ea9131ed19d97a0ca9/ 		2 KB
1004 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/65f3b1ea9131ed19d97a0ca9/1hovuu0bd
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f3c1018097ea5cd327c312fca7d704fd8274863008c9525b0acde869ca40e82
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Origin
https://refund-delivery.com
Referer
https://refund-delivery.com/

Response headers

strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=7200, s-maxage=3600
content-encoding
gzip
cf-cache-status
MISS
etag
W/"stable-v4-67354992019"
x-content-type-options
nosniff
cf-ray
8ec2be0ebbf976f9-LHR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 03 Dec 2024 10:06:10 GMT
content-type
application/x-javascript
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Frefund-delivery.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1480433752.1733220370&auid=91822447.1733220370&npa=0&gtm=45be4bk0za200zb896078081&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1733220369686&tfd=588&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16696712236
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/16696712236/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16696712236/?random=1733220369683&cv=11&fst=1733220369683&bg=ffffff&guid=ON&async=1&gtm=45be4bk0za200zb896078081&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Frefund-delivery.com%2F&hn=www.googleadservices.com&frm=0&tiba=Refund%20Delivery&npa=0&pscdl=noapi&auid=91822447.1733220370&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16696712236
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e42de18cbbc3943f55b9341a53db877e6d9d5267873d7dfd25dc0e83eb5f14a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2319
date
Tue, 03 Dec 2024 10:06:09 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
16696712236
td.doubleclick.net/td/rul/ Frame 80E5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/16696712236?random=1733220369683&cv=11&fst=1733220369683&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0za200zb896078081&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Frefund-delivery.com%2F&hn=www.googleadservices.com&frm=0&tiba=Refund%20Delivery&npa=0&pscdl=noapi&auid=91822447.1733220370&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16696712236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://refund-delivery.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 03 Dec 2024 10:06:09 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame 3B45 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Frefund-delivery.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16696712236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Tue, 03 Dec 2024 10:06:09 GMT
expires
Wed, 03 Dec 2025 10:06:09 GMT
last-modified
Tue, 19 Nov 2024 10:38:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
www.google.com/pagead/1p-user-list/16696712236/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/16696712236/?random=1733220369683&cv=11&fst=1733220000000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0za200zb896078081&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Frefund-delivery.com%2F&hn=www.googleadservices.com&frm=0&tiba=Refund%20Delivery&npa=0&pscdl=noapi&auid=91822447.1733220370&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dR8Tpe-Ifp610wqn2aOJzPydjgRwCZg&random=2089422679&rmt_tld=0&ipr=y
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 03 Dec 2024 10:06:10 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.co.uk/pagead/1p-user-list/16696712236/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/pagead/1p-user-list/16696712236/?random=1733220369683&cv=11&fst=1733220000000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0za200zb896078081&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Frefund-delivery.com%2F&hn=www.googleadservices.com&frm=0&tiba=Refund%20Delivery&npa=0&pscdl=noapi&auid=91822447.1733220370&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dR8Tpe-Ifp610wqn2aOJzPydjgRwCZg&random=2089422679&rmt_tld=1&ipr=y
Requested by
Host: refund-delivery.com
URL: https://refund-delivery.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 03 Dec 2024 10:06:10 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
HKv7Mb
kt.adgetpro.com/ 		56 B
371 B 		Script
General
Check archive.org
Download Go to
Full URL
https://kt.adgetpro.com/HKv7Mb?return=jsonp&&se_referrer=&default_keyword=Refund%20Delivery&landing_url=refund-delivery.com%2F
Requested by
Host: kt.adgetpro.com
URL: https://kt.adgetpro.com/js/k.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
212.34.149.26 , Spain, ASN216071 (VDSINA SERVERS TECH FZCO, AE),
Reverse DNS
v191865.hosted-by-vdsina.com
Software
nginx /
Resource Hash
49e07e7316771d6ab13e80f8f177b0f4dee73bf6e0b875b9e034cc785e2bcc8d

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
Tue, 03 Dec 2024 10:06:10 GMT
Access-Control-Allow-Origin
*
Content-Length
56
Date
Tue, 03 Dec 2024 10:06:10 GMT
Content-Type
application/javascript; charset=utf-8
Vary
Accept-Encoding
Server
nginx
twk-main.js
embed.tawk.to/_s/v4/app/67354992019/js/ 		121 B
376 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/js/twk-main.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/65f3b1ea9131ed19d97a0ca9/1hovuu0bd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Origin
https://refund-delivery.com
Referer
https://refund-delivery.com/

Response headers

content-encoding
br
cf-cache-status
MISS
etag
W/"da5bb1dc647470204df0e49f5afac2de"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 03 Dec 2024 10:06:10 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 00:52:21 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8ec2be1379e376f9-LHR
access-control-allow-origin
*
server
cloudflare
twk-vendor.js
embed.tawk.to/_s/v4/app/67354992019/js/ 		81 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/js/twk-vendor.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/65f3b1ea9131ed19d97a0ca9/1hovuu0bd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Origin
https://refund-delivery.com
Referer
https://refund-delivery.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"3b341e35b39f6195793ecaf5db7c1d63"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 03 Dec 2024 10:06:10 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 00:52:21 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8ec2be1379e676f9-LHR
access-control-allow-origin
*
server
cloudflare
twk-chunk-vendors.js
embed.tawk.to/_s/v4/app/67354992019/js/ 		212 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-vendors.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/65f3b1ea9131ed19d97a0ca9/1hovuu0bd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
194c4fa82fa9bf5897963b335fddcfdb462fe898cafbe8b2eb72a9803f2db05f
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Origin
https://refund-delivery.com
Referer
https://refund-delivery.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"77a40166698f808a0942865537165b0f"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 03 Dec 2024 10:06:10 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 00:52:21 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8ec2be1379e776f9-LHR
access-control-allow-origin
*
server
cloudflare
twk-chunk-common.js
embed.tawk.to/_s/v4/app/67354992019/js/ 		223 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-common.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/65f3b1ea9131ed19d97a0ca9/1hovuu0bd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b17f212fc06e1cde0574bdd1ee89d507461f5777e3039c725dbb40b5ebb3f192
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Origin
https://refund-delivery.com
Referer
https://refund-delivery.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"ae0a97d1265892fc012190aa72881581"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 03 Dec 2024 10:06:10 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 00:52:21 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8ec2be1379e976f9-LHR
access-control-allow-origin
*
server
cloudflare
twk-runtime.js
embed.tawk.to/_s/v4/app/67354992019/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/js/twk-runtime.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/65f3b1ea9131ed19d97a0ca9/1hovuu0bd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41c6e86ff4eff6723f15faa7650734836876f67fd98e91d08908115271eac6e5
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Origin
https://refund-delivery.com
Referer
https://refund-delivery.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"895415bbe1b8cf97aef258d17cb33187"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 03 Dec 2024 10:06:10 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 00:52:21 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8ec2be1379ea76f9-LHR
access-control-allow-origin
*
server
cloudflare
twk-app.js
embed.tawk.to/_s/v4/app/67354992019/js/ 		151 B
400 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/js/twk-app.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/65f3b1ea9131ed19d97a0ca9/1hovuu0bd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Origin
https://refund-delivery.com
Referer
https://refund-delivery.com/

Response headers

content-encoding
br
cf-cache-status
MISS
etag
W/"e736e189edb5d0d9d5b8e7f23dd9114a"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 03 Dec 2024 10:06:10 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 00:52:21 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8ec2be1379ec76f9-LHR
access-control-allow-origin
*
server
cloudflare
ico.png
refund-delivery.com/img/ 		548 B
729 B 		Other
General
Check archive.org
Download Go to
Full URL
https://refund-delivery.com/img/ico.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.0.141.246 , United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
60fac5ee0d33f30f2440b24388be4c9305a95807310dd9cc469f0b0784bc5d84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

strict-transport-security
max-age=31536000
etag
"670fd6ec-224"
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
548
date
Tue, 03 Dec 2024 10:06:10 GMT
content-type
image/png
last-modified
Wed, 16 Oct 2024 15:08:28 GMT
server
nginx/1.26.2
widget-settings
va.tawk.to/v1/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/widget-settings?propertyId=65f3b1ea9131ed19d97a0ca9&widgetId=1hovuu0bd&sv=null
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49ddda06d7d2f8defd66cc0e408b42a3142b1a0310e55d06beef8a432802c3e3
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

access-control-max-age
3600
content-encoding
gzip
cf-cache-status
MISS
etag
W/"2-18-0"
access-control-allow-methods
GET,OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 03 Dec 2024 10:06:11 GMT
content-type
application/json
x-served-by
visitor-application-preemptive-hdqg
vary
Accept-Encoding
priority
u=1,i
access-control-allow-headers
content-type,x-tawk-token
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=7200, s-maxage=1800
cf-ray
8ec2be15ccd176f9-LHR
access-control-allow-origin
*
server
cloudflare
start
va.tawk.to/v1/session/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/session/start
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1549cf51040f0caed76ee16d967169353391d579234ecda2ff9f8e3efcfc95d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type
application/json; charset=utf-8
Referer
https://refund-delivery.com/

Response headers

access-control-max-age
3600
content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 03 Dec 2024 10:06:11 GMT
content-type
application/json
x-served-by
visitor-application-preemptive-l9ns
vary
Accept-Encoding
priority
u=1,i
access-control-allow-headers
content-type,x-tawk-token
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-credentials
true
cf-ray
8ec2be16bd61ef33-LHR
access-control-allow-origin
https://refund-delivery.com
server
cloudflare
start
va.tawk.to/v1/session/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/session/start
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://refund-delivery.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-tawk-token
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://refund-delivery.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=86400
cache-control
public, s-maxage=600, max-age=600
cf-cache-status
DYNAMIC
cf-ray
8ec2be15ccd076f9-LHR
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 03 Dec 2024 10:06:10 GMT
priority
u=1,i
server
cloudflare
server-timing
cfExtPri
strict-transport-security
max-age=0; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-served-by
visitor-application-preemptive-vtzx
ru.js
embed.tawk.to/_s/v4/app/67354992019/languages/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/languages/ru.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1146f21683e3cd000bfc926883fbe4692b69fe27df2ffc827f26c7950ce1edc6
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"d8a5feb2d2f0dc380d7926fb37677601"
age
1655314
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 03 Dec 2024 10:06:11 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 00:52:21 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8ec2be181a54ef33-LHR
access-control-allow-origin
*
server
cloudflare
twk-chunk-bf24a88e.js
embed.tawk.to/_s/v4/app/67354992019/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-bf24a88e.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf0bb2630fde34a664dc471d3a575a72c37b5a96cb74fcafb92ca7f17fefbe40
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"c96127c9a0429d69fecbeb73fd410443"
age
272809
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 03 Dec 2024 10:06:11 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 00:52:21 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8ec2be186b60ef33-LHR
access-control-allow-origin
*
server
cloudflare
twk-chunk-71978bb6.js
embed.tawk.to/_s/v4/app/67354992019/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-71978bb6.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3e24c6486aaebd7397266feec4133d7ece6c169444a438e5ccd93d7aa89246d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"adcf466d8e820d5dd8a7df9975fcba50"
age
280200
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 03 Dec 2024 10:06:11 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 00:52:21 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8ec2be186b67ef33-LHR
access-control-allow-origin
*
server
cloudflare
twk-chunk-7c2f6ba4.js
embed.tawk.to/_s/v4/app/67354992019/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-7c2f6ba4.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
357f86eb123b4e1a850f2583a8779a9171a61b98284cea3c89fb285e1baebb81
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"977b0aa25f349861d14d837b480e5615"
age
375793
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 03 Dec 2024 10:06:11 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 00:52:21 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8ec2be186b6aef33-LHR
access-control-allow-origin
*
server
cloudflare
twk-chunk-48f3b594.js
embed.tawk.to/_s/v4/app/67354992019/js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-48f3b594.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4decde1fd4af3ee8c5952646190f4c638de918ceb129cc4e87e2e2edc67dc87d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"d26f24b5583b0a809ef3db128cbf6a06"
age
456215
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 03 Dec 2024 10:06:11 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 00:52:21 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-cache-status
MISS
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8ec2be186b6eef33-LHR
access-control-allow-origin
*
server
cloudflare
twk-chunk-4fe9d5dd.js
embed.tawk.to/_s/v4/app/67354992019/js/ 		906 B
696 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-4fe9d5dd.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"1c5ecf371149feca23bd895ba9dfec4d"
age
198987
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 03 Dec 2024 10:06:11 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 00:52:21 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8ec2be186b71ef33-LHR
access-control-allow-origin
*
server
cloudflare
twk-chunk-2d0b9454.js
embed.tawk.to/_s/v4/app/67354992019/js/ 		535 B
608 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-2d0b9454.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"c506281367048d4a134c9affbc68c8c6"
age
1655331
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 03 Dec 2024 10:06:11 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 00:52:21 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8ec2be186b74ef33-LHR
access-control-allow-origin
*
server
cloudflare
twk-chunk-24d8db78.js
embed.tawk.to/_s/v4/app/67354992019/js/ 		120 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-24d8db78.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e42428b7cf745a93ba7853cdb58324b7e0121fbbeb5f61be5479d73e384be104
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"ad43e469764eb884ca6ab070740c1931"
age
185264
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 03 Dec 2024 10:06:11 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 00:52:21 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8ec2be186b79ef33-LHR
access-control-allow-origin
*
server
cloudflare
min-widget.css
embed.tawk.to/_s/v4/app/67354992019/css/ Frame 5CEA 		24 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/css/min-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-bf24a88e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69fb03e8827d27e64583979ae09fe2242047e15c953e7aa3a85b9af66a031cbd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"2d7f176b563b25833791f4844819b5ee"
age
1655331
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 03 Dec 2024 10:06:11 GMT
content-type
text/css
last-modified
Thu, 14 Nov 2024 00:52:21 GMT
vary
Accept-Encoding
priority
u=0,i=?0
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8ec2be18dd09ef33-LHR
access-control-allow-origin
*
server
cloudflare
message-preview.css
embed.tawk.to/_s/v4/app/67354992019/css/ Frame A3C4 		42 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/css/message-preview.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-bf24a88e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4ebe81ec01c33bd339149314130d65c8a716890fe6c9edb50300c0965c759b8
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"313ec28abf9889abec5153d8318e8022"
age
282560
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 03 Dec 2024 10:06:11 GMT
content-type
text/css
last-modified
Thu, 14 Nov 2024 00:52:20 GMT
vary
Accept-Encoding
priority
u=0,i=?0
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8ec2be18ed34ef33-LHR
access-control-allow-origin
*
server
cloudflare
max-widget.css
embed.tawk.to/_s/v4/app/67354992019/css/ Frame EAD3 		79 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/css/max-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-bf24a88e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7b24be039d81d334a5b082bd6c883988e026ca276debc7bea3b4941d4146abd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"d20ad407080e4c57efd32ce36955d7db"
age
277793
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 03 Dec 2024 10:06:11 GMT
content-type
text/css
last-modified
Thu, 14 Nov 2024 00:52:20 GMT
vary
Accept-Encoding
priority
u=0,i=?0
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8ec2be18fd86ef33-LHR
access-control-allow-origin
*
server
cloudflare
emojione.min.js
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ 		295 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-vendors.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://refund-delivery.com/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
age
462182
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FkgG6Iq%2BgtLmRtFyBwyspIE9F1%2Bdw3boi1K9YY9CDJRPNn9rOpkoPU4Bc%2BYkaKuK83r8Six7FmVrJo%2FhRA%2FFxN9Qv5ziBAcNmUXvMScq%2Fp%2B1XMDN6mQZBAp5%2F0TeRqyu30%2FBcA3ZRCUJikT2gOI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
date
Tue, 03 Dec 2024 10:06:11 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220140-FRA, cache-lga21933-LGA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8ec2be197d0b385c-LHR
accept-ranges
bytes
access-control-allow-origin
*
content-length
41275
server
cloudflare
v3
va.tawk.to/log-performance/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/log-performance/v3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://refund-delivery.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-tawk-token
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://refund-delivery.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=86400
cache-control
public, s-maxage=600, max-age=600
cf-cache-status
DYNAMIC
cf-ray
8ec2be1bcd7f76f9-LHR
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 03 Dec 2024 10:06:11 GMT
priority
u=1,i
server
cloudflare
server-timing
cfExtPri
strict-transport-security
max-age=0; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-served-by
visitor-application-preemptive-2kfs
v3
va.tawk.to/log-performance/ 		5 B
316 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/log-performance/v3
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type
application/json; charset=utf-8
Referer
https://refund-delivery.com/

Response headers

access-control-max-age
3600
content-encoding
br
cf-cache-status
DYNAMIC
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 03 Dec 2024 10:06:12 GMT
content-type
text/html; charset=utf-8
x-served-by
visitor-application-preemptive-vtzx
vary
Accept-Encoding
priority
u=1,i
access-control-allow-headers
content-type,x-tawk-token
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-credentials
true
cf-ray
8ec2be1c9ebf76f9-LHR
access-control-allow-origin
https://refund-delivery.com
server
cloudflare
tawk-font-icon-2.woff2
embed.tawk.to/_s/v4/assets/fonts/ Frame A3C4 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/assets/fonts/tawk-font-icon-2.woff2?55755728=
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/css/message-preview.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4d4fcb3cdd9f021bca50bedb83de05b77fd23b3c98ad36b103fea8c0744ea71
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Origin
https://refund-delivery.com
Referer
https://embed.tawk.to/_s/v4/app/67354992019/css/message-preview.css

Response headers

cf-cache-status
MISS
etag
"054b3b66812d0a4b87ffc6776f0a42f1"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 03 Dec 2024 10:06:13 GMT
content-type
font/woff2
last-modified
Sat, 22 May 2021 07:25:13 GMT
vary
Accept-Encoding
priority
u=0,i=?0
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8ec2be22bf8376f9-LHR
accept-ranges
bytes
access-control-allow-origin
*
content-length
10520
server
cloudflare
default-profile.svg
embed.tawk.to/_s/v4/assets/images/ Frame A3C4 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://embed.tawk.to/_s/v4/assets/images/default-profile.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d30ef5a13391aefdea0738a1e15d88c19e986f865409f9457e5c7d8468e15817
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"eacd4642ddb798db835cf8f285bbbb19"
age
191312
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 03 Dec 2024 10:06:12 GMT
content-type
image/svg+xml
last-modified
Sat, 22 May 2021 07:25:18 GMT
vary
Accept-Encoding
priority
u=3,i
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8ec2be22b988ef33-LHR
access-control-allow-origin
*
server
cloudflare

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| dataLayer function| gtag object| KTracking function| __jivoOnError boolean| __hasStorage boolean| jivo_magic_var function| __jivoBundleOnLoad function| __jivoBundleInit function| jivo_init function| jivo_destroy function| $ function| jQuery object| google_tag_manager object| google_tag_data function| _typeof function| _regeneratorRuntime function| ownKeys function| _objectSpread function| _defineProperty function| _toPropertyKey function| _toPrimitive function| asyncGeneratorStep function| _asyncToGenerator object| forms string| sendUrl function| readCookie object| Tawk_API object| Tawk_LoadStart object| GooglebQhCsO string| $_Tawk_AccountKey string| $_Tawk_WidgetId object| $_Tawk string| path object| tawkJsonp function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| Tawk_Window object| emojione

13 Cookies

Domain/Path Name / Value
.refund-delivery.com/ Name: _gcl_au
Value: 1.1.91822447.1733220370
.youtube.com/ Name: __Secure-ROLLOUT_TOKEN
Value: COqw57msz7LT7QEQgOHJg62LigMYgOHJg62LigM%3D
.youtube.com/ Name: YSC
Value: dBfmsDzLSqI
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: JwgfSdGPSs8
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJHQhIEGgAgag%3D%3D
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
refund-delivery.com/ Name: s
Value: 1qr4lpflv
refund-delivery.com/ Name: subid
Value: 1qr4lpflv
refund-delivery.com/ Name: undefined
Value: null
refund-delivery.com/ Name: token
Value: null
refund-delivery.com/ Name: twk_idm_key
Value: HysxJkuWxIzZi8ihQTi_s
refund-delivery.com/ Name: TawkConnectionTime
Value: 0
.refund-delivery.com/ Name: twk_uuid_65f3b1ea9131ed19d97a0ca9
Value: %7B%22uuid%22%3A%221.2U6M6sruw7W1fUOloHxZqcCY6JlnosUb8Lms2ju62DCDT5j4RuADgj7YpcphuhwnqKnsOhXO6rFcKMfGPYhZYzbpnUzLVzl8WArM81qt3PLJP7QgYgT0aYSXUXar0t9%22%2C%22version%22%3A3%2C%22domain%22%3A%22refund-delivery.com%22%2C%22ts%22%3A1733220371254%7D

6 Console Messages

Source Level URL
Text
security error URL: https://refund-delivery.com/
Message:
Failed to find a valid digest in the 'integrity' attribute for resource 'https://refund-delivery.com/ajax/libs/slick-carousel/1.9.0/slick-theme.css' with computed SHA-512 integrity 'JjLTN3uz5XYkONijWYwiKb4lKpRwadHTyuLvJHvXxCf7sG/r3drUimNHM3PPdClEoZRoI/RUhMYXar9Nu2qTIw=='. The resource has been blocked.
network error URL: https://refund-delivery.com/script/widget/config/GPpPe0fdLm
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://refund-delivery.com/script/widget/config/GPpPe0fdLm
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://refund-delivery.com/script/widget/config/GPpPe0fdLm
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://refund-delivery.com/script/widget/config/GPpPe0fdLm
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://err.jivosite.com/widget
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
embed.tawk.to
err.jivosite.com
googleads.g.doubleclick.net
kt.adgetpro.com
refund-delivery.com
td.doubleclick.net
va.tawk.to
www.google.co.uk
www.google.com
www.googletagmanager.com
www.youtube.com
136.0.141.246
142.250.181.226
142.250.186.99
172.67.15.14
212.34.149.26
216.58.206.68
2606:4700::6812:bb1f
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2008
2a00:1450:4001:81c::200e
57.128.74.67
0be201a894031d5000d70d6544fb95a2cd58b8f99e8b7679e777098981b4974d
0f083b7c95c9aeb272bdf8fbcdafbdbaae617f3d7cbdd5103c8852135e825c7e
0fceeb5d9309ace8abffa7eff4c21282144783196a8a6881547fcff5438988e1
1146f21683e3cd000bfc926883fbe4692b69fe27df2ffc827f26c7950ce1edc6
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
194c4fa82fa9bf5897963b335fddcfdb462fe898cafbe8b2eb72a9803f2db05f
21ac26466e87cc17800888d875ddc2e6d85805a6c71babbe37ce67b8cfcab867
30ca0ef179d8049c37c2e9cf698592f13ce2a1717c7a06450dd6d00324b1665c
357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d
357f86eb123b4e1a850f2583a8779a9171a61b98284cea3c89fb285e1baebb81
36f93040c29cdd6b847ee22db0c731893816c1bd3e605083c48a016e90d7e82a
3e229d8fd116953d1e3238fc5fb1a06c01919435dd26e3cab25cd537f8be9927
3e40e40dba24b5319a599609aefb598311e34f828468667a10159f6217c6b6fa
41c6e86ff4eff6723f15faa7650734836876f67fd98e91d08908115271eac6e5
430f3efaf23fd6b57a3175d4fd98f9fa4a1c63e7a5abd39cf5c10e4a115b43b7
497382737591c581cc1843d9a9591b010b7dca3fbc19e845a3a308e13e53ef85
49ddda06d7d2f8defd66cc0e408b42a3142b1a0310e55d06beef8a432802c3e3
49e07e7316771d6ab13e80f8f177b0f4dee73bf6e0b875b9e034cc785e2bcc8d
4decde1fd4af3ee8c5952646190f4c638de918ceb129cc4e87e2e2edc67dc87d
53298677ccfcfbb9a8867c6fb9504e8aa785beedfab064895e0ec74756868ec1
548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305
55c9418ce8ed243da3202e98b7d18b24e748017b7099a382f9be118f3b1c6228
60fac5ee0d33f30f2440b24388be4c9305a95807310dd9cc469f0b0784bc5d84
634059224ca63edd11c0cc317c70db61bd3d00b3f763e3eeab130dacd1cebdf1
646a79ae39eb2c541b80af66d8cce34422ef52926e1c14dbfe5960f51b6c530d
68e328f085c2af6e19ac7e83eb2501e77a0933ad482d01e7de366f1e3577a406
69fb03e8827d27e64583979ae09fe2242047e15c953e7aa3a85b9af66a031cbd
6a60f1a6cba892130c2f081fb120c3fc669735ed7e25a43a3eb95191baaaa5e5
6f3c1018097ea5cd327c312fca7d704fd8274863008c9525b0acde869ca40e82
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
76c827f8db9f2f863ca6081c4bed96e06362a296fb2c1834eb93684ec5bd7854
7be5fc89cfa33d930e8c5e34e1c176842a98359cb08b0b930d315ead9a58a4a2
7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df
837ca326a685b073ecd1f75f22ba8a701904a155bc4ec031fa73a07eabfabd18
8584fa28d5b6561325e29ea4d13451621ca4d057f673e402515f1dd045ce29d8
8b52821f17aac9487965a4d1ea4345c7ae8a4b3041b012d14635fd694a6c83cc
8dc5c88744b8834790b97e5d030e2966984e95f2c6272c7bd37393afc4b2afdf
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
93ded822c957336a01592e6562739991749d920bef2df936590b33c1b43b89ac
9664ddd0d7c347f1a281b340b70ee5ebdf46b49457c09b2023c31df2b2c0d7ef
9674d618c6c8eb59aef303fec18bce0cf6feac43244ef9e6087a7a966640d74b
96965538c189637d30ac2fcfcebe4566be982911e9c7ddf322f332526264692a
982279973012d6006ab23cfaee65d496960b9d373889e335c6573c7e297fb4de
99e99b3f49fc92d97a1bddd1ac43923d99bf51bff48c316a94dcd039218daff6
9baf6a74c8ea1c8cf3f85e90611eef9605a524c8d9dd375a4e3fa297d1a08699
9e55c5bb08df21f090df7642a5b7f47861a5f5a5df89e5435e3861ede3140a92
a1549cf51040f0caed76ee16d967169353391d579234ecda2ff9f8e3efcfc95d
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a4a989b6f26e535fec1e1ce20411fd0b6e303e8b2ce82bc106008796a7ada919
a7b24be039d81d334a5b082bd6c883988e026ca276debc7bea3b4941d4146abd
b17f212fc06e1cde0574bdd1ee89d507461f5777e3039c725dbb40b5ebb3f192
b19e343919e899ec708fa6b30c982761008911efeed24449822e98a9d27e5b53
b35b33f50342351681e1428ab164030e7441da93e4169eb989d9e5de95f32996
b4ed45f20c3dbf9374bbc59ebc6537e332b0622d2208869da357f0591c45d0d8
bbeee1eb2ffddddea10d91055e95060461e5fb97a2db27966c07c27875f0ff43
c3e24c6486aaebd7397266feec4133d7ece6c169444a438e5ccd93d7aa89246d
c3f6584d0f39a660880db6449a2da7f5164de5283b08e6fb3d7f624ccb1d87b9
c4ebe81ec01c33bd339149314130d65c8a716890fe6c9edb50300c0965c759b8
c8ca153806c6f1a603653f3b0e4b4c22d0df78412f71fe853170f13e1160fb18
ca3978626130454bcf83505b5a57d661ea0626e2a3174a254df6bc44f6aea6ea
cf0bb2630fde34a664dc471d3a575a72c37b5a96cb74fcafb92ca7f17fefbe40
d30ef5a13391aefdea0738a1e15d88c19e986f865409f9457e5c7d8468e15817
d910bb9b78a1e9df89154036f1d0d179d1b58b533065592648e50f7bb6021d6d
dc1700e524476a76848dd180af603d1193b2de4a67f12c8422ee554a43e5f3ff
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
e22c6c577146e2e90c3f5ac813d8d1e7fcfde67cf8420a074632b36ff15cba20
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42428b7cf745a93ba7853cdb58324b7e0121fbbeb5f61be5479d73e384be104
e42de18cbbc3943f55b9341a53db877e6d9d5267873d7dfd25dc0e83eb5f14a0
e87383069e19d67f8976c20100a8b744ad5244bee7ed682a4cba2ee704b5891f
ea27472945b52eded21b541cdda73a9a546a854f212f6b3f34849a0059fde154
ed15a358418983c04fa2ddf813cadfb376dfbc7f8110970832f894acce4730d4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef76b7b96b8ff4bb7ccbbd21a03a72a6b3eae87e382dae374afe4a55de438785
f4d4fcb3cdd9f021bca50bedb83de05b77fd23b3c98ad36b103fea8c0744ea71
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84
fd0dfe6e4bbe245573261c69bcf97bb26ae4d5811bbdd9d727a3ec4ce16627f7