urlscan.io logo urlscan.io
SecurityTrails logo

refund-moneyback.com Open in urlscan Pro
116.202.223.32  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://refund-moneyback.com/
Effective URL: https://refund-moneyback.com/
Submission: On February 10 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 3 countries across 14 domains to perform 74 HTTP transactions. The main IP is 116.202.223.32, located in Germany and belongs to HETZNER-AS, DE. The main domain is refund-moneyback.com.
TLS certificate: Issued by R3 on February 7th 2022. Valid for: 3 months.
This is the only time refund-moneyback.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

15    116.202.223.32 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: ns3.az-hosting.org
refund-moneyback.com
6    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
4    2606:4700:3037::6815:4e07 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
6    2606:4700:3037::6815:14b5 (United States)

ASN13335 (CLOUDFLARENET, US)
www.theglobalpayback.com
2    2606:4700:10::ac43:aac (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.inspectlet.com
hn.inspectlet.com
9    2606:4700:10::6816:1883 (United States)

ASN13335 (CLOUDFLARENET, US)
embed.tawk.to
va.tawk.to
9    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
8    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700:20::681a:92c (United States)

ASN13335 (CLOUDFLARENET, US)
ipapi.co
3    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2606:4700:10::6816:39f5 (United States)

ASN13335 (CLOUDFLARENET, US)
hn.inspectlet.com
1    2606:4700:10::6816:1983 (United States)

ASN13335 (CLOUDFLARENET, US)
va.tawk.to
Apex Domain
Subdomains		 Transfer
15 refund-moneyback.com
refund-moneyback.com
326 KB
10 tawk.to
embed.tawk.to — Cisco Umbrella Rank: 8381
va.tawk.to — Cisco Umbrella Rank: 8056
129 KB
9 gstatic.com
fonts.gstatic.com
53 KB
8 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
40 KB
6 theglobalpayback.com
www.theglobalpayback.com
29 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
278 KB
4 inspectlet.com
cdn.inspectlet.com — Cisco Umbrella Rank: 7856
hn.inspectlet.com — Cisco Umbrella Rank: 7614
63 KB
4 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 800
88 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 6342
715 B
3 google.com
www.google.com — Cisco Umbrella Rank: 2
715 B
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 67
586 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
1 ipapi.co
ipapi.co — Cisco Umbrella Rank: 16500
928 B
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 610
22 KB
74 14
Domain Requested by
15 refund-moneyback.com 1 redirects refund-moneyback.com
9 fonts.gstatic.com refund-moneyback.com
8 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
refund-moneyback.com
8 embed.tawk.to refund-moneyback.com
embed.tawk.to
6 www.theglobalpayback.com refund-moneyback.com
6 www.googletagmanager.com refund-moneyback.com
www.googletagmanager.com
4 use.fontawesome.com refund-moneyback.com
use.fontawesome.com
3 hn.inspectlet.com cdn.inspectlet.com
3 www.google.de refund-moneyback.com
3 www.google.com refund-moneyback.com
3 stats.g.doubleclick.net www.google-analytics.com
2 va.tawk.to embed.tawk.to
2 fonts.googleapis.com refund-moneyback.com
1 ipapi.co refund-moneyback.com
1 cdn.inspectlet.com refund-moneyback.com
1 maxcdn.bootstrapcdn.com refund-moneyback.com
74 16

This site contains no links.

Subject Issuer Validity Valid
refund-moneyback.com
R3		 2022-02-07 -
2022-05-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
*.theglobalpayback.com
E1		 2022-01-30 -
2022-04-30		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://refund-moneyback.com/
Frame ID: 19766F246C489DB0419CA33024FCC723
Requests: 62 HTTP requests in this frame

Frame: https://refund-moneyback.com/interactiveform.html
Frame ID: BB4F3D3A50C92267532D3E1BF9784FB5
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Got abused in online fraud? Get your money back!

Page URL History Show full URLs

  1. http://refund-moneyback.com/ HTTP 301
    https://refund-moneyback.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //embed\.tawk\.to
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.inspectlet\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

74
Requests

100 %
HTTPS

94 %
IPv6

14
Domains

16
Subdomains

16
IPs

3
Countries

1032 kB
Transfer

2452 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://refund-moneyback.com/ HTTP 301
    https://refund-moneyback.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

74 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
refund-moneyback.com/
Redirect Chain
  • http://refund-moneyback.com/
  • https://refund-moneyback.com/
63 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://refund-moneyback.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
116.202.223.32 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ns3.az-hosting.org
Software
nginx /
Resource Hash
96702221255090af5c1643684b382ef34978d853cfa923da919e1455e3ebc2be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

server
nginx
date
Thu, 10 Feb 2022 15:48:50 GMT
content-type
text/html
last-modified
Tue, 08 Feb 2022 14:21:20 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
referrer-policy
same-origin
content-encoding
gzip

Redirect headers

Server
nginx
Date
Thu, 10 Feb 2022 15:48:50 GMT
Content-Type
text/html
Content-Length
162
Connection
keep-alive
Location
https://refund-moneyback.com/
X-Frame-Options
SAMEORIGIN
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
js
www.googletagmanager.com/gtag/ 		92 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-218446246-1
Requested by
Host: refund-moneyback.com
URL: https://refund-moneyback.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9c30c2da2402f47414d8e6937e0c45c112422c26dabb6f7b77d4d3895c173f51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 10 Feb 2022 15:48:50 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37002
x-xss-protection
0
expires
Thu, 10 Feb 2022 15:48:50 GMT
css2
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,500;0,600;0,700;0,800;0,900;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: refund-moneyback.com
URL: https://refund-moneyback.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
58b6c1811ed4f342b0b0cffcd459e9380f2f9db92e1ab60f25eacaee63b0daa7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 10 Feb 2022 15:48:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 10 Feb 2022 15:48:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 10 Feb 2022 15:48:50 GMT
tidy.css
refund-moneyback.com/assets/ 		58 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund-moneyback.com/assets/tidy.css
Requested by
Host: refund-moneyback.com
URL: https://refund-moneyback.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
116.202.223.32 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ns3.az-hosting.org
Software
nginx /
Resource Hash
3cb7ccc58ff273a53951b7ffb5b2cf8c0366e73288a34330a13ce64fe1f35ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://refund-moneyback.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 10 Feb 2022 15:48:50 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Thu, 03 Feb 2022 16:34:28 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
x-content-type-options
nosniff
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 		141 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
Requested by
Host: refund-moneyback.com
URL: https://refund-moneyback.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://refund-moneyback.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 10 Feb 2022 15:48:50 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
756
access-control-allow-origin
*
cdn-cachedat
01/30/2022 11:18:43
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver
1.02
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
cdff618efbd551bb8e46e06f06fe6309
cf-ray
6db67be819347780-LHR
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
bfd45be992.js
use.fontawesome.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/bfd45be992.js
Requested by
Host: refund-moneyback.com
URL: https://refund-moneyback.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e67a8b22107d0efd26355957a20323680ab2f79bbdcb1bd83973bffbc82e81e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 10 Feb 2022 15:48:50 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
N8RF161YV4F0EH97
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
MAMKoIWP+7PIJjU6T7a2Qm/prMGlwOUyC8hD/o6oqBtR/R9OYW2ufa+2ipDID+VAfAa1ntKJIpU=
last-modified
Thu, 01 Jul 2021 14:37:00 GMT
server
cloudflare
etag
W/"4115dc1727322ff87b1299e24dd503ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eQdFcOXXogLFxDbQpOX0WhvjBvXXlliL8%2B4ULhRvwIy%2BIHYVw1bD6VjpKolxp3Brb%2F2p2BRdPE91Zr%2FnYnGE3fon%2FpevmkpGn4hnuMEh9KBWTznW0FAYmtQz8qXy56KzVbzU6M1lPbWfCEqYBibLfv6k"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=1800
cf-ray
6db67be82bf171db-LHR
logo.png
refund-moneyback.com/assets/img/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refund-moneyback.com/assets/img/logo.png
Requested by
Host: refund-moneyback.com
URL: https://refund-moneyback.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
116.202.223.32 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ns3.az-hosting.org
Software
nginx /
Resource Hash
62a36c1ac735a209b6d6de2918c891584dcff2001bf363fee6461aaed950b3e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://refund-moneyback.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 10 Feb 2022 15:48:50 GMT
referrer-policy
same-origin
last-modified
Thu, 03 Feb 2022 15:51:37 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/png
x-xss-protection
1; mode=block
cache-control
max-age=315360000
accept-ranges
bytes
content-length
13679
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
dmca.png
www.theglobalpayback.com/wp-content/themes/TGP/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theglobalpayback.com/wp-content/themes/TGP/images/dmca.png
Requested by
Host: refund-moneyback.com
URL: https://refund-moneyback.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:14b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd57e82ceebe777be272e3477461467b8ea82b2d189fcf61477a662477243867

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 10 Feb 2022 15:48:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2737435
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3191
last-modified
Thu, 14 Oct 2021 07:40:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ek%2B46T29PZcOrpMWtsfCzMFxA51LfN4vz%2BLWoJFOiKVsqGOBaoG4bFBbJK238XPeMlgEzs0Xt%2FaNlImKQ81N0PK%2FCi7RYyp6KIYwsrKwxwnHQMLVNNfo8zWl3Rl8osbHZybjQtWC8JjDS7Hj6cStwiwb3RBLSIQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=10368000
accept-ranges
bytes
cf-ray
6db67bea0c2b7505-LHR
expires
Mon, 09 May 2022 23:24:55 GMT
duns.png
www.theglobalpayback.com/wp-content/themes/TGP/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theglobalpayback.com/wp-content/themes/TGP/images/duns.png
Requested by
Host: refund-moneyback.com
URL: https://refund-moneyback.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:14b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fabc02c26c69ba7466eb9b740b68d3b5d1ad37f9389965ed29f0ee684cca3c4d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 10 Feb 2022 15:48:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
59749
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9956
last-modified
Thu, 14 Oct 2021 07:40:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NR3ebvlxY4%2Bp43TwNyv6StBVt21CzIsWPqw6GXRaN3Gk1PbAaOpMLwm%2FFy3LN7LuheY23TRCT%2B%2FHhnm69DdGWqn63VKyVD0uCaC5eV%2Bc64n71zsVYHp9OBFLpzTe%2FCBTntOlMfSQkxmuDQRl2I%2BYR6cG2droAh0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=10368000
accept-ranges
bytes
cf-ray
6db67bea0c2f7505-LHR
expires
Thu, 09 Jun 2022 23:13:01 GMT
mastercard.png
www.theglobalpayback.com/wp-content/themes/TGP/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theglobalpayback.com/wp-content/themes/TGP/images/mastercard.png
Requested by
Host: refund-moneyback.com
URL: https://refund-moneyback.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:14b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb28dd08a25032dc7d00ba5cd26fe3a374b600f91637993a655504886e0017db

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 10 Feb 2022 15:48:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2963221
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2258
last-modified
Thu, 14 Oct 2021 07:40:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mZLWC5K8%2BvvKjH8CQDcJGETWAK6u08bm8sI4AHL2P%2BmR%2FP8oeKacUVITLsJLE3%2BT2aO8oYdaM%2FHUXRpZP8lVAlDjuHUgk8AbUrJZ01nZLKzppgybbg594LYFrrvn5Z50N9YT8s7ZpqacTr1a4TZOGhHU5AtooQ0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=10368000
accept-ranges
bytes
cf-ray
6db67bea0c307505-LHR
expires
Sat, 07 May 2022 08:41:49 GMT
visa.png
www.theglobalpayback.com/wp-content/themes/TGP/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theglobalpayback.com/wp-content/themes/TGP/images/visa.png
Requested by
Host: refund-moneyback.com
URL: https://refund-moneyback.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:14b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89935c3400e7b3facd5935bf5d16987d34c6734c308cfa6cd14ba2f13be636c8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 10 Feb 2022 15:48:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
59749
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2012
last-modified
Thu, 14 Oct 2021 07:40:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qqg6Z%2Bh3C9k9m2l3MRPaebAPLKfha%2FkGlG%2FHWFQ5v7aJ7HlJBVeyMIz69kWwsYsUe%2FX4OmDBrvWqdb%2FMX6dSP0oqOmq1hgFbYJ%2FtSGJ3A5v1%2Fu6gzJ5EVZG%2B9kGnrO34ZDk%2FL7fTkNe35WP4E5aiAYjk7h4dFJQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=10368000
accept-ranges
bytes
cf-ray
6db67bea0c317505-LHR
expires
Thu, 09 Jun 2022 23:13:01 GMT
diners-club.png
www.theglobalpayback.com/wp-content/themes/TGP/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theglobalpayback.com/wp-content/themes/TGP/images/diners-club.png
Requested by
Host: refund-moneyback.com
URL: https://refund-moneyback.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:14b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aee0f83113ac2aa3021037d9750d7fc93120f4d14aa6488607e0729cb2ee180a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 10 Feb 2022 15:48:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2963221
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4035
last-modified
Thu, 14 Oct 2021 07:40:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=llyrLWZ90IJADkj%2BfjZZS1fvFlZBHkYvS%2FuOEyD0SfWuIn1SEDkdAMiUT7VSCNNvfBtw0P1PjxPCku4xwM8XSiAB%2BjVhdPmsS5XG6zpngEX%2BmI%2FB6atWH3dbn1ldnrgyiz1WRt%2FmkxZLsxNBMQQ1FINUkL%2BvtGQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=10368000
accept-ranges
bytes
cf-ray
6db67bea0c337505-LHR
expires
Sat, 07 May 2022 08:41:49 GMT
ssl.png
www.theglobalpayback.com/wp-content/themes/TGP/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theglobalpayback.com/wp-content/themes/TGP/images/ssl.png
Requested by
Host: refund-moneyback.com
URL: https://refund-moneyback.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:14b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d8eac391c2e33bb2abc256377244e5cd7b0828cf02fc867a79ab11941a4d7d6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 10 Feb 2022 15:48:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2737435
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6259
last-modified
Thu, 14 Oct 2021 07:40:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cgLIXzZ3ob%2Fep22Yh7LvgqU6jt2%2F%2ByYBM3ZiJjTHdxkvBwnVG0pPL5yWVB7k%2B%2BxeOw9XFMLm6iKOqVPmxOyHFgzokItPZ9Oe3%2BAclBDfVchcOtNU4ZLYbQikHNSwLfCCMlNvjAPG25m3TwYjXl1jlnWeBS5eWgM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=10368000
accept-ranges
bytes
cf-ray
6db67bea0c377505-LHR
expires
Mon, 09 May 2022 23:24:55 GMT
jquery.min.js
refund-moneyback.com/assets/vendor/jquery/ 		87 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refund-moneyback.com/assets/vendor/jquery/jquery.min.js
Requested by
Host: refund-moneyback.com
URL: https://refund-moneyback.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
116.202.223.32 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ns3.az-hosting.org
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://refund-moneyback.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 10 Feb 2022 15:48:50 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Fri, 26 Nov 2021 14:00:06 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-content-type-options
nosniff
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
bootstrap.bundle.min.js
refund-moneyback.com/assets/vendor/bootstrap/js/ 		79 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refund-moneyback.com/assets/vendor/bootstrap/js/bootstrap.bundle.min.js
Requested by
Host: refund-moneyback.com
URL: https://refund-moneyback.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
116.202.223.32 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ns3.az-hosting.org
Software
nginx /
Resource Hash
5edf297381b409d711bc8d27676951a59e151e783412850332519c05243d1e24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://refund-moneyback.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 10 Feb 2022 15:48:50 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Fri, 26 Nov 2021 14:00:06 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-content-type-options
nosniff
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.easing.min.js
refund-moneyback.com/assets/vendor/jquery.easing/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refund-moneyback.com/assets/vendor/jquery.easing/jquery.easing.min.js
Requested by
Host: refund-moneyback.com
URL: https://refund-moneyback.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
116.202.223.32 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ns3.az-hosting.org
Software
nginx /
Resource Hash
1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://refund-moneyback.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 10 Feb 2022 15:48:50 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Fri, 26 Nov 2021 14:00:06 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-content-type-options
nosniff
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
isotope.pkgd.min.js
refund-moneyback.com/assets/vendor/isotope-layout/ 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refund-moneyback.com/assets/vendor/isotope-layout/isotope.pkgd.min.js
Requested by
Host: refund-moneyback.com
URL: https://refund-moneyback.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
116.202.223.32 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ns3.az-hosting.org
Software
nginx /
Resource Hash
081ae9baaacc857c1c2cb51de6dbd0e1eb811c2761ef01a50df373f2f6eefe22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://refund-moneyback.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 10 Feb 2022 15:48:50 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Fri, 26 Nov 2021 14:00:06 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-content-type-options
nosniff
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.waypoints.min.js
refund-moneyback.com/assets/vendor/waypoints/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refund-moneyback.com/assets/vendor/waypoints/jquery.waypoints.min.js
Requested by
Host: refund-moneyback.com
URL: https://refund-moneyback.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
116.202.223.32 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ns3.az-hosting.org
Software
nginx /
Resource Hash
368daab67b1a5b2b2802edbbac79a2aa4ba992a2ebf9c67b98ad784d8004018c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://refund-moneyback.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 10 Feb 2022 15:48:50 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Fri, 26 Nov 2021 14:00:06 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-content-type-options
nosniff
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
owl.carousel.min.js
refund-moneyback.com/assets/vendor/owl.carousel/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refund-moneyback.com/assets/vendor/owl.carousel/owl.carousel.min.js
Requested by
Host: refund-moneyback.com
URL: https://refund-moneyback.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
116.202.223.32 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ns3.az-hosting.org
Software
nginx /
Resource Hash
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://refund-moneyback.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 10 Feb 2022 15:48:50 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Fri, 26 Nov 2021 14:00:06 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-content-type-options
nosniff
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
aos.js
refund-moneyback.com/assets/vendor/aos/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refund-moneyback.com/assets/vendor/aos/aos.js
Requested by
Host: refund-moneyback.com
URL: https://refund-moneyback.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
116.202.223.32 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ns3.az-hosting.org
Software
nginx /
Resource Hash
a5005b2e414770fd5ccb40bc221a12771966d02b5c1f9c89da48bd8e3811d377
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://refund-moneyback.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 10 Feb 2022 15:48:50 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Fri, 26 Nov 2021 14:00:06 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-content-type-options
nosniff
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.js
refund-moneyback.com/assets/js/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refund-moneyback.com/assets/js/main.js
Requested by
Host: refund-moneyback.com
URL: https://refund-moneyback.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
116.202.223.32 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ns3.az-hosting.org
Software
nginx /
Resource Hash
ad8152ac7b2242108eeb965f3cdfb051c39052c25c36d891ddd1f1c6e5047236
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://refund-moneyback.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 10 Feb 2022 15:48:50 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Fri, 26 Nov 2021 14:00:06 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-content-type-options
nosniff
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
gtm.js
www.googletagmanager.com/ 		109 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KSQ6DJ7
Requested by
Host: refund-moneyback.com
URL: https://refund-moneyback.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
082c4c62995073cdfd20651f2e7f4b7d45ddf9a144dcad969186917de63bcc01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 10 Feb 2022 15:48:50 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41973
x-xss-protection
0
last-modified
Thu, 10 Feb 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 10 Feb 2022 15:48:50 GMT
inspectlet.js
cdn.inspectlet.com/ 		188 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.inspectlet.com/inspectlet.js?wid=1460033823&r=456807
Requested by
Host: refund-moneyback.com
URL: https://refund-moneyback.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:aac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d554121551df68e414c85920b6541d2e92251a189ff19a4b1f8dffe97ce1cb5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

cf-ray
6db67bea0b2a72fc-LHR
date
Thu, 10 Feb 2022 15:48:51 GMT
via
1.1 vegur
cf-cache-status
MISS
last-modified
Thu, 10 Feb 2022 15:48:51 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
cache-control
s-maxage=60, max-age=14400
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
1f35ebr95
embed.tawk.to/60757a58f7ce18270939e40e/ 		2 KB
938 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/60757a58f7ce18270939e40e/1f35ebr95
Requested by
Host: refund-moneyback.com
URL: https://refund-moneyback.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59d0145ea89895e61158ba87cc51c22fec25996c7afb3da35f9f2801fc69eb09
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://refund-moneyback.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 10 Feb 2022 15:48:50 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
server
cloudflare
etag
W/"stable-v4-61f79c81ed1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, s-maxage=3600
strict-transport-security
max-age=0; includeSubDomains; preload
cf-ray
6db67be9cf997777-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
interactiveform.html
refund-moneyback.com/ Frame BB4F 		18 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://refund-moneyback.com/interactiveform.html
Requested by
Host: refund-moneyback.com
URL: https://refund-moneyback.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
116.202.223.32 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ns3.az-hosting.org
Software
nginx /
Resource Hash
6cefc952098d58264cdb614ae1192324303b6fcc31e035ded27e2e262a7058a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://refund-moneyback.com/

Response headers

server
nginx
date
Thu, 10 Feb 2022 15:48:50 GMT
content-type
text/html
last-modified
Thu, 03 Feb 2022 15:58:03 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
referrer-policy
same-origin
content-encoding
gzip
writing.jpg
refund-moneyback.com/assets/img/ 		95 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refund-moneyback.com/assets/img/writing.jpg
Requested by
Host: refund-moneyback.com
URL: https://refund-moneyback.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
116.202.223.32 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ns3.az-hosting.org
Software
nginx /
Resource Hash
1193aa841d25679121d8eb71b6c666b3be1a117199420c2382b9bcc962d6010c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://refund-moneyback.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 10 Feb 2022 15:48:50 GMT
referrer-policy
same-origin
last-modified
Fri, 26 Nov 2021 14:29:57 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
max-age=315360000
accept-ranges
bytes
content-length
97629
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
KFOmCnqEu92Fr1Mu4mxP.ttf
fonts.gstatic.com/s/Poppins/v20/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/Poppins/v20/KFOmCnqEu92Fr1Mu4mxP.ttf
Requested by
Host: refund-moneyback.com
URL: https://refund-moneyback.com/assets/tidy.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://refund-moneyback.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 10 Feb 2022 15:48:51 GMT
x-content-type-options
nosniff
server
sffe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1599
x-xss-protection
0
pxiByp8kv8JHgFVrLEj6Z1xlEA.ttf
fonts.gstatic.com/s/poppins/v13/ 		16 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v13/pxiByp8kv8JHgFVrLEj6Z1xlEA.ttf
Requested by
Host: refund-moneyback.com
URL: https://refund-moneyback.com/assets/tidy.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b27d34226cc692a7d586e6371204cfb33d9a603fc42f7f0e82d74586bad320b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://refund-moneyback.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 10 Feb 2022 07:49:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28765
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10622
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 10 Feb 2023 07:49:25 GMT
KFOlCnqEu92Fr1MmWUlfBBc9.ttf
fonts.gstatic.com/s/Poppins/v20/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/Poppins/v20/KFOlCnqEu92Fr1MmWUlfBBc9.ttf
Requested by
Host: refund-moneyback.com
URL: https://refund-moneyback.com/assets/tidy.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://refund-moneyback.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 10 Feb 2022 15:48:50 GMT
x-content-type-options
nosniff
server
sffe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1603
x-xss-protection
0
KFOlCnqEu92Fr1MmEU9fBBc9.ttf
fonts.gstatic.com/s/Poppins/v20/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/Poppins/v20/KFOlCnqEu92Fr1MmEU9fBBc9.ttf
Requested by
Host: refund-moneyback.com
URL: https://refund-moneyback.com/assets/tidy.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://refund-moneyback.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 10 Feb 2022 15:48:50 GMT
x-content-type-options
nosniff
server
sffe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1603
x-xss-protection
0
boxicons.woff2
refund-moneyback.com/assets/vendor/boxicons/fonts/ 		88 KB
88 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://refund-moneyback.com/assets/vendor/boxicons/fonts/boxicons.woff2
Requested by
Host: refund-moneyback.com
URL: https://refund-moneyback.com/assets/tidy.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
116.202.223.32 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ns3.az-hosting.org
Software
nginx /
Resource Hash
1ac6dc813de3dfdf87051562c40a4332c5c80e1854137b0eb8eb4297d8eda2d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://refund-moneyback.com/assets/tidy.css
Origin
https://refund-moneyback.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 10 Feb 2022 15:48:50 GMT
referrer-policy
same-origin
last-modified
Fri, 26 Nov 2021 14:00:06 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
font/woff2
x-xss-protection
1; mode=block
cache-control
max-age=315360000
accept-ranges
bytes
content-length
89924
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
KFOkCnqEu92Fr1Mu51xIIzc.ttf
fonts.gstatic.com/s/Poppins/v20/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/Poppins/v20/KFOkCnqEu92Fr1Mu51xIIzc.ttf
Requested by
Host: refund-moneyback.com
URL: https://refund-moneyback.com/assets/tidy.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://refund-moneyback.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 10 Feb 2022 15:48:51 GMT
x-content-type-options
nosniff
server
sffe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1602
x-xss-protection
0
bfd45be992.css
use.fontawesome.com/ 		1 KB
762 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/bfd45be992.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/bfd45be992.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a8985d3150e6e9b7cddba1b164aaf7e2a2095d5c731f273939fb4850a4e3131

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 10 Feb 2022 15:48:50 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
N8R6NBQ2S8YSMZQG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
FQFNOPd4h4clmGI24RuczHq48BavAp4FHc5gjitHiiL3lZgCl3kXll057x9TZJ0qEZUjPOZi36I=
last-modified
Thu, 01 Jul 2021 14:37:00 GMT
server
cloudflare
etag
W/"447ee2ec25d5225cc2ed2a575d8a3650"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QrHUxxSb1bYvEksZgQBxGrg20mcU3ulD0QFQY736PS69ePLCO5zhMh5yvgOaAZIq1r6skeIOkUtLvHsMUPKPnV9D6yMjB4tZ9fMX%2BHEOjJsQj%2Bq89Q5l9S3mm2%2BXkVKDphMvzMMbpaGAvZKp9fXIlk3f"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
6db67be98eef71db-LHR
js
www.googletagmanager.com/gtag/ 		167 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YVL9114N2N&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-218446246-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a89e8c7e4aaaba7250edf44c9ed15a2260a085e5f4e84b314f8379fea5c8a395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 10 Feb 2022 15:48:50 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63073
x-xss-protection
0
expires
Thu, 10 Feb 2022 15:48:50 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSQ6DJ7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6239
date
Thu, 10 Feb 2022 14:04:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 10 Feb 2022 16:04:52 GMT
js
www.googletagmanager.com/gtag/ Frame BB4F 		92 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-218446246-1
Requested by
Host: refund-moneyback.com
URL: https://refund-moneyback.com/interactiveform.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
125361d96a9f0be35c775751ff58334e7cb9edc03199b9ce08af87d549f37938
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 10 Feb 2022 15:48:50 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36999
x-xss-protection
0
expires
Thu, 10 Feb 2022 15:48:50 GMT
css
fonts.googleapis.com/ Frame BB4F 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins+Condensed&display=swap
Requested by
Host: refund-moneyback.com
URL: https://refund-moneyback.com/interactiveform.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers
gtm.js
www.googletagmanager.com/ Frame BB4F 		109 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P9T5WMK
Requested by
Host: refund-moneyback.com
URL: https://refund-moneyback.com/interactiveform.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a02f9037ac0bc939d990479d4ff16820e9a30ee3afce0aff20d9c1fa1398772e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 10 Feb 2022 15:48:50 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42079
x-xss-protection
0
last-modified
Thu, 10 Feb 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 10 Feb 2022 15:48:50 GMT
font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/bfd45be992.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://use.fontawesome.com/bfd45be992.css
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 10 Feb 2022 15:48:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9246393
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
34H404B15Y6RAWGB
x-amz-id-2
4oaPxNXbZrbMpVXNLSQlBboZPFKL8noMkNUUxaBubvGRsI7RlJJX4pb7Po3Uzl1YzF5h0OrsdiA=
last-modified
Wed, 30 Jun 2021 15:26:48 GMT
server
cloudflare
etag
W/"36082410df2ef7f83932219089dc1443"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fyMVVtHKT0AopTER2HqwudE0C4j%2Fi%2FPHGyOdOtb9lfSAyBv3WP3qV5KteWdsOnExLGAOnVn2M7Y9acYtiIJZcflAWc0FS8hI53Sf5ZlOb2rBfYyO5I9K2jd11QLcUFxXlVtoc5FSyHoFqfOcaHQDzrtx"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
6db67bea8ad0892a-LHR
/
ipapi.co/json/ 		736 B
928 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipapi.co/json/
Requested by
Host: refund-moneyback.com
URL: https://refund-moneyback.com/assets/vendor/jquery/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681a:92c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b1e8403af8594babbd830171b3decc68d5c6626c6201101c3860050191418b8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 10 Feb 2022 15:48:51 GMT
content-encoding
br
allow
HEAD, OPTIONS, POST, GET, OPTIONS
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Host, Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gv%2Bki%2FoToHed%2BX3ILsqJahFQWrw7ccrK2Qj4WOqZ6nPwO506xO%2BDUS0bkPeZSISunCc32f5sW6Aph1XNcz%2Fqgdw7eVYBLTXMyNjYHWOt4bZ4o3tu9Y8YrS%2FvCeoLc%2FF4puqYdcL7"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://refund-moneyback.com
cf-ray
6db67beb89f0749d-LHR
pxiByp8kv8JHgFVrLCz7Z1xlEA.ttf
fonts.gstatic.com/s/poppins/v13/ 		15 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v13/pxiByp8kv8JHgFVrLCz7Z1xlEA.ttf
Requested by
Host: refund-moneyback.com
URL: https://refund-moneyback.com/assets/tidy.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61c050678dd8b3f4a7a9ed2f522bdef895d70837e012a83612cdd94a8702a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://refund-moneyback.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 09 Feb 2022 12:24:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
98651
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10457
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 12:24:40 GMT
pxiByp8kv8JHgFVrLGT9Z1xlEA.ttf
fonts.gstatic.com/s/poppins/v13/ 		16 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v13/pxiByp8kv8JHgFVrLGT9Z1xlEA.ttf
Requested by
Host: refund-moneyback.com
URL: https://refund-moneyback.com/assets/tidy.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6295dd65726503036a4ebc989d4cfc73e73f7e1bde4274e523d3525442669795
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://refund-moneyback.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 10 Feb 2022 07:49:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28766
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10407
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 10 Feb 2023 07:49:25 GMT
collect
www.google-analytics.com/g/ 		0
166 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-YVL9114N2N&gtm=2oe290&_p=752004481&sr=1600x1200&ul=en-us&cid=136960026.1644508131&_s=1&dl=https%3A%2F%2Frefund-moneyback.com%2F&dt=Got%20abused%20in%20online%20fraud%3F%20Get%20your%20money%20back!&sid=1644508130&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YVL9114N2N&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 15:48:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://refund-moneyback.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ Frame BB4F 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P9T5WMK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6239
date
Thu, 10 Feb 2022 14:04:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 10 Feb 2022 16:04:52 GMT
fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/bfd45be992.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://use.fontawesome.com/bfd45be992.css
Origin
https://refund-moneyback.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 10 Feb 2022 15:48:51 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
0TXWVGTEE5H239H3
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
x-amz-id-2
X8lnqVKJ2uCCE4/1RDw/Hkn/OTREOVByr0AIiteswRt0bo6fDgho16jqNQog4FHMDB1ex3I1T60=
last-modified
Wed, 30 Jun 2021 15:26:48 GMT
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V82gAHmdJLbF7s2WtFYCfWeoD3KKmXq0VYhm%2FwpD%2FJt4JYdQB%2BI%2BtuiFWbDehqZQry%2Fift6aACwoP5o0xne%2BdMPPCrqKugZDNi0sJgDxmxMeITRrwPU7iY0OsxgGQxUL6bMGzWiciP%2BbYl%2FlLgXk1kYs"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
6db67beb6c31769b-LHR
js
www.googletagmanager.com/gtag/ Frame BB4F 		167 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YVL9114N2N&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-218446246-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
78e40b4e1a37eaacb23aa741b4fd2d3759da9da7c3cd3fad4f395c2cc2c16434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 10 Feb 2022 15:48:51 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63081
x-xss-protection
0
expires
Thu, 10 Feb 2022 15:48:51 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=752004481&t=pageview&_s=1&dl=https%3A%2F%2Frefund-moneyback.com%2F&ul=en-us&de=UTF-8&dt=Got%20abused%20in%20online%20fraud%3F%20Get%20your%20money%20back!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAAC~&jid=1650292290&gjid=255200005&cid=136960026.1644508131&tid=UA-219713904-2&_gid=1671123257.1644508131&_r=1&gtm=2wg290KSQ6DJ7&z=2071501063
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 15:48:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://refund-moneyback.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=752004481&t=pageview&_s=1&dl=https%3A%2F%2Frefund-moneyback.com%2F&ul=en-us&de=UTF-8&dt=Got%20abused%20in%20online%20fraud%3F%20Get%20your%20money%20back!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=33760830&gjid=474948837&cid=136960026.1644508131&tid=UA-218446246-1&_gid=1671123257.1644508131&_r=1&gtm=2ou290&z=288871484
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 15:48:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://refund-moneyback.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
pxiGyp8kv8JHgFVrJJLucHtF.ttf
fonts.gstatic.com/s/poppins/v13/ 		17 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v13/pxiGyp8kv8JHgFVrJJLucHtF.ttf
Requested by
Host: refund-moneyback.com
URL: https://refund-moneyback.com/assets/tidy.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127f0f4a142de6eb98c8372b42114331ad239ba656edc959f07fc0f3baf4bc35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://refund-moneyback.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 09 Feb 2022 07:51:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
115015
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11485
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 07:51:56 GMT
collect
www.google-analytics.com/j/ Frame BB4F 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1836675805&t=pageview&_s=1&dl=https%3A%2F%2Frefund-moneyback.com%2Finteractiveform.html&ul=en-us&de=UTF-8&dt=interactive%20form%20design%20using%20html%20and%20css&sd=24-bit&sr=1600x1200&vp=&je=0&_u=QACAAEABAAAAAC~&jid=569501982&gjid=170499469&cid=136960026.1644508131&tid=UA-218446246-1&_gid=1671123257.1644508131&_r=1&gtm=2wg290P9T5WMK&z=260715515
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 15:48:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://refund-moneyback.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame BB4F 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1836675805&t=pageview&_s=1&dl=https%3A%2F%2Frefund-moneyback.com%2Finteractiveform.html&ul=en-us&de=UTF-8&dt=interactive%20form%20design%20using%20html%20and%20css&sd=24-bit&sr=1600x1200&vp=&je=0&_u=SACAAUABAAAAAC~&jid=&gjid=&cid=136960026.1644508131&tid=UA-218446246-1&_gid=1671123257.1644508131&gtm=2ou290&z=377338448
Requested by
Host: refund-moneyback.com
URL: https://refund-moneyback.com/interactiveform.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 19:23:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
73525
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-218446246-1&cid=136960026.1644508131&jid=33760830&gjid=474948837&_gid=1671123257.1644508131&_u=YADAAUABAAAAAC~&z=2135629249
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 10 Feb 2022 15:48:51 GMT
content-type
text/plain
access-control-allow-origin
https://refund-moneyback.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-219713904-2&cid=136960026.1644508131&jid=1650292290&gjid=255200005&_gid=1671123257.1644508131&_u=YADAAEAAAAAAAC~&z=1911846712
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 10 Feb 2022 15:48:51 GMT
content-type
text/plain
access-control-allow-origin
https://refund-moneyback.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ Frame BB4F 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-218446246-1&cid=136960026.1644508131&jid=569501982&gjid=170499469&_gid=1671123257.1644508131&_u=QACAAEAAAAAAAC~&z=236614219
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 10 Feb 2022 15:48:51 GMT
content-type
text/plain
access-control-allow-origin
https://refund-moneyback.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
pxiEyp8kv8JHgFVrJJfedw.ttf
fonts.gstatic.com/s/poppins/v13/ 		16 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v13/pxiEyp8kv8JHgFVrJJfedw.ttf
Requested by
Host: refund-moneyback.com
URL: https://refund-moneyback.com/assets/tidy.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e83171a76657083b9eb66e41f1fec53bf3b30fb9a15c9b9603f7ed21e3d2a6e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://refund-moneyback.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 09 Feb 2022 10:15:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
106428
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10566
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:08:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 10:15:03 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-218446246-1&cid=136960026.1644508131&jid=33760830&_u=YADAAUABAAAAAC~&z=1767199252
Requested by
Host: refund-moneyback.com
URL: https://refund-moneyback.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 15:48:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-218446246-1&cid=136960026.1644508131&jid=33760830&_u=YADAAUABAAAAAC~&z=1767199252
Requested by
Host: refund-moneyback.com
URL: https://refund-moneyback.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 15:48:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ Frame BB4F 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-218446246-1&cid=136960026.1644508131&jid=569501982&_u=QACAAEAAAAAAAC~&z=1113958284
Requested by
Host: refund-moneyback.com
URL: https://refund-moneyback.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 15:48:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ Frame BB4F 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-218446246-1&cid=136960026.1644508131&jid=569501982&_u=QACAAEAAAAAAAC~&z=1113958284
Requested by
Host: refund-moneyback.com
URL: https://refund-moneyback.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 15:48:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-219713904-2&cid=136960026.1644508131&jid=1650292290&_u=YADAAEAAAAAAAC~&z=1825190435
Requested by
Host: refund-moneyback.com
URL: https://refund-moneyback.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 15:48:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-219713904-2&cid=136960026.1644508131&jid=1650292290&_u=YADAAEAAAAAAAC~&z=1825190435
Requested by
Host: refund-moneyback.com
URL: https://refund-moneyback.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 15:48:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1460033823
hn.inspectlet.com/ginit/ 		193 B
429 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hn.inspectlet.com/ginit/1460033823
Requested by
Host: cdn.inspectlet.com
URL: https://cdn.inspectlet.com/inspectlet.js?wid=1460033823&r=456807
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:aac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a376668143f8d22e87959154ef4133bf88abb31fcafcc399133bbe2f661bf4cb

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 10 Feb 2022 15:48:51 GMT
via
1.1 vegur
cf-cache-status
DYNAMIC
x-powered-by
Express
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
etag
W/"c1-Yo6QP0vlGPgiowgAE/mhng"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://refund-moneyback.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
6db67bee1a0f72fc-LHR
access-control-allow-headers
X-Requested-With, Content-Type
twk-main.js
embed.tawk.to/_s/v4/app/61f79c81ed1/js/ 		121 B
464 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/61f79c81ed1/js/twk-main.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/60757a58f7ce18270939e40e/1f35ebr95
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://refund-moneyback.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 10 Feb 2022 15:48:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 31 Jan 2022 08:25:07 GMT
server
cloudflare
etag
W/"da5bb1dc647470204df0e49f5afac2de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6db67bef9dc57753-LHR
twk-vendor.js
embed.tawk.to/_s/v4/app/61f79c81ed1/js/ 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/61f79c81ed1/js/twk-vendor.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/60757a58f7ce18270939e40e/1f35ebr95
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://refund-moneyback.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 10 Feb 2022 15:48:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 31 Jan 2022 08:25:07 GMT
server
cloudflare
etag
W/"7dcb496e4882926f93f2e73fa87062c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6db67bef9dc27753-LHR
twk-chunk-vendors.js
embed.tawk.to/_s/v4/app/61f79c81ed1/js/ 		192 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/61f79c81ed1/js/twk-chunk-vendors.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/60757a58f7ce18270939e40e/1f35ebr95
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f22599e0d24b748f3aec60adf9492df18846939f6ce308e4e5f69381e8d84088
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://refund-moneyback.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 10 Feb 2022 15:48:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 31 Jan 2022 08:25:07 GMT
server
cloudflare
etag
W/"cf569d9832af4fd97c3fff711e9fa129"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6db67bef9dc07753-LHR
twk-chunk-common.js
embed.tawk.to/_s/v4/app/61f79c81ed1/js/ 		144 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/61f79c81ed1/js/twk-chunk-common.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/60757a58f7ce18270939e40e/1f35ebr95
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
444b98c7adf87869526e93cf722a1208ed7612dd8e355320d43a578b5b4aa7aa
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://refund-moneyback.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 10 Feb 2022 15:48:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 31 Jan 2022 08:25:07 GMT
server
cloudflare
etag
W/"32b4dafd6d655bd5a20caf09a5c2075a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6db67bef9dc47753-LHR
twk-runtime.js
embed.tawk.to/_s/v4/app/61f79c81ed1/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/61f79c81ed1/js/twk-runtime.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/60757a58f7ce18270939e40e/1f35ebr95
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c95a10b7a413eee802a08d27da8d2ebad1b1463ce898080a10d0efe5bcf0b7d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://refund-moneyback.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 10 Feb 2022 15:48:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 31 Jan 2022 08:25:07 GMT
server
cloudflare
etag
W/"ba2bb44b987d28cfa320595163329d8b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6db67bef9dbd7753-LHR
twk-app.js
embed.tawk.to/_s/v4/app/61f79c81ed1/js/ 		151 B
452 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/61f79c81ed1/js/twk-app.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/60757a58f7ce18270939e40e/1f35ebr95
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://refund-moneyback.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 10 Feb 2022 15:48:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 31 Jan 2022 08:25:07 GMT
server
cloudflare
etag
W/"e736e189edb5d0d9d5b8e7f23dd9114a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6db67bef9dba7753-LHR
pdata
hn.inspectlet.com/ 		35 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hn.inspectlet.com/pdata?d=mds,316,1,1,1600,1200)&w=1460033823&r=1282772704&sid=3120409393&pad=1&dn=dn&fadd=true&oid=67248351&lpt=0&rrtn=1644508132070
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:39f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 10 Feb 2022 15:48:52 GMT
via
1.1 vegur
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control
no-cache
cf-ray
6db67bf1ecc60682-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35
register
va.tawk.to/ 		22 B
557 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/register
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61f79c81ed1/js/twk-chunk-common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e89bf425c78befc7c3c4d74b8b9e93557d17310bbbbfdee91b01a6f09f7dbbc3
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 10 Feb 2022 15:48:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
visitor-application-preemptive-42dx
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://refund-moneyback.com
vary
Accept-Encoding
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
6db67bf32c8f71d4-LHR
access-control-allow-headers
content-type,x-tawk-token
widget-settings
va.tawk.to/v1/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/widget-settings?propertyId=60757a58f7ce18270939e40e&widgetId=1f35ebr95&sv=undefined
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61f79c81ed1/js/twk-chunk-common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbd04584d79a752bd41b823a1c42c1e1d80e4fe6dbc37fa0796cd86b2027ce5d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 10 Feb 2022 15:48:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
visitor-application-preemptive-ftbf
server
cloudflare
etag
W/"2-26-0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=7200, s-maxage=1800
cf-ray
6db67bf298257777-LHR
access-control-allow-headers
content-type,x-tawk-token
en.js
embed.tawk.to/_s/v4/app/61f79c81ed1/languages/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/61f79c81ed1/languages/en.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61f79c81ed1/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2a37b3244a9a215cc8c90b8bc11388c4fd8b2dd23d415acfccf16e3224250d7
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 10 Feb 2022 15:48:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
890561
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 31 Jan 2022 08:25:08 GMT
server
cloudflare
etag
W/"5a13c5b16c3caf8b986d6b915fd4b13e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6db67bf44ec771ce-LHR
collect
www.google-analytics.com/g/ Frame BB4F 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-YVL9114N2N&gtm=2oe290&_p=1836675805&sr=1600x1200&ul=en-us&cid=136960026.1644508131&dl=https%3A%2F%2Frefund-moneyback.com%2Finteractiveform.html&dr=https%3A%2F%2Frefund-moneyback.com%2F&dt=interactive%20form%20design%20using%20html%20and%20css&sid=1644508130&sct=1&seg=1&_s=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YVL9114N2N&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 15:48:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://refund-moneyback.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pdata
hn.inspectlet.com/ 		35 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hn.inspectlet.com/pdata?d=mz,617,1,1)mr,617,undefined,undefined,undefined,undefined)s,617,0,0)cinmi,2317,313,)cinmi,2317,320,)cinmi,2317,330,)cinmi,2317,337,)cinmi,2317,370,)cinmi,2317,1288,)cinmi,2317,1295,)cinmi,2317,1305,)cinmi,2317,1312,)cinmi,2317,1345,)cinmi,2317,2286,)cinmi,2317,2293,)cinmi,2317,2303,)cinmi,2317,2310,)cinmi,2317,2343,)&w=1460033823&r=1282772704&sid=3120409393&pad=1&dn=dn&fadd=false&oid=67248351&lpt=316&rrtn=1644508137772
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:39f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 10 Feb 2022 15:48:57 GMT
via
1.1 vegur
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control
no-cache
cf-ray
6db67c153a640682-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone function| gtag object| dataLayer object| __insp number| __inspld string| loc object| FontAwesomeCdnConfig string| cssUrl object| Tawk_API object| Tawk_LoadStart object| google_tag_manager function| $ function| jQuery object| google_tag_data string| GoogleAnalyticsObject function| ga object| bootstrap function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry function| Waypoint object| AOS function| onMouseOut function| closePop function| onSubmitTop function| onSubmitMobile function| onSubmitPopup object| gaGlobal function| onYouTubeIframeAPIReady string| $_Tawk_AccountKey string| $_Tawk_WidgetId boolean| $_Tawk_Unstable object| $_Tawk object| gaplugins object| gaData object| Base64i function| $i function| __insp_ object| __inspcr object| __inspm object| __inspq function| setZeroTimeout object| __inspels object| tawkJsonp function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| regeneratorRuntime object| Tawk_Window

17 Cookies

Domain/Path Name / Value
.refund-moneyback.com/ Name: _gcl_au
Value: 1.1.413499268.1644508131
.refund-moneyback.com/ Name: _gid
Value: GA1.2.1671123257.1644508131
.refund-moneyback.com/ Name: _gat_UA-219713904-2
Value: 1
.refund-moneyback.com/ Name: _gat_gtag_UA_218446246_1
Value: 1
.refund-moneyback.com/ Name: _gat_UA-218446246-1
Value: 1
.refund-moneyback.com/ Name: _ga_YVL9114N2N
Value: GS1.1.1644508130.1.1.1644508131.0
.refund-moneyback.com/ Name: _ga
Value: GA1.2.136960026.1644508131
.refund-moneyback.com/ Name: __insp_wid
Value: 1460033823
.refund-moneyback.com/ Name: __insp_nv
Value: true
.refund-moneyback.com/ Name: __insp_targlpu
Value: aHR0cHM6Ly9yZWZ1bmQtbW9uZXliYWNrLmNvbS8%3D
.refund-moneyback.com/ Name: __insp_targlpt
Value: R290IGFidXNlZCBpbiBvbmxpbmUgZnJhdWQ%2FIEdldCB5b3VyIG1vbmV5IGJhY2sh
.refund-moneyback.com/ Name: __insp_pad
Value: 1
.refund-moneyback.com/ Name: __insp_sid
Value: 3120409393
.refund-moneyback.com/ Name: __insp_uid
Value: 2961409963
.refund-moneyback.com/ Name: __insp_slim
Value: 1644508132070
va.tawk.to/ Name: ss
Value: v57ydwok05
refund-moneyback.com/ Name: TawkConnectionTime
Value: 1644508135926

5 Console Messages

Source Level URL
Text
network error URL: https://fonts.gstatic.com/s/Poppins/v20/KFOlCnqEu92Fr1MmEU9fBBc9.ttf
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://fonts.gstatic.com/s/Poppins/v20/KFOlCnqEu92Fr1MmWUlfBBc9.ttf
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://fonts.googleapis.com/css?family=Poppins+Condensed&display=swap
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://fonts.gstatic.com/s/Poppins/v20/KFOkCnqEu92Fr1Mu51xIIzc.ttf
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://fonts.gstatic.com/s/Poppins/v20/KFOmCnqEu92Fr1Mu4mxP.ttf
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.inspectlet.com
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
hn.inspectlet.com
ipapi.co
maxcdn.bootstrapcdn.com
refund-moneyback.com
stats.g.doubleclick.net
use.fontawesome.com
va.tawk.to
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.theglobalpayback.com
116.202.223.32
2606:4700:10::6816:1883
2606:4700:10::6816:1983
2606:4700:10::6816:39f5
2606:4700:10::ac43:aac
2606:4700:20::681a:92c
2606:4700:3037::6815:14b5
2606:4700:3037::6815:4e07
2606:4700::6812:acf
2a00:1450:4001:801::2003
2a00:1450:4001:808::200e
2a00:1450:4001:811::2004
2a00:1450:4001:829::2003
2a00:1450:4001:830::200a
2a00:1450:4001:831::2008
2a00:1450:400c:c00::9b
081ae9baaacc857c1c2cb51de6dbd0e1eb811c2761ef01a50df373f2f6eefe22
082c4c62995073cdfd20651f2e7f4b7d45ddf9a144dcad969186917de63bcc01
0b27d34226cc692a7d586e6371204cfb33d9a603fc42f7f0e82d74586bad320b
1193aa841d25679121d8eb71b6c666b3be1a117199420c2382b9bcc962d6010c
125361d96a9f0be35c775751ff58334e7cb9edc03199b9ce08af87d549f37938
127f0f4a142de6eb98c8372b42114331ad239ba656edc959f07fc0f3baf4bc35
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
1ac6dc813de3dfdf87051562c40a4332c5c80e1854137b0eb8eb4297d8eda2d1
1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
2e67a8b22107d0efd26355957a20323680ab2f79bbdcb1bd83973bffbc82e81e
368daab67b1a5b2b2802edbbac79a2aa4ba992a2ebf9c67b98ad784d8004018c
3a8985d3150e6e9b7cddba1b164aaf7e2a2095d5c731f273939fb4850a4e3131
3cb7ccc58ff273a53951b7ffb5b2cf8c0366e73288a34330a13ce64fe1f35ec4
444b98c7adf87869526e93cf722a1208ed7612dd8e355320d43a578b5b4aa7aa
58b6c1811ed4f342b0b0cffcd459e9380f2f9db92e1ab60f25eacaee63b0daa7
5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7
59d0145ea89895e61158ba87cc51c22fec25996c7afb3da35f9f2801fc69eb09
5b1e8403af8594babbd830171b3decc68d5c6626c6201101c3860050191418b8
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
5d554121551df68e414c85920b6541d2e92251a189ff19a4b1f8dffe97ce1cb5
5edf297381b409d711bc8d27676951a59e151e783412850332519c05243d1e24
6295dd65726503036a4ebc989d4cfc73e73f7e1bde4274e523d3525442669795
62a36c1ac735a209b6d6de2918c891584dcff2001bf363fee6461aaed950b3e8
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cefc952098d58264cdb614ae1192324303b6fcc31e035ded27e2e262a7058a0
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
78e40b4e1a37eaacb23aa741b4fd2d3759da9da7c3cd3fad4f395c2cc2c16434
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89935c3400e7b3facd5935bf5d16987d34c6734c308cfa6cd14ba2f13be636c8
8d8eac391c2e33bb2abc256377244e5cd7b0828cf02fc867a79ab11941a4d7d6
96702221255090af5c1643684b382ef34978d853cfa923da919e1455e3ebc2be
9c30c2da2402f47414d8e6937e0c45c112422c26dabb6f7b77d4d3895c173f51
9c95a10b7a413eee802a08d27da8d2ebad1b1463ce898080a10d0efe5bcf0b7d
a02f9037ac0bc939d990479d4ff16820e9a30ee3afce0aff20d9c1fa1398772e
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a376668143f8d22e87959154ef4133bf88abb31fcafcc399133bbe2f661bf4cb
a5005b2e414770fd5ccb40bc221a12771966d02b5c1f9c89da48bd8e3811d377
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
a89e8c7e4aaaba7250edf44c9ed15a2260a085e5f4e84b314f8379fea5c8a395
ad8152ac7b2242108eeb965f3cdfb051c39052c25c36d891ddd1f1c6e5047236
aee0f83113ac2aa3021037d9750d7fc93120f4d14aa6488607e0729cb2ee180a
c61c050678dd8b3f4a7a9ed2f522bdef895d70837e012a83612cdd94a8702a64
d2a37b3244a9a215cc8c90b8bc11388c4fd8b2dd23d415acfccf16e3224250d7
dbd04584d79a752bd41b823a1c42c1e1d80e4fe6dbc37fa0796cd86b2027ce5d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e83171a76657083b9eb66e41f1fec53bf3b30fb9a15c9b9603f7ed21e3d2a6e7
e89bf425c78befc7c3c4d74b8b9e93557d17310bbbbfdee91b01a6f09f7dbbc3
eb28dd08a25032dc7d00ba5cd26fe3a374b600f91637993a655504886e0017db
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22599e0d24b748f3aec60adf9492df18846939f6ce308e4e5f69381e8d84088
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fabc02c26c69ba7466eb9b740b68d3b5d1ad37f9389965ed29f0ee684cca3c4d
fd57e82ceebe777be272e3477461467b8ea82b2d189fcf61477a662477243867