Report - url4086.protecht.com/ls/click?upn=u001.al8CSOq0Wz0mUC-2FWbBcpRorDbXMRfMPORl0loANiTZ62zN5I2LK7ZVoefj0lrfWmOgQW-2FxfdZuHuqzag6tpeKJFFf-2FloIjvNyRKrOktwqQ4-3Dgzzo_PWr1PYdkri-2BpjsRYnCZSKiTWreLqkt8GF8B2S0DRq86bhVb3bGbtC0KHyV2jE-2FvG-2FZTixybrfZ0i-2FYww5eyLgOadA-2Fn9tOs2DlYFWVosTZwmyFpDoNFsqDNNGt5QlqcerKZ96dUrD0VB-2FKZ0jdOkwg3zhsDeJpMa6LjWV36XfisGaYbvjfe6500fmrFTOSbHd59-2FJ-2B09O2y5H5M0vNCeSrh4ThviZ9VTL6KH7NOz3wGWMgpicoqb9wpj0rjYsODoGDJJpTDH6ENwpsrNpVO-2BDxtgbBlvdktjUEEQwWrB7VPtFs2qfS1BE0Hk5wK1xwEx-2BoXWa9pY7DGAM8zIM6B9iw-3D-3D

Report Overview

Visited public
2024-11-22 19:45:51
Tags
URL
url4086.protecht.com/ls/click?upn=u001.al8CSOq0Wz0mUC-2FWbBcpRorDbXMRfMPORl0loANiTZ62zN5I2LK7ZVoefj0lrfWmOgQW-2FxfdZuHuqzag6tpeKJFFf-2FloIjvNyRKrOktwqQ4-3Dgzzo_PWr1PYdkri-2BpjsRYnCZSKiTWreLqkt8GF8B2S0DRq86bhVb3bGbtC0KHyV2jE-2FvG-2FZTixybrfZ0i-2FYww5eyLgOadA-2Fn9tOs2DlYFWVosTZwmyFpDoNFsqDNNGt5QlqcerKZ96dUrD0VB-2FKZ0jdOkwg3zhsDeJpMa6LjWV36XfisGaYbvjfe6500fmrFTOSbHd59-2FJ-2B09O2y5H5M0vNCeSrh4ThviZ9VTL6KH7NOz3wGWMgpicoqb9wpj0rjYsODoGDJJpTDH6ENwpsrNpVO-2BDxtgbBlvdktjUEEQwWrB7VPtFs2qfS1BE0Hk5wK1xwEx-2BoXWa9pY7DGAM8zIM6B9iw-3D-3D
Finishing URL
requestmyrefund.com/regshield/recharge
IP / ASN
167.89.123.58
#11377 SENDGRID
Title
Protecht

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
url4086.protecht.com	unknown	1998-01-09	2023-06-13	2024-02-15	898 B	362 B	167.89.123.90
p.typekit.net	620	2010-08-02	2012-05-23	2024-11-20	988 B	678 B	23.33.119.26
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-11-20	412 B	1.4 kB	142.250.74.106
requestmyrefund.com	unknown	2023-04-22	2015-06-11	2023-12-27	4.3 kB	1.7 MB	54.240.174.80
api.protecht.com	unknown	1998-01-09	2023-07-13	2024-02-20	2.5 kB	3.4 kB	52.32.156.165
translate.googleapis.com	1005	2005-01-25	2012-05-31	2024-11-20	3.0 kB	82 kB	216.58.207.234
rum.browser-intake-datadoghq.com	11420	2020-08-06	2020-12-16	2024-11-18	759 B	418 B	3.233.158.33
use.typekit.net	494	2010-08-02	2012-07-05	2024-11-20	2.0 kB	79 kB	23.33.119.67
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-11-20	986 B	21 kB	216.58.207.227
translate.google.com	1156	1997-09-15	2012-05-30	2024-11-20	858 B	36 kB	142.250.74.46
www.gstatic.com	unknown	2008-02-11	2016-07-26	2024-11-20	2.6 kB	16 kB	142.250.74.3
translate-pa.googleapis.com	1620	2005-01-25	2021-11-04	2024-11-20	494 B	3.5 kB	142.250.74.106
www.google.com	7	1997-09-15	2015-05-10	2024-11-20	433 B	737 B	142.250.74.164

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Mnemonic Secure DNS

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	requestmyrefund.com/regshield/recharge/orders?token=2RUBHPDbd	1.5 kB	2024-11-22 19:45	2024-11-22 19:45
Pretty URL requestmyrefund.com/regshield/recharge/orders?token=2RUBHPDbd IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-11-22 19:45 Last Seen2024-11-22 19:45 Times Seen1 Hash f737f169a5f0bde9445bd4ad29bc0673 bfa1f8d2e05c6799fb32eb7f737b8920c3cc7465 89751a048ea8ad56b8180037edc4174d52584dcba9cba941980bc445d19ade35 Loading...

	requestmyrefund.com/regshield/recharge/orders?token=2RUBHPDbd	0 B	0001-01-01 00:00	2024-11-25 03:53
Pretty URL requestmyrefund.com/regshield/recharge/orders?token=2RUBHPDbd IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2024-11-25 03:53 Times Seen3398416 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	requestmyrefund.com/static/js/2.9f48461b.chunk.js	3.5 MB	2024-11-22 19:45	2024-11-22 19:45
Pretty URL requestmyrefund.com/static/js/2.9f48461b.chunk.js IP 54.240.174.80 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-22 19:45 Last Seen2024-11-22 19:45 Times Seen1 Hash 0633fc318938ab61d82ebf906fc99929 dc5c5eb0f835a11f11aa1980a1fd7ee6f15bafb1 95b9aa7ce61ab8455d7854b958dca5812bbb47911fa0ecd38f1813c66997d77a Loading...

	requestmyrefund.com/static/js/main.3abec74c.chunk.js	533 kB	2024-11-22 19:45	2024-11-22 19:45
Pretty URL requestmyrefund.com/static/js/main.3abec74c.chunk.js IP 54.240.174.80 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-22 19:45 Last Seen2024-11-22 19:45 Times Seen1 Hash 8208a301ce278e97e19e48976c6bb6b1 56dc179c89a983c13aff9907ba9d0f6adedbb26b 7dc7e5a719adb258eeddf778b031e3c1c0c8d6dd5326fc09677493f89fe447e8 Loading...

	requestmyrefund.com/_/translate_http/_/js/k=translate_http.tr.no.BClIM57E7Y8.O/am=DgY/d=1/rs=AN8SPfqQwjiK25FAiVTT6VMhDEUKqLv_1w/m=el_conf	86 kB	2024-11-22 19:45	2024-11-22 19:45
Pretty URL requestmyrefund.com/_/translate_http/_/js/k=translate_http.tr.no.BClIM57E7Y8.O/am=DgY/d=1/rs=AN8SPfqQwjiK25FAiVTT6VMhDEUKqLv_1w/m=el_conf IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-22 19:45 Last Seen2024-11-22 19:45 Times Seen1 Hash e20ee2d52a952b9ff48a49d3a6a1fd6c 5a4db0a017fe192969c9ac259995b0e6c26ed283 7adf4153ecb20b57c3a5f98302dba0aa35e91ba7beeb453a0b5a9d69733060c0 Loading...

	translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.BClIM57E7Y8.O/am=ACA/d=1/exm=el_conf/ed=1/rs=AN8SPforDo7dT6NDQzXuNDxXfQDjRIqQTA/m=el_main	218 kB	2024-11-20 21:20	2024-11-25 00:16
Pretty URL translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.BClIM57E7Y8.O/am=ACA/d=1/exm=el_conf/ed=1/rs=AN8SPforDo7dT6NDQzXuNDxXfQDjRIqQTA/m=el_main IP 216.58.207.234 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-20 21:20 Last Seen2024-11-25 00:16 Times Seen144 Hash 2e9251e07e74f320cc9ab82995567aed 3d84337749edc78e99d1b290046b8861461a2158 5b6af6a9d40ea106609f6cd8bba22616762b4937a9b8a415aeb5b37dce55468d Loading...

		Size	First Seen	Last Seen
	#1 Write - 460750e917cf858bfa66807ca7086179	3.0 kB	2024-10-24 21:35	2024-11-25 00:16
Pretty Observations First Seen2024-10-24 21:35 Last Seen2024-11-25 00:16 Times Seen51 Hash 460750e917cf858bfa66807ca7086179 b7ae7737e83bfd958a58a7e5c1d5a4f47085ded7 459124c36b654ae17ebbf00d17d93264828d03ea7802c7c5b9458e1ffa3dc51f Loading...

	#2 Write - 8ebeb1a4d28ba85931ebe42555b8eb2c	469 B	2024-10-24 21:35	2024-11-23 09:11
Pretty Observations First Seen2024-10-24 21:35 Last Seen2024-11-23 09:11 Times Seen37 Hash 8ebeb1a4d28ba85931ebe42555b8eb2c 90b03ca0e454a7c446cd690079d31c19f145d966 0f46d03a588ad70c22c39a3c7e8c1a5123abf1716a188b85a0c19ecac4bd13f7 Loading...

	#3 Write - 0a7f232e158dbb94b68ce6be7a3b4054	469 B	2024-10-24 21:35	2024-11-24 18:39
Pretty Observations First Seen2024-10-24 21:35 Last Seen2024-11-24 18:39 Times Seen60 Hash 0a7f232e158dbb94b68ce6be7a3b4054 0299d0bff90184b7fd537d25a11d4be69d0d5027 b2ee215005e436f7f702633ada6e79732244082b6701d966c4223a20a031f4eb Loading...

HTTP Transactions (40)

	URL	IP	Response	Size
	url4086.protecht.com/ls/click?upn=u001.al8CSOq0Wz0mUC-2FWbBcpRorDbXMRfMPORl0loANiTZ62zN5I2LK7ZVoefj0lrfWmOgQW-2FxfdZuHuqzag6tpeKJFFf-2FloIjvNyRKrOktwqQ4-3Dgzzo_PWr1PYdkri-2BpjsRYnCZSKiTWreLqkt8GF8B2S0DRq86bhVb3bGbtC0KHyV2jE-2FvG-2FZTixybrfZ0i-2FYww5eyLgOadA-2Fn9tOs2DlYFWVosTZwmyFpDoNFsqDNNGt5QlqcerKZ96dUrD0VB-2FKZ0jdOkwg3zhsDeJpMa6LjWV36XfisGaYbvjfe6500fmrFTOSbHd59-2FJ-2B09O2y5H5M0vNCeSrh4ThviZ9VTL6KH7NOz3wGWMgpicoqb9wpj0rjYsODoGDJJpTDH6ENwpsrNpVO-2BDxtgbBlvdktjUEEQwWrB7VPtFs2qfS1BE0Hk5wK1xwEx-2BoXWa9pY7DGAM8zIM6B9iw-3D-3D	167.89.123.90	302 Found	92 B
URL User Request GET HTTP/1.1 url4086.protecht.com/ls/click?upn=u001.al8CSOq0Wz0mUC-2FWbBcpRorDbXMRfMPORl0loANiTZ62zN5I2LK7ZVoefj0lrfWmOgQW-2FxfdZuHuqzag6tpeKJFFf-2FloIjvNyRKrOktwqQ4-3Dgzzo_PWr1PYdkri-2BpjsRYnCZSKiTWreLqkt8GF8B2S0DRq86bhVb3bGbtC0KHyV2jE-2FvG-2FZTixybrfZ0i-2FYww5eyLgOadA-2Fn9tOs2DlYFWVosTZwmyFpDoNFsqDNNGt5QlqcerKZ96dUrD0VB-2FKZ0jdOkwg3zhsDeJpMa6LjWV36XfisGaYbvjfe6500fmrFTOSbHd59-2FJ-2B09O2y5H5M0vNCeSrh4ThviZ9VTL6KH7NOz3wGWMgpicoqb9wpj0rjYsODoGDJJpTDH6ENwpsrNpVO-2BDxtgbBlvdktjUEEQwWrB7VPtFs2qfS1BE0Hk5wK1xwEx-2BoXWa9pY7DGAM8zIM6B9iw-3D-3D IP 167.89.123.90:80 ASN #11377 SENDGRID File type HTML document, ASCII text Size 92 B (92 bytes) Hash 0c999e6c841fd0bc2a7517d7dc3ff1ac 2a748c481bd92b6918c14539e3a05f30e9a02fd8 1507aea913f51aa2f7ee3080e5a393450438c48207b21c5e7d656deba9244c39 HTTP Headers GET /ls/click?upn=u001.al8CSOq0Wz0mUC-2FWbBcpRorDbXMRfMPORl0loANiTZ62zN5I2LK7ZVoefj0lrfWmOgQW-2FxfdZuHuqzag6tpeKJFFf-2FloIjvNyRKrOktwqQ4-3Dgzzo_PWr1PYdkri-2BpjsRYnCZSKiTWreLqkt8GF8B2S0DRq86bhVb3bGbtC0KHyV2jE-2FvG-2FZTixybrfZ0i-2FYww5eyLgOadA-2Fn9tOs2DlYFWVosTZwmyFpDoNFsqDNNGt5QlqcerKZ96dUrD0VB-2FKZ0jdOkwg3zhsDeJpMa6LjWV36XfisGaYbvjfe6500fmrFTOSbHd59-2FJ-2B09O2y5H5M0vNCeSrh4ThviZ9VTL6KH7NOz3wGWMgpicoqb9wpj0rjYsODoGDJJpTDH6ENwpsrNpVO-2BDxtgbBlvdktjUEEQwWrB7VPtFs2qfS1BE0Hk5wK1xwEx-2BoXWa9pY7DGAM8zIM6B9iw-3D-3D HTTP/1.1 Host: url4086.protecht.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 302 Found Server: nginx Date: Fri, 22 Nov 2024 19:45:26 GMT Content-Type: text/html; charset=utf-8 Content-Length: 92 Connection: keep-alive Location: https://requestmyrefund.com/regshield/recharge/orders?token=2RUBHPDbd X-Robots-Tag: noindex, nofollow`

	use.typekit.net/vcf1ksg.css	23.33.119.67	200 OK	682 B
URL GET HTTP/2 use.typekit.net/vcf1ksg.css IP 23.33.119.67:443 ASN #20940 Akamai International B.V. Requested by https://requestmyrefund.com/regshield/recharge/orders?token=2RUBHPDbd Certificate IssuerDigiCert Inc Subjectuse.typekit.net Fingerprint04:25:F2:63:F0:2D:54:4F:A7:7E:22:4C:71:E6:9B:01:DD:73:73:97 ValidityThu, 17 Oct 2024 00:00:00 GMT - Mon, 17 Nov 2025 23:59:59 GMT File type Unicode text, UTF-8 text, with very long lines (516) Size 682 B (682 bytes) Hash 54b2fbe2af86911539855c31f1e79b9b 3aa5bd4a473f4c3fdcc0ccfbb4d467177c20086f 9f71ca2b7e3db394a25f13fae3049c952716a49725a5b326137f6d72dd4d747a HTTP Headers `GET /vcf1ksg.css HTTP/1.1 Host: use.typekit.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx content-type: text/css;charset=utf-8 vary: Accept-Encoding strict-transport-security: max-age=31536000; includeSubDomains; cache-control: private, max-age=600, stale-while-revalidate=604800 timing-allow-origin: * access-control-allow-origin: * cross-origin-resource-policy: cross-origin content-encoding: gzip content-length: 682 date: Fri, 22 Nov 2024 19:45:28 GMT X-Firefox-Spdy: h2`

	p.typekit.net/p.css?s=1&k=vcf1ksg&ht=tk&f=139.173.175&a=16766148&app=typekit&e=css	23.33.119.26	200 OK	5 B
URL GET HTTP/2 p.typekit.net/p.css?s=1&k=vcf1ksg&ht=tk&f=139.173.175&a=16766148&app=typekit&e=css IP 23.33.119.26:443 ASN #20940 Akamai International B.V. Requested by https://requestmyrefund.com/regshield/recharge/orders?token=2RUBHPDbd Certificate IssuerDigiCert Inc Subjectuse.typekit.net Fingerprint04:25:F2:63:F0:2D:54:4F:A7:7E:22:4C:71:E6:9B:01:DD:73:73:97 ValidityThu, 17 Oct 2024 00:00:00 GMT - Mon, 17 Nov 2025 23:59:59 GMT File type ASCII text Size 5 B (5 bytes) Hash 83d24d4b43cc7eef2b61e66c95f3d158 f0cafc285ee23bb6c28c5166f305493c4331c84d 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb HTTP Headers `GET /p.css?s=1&k=vcf1ksg&ht=tk&f=139.173.175&a=16766148&app=typekit&e=css HTTP/1.1 Host: p.typekit.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://use.typekit.net/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx content-type: text/css content-length: 5 last-modified: Tue, 07 Mar 2023 19:56:00 GMT etag: "640796d0-5" cache-control: public, max-age=604800 access-control-allow-origin: * cross-origin-resource-policy: cross-origin accept-ranges: bytes date: Fri, 22 Nov 2024 19:45:28 GMT X-Firefox-Spdy: h2`

	use.typekit.net/ojw1sgn.css	23.33.119.67	200 OK	1.0 kB
URL GET HTTP/2 use.typekit.net/ojw1sgn.css IP 23.33.119.67:443 ASN #20940 Akamai International B.V. Requested by https://requestmyrefund.com/regshield/recharge/orders?token=2RUBHPDbd Certificate IssuerDigiCert Inc Subjectuse.typekit.net Fingerprint04:25:F2:63:F0:2D:54:4F:A7:7E:22:4C:71:E6:9B:01:DD:73:73:97 ValidityThu, 17 Oct 2024 00:00:00 GMT - Mon, 17 Nov 2025 23:59:59 GMT File type Unicode text, UTF-8 text, with very long lines (516) Size 1.0 kB (1011 bytes) Hash f3dee664fbe13cbca1b15bc6d7b4a69c c666b2420a7372ddae5f2651d6f33bbff2475769 8050bfb76ed3d2cc449988b6e8cb796ea33530320fad2d68997f53f508b40cf0 HTTP Headers `GET /ojw1sgn.css HTTP/1.1 Host: use.typekit.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx content-type: text/css;charset=utf-8 vary: Accept-Encoding strict-transport-security: max-age=31536000; includeSubDomains; cache-control: private, max-age=600, stale-while-revalidate=604800 timing-allow-origin: * access-control-allow-origin: * cross-origin-resource-policy: cross-origin content-encoding: gzip content-length: 1011 date: Fri, 22 Nov 2024 19:45:28 GMT X-Firefox-Spdy: h2`

	fonts.googleapis.com/css?family=Open+Sans+Condensed:300,700	142.250.74.106	200 OK	689 B
URL GET HTTP/2 fonts.googleapis.com/css?family=Open+Sans+Condensed:300,700 IP 142.250.74.106:443 ASN #15169 GOOGLE Requested by https://requestmyrefund.com/regshield/recharge/orders?token=2RUBHPDbd Certificate IssuerGoogle Trust Services Subjectupload.video.google.com FingerprintE8:18:86:79:89:2E:F0:7C:66:1F:C3:43:81:D2:6D:9E:0C:9C:AB:05 ValidityMon, 21 Oct 2024 08:38:00 GMT - Mon, 13 Jan 2025 08:37:59 GMT File type gzip compressed data, max compression Size 689 B (689 bytes) Hash 7c258687d3020304fedfdd67caf1e331 22d5c107462d54bc3daab5d37fbaf556e240789d 30ce40240287c8b10421d09dd85ce3c4901d0e6e20f2f25e415bf5f639394b5b HTTP Headers `GET /css?family=Open+Sans+Condensed:300,700 HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/css; charset=utf-8 vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Fri, 22 Nov 2024 19:45:27 GMT date: Fri, 22 Nov 2024 19:45:27 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	requestmyrefund.com/static/js/2.9f48461b.chunk.js	54.240.174.80	200 OK	1.0 MB
URL GET HTTP/2 requestmyrefund.com/static/js/2.9f48461b.chunk.js IP 54.240.174.80:443 ASN #16509 AMAZON-02 Requested by https://requestmyrefund.com/regshield/recharge/orders?token=2RUBHPDbd Certificate IssuerAmazon Subjectrequestmyrefund.com FingerprintE6:95:2B:32:0E:47:53:43:52:C7:DE:36:DA:0F:37:9B:BC:67:4C:5F ValiditySun, 24 Mar 2024 00:00:00 GMT - Tue, 22 Apr 2025 23:59:59 GMT File type gzip compressed data, from Unix Size 1.0 MB (1001490 bytes) Hash 0f4e2259722405aee2f27fe1be2923bd 1de34ad1b42368f257f0d6e1383d8ae038e66283 dfafe33293cd29e7b01edfa776b51d1c010a9f69ac3df2a8fb5a5549bc991812 HTTP Headers `GET /static/js/2.9f48461b.chunk.js HTTP/1.1 Host: requestmyrefund.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK content-type: application/javascript last-modified: Thu, 31 Oct 2024 20:21:39 GMT x-amz-version-id: MjbG_uAQAhAiCihXtez88NYtrQXr6GO1 server: AmazonS3 content-encoding: gzip date: Fri, 22 Nov 2024 19:45:29 GMT cache-control: max-age=0 etag: W/"0633fc318938ab61d82ebf906fc99929" vary: Accept-Encoding x-cache: RefreshHit from cloudfront via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: Lv5Er5ifUxOlreyOxFmPmAvp9j0xIUYf5zTb11p8Zcrqca3rbZemUQ== x-xss-protection: 0 x-frame-options: SAMEORIGIN referrer-policy: no-referrer content-security-policy: base-uri 'self'; block-all-mixed-content; font-src 'self' https: data:; form-action 'self'; frame-ancestors 'self'; object-src 'none'; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests x-content-type-options: nosniff strict-transport-security: max-age=15552000; includeSubDomains; preload X-Firefox-Spdy: h2

	api.protecht.com/v4/products/TGRS/config?type=recharge	52.32.156.165	200 OK	477 B
URL GET HTTP/2 api.protecht.com/v4/products/TGRS/config?type=recharge IP 52.32.156.165:443 ASN #16509 AMAZON-02 Requested by https://requestmyrefund.com/regshield/recharge/orders?token=2RUBHPDbd Certificate IssuerAmazon Subject.protecht.com Fingerprint2B:B5:8D:9A:78:A0:B7:A0:BE:38:00:EA:4F:BC:91:83:30:92:1C:23 ValidityMon, 25 Mar 2024 00:00:00 GMT - Thu, 24 Apr 2025 23:59:59 GMT File type JSON text data Size 477 B (477 bytes) Hash 8a6b25bdba1b74493c58433135872adc 8c21451f5df231c1ca62abc7c34e0ea14f8d94c8 b2dfd19203cdd4acc57216a86ae59fb0c0ce14c92c32fafa0657be8ff5d86617 HTTP Headers `GET /v4/products/TGRS/config?type=recharge HTTP/1.1 Host: api.protecht.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json, text/plain, /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://requestmyrefund.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK date: Fri, 22 Nov 2024 19:45:29 GMT content-type: application/json; charset=utf-8 content-length: 477 server: intentionally-obfuscated x-frame-options: DENY strict-transport-security: max-age=3600; includeSubDomains x-content-type-options: nosniff referrer-policy: same-origin cross-origin-opener-policy: same-origin vary: Origin access-control-allow-credentials: true access-control-allow-origin: https://requestmyrefund.com X-Firefox-Spdy: h2`

	use.typekit.net/af/309dfe/000000000000000000010091/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3	23.33.119.67	200 OK	43 kB
URL GET HTTP/2 use.typekit.net/af/309dfe/000000000000000000010091/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 IP 23.33.119.67:443 ASN #20940 Akamai International B.V. Requested by https://requestmyrefund.com/regshield/recharge/orders?token=2RUBHPDbd Certificate IssuerDigiCert Inc Subjectuse.typekit.net Fingerprint04:25:F2:63:F0:2D:54:4F:A7:7E:22:4C:71:E6:9B:01:DD:73:73:97 ValidityThu, 17 Oct 2024 00:00:00 GMT - Mon, 17 Nov 2025 23:59:59 GMT File type Web Open Font Format (Version 2), TrueType, length 43076, version 1.0 Size 43 kB (43076 bytes) Hash 0c33477cac10ecb7868b56b891648af6 85cd30d9fe5ab55aaa8e2766af3dea0302c781cf 04dd88ec3632bfd618a21c8657d6faf685a33fde9d3bf3c7e0e43ce9f517c55d HTTP Headers GET /af/309dfe/000000000000000000010091/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 HTTP/1.1 Host: use.typekit.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://requestmyrefund.com DNT: 1 Connection: keep-alive Referer: https://use.typekit.net/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx content-type: application/font-woff2 content-length: 43076 etag: "e7811049bfa1845589c42f0b31c9740a16cee93a" timing-allow-origin: * access-control-allow-origin: * cross-origin-resource-policy: cross-origin cache-control: public, max-age=31536000 date: Fri, 22 Nov 2024 19:45:29 GMT X-Firefox-Spdy: h2`

	use.typekit.net/af/4838bd/00000000000000003b9b0934/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3	23.33.119.67	200 OK	33 kB
URL GET HTTP/2 use.typekit.net/af/4838bd/00000000000000003b9b0934/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 IP 23.33.119.67:443 ASN #20940 Akamai International B.V. Requested by https://requestmyrefund.com/regshield/recharge/orders?token=2RUBHPDbd Certificate IssuerDigiCert Inc Subjectuse.typekit.net Fingerprint04:25:F2:63:F0:2D:54:4F:A7:7E:22:4C:71:E6:9B:01:DD:73:73:97 ValidityThu, 17 Oct 2024 00:00:00 GMT - Mon, 17 Nov 2025 23:59:59 GMT File type Web Open Font Format (Version 2), CFF, length 32688, version 1.0 Size 33 kB (32688 bytes) Hash c654f50b24ad0685a12a2c387542e700 b2cfcca0589023f4371e4a673ec305f8ecace38e 9b99ce50d05750058143cb93936075ad5107f9a3e5b03f2d4872c0ebe753a9f7 HTTP Headers GET /af/4838bd/00000000000000003b9b0934/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 HTTP/1.1 Host: use.typekit.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://requestmyrefund.com DNT: 1 Connection: keep-alive Referer: https://use.typekit.net/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx content-type: application/font-woff2 content-length: 32688 etag: "852dacc5cd2685c187708b882b28635465e17bd0" timing-allow-origin: * access-control-allow-origin: * cross-origin-resource-policy: cross-origin cache-control: public, max-age=31536000 date: Fri, 22 Nov 2024 19:45:29 GMT X-Firefox-Spdy: h2`

	fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2	216.58.207.227	200 OK	16 kB
URL GET HTTP/2 fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2 IP 216.58.207.227:443 ASN #15169 GOOGLE Requested by https://requestmyrefund.com/regshield/recharge/orders?token=2RUBHPDbd Certificate IssuerGoogle Trust Services Subject.gstatic.com Fingerprint2A:56:7F:C1:73:8D:7A:48:D9:E7:52:83:15:27:9D:C3:C9:23:71:52 ValidityMon, 21 Oct 2024 08:37:59 GMT - Mon, 13 Jan 2025 08:37:58 GMT File type Web Open Font Format (Version 2), TrueType, length 16324, version 1.0 Size 16 kB (16324 bytes) Hash f43fa5b4f6366eae0039e4e49db645de d7fec074ba8b6e69bec4a995ea722d3d1513ad43 0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad HTTP Headers GET /s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://requestmyrefund.com DNT: 1 Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 16324 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sat, 16 Nov 2024 04:05:07 GMT expires: Sun, 16 Nov 2025 04:05:07 GMT cache-control: public, max-age=31536000 age: 574822 last-modified: Tue, 19 Apr 2022 18:08:32 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	api.protecht.com/v4/auth/customer/email-token	52.32.156.165	200 OK	0 B
URL OPTIONS HTTP/2 api.protecht.com/v4/auth/customer/email-token IP 52.32.156.165:443 ASN #16509 AMAZON-02 Requested by https://requestmyrefund.com/regshield/recharge/orders?token=2RUBHPDbd Certificate IssuerAmazon Subject.protecht.com Fingerprint2B:B5:8D:9A:78:A0:B7:A0:BE:38:00:EA:4F:BC:91:83:30:92:1C:23 ValidityMon, 25 Mar 2024 00:00:00 GMT - Thu, 24 Apr 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `OPTIONS /v4/auth/customer/email-token HTTP/1.1 Host: api.protecht.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Origin: https://requestmyrefund.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 22 Nov 2024 19:45:29 GMT content-type: text/html; charset=utf-8 content-length: 0 server: intentionally-obfuscated vary: Origin access-control-allow-credentials: true access-control-allow-origin: https://requestmyrefund.com access-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, x-protecht-defaulted-region, x-protecht-api-key, x-protecht-referer, x-datadog-trace-id, x-datadog-parent-id, x-datadog-origin, x-datadog-sampling-priority, x-datadog-sampling-priority, traceparent, Set-Cookie access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT access-control-max-age: 86400 X-Firefox-Spdy: h2

	requestmyrefund.com/logo/regshield.png	54.240.174.80	200 OK	21 kB
URL GET HTTP/2 requestmyrefund.com/logo/regshield.png IP 54.240.174.80:443 ASN #16509 AMAZON-02 Requested by https://requestmyrefund.com/regshield/recharge/orders?token=2RUBHPDbd Certificate IssuerAmazon Subjectrequestmyrefund.com FingerprintE6:95:2B:32:0E:47:53:43:52:C7:DE:36:DA:0F:37:9B:BC:67:4C:5F ValiditySun, 24 Mar 2024 00:00:00 GMT - Tue, 22 Apr 2025 23:59:59 GMT File type PNG image data, 2823 x 462, 8-bit/color RGBA, non-interlaced Size 21 kB (20648 bytes) Hash c019cc627e0461b41d46d63d9fc2ac63 d19e3f5d446491b1ffda1651ba3954bd8be71ec2 c13beffd0e170fa715b106e18094120f5d1ff3fa4f15fceeb444353b9d29bf4d HTTP Headers GET /logo/regshield.png HTTP/1.1 Host: requestmyrefund.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: _dd_s=rum=2&id=cd05e42b-8365-4af3-8dad-b587ade5f1a9&created=1732304728770&expire=1732305628770 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK content-type: image/png content-length: 20648 last-modified: Thu, 31 Oct 2024 20:21:38 GMT x-amz-version-id: W_P1u0QLRat5BQ2ld9BeQvo_xxVsHnuL server: AmazonS3 date: Fri, 22 Nov 2024 19:45:30 GMT cache-control: max-age=0 etag: "c019cc627e0461b41d46d63d9fc2ac63" vary: Accept-Encoding x-cache: RefreshHit from cloudfront via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: -4Po538EDz5fHGcHYQVQO7Mm1eXkPLduQ0-XypVl6XEaoreY3q3cIw== x-xss-protection: 0 x-frame-options: SAMEORIGIN referrer-policy: no-referrer content-security-policy: base-uri 'self'; block-all-mixed-content; font-src 'self' https: data:; form-action 'self'; frame-ancestors 'self'; object-src 'none'; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests x-content-type-options: nosniff strict-transport-security: max-age=15552000; includeSubDomains; preload X-Firefox-Spdy: h2

	translate.google.com/translate_a/element.js?cb=googleTranslateElementInit	142.250.74.46	200 OK	34 kB
URL GET HTTP/2 translate.google.com/translate_a/element.js?cb=googleTranslateElementInit IP 142.250.74.46:443 ASN #15169 GOOGLE Requested by https://requestmyrefund.com/regshield/recharge/orders?token=2RUBHPDbd Certificate IssuerGoogle Trust Services Subject.google.com Fingerprint2C:88:D1:F3:88:1E:8C:7A:FA:75:31:0C:56:7A:2F:4E:7F:79:4F:EB ValidityMon, 21 Oct 2024 08:36:57 GMT - Mon, 13 Jan 2025 08:36:56 GMT File type JavaScript source, ASCII text, with very long lines (2368) Size 34 kB (33560 bytes) Hash c8d17002654fdfa80d4494d4d3015d7f 121ef26503c125b7061f9ab81629ce197bd1c017 436114e264c823a0be5b36679f67a34811c128e0c45d9842b531dc1742dbb243 HTTP Headers `GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1 Host: translate.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/javascript; charset=utf-8 vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Fri, 22 Nov 2024 19:45:29 GMT cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.BClIM57E7Y8.O/am=ACA/d=1/exm=el_conf/ed=1/rs=AN8SPforDo7dT6NDQzXuNDxXfQDjRIqQTA/m=el_main	216.58.207.234	200 OK	75 kB
URL GET HTTP/2 translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.BClIM57E7Y8.O/am=ACA/d=1/exm=el_conf/ed=1/rs=AN8SPforDo7dT6NDQzXuNDxXfQDjRIqQTA/m=el_main IP 216.58.207.234:443 ASN #15169 GOOGLE Requested by https://requestmyrefund.com/regshield/recharge/orders?token=2RUBHPDbd Certificate IssuerGoogle Trust Services Subjectupload.video.google.com FingerprintE8:18:86:79:89:2E:F0:7C:66:1F:C3:43:81:D2:6D:9E:0C:9C:AB:05 ValidityMon, 21 Oct 2024 08:38:00 GMT - Mon, 13 Jan 2025 08:37:59 GMT File type JavaScript source, ASCII text, with very long lines (2475) Size 75 kB (75108 bytes) Hash 2e9251e07e74f320cc9ab82995567aed 3d84337749edc78e99d1b290046b8861461a2158 5b6af6a9d40ea106609f6cd8bba22616762b4937a9b8a415aeb5b37dce55468d HTTP Headers `GET /_/translate_http/_/js/k=translate_http.tr.no.BClIM57E7Y8.O/am=ACA/d=1/exm=el_conf/ed=1/rs=AN8SPforDo7dT6NDQzXuNDxXfQDjRIqQTA/m=el_main HTTP/1.1 Host: translate.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="rosetta" report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]} content-length: 75108 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 22 Nov 2024 19:39:48 GMT expires: Sat, 22 Nov 2025 19:39:48 GMT cache-control: public, max-age=31536000 last-modified: Wed, 20 Nov 2024 20:09:58 GMT content-type: text/javascript; charset=UTF-8 vary: Accept-Encoding age: 342 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg	216.58.207.227	200 OK	3.3 kB
URL GET HTTP/3 fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg IP 216.58.207.227:443 ASN #15169 GOOGLE Requested by https://requestmyrefund.com/regshield/recharge/orders?token=2RUBHPDbd Certificate IssuerGoogle Trust Services Subject.gstatic.com Fingerprint2A:56:7F:C1:73:8D:7A:48:D9:E7:52:83:15:27:9D:C3:C9:23:71:52 ValidityMon, 21 Oct 2024 08:37:59 GMT - Mon, 13 Jan 2025 08:37:58 GMT File type SVG Scalable Vector Graphics image Size 3.3 kB (3340 bytes) Hash 2bd5c073a88b83ed74db88282a56ddfb d0ebfc376f8c6a44a8d4cd216817dcd7d0c33650 ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09 HTTP Headers `GET /s/i/productlogos/translate/v14/24px.svg HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK accept-ranges: bytes content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-length: 3340 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Mon, 18 Nov 2024 04:47:34 GMT expires: Tue, 18 Nov 2025 04:47:34 GMT cache-control: public, max-age=31536000 last-modified: Wed, 20 Apr 2022 14:24:23 GMT content-type: image/svg+xml vary: Accept-Encoding age: 399476 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	www.gstatic.com/images/branding/product/2x/translate_24dp.png	142.250.74.3	200 OK	1.8 kB
URL GET HTTP/3 www.gstatic.com/images/branding/product/2x/translate_24dp.png IP 142.250.74.3:443 ASN #15169 GOOGLE Requested by https://requestmyrefund.com/regshield/recharge/orders?token=2RUBHPDbd Certificate IssuerGoogle Trust Services Subject.gstatic.com Fingerprint2A:56:7F:C1:73:8D:7A:48:D9:E7:52:83:15:27:9D:C3:C9:23:71:52 ValidityMon, 21 Oct 2024 08:37:59 GMT - Mon, 13 Jan 2025 08:37:58 GMT File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced Size 1.8 kB (1842 bytes) Hash c69c796362406f9e11c7f4bf5bb628da e489ce95ab56208090868882113d7416abf46775 4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82 HTTP Headers GET /images/branding/product/2x/translate_24dp.png HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=DgY/d=0/rs=AN8SPfpz0F9mEAKhFenNVpn8zqgZhSpKnw/m=el_main_css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK accept-ranges: bytes cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable" report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-length: 1842 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 21 Nov 2024 22:22:52 GMT expires: Fri, 21 Nov 2025 22:22:52 GMT cache-control: public, max-age=31536000 last-modified: Thu, 14 Oct 2021 09:08:00 GMT content-type: image/png vary: Origin age: 76958 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	requestmyrefund.com/fonts/Gotham/GothamMedium.otf	54.240.174.80	200 OK	51 kB
URL GET HTTP/2 requestmyrefund.com/fonts/Gotham/GothamMedium.otf IP 54.240.174.80:443 ASN #16509 AMAZON-02 Requested by https://requestmyrefund.com/regshield/recharge/orders?token=2RUBHPDbd Certificate IssuerAmazon Subjectrequestmyrefund.com FingerprintE6:95:2B:32:0E:47:53:43:52:C7:DE:36:DA:0F:37:9B:BC:67:4C:5F ValiditySun, 24 Mar 2024 00:00:00 GMT - Tue, 22 Apr 2025 23:59:59 GMT File type gzip compressed data, from Unix Size 51 kB (51405 bytes) Hash a9ab2f5ecce443094ffdf4b285f38af7 91d49c2aab8296ef58bd6770ed5bf2561eacf57a 7b35314fcacf605e3dbbe086a5675298cd561614dff868ae3a3866a21f05dbad HTTP Headers GET /fonts/Gotham/GothamMedium.otf HTTP/1.1 Host: requestmyrefund.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: _dd_s=rum=2&id=cd05e42b-8365-4af3-8dad-b587ade5f1a9&created=1732304728770&expire=1732305628770 Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK content-type: font/otf last-modified: Thu, 31 Oct 2024 20:21:37 GMT x-amz-version-id: 9MfPAxBWNnhYMQpuvDsh0y6oSjGFXRgb server: AmazonS3 content-encoding: gzip date: Fri, 22 Nov 2024 19:45:30 GMT cache-control: max-age=0 etag: W/"490c7f511ebeb960819f82ff64ecb0ef" vary: Accept-Encoding x-cache: RefreshHit from cloudfront via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: ALBGTWOoQCXZbKt5o_uiUG7Wb7ZAC7zTfcPsaCBkdzLftV-kL9Ca1A== x-xss-protection: 0 x-frame-options: SAMEORIGIN referrer-policy: no-referrer content-security-policy: base-uri 'self'; block-all-mixed-content; font-src 'self' https: data:; form-action 'self'; frame-ancestors 'self'; object-src 'none'; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests x-content-type-options: nosniff strict-transport-security: max-age=15552000; includeSubDomains; preload X-Firefox-Spdy: h2

	translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback	142.250.74.106	200 OK	2.6 kB
URL translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback IP 142.250.74.106:0 ASN #15169 GOOGLE File type Unicode text, UTF-8 text Size 2.6 kB (2635 bytes) Hash fce10a5a8f59b79f438c34550acf59ce ce074e48469e0fb9c37c7e51f4de857abd6957d6 4ba24e477aa23afd29ab8d3a52740998df11e24df465f4027d7308e0e302da0d HTTP Headers `GET /v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback HTTP/1.1 Host: translate-pa.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." cross-origin-resource-policy: cross-origin content-type: text/javascript; charset=UTF-8 vary: Origin, X-Origin, Referer content-encoding: gzip date: Fri, 22 Nov 2024 19:45:30 GMT server: ESF content-length: 2635 x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff set-cookie: NID=519=GSwPRMj80l6ABH9n5sT_KxQgLquxjbQye0J_-0sXHZqmGV4hQqu8I9r8Ma0MfFSsmdSn0lMTzKzKDTaTrc_A2tgxBV4jmgq7X04LEAwbHXGeJBfS8Wcb44A6xRKfxDLOC96uKTogNYpzPjMS1QtOO6NtGBbgpj2e_dy8f_PcROndz_zSnbtEVI5cEhWxG_X1ZMrcvw; expires=Sat, 24-May-2025 19:45:30 GMT; path=/; domain=.translate-pa.googleapis.com; HttpOnly expires: Fri, 22 Nov 2024 19:45:30 GMT cache-control: private alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=DgY/d=0/rs=AN8SPfpz0F9mEAKhFenNVpn8zqgZhSpKnw/m=el_main_css	142.250.74.3	200 OK	4.0 kB
URL GET HTTP/3 www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=DgY/d=0/rs=AN8SPfpz0F9mEAKhFenNVpn8zqgZhSpKnw/m=el_main_css IP 142.250.74.3:443 ASN #15169 GOOGLE Requested by https://requestmyrefund.com/regshield/recharge/orders?token=2RUBHPDbd Certificate IssuerGoogle Trust Services Subject.gstatic.com Fingerprint2A:56:7F:C1:73:8D:7A:48:D9:E7:52:83:15:27:9D:C3:C9:23:71:52 ValidityMon, 21 Oct 2024 08:37:59 GMT - Mon, 13 Jan 2025 08:37:58 GMT File type ASCII text, with very long lines (20367), with no line terminators Size 4.0 kB (3960 bytes) Hash 72d3a735ccca1027f6b3afba2c93e3a7 67f8eff8d17334c59c28fc1753bf451527c7490d c8c845f55e2346b89894ce0df8185ee182359e096bf29987d5cf1f8a7391bef1 HTTP Headers GET /_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=DgY/d=0/rs=AN8SPfpz0F9mEAKhFenNVpn8zqgZhSpKnw/m=el_main_css HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://requestmyrefund.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK accept-ranges: bytes content-encoding: gzip access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="rosetta" report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]} content-length: 3960 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 21 Nov 2024 23:00:08 GMT expires: Fri, 21 Nov 2025 23:00:08 GMT cache-control: public, max-age=31536000 last-modified: Sat, 15 Jul 2023 01:09:03 GMT content-type: text/css; charset=UTF-8 vary: Accept-Encoding age: 74722 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_68x28dp.png	142.250.74.3	200 OK	1.6 kB
URL GET HTTP/3 www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_68x28dp.png IP 142.250.74.3:443 ASN #15169 GOOGLE Requested by https://requestmyrefund.com/regshield/recharge/orders?token=2RUBHPDbd Certificate IssuerGoogle Trust Services Subject.gstatic.com Fingerprint2A:56:7F:C1:73:8D:7A:48:D9:E7:52:83:15:27:9D:C3:C9:23:71:52 ValidityMon, 21 Oct 2024 08:37:59 GMT - Mon, 13 Jan 2025 08:37:58 GMT File type PNG image data, 68 x 28, 8-bit/color RGBA, non-interlaced Size 1.6 kB (1597 bytes) Hash c4a931d597decd2553aac6634b766cf2 6ec84fb4a2745b4b71520241be77db1fd1013830 f56402b127698db4b4dc611a97a6f081d04c4691c60522c5912d189e37c94a9e HTTP Headers `GET /images/branding/googlelogo/1x/googlelogo_color_68x28dp.png HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://requestmyrefund.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK accept-ranges: bytes cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable" report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-length: 1597 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 22 Nov 2024 19:03:03 GMT expires: Sat, 22 Nov 2025 19:03:03 GMT cache-control: public, max-age=31536000 age: 2547 last-modified: Fri, 30 Jun 2023 18:58:00 GMT content-type: image/png vary: Origin alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	translate.googleapis.com/translate_static/img/loading.gif	216.58.207.234	200 OK	702 B
URL GET HTTP/3 translate.googleapis.com/translate_static/img/loading.gif IP 216.58.207.234:443 ASN #15169 GOOGLE Requested by https://requestmyrefund.com/regshield/recharge/orders?token=2RUBHPDbd Certificate IssuerGoogle Trust Services Subjectupload.video.google.com FingerprintE8:18:86:79:89:2E:F0:7C:66:1F:C3:43:81:D2:6D:9E:0C:9C:AB:05 ValidityMon, 21 Oct 2024 08:38:00 GMT - Mon, 13 Jan 2025 08:37:59 GMT File type GIF image data, version 89a, 16 x 16 Size 702 B (702 bytes) Hash eefaa072b284a305c12c06608333abc2 58272721ccc1efda26eaa22354022c7c793edbb6 fb6b7bcc1ab09f27db17bcbdf5239ce1d52af34f1fc5125b3fc8528a07848d21 HTTP Headers `GET /translate_static/img/loading.gif HTTP/1.1 Host: translate.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://requestmyrefund.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK accept-ranges: bytes cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable" report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-length: 702 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 21 Nov 2024 11:08:38 GMT expires: Fri, 21 Nov 2025 11:08:38 GMT cache-control: public, max-age=31536000 age: 117412 last-modified: Thu, 03 Oct 2019 10:15:00 GMT content-type: image/gif alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	translate.google.com/gen204?sl=en&nca=te_ap&client=te&logld=vTE_20241120	142.250.74.46	204 No Content	0 B
URL GET HTTP/3 translate.google.com/gen204?sl=en&nca=te_ap&client=te&logld=vTE_20241120 IP 142.250.74.46:443 ASN #15169 GOOGLE Requested by https://requestmyrefund.com/regshield/recharge/orders?token=2RUBHPDbd Certificate IssuerGoogle Trust Services Subject.google.com Fingerprint2C:88:D1:F3:88:1E:8C:7A:FA:75:31:0C:56:7A:2F:4E:7F:79:4F:EB ValidityMon, 21 Oct 2024 08:36:57 GMT - Mon, 13 Jan 2025 08:36:56 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /gen204?sl=en&nca=te_ap&client=te&logld=vTE_20241120 HTTP/1.1 Host: translate.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 204 No Content content-type: image/gif; charset=utf-8 cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Fri, 22 Nov 2024 19:45:30 GMT cross-origin-resource-policy: cross-origin p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." permissions-policy: ch-ua-arch=, ch-ua-bitness=, ch-ua-full-version=, ch-ua-full-version-list=, ch-ua-model=, ch-ua-wow64=, ch-ua-form-factors=, ch-ua-platform=, ch-ua-platform-version=* accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy: same-origin content-security-policy: require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'nonce-TG6hkeW_6zBEpxUpOIRfnA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self' reporting-endpoints: default="/_/TranslateApiHttp/web-reports?context=eJzjktDikmII0JBicEqfwRoExH9krrJ6911lFeLhuLWveRebwIGP094yKikl5RfGlxQl5hXnJJakFqcWlaUWxRsZGJkYGhoZ6BmYxxcYAACrZhlT" server: ESF content-length: 0 x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff set-cookie: __Secure-ENID=24.SE=kXyX_a1fWyJJ1lLrX106U8J4YdqgIDMR5pgD4EY6inPIEtJSIqJpGXoLs9VmLzMKVFDNLVTXUA8K7u8AevQHtDPei-GFpEHwutQzYQ3qPALWoBFbmVCcMv6AxS2vsNLN0oZPYq6fq6BtBx7wZ_Rr_Sfw3BtHmqMmbf1SeCyaBv8efEdM5ghz_-rmGSqYM_NHs05bzMrRI6T_jJVsQHW_qAwsRg; expires=Tue, 23-Dec-2025 12:03:48 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	www.google.com/images/cleardot.gif	142.250.74.164	200 OK	43 B
URL GET HTTP/2 www.google.com/images/cleardot.gif IP 142.250.74.164:443 ASN #15169 GOOGLE Requested by https://requestmyrefund.com/regshield/recharge/orders?token=2RUBHPDbd Certificate IssuerGoogle Trust Services Subjectwww.google.com FingerprintC1:5D:47:A6:B2:09:5F:1C:78:06:A8:63:D5:80:5A:A2:73:83:A3:B3 ValidityMon, 21 Oct 2024 08:38:45 GMT - Mon, 13 Jan 2025 08:38:44 GMT File type GIF image data, version 89a, 1 x 1 Size 43 B (43 bytes) Hash fc94fb0c3ed8a8f909dbc7630a0987ff 56d45f8a17f5078a20af9962c992ca4678450765 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 HTTP Headers `GET /images/cleardot.gif HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://requestmyrefund.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes content-type: image/gif cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable" report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-length: 43 date: Fri, 22 Nov 2024 19:45:30 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate last-modified: Tue, 22 Oct 2019 18:30:00 GMT x-content-type-options: nosniff server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=DgY/d=0/rs=AN8SPfpz0F9mEAKhFenNVpn8zqgZhSpKnw/m=el_main_css	142.250.74.3	200 OK	4.0 kB
URL GET HTTP/3 www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=DgY/d=0/rs=AN8SPfpz0F9mEAKhFenNVpn8zqgZhSpKnw/m=el_main_css IP 142.250.74.3:443 ASN #15169 GOOGLE Requested by https://requestmyrefund.com/regshield/recharge/orders?token=2RUBHPDbd Certificate IssuerGoogle Trust Services Subject.gstatic.com Fingerprint2A:56:7F:C1:73:8D:7A:48:D9:E7:52:83:15:27:9D:C3:C9:23:71:52 ValidityMon, 21 Oct 2024 08:37:59 GMT - Mon, 13 Jan 2025 08:37:58 GMT File type ASCII text, with very long lines (20367), with no line terminators Size 4.0 kB (3960 bytes) Hash 72d3a735ccca1027f6b3afba2c93e3a7 67f8eff8d17334c59c28fc1753bf451527c7490d c8c845f55e2346b89894ce0df8185ee182359e096bf29987d5cf1f8a7391bef1 HTTP Headers GET /_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=DgY/d=0/rs=AN8SPfpz0F9mEAKhFenNVpn8zqgZhSpKnw/m=el_main_css HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://requestmyrefund.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK accept-ranges: bytes content-encoding: gzip access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="rosetta" report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]} content-length: 3960 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 21 Nov 2024 23:00:08 GMT expires: Fri, 21 Nov 2025 23:00:08 GMT cache-control: public, max-age=31536000 last-modified: Sat, 15 Jul 2023 01:09:03 GMT content-type: text/css; charset=UTF-8 vary: Accept-Encoding age: 74722 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	translate.googleapis.com/translate_static/img/te_ctrl3.gif	216.58.207.234	200 OK	1.4 kB
URL GET HTTP/3 translate.googleapis.com/translate_static/img/te_ctrl3.gif IP 216.58.207.234:443 ASN #15169 GOOGLE Requested by https://requestmyrefund.com/regshield/recharge/orders?token=2RUBHPDbd Certificate IssuerGoogle Trust Services Subjectupload.video.google.com FingerprintE8:18:86:79:89:2E:F0:7C:66:1F:C3:43:81:D2:6D:9E:0C:9C:AB:05 ValidityMon, 21 Oct 2024 08:38:00 GMT - Mon, 13 Jan 2025 08:37:59 GMT File type GIF image data, version 89a, 84 x 19 Size 1.4 kB (1412 bytes) Hash 9afe50090c0bc612953d081295eab5b1 71a4da2a622879c29176ecfa5afe1bbe3e8cfa40 d228d0256370863119c043f1e5ca8f3930f6999bd9f250434b6d8935f45dc171 HTTP Headers `GET /translate_static/img/te_ctrl3.gif HTTP/1.1 Host: translate.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://requestmyrefund.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK accept-ranges: bytes cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable" report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-length: 1412 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 22 Nov 2024 19:05:37 GMT expires: Sat, 22 Nov 2025 19:05:37 GMT cache-control: public, max-age=31536000 age: 2393 last-modified: Thu, 03 Oct 2019 10:15:00 GMT content-type: image/gif alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	translate.googleapis.com/translate_static/img/te_bk.gif	216.58.207.234	200 OK	848 B
URL GET HTTP/3 translate.googleapis.com/translate_static/img/te_bk.gif IP 216.58.207.234:443 ASN #15169 GOOGLE Requested by https://requestmyrefund.com/regshield/recharge/orders?token=2RUBHPDbd Certificate IssuerGoogle Trust Services Subjectupload.video.google.com FingerprintE8:18:86:79:89:2E:F0:7C:66:1F:C3:43:81:D2:6D:9E:0C:9C:AB:05 ValidityMon, 21 Oct 2024 08:38:00 GMT - Mon, 13 Jan 2025 08:37:59 GMT File type GIF image data, version 89a, 1 x 59 Size 848 B (848 bytes) Hash daf9b48977041ac85a62dc9b7c16b38d 049dcb061470572d06fd83b287ebd1d96e6bb870 cb1fd0e051209c32622e91cdeda967e50d80a184b185ac6a656a807986e8eb75 HTTP Headers `GET /translate_static/img/te_bk.gif HTTP/1.1 Host: translate.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://requestmyrefund.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK accept-ranges: bytes cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable" report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-length: 848 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 22 Nov 2024 19:39:46 GMT expires: Sat, 22 Nov 2025 19:39:46 GMT cache-control: public, max-age=31536000 last-modified: Sun, 25 Jun 2023 02:58:00 GMT content-type: image/gif age: 344 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	api.protecht.com/v4/auth/customer/email-token	52.32.156.165	403 Forbidden	33 B
URL OPTIONS HTTP/2 api.protecht.com/v4/auth/customer/email-token IP 52.32.156.165:443 ASN #16509 AMAZON-02 Requested by https://requestmyrefund.com/regshield/recharge/orders?token=2RUBHPDbd Certificate IssuerAmazon Subject.protecht.com Fingerprint2B:B5:8D:9A:78:A0:B7:A0:BE:38:00:EA:4F:BC:91:83:30:92:1C:23 ValidityMon, 25 Mar 2024 00:00:00 GMT - Thu, 24 Apr 2025 23:59:59 GMT File type JSON text data Size 33 B (33 bytes) Hash c8590f64ecb5fb13871a84d63386b693 3c180f2716e74b14010211955ca63bc772618b72 20dc20c701e007015ce28e4dfd644c80ea1545bf9174a132ea2b279a49819362 HTTP Headers `POST /v4/auth/customer/email-token HTTP/1.1 Host: api.protecht.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json, text/plain, /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Content-Length: 21 Origin: https://requestmyrefund.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 403 Forbidden date: Fri, 22 Nov 2024 19:45:30 GMT content-type: application/json; charset=utf-8 content-length: 33 server: intentionally-obfuscated x-frame-options: DENY strict-transport-security: max-age=3600; includeSubDomains x-content-type-options: nosniff referrer-policy: same-origin cross-origin-opener-policy: same-origin vary: Origin access-control-allow-credentials: true access-control-allow-origin: https://requestmyrefund.com X-Firefox-Spdy: h2`

	api.protecht.com/v4/auth/customer/email-token	52.32.156.165	200 OK	0 B
URL OPTIONS HTTP/2 api.protecht.com/v4/auth/customer/email-token IP 52.32.156.165:443 ASN #16509 AMAZON-02 Requested by https://requestmyrefund.com/regshield/recharge/orders?token=2RUBHPDbd Certificate IssuerAmazon Subject.protecht.com Fingerprint2B:B5:8D:9A:78:A0:B7:A0:BE:38:00:EA:4F:BC:91:83:30:92:1C:23 ValidityMon, 25 Mar 2024 00:00:00 GMT - Thu, 24 Apr 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `OPTIONS /v4/auth/customer/email-token HTTP/1.1 Host: api.protecht.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Origin: https://requestmyrefund.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 22 Nov 2024 19:45:30 GMT content-type: text/html; charset=utf-8 content-length: 0 server: intentionally-obfuscated vary: Origin access-control-allow-credentials: true access-control-allow-origin: https://requestmyrefund.com access-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, x-protecht-defaulted-region, x-protecht-api-key, x-protecht-referer, x-datadog-trace-id, x-datadog-parent-id, x-datadog-origin, x-datadog-sampling-priority, x-datadog-sampling-priority, traceparent, Set-Cookie access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT access-control-max-age: 86400 X-Firefox-Spdy: h2

	rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.25.0%2Cenv%3Aproduction%2Cservice%3Auser-forms%2Cversion%3A1.30.0&dd-api-key=pubd1d26a74a3625f46fb404b994d5e479d&dd-evp-origin-version=4.25.0&dd-evp-origin=browser&dd-request-id=5f700f32-fe4a-46ee-9529-f4199dfc8829&batch_time=1732304730810	3.233.158.33	202 Accepted	53 B
URL POST HTTP/2 rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.25.0%2Cenv%3Aproduction%2Cservice%3Auser-forms%2Cversion%3A1.30.0&dd-api-key=pubd1d26a74a3625f46fb404b994d5e479d&dd-evp-origin-version=4.25.0&dd-evp-origin=browser&dd-request-id=5f700f32-fe4a-46ee-9529-f4199dfc8829&batch_time=1732304730810 IP 3.233.158.33:443 ASN #14618 AMAZON-AES Requested by https://requestmyrefund.com/regshield/recharge/orders?token=2RUBHPDbd Certificate IssuerDigiCert Inc Subject.browser-intake-datadoghq.com FingerprintA5:35:6C:08:38:11:47:18:E3:47:D1:C3:02:96:A1:9D:F0:42:EA:64 ValidityTue, 14 May 2024 00:00:00 GMT - Sat, 17 May 2025 23:59:59 GMT File type JSON text data Size 53 B (53 bytes) Hash c09150d8062800b489dfd29a7ebbfd77 e54efdb1a4d2081577938bf383ce949744b3a58e fab0fa0f8ec57bba8a4f961a65f5741fbbf9f6e1b2f79282ad67f1b807586fae HTTP Headers POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.25.0%2Cenv%3Aproduction%2Cservice%3Auser-forms%2Cversion%3A1.30.0&dd-api-key=pubd1d26a74a3625f46fb404b994d5e479d&dd-evp-origin-version=4.25.0&dd-evp-origin=browser&dd-request-id=5f700f32-fe4a-46ee-9529-f4199dfc8829&batch_time=1732304730810 HTTP/1.1 Host: rum.browser-intake-datadoghq.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 16337 Origin: https://requestmyrefund.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 202 Accepted content-type: application/json content-length: 53 dd-request-id: 5f700f32-fe4a-46ee-9529-f4199dfc8829 cross-origin-resource-policy: cross-origin access-control-allow-origin: * x-content-type-options: nosniff strict-transport-security: max-age=31536000; includeSubDomains; preload date: Fri, 22 Nov 2024 19:45:30 GMT X-Firefox-Spdy: h2`

	api.protecht.com/v4/auth/customer/email-token	52.32.156.165	403 Forbidden	33 B
URL OPTIONS HTTP/2 api.protecht.com/v4/auth/customer/email-token IP 52.32.156.165:443 ASN #16509 AMAZON-02 Requested by https://requestmyrefund.com/regshield/recharge/orders?token=2RUBHPDbd Certificate IssuerAmazon Subject.protecht.com Fingerprint2B:B5:8D:9A:78:A0:B7:A0:BE:38:00:EA:4F:BC:91:83:30:92:1C:23 ValidityMon, 25 Mar 2024 00:00:00 GMT - Thu, 24 Apr 2025 23:59:59 GMT File type JSON text data Size 33 B (33 bytes) Hash c8590f64ecb5fb13871a84d63386b693 3c180f2716e74b14010211955ca63bc772618b72 20dc20c701e007015ce28e4dfd644c80ea1545bf9174a132ea2b279a49819362 HTTP Headers `POST /v4/auth/customer/email-token HTTP/1.1 Host: api.protecht.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json, text/plain, /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Content-Length: 21 Origin: https://requestmyrefund.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 403 Forbidden date: Fri, 22 Nov 2024 19:45:31 GMT content-type: application/json; charset=utf-8 content-length: 33 server: intentionally-obfuscated x-frame-options: DENY strict-transport-security: max-age=3600; includeSubDomains x-content-type-options: nosniff referrer-policy: same-origin cross-origin-opener-policy: same-origin vary: Origin access-control-allow-credentials: true access-control-allow-origin: https://requestmyrefund.com X-Firefox-Spdy: h2`

	translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0	216.58.207.234	200 OK	0 B
URL OPTIONS HTTP/3 translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0 IP 216.58.207.234:443 ASN #15169 GOOGLE Requested by https://requestmyrefund.com/regshield/recharge/orders?token=2RUBHPDbd Certificate IssuerGoogle Trust Services Subjectupload.video.google.com FingerprintE8:18:86:79:89:2E:F0:7C:66:1F:C3:43:81:D2:6D:9E:0C:9C:AB:05 ValidityMon, 21 Oct 2024 08:38:00 GMT - Mon, 13 Jan 2025 08:37:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers OPTIONS /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1 Host: translate.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: x-goog-authuser Origin: https://requestmyrefund.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/3 200 OK access-control-allow-origin: https://requestmyrefund.com access-control-allow-methods: GET, POST, OPTIONS access-control-max-age: 86400 access-control-allow-credentials: true access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser content-type: text/plain; charset=UTF-8 date: Fri, 22 Nov 2024 19:45:40 GMT server: Playlog content-length: 0 x-xss-protection: 0 x-frame-options: SAMEORIGIN alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000`

	translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0	216.58.207.234	200 OK	131 B
URL OPTIONS HTTP/3 translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0 IP 216.58.207.234:443 ASN #15169 GOOGLE Requested by https://requestmyrefund.com/regshield/recharge/orders?token=2RUBHPDbd Certificate IssuerGoogle Trust Services Subjectupload.video.google.com FingerprintE8:18:86:79:89:2E:F0:7C:66:1F:C3:43:81:D2:6D:9E:0C:9C:AB:05 ValidityMon, 21 Oct 2024 08:38:00 GMT - Mon, 13 Jan 2025 08:37:59 GMT File type JSON text data Size 131 B (131 bytes) Hash ca0b7e866005f6774d284b9f438ebfd2 53644f5ee3640189bdb223473ba6a2d46606c556 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 HTTP Headers POST /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1 Host: translate.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-Goog-AuthUser: 0 Content-Type: text/plain;charset=UTF-8 Content-Length: 1191 Origin: https://requestmyrefund.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/3 200 OK access-control-allow-origin: https://requestmyrefund.com cross-origin-resource-policy: cross-origin access-control-allow-credentials: true access-control-allow-headers: X-Playlog-Web content-type: text/plain; charset=UTF-8 content-encoding: gzip date: Fri, 22 Nov 2024 19:45:40 GMT server: Playlog content-length: 131 x-xss-protection: 0 x-frame-options: SAMEORIGIN alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000`

	requestmyrefund.com/static/css/2.54542a0e.chunk.css	54.240.174.80	200 OK	115 kB
URL GET HTTP/2 requestmyrefund.com/static/css/2.54542a0e.chunk.css IP 54.240.174.80:443 ASN #16509 AMAZON-02 Requested by https://requestmyrefund.com/regshield/recharge/orders?token=2RUBHPDbd Certificate IssuerAmazon Subjectrequestmyrefund.com FingerprintE6:95:2B:32:0E:47:53:43:52:C7:DE:36:DA:0F:37:9B:BC:67:4C:5F ValiditySun, 24 Mar 2024 00:00:00 GMT - Tue, 22 Apr 2025 23:59:59 GMT File type ASCII text, with very long lines (65536), with no line terminators Size 115 kB (115168 bytes) Hash 3ec70e38f34d24b1888c422da96c12c0 7f14eedc56854046fa0a8dad42405641a1582600 d8fb40e8be6c036cfa9f7e3846007fa4fff45cdabc9e5c1309d958f147867f8b HTTP Headers `GET /static/css/2.54542a0e.chunk.css HTTP/1.1 Host: requestmyrefund.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/css last-modified: Thu, 31 Oct 2024 20:21:39 GMT x-amz-version-id: icmaJGk.brLw0YJNbB.ybxX8I5TLA5Ei server: AmazonS3 content-encoding: gzip date: Fri, 22 Nov 2024 19:45:29 GMT cache-control: max-age=0 etag: W/"3ec70e38f34d24b1888c422da96c12c0" vary: Accept-Encoding x-cache: RefreshHit from cloudfront via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: MnF6a0tumfxhNtsf8XvYrYFrGphSMDtcRJx6qqJ7qTApuEQCPVE83w== x-xss-protection: 0 x-frame-options: SAMEORIGIN referrer-policy: no-referrer content-security-policy: base-uri 'self'; block-all-mixed-content; font-src 'self' https: data:; form-action 'self'; frame-ancestors 'self'; object-src 'none'; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests x-content-type-options: nosniff strict-transport-security: max-age=15552000; includeSubDomains; preload X-Firefox-Spdy: h2

	p.typekit.net/p.css?s=1&k=ojw1sgn&ht=tk&f=10881.10882.10884.10885.15357.15358.15361.15362.32874.32875&a=16766148&app=typekit&e=css	23.33.119.26	200 OK	5 B
URL GET HTTP/2 p.typekit.net/p.css?s=1&k=ojw1sgn&ht=tk&f=10881.10882.10884.10885.15357.15358.15361.15362.32874.32875&a=16766148&app=typekit&e=css IP 23.33.119.26:443 ASN #20940 Akamai International B.V. Requested by https://requestmyrefund.com/regshield/recharge/orders?token=2RUBHPDbd Certificate IssuerDigiCert Inc Subjectuse.typekit.net Fingerprint04:25:F2:63:F0:2D:54:4F:A7:7E:22:4C:71:E6:9B:01:DD:73:73:97 ValidityThu, 17 Oct 2024 00:00:00 GMT - Mon, 17 Nov 2025 23:59:59 GMT File type ASCII text, with no line terminators Size 5 B (5 bytes) Hash 825e67eeb6b4bfac7536fc639a56ec43 574a45385ae62544c7424e6f06417f0370b1a532 c10ff60fd741e3b2b97479f16f45e5fa57449629f4d032f647fd23041a6ad7b1 HTTP Headers GET /p.css?s=1&k=ojw1sgn&ht=tk&f=10881.10882.10884.10885.15357.15358.15361.15362.32874.32875&a=16766148&app=typekit&e=css HTTP/1.1 Host: p.typekit.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://use.typekit.net/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx content-type: text/css content-length: 5 last-modified: Tue, 07 Mar 2023 19:56:00 GMT etag: "640796d0-5" cache-control: public, max-age=604800 access-control-allow-origin: * cross-origin-resource-policy: cross-origin accept-ranges: bytes date: Fri, 22 Nov 2024 19:45:28 GMT X-Firefox-Spdy: h2`

	requestmyrefund.com/regshield/recharge/orders?token=2RUBHPDbd	0.0.0.0		0 B
URL GET requestmyrefund.com/regshield/recharge/orders?token=2RUBHPDbd IP 0.0.0.0:0 ASN #0 Requested by https://requestmyrefund.com/regshield/recharge/orders?token=2RUBHPDbd Certificate IssuerAmazon Subjectrequestmyrefund.com FingerprintE6:95:2B:32:0E:47:53:43:52:C7:DE:36:DA:0F:37:9B:BC:67:4C:5F ValiditySun, 24 Mar 2024 00:00:00 GMT - Tue, 22 Apr 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /regshield/recharge/orders?token=2RUBHPDbd HTTP/1.1 Host: requestmyrefund.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: _dd_s=rum=2&id=cd05e42b-8365-4af3-8dad-b587ade5f1a9&created=1732304728770&expire=1732305628770 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache

	requestmyrefund.com/static/css/main.081c7335.chunk.css	54.240.174.80	200 OK	3.8 kB
URL GET HTTP/2 requestmyrefund.com/static/css/main.081c7335.chunk.css IP 54.240.174.80:443 ASN #16509 AMAZON-02 Requested by https://requestmyrefund.com/regshield/recharge/orders?token=2RUBHPDbd Certificate IssuerAmazon Subjectrequestmyrefund.com FingerprintE6:95:2B:32:0E:47:53:43:52:C7:DE:36:DA:0F:37:9B:BC:67:4C:5F ValiditySun, 24 Mar 2024 00:00:00 GMT - Tue, 22 Apr 2025 23:59:59 GMT File type ASCII text, with very long lines (3765), with no line terminators Size 3.8 kB (3763 bytes) Hash c76406827c43446678960b84474723cb 6764d01929362e4891979dcbcce5598da11c7477 4694ed74f30eebabbcdaac710416b2f27a8d29579370bbff8a46fdb76f29fe32 HTTP Headers `GET /static/css/main.081c7335.chunk.css HTTP/1.1 Host: requestmyrefund.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/css last-modified: Thu, 31 Oct 2024 20:21:39 GMT x-amz-version-id: VN4a4Ich0L7NQnVTbNUVG.2RXLxWkhtI server: AmazonS3 content-encoding: gzip date: Fri, 22 Nov 2024 19:45:29 GMT cache-control: max-age=0 etag: W/"6caa8fe5cb95061b200cc92371a6b925" vary: Accept-Encoding x-cache: RefreshHit from cloudfront via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: EXCJInh6ZfZsIR0YsreRKyIwKCAGWXqkNOElXUp8xf7cjwyJYEEMGg== x-xss-protection: 0 x-frame-options: SAMEORIGIN referrer-policy: no-referrer content-security-policy: base-uri 'self'; block-all-mixed-content; font-src 'self' https: data:; form-action 'self'; frame-ancestors 'self'; object-src 'none'; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests x-content-type-options: nosniff strict-transport-security: max-age=15552000; includeSubDomains; preload X-Firefox-Spdy: h2

	www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png	142.250.74.3	200 OK	910 B
URL GET HTTP/3 www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png IP 142.250.74.3:443 ASN #15169 GOOGLE Requested by https://requestmyrefund.com/regshield/recharge/orders?token=2RUBHPDbd Certificate IssuerGoogle Trust Services Subject.gstatic.com Fingerprint2A:56:7F:C1:73:8D:7A:48:D9:E7:52:83:15:27:9D:C3:C9:23:71:52 ValidityMon, 21 Oct 2024 08:37:59 GMT - Mon, 13 Jan 2025 08:37:58 GMT File type PNG image data, 42 x 16, 8-bit/color RGBA, non-interlaced Size 910 B (910 bytes) Hash efa6bb2bfe459bc6f4bdafa3db0383f6 52d15ce52fe50643e542c17812de43f4ed1b6ee0 6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2 HTTP Headers `GET /images/branding/googlelogo/1x/googlelogo_color_42x16dp.png HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK accept-ranges: bytes cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable" report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-length: 910 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 22 Nov 2024 06:57:47 GMT expires: Sat, 22 Nov 2025 06:57:47 GMT cache-control: public, max-age=31536000 last-modified: Thu, 02 Nov 2023 22:48:00 GMT content-type: image/png vary: Origin age: 46063 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	requestmyrefund.com/regshield/recharge/orders?token=2RUBHPDbd	54.240.174.80	200 OK	2.9 kB
URL User Request GET HTTP/2 requestmyrefund.com/regshield/recharge/orders?token=2RUBHPDbd IP 54.240.174.80:443 ASN #16509 AMAZON-02 Certificate IssuerAmazon Subjectrequestmyrefund.com FingerprintE6:95:2B:32:0E:47:53:43:52:C7:DE:36:DA:0F:37:9B:BC:67:4C:5F ValiditySun, 24 Mar 2024 00:00:00 GMT - Tue, 22 Apr 2025 23:59:59 GMT File type HTML document, ASCII text, with very long lines (2974), with no line terminators Size 2.9 kB (2892 bytes) Hash 4a70002e430f7a3399910afddff8dbd7 a0b1f58348dc29760800ed90eb5cb2b43d6b03bd 283ed1cdf9558ba51435007af334d1c4aa3680440543bdb5cbda487951974ecc HTTP Headers `GET /regshield/recharge/orders?token=2RUBHPDbd HTTP/1.1 Host: requestmyrefund.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/html last-modified: Thu, 31 Oct 2024 20:21:38 GMT x-amz-version-id: MgiPd9B5jcwJH7rIdvXdhVgjHEsf315a server: AmazonS3 content-encoding: gzip date: Fri, 22 Nov 2024 19:45:28 GMT cache-control: max-age=0 etag: W/"7ecaf635ea181ab4610daf803689ed84" vary: Accept-Encoding x-cache: Error from cloudfront via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: YIC2ASDvDafAGjc0JTnIwnhpMjiiuM6oNzKDMf-BT-cV-z1G0PKIPw== x-xss-protection: 0 x-frame-options: SAMEORIGIN referrer-policy: no-referrer content-security-policy: base-uri 'self'; block-all-mixed-content; font-src 'self' https: data:; form-action 'self'; frame-ancestors 'self'; object-src 'none'; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests x-content-type-options: nosniff strict-transport-security: max-age=15552000; includeSubDomains; preload X-Firefox-Spdy: h2

	requestmyrefund.com/static/js/main.3abec74c.chunk.js	54.240.174.80	200 OK	533 kB
URL GET HTTP/2 requestmyrefund.com/static/js/main.3abec74c.chunk.js IP 54.240.174.80:443 ASN #16509 AMAZON-02 Requested by https://requestmyrefund.com/regshield/recharge/orders?token=2RUBHPDbd Certificate IssuerAmazon Subjectrequestmyrefund.com FingerprintE6:95:2B:32:0E:47:53:43:52:C7:DE:36:DA:0F:37:9B:BC:67:4C:5F ValiditySun, 24 Mar 2024 00:00:00 GMT - Tue, 22 Apr 2025 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 533 kB (533201 bytes) Hash 8208a301ce278e97e19e48976c6bb6b1 56dc179c89a983c13aff9907ba9d0f6adedbb26b 7dc7e5a719adb258eeddf778b031e3c1c0c8d6dd5326fc09677493f89fe447e8 HTTP Headers `GET /static/js/main.3abec74c.chunk.js HTTP/1.1 Host: requestmyrefund.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: application/javascript last-modified: Thu, 31 Oct 2024 20:21:39 GMT x-amz-version-id: gD4YPHj_unYvSM.y7o1TIzXelDYPJAQt server: AmazonS3 content-encoding: gzip date: Fri, 22 Nov 2024 19:45:29 GMT cache-control: max-age=0 etag: W/"8208a301ce278e97e19e48976c6bb6b1" vary: Accept-Encoding x-cache: RefreshHit from cloudfront via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: PAjhKzWWEQ8eRfZQN2OWT1-jCMS9tzq8By6mpeZAWk0Ltus8qFKbDw== x-xss-protection: 0 x-frame-options: SAMEORIGIN referrer-policy: no-referrer content-security-policy: base-uri 'self'; block-all-mixed-content; font-src 'self' https: data:; form-action 'self'; frame-ancestors 'self'; object-src 'none'; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests x-content-type-options: nosniff strict-transport-security: max-age=15552000; includeSubDomains; preload X-Firefox-Spdy: h2

	requestmyrefund.com/favicon.ico	54.240.174.80	200 OK	4.3 kB
URL GET HTTP/2 requestmyrefund.com/favicon.ico IP 54.240.174.80:443 ASN #16509 AMAZON-02 Requested by https://requestmyrefund.com/regshield/recharge/orders?token=2RUBHPDbd Certificate IssuerAmazon Subjectrequestmyrefund.com FingerprintE6:95:2B:32:0E:47:53:43:52:C7:DE:36:DA:0F:37:9B:BC:67:4C:5F ValiditySun, 24 Mar 2024 00:00:00 GMT - Tue, 22 Apr 2025 23:59:59 GMT File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel Size 4.3 kB (4286 bytes) Hash a9a7003f01b481aaae0567df3ef9ee9f db239c111bb247d4d046ed4c267e3e4b0fdd4b7f b1c6cca89a5fb37e3898cd0a1ea6e1f7c9e9dc574571bc6df5d1c7243f910e79 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: requestmyrefund.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: _dd_s=rum=2&id=cd05e42b-8365-4af3-8dad-b587ade5f1a9&created=1732304728770&expire=1732305628770 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: image/vnd.microsoft.icon content-length: 4286 last-modified: Thu, 31 Oct 2024 20:21:36 GMT x-amz-version-id: qbpoWjwt0UATAn5PzdzOTth6Rukww2Zj server: AmazonS3 date: Fri, 22 Nov 2024 19:45:30 GMT cache-control: max-age=0 etag: "a9a7003f01b481aaae0567df3ef9ee9f" vary: Accept-Encoding x-cache: RefreshHit from cloudfront via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: FyBQrvRYf45kYL745pps0GF6HL5-59Q1xdmobPN7sHL8MAddoNEKxQ== x-xss-protection: 0 x-frame-options: SAMEORIGIN referrer-policy: no-referrer content-security-policy: base-uri 'self'; block-all-mixed-content; font-src 'self' https: data:; form-action 'self'; frame-ancestors 'self'; object-src 'none'; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests x-content-type-options: nosniff strict-transport-security: max-age=15552000; includeSubDomains; preload X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Mnemonic Secure DNS

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (40)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP