portal.sandbox.refundid.com Open in urlscan Pro
2607:f8b0:4006:80e::2013  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

• https://api.viglink.com/api/sync.js?key=5700c80580b8a5928dd3b3ffe0875ffa HTTP 302
• https://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js

Request Chain 35

• https://api.viglink.com/api/sync.gif?key=5700c80580b8a5928dd3b3ffe0875ffa HTTP 302
• https://ce.lijit.com/merge?pid=8008&3pid=0395e1d2c400239e257e8afe2a093795 HTTP 302
• https://ce.lijit.com/merge?pid=8008&3pid=0395e1d2c400239e257e8afe2a093795&dnr=1

Request Chain 43

• https://tag.crsspxl.com/c.gif?t=50288&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5110%263pid%3D%5BUID%5D HTTP 302
• https://tag.crsspxl.com/c.gif?cc=1&t=50288&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5110%263pid%3D%5BUID%5D HTTP 302
• https://ce.lijit.com/merge?pid=5110&3pid=6248933905034941980

Request Chain 44

• https://px.ads.linkedin.com/db_sync?pid=15697&puuid=KrABAQZHS6sFluQTRI2WGay6&rand=75462&pu= HTTP 302
• https://px.ads.linkedin.com/db_sync?pid=15697&puuid=KrABAQZHS6sFluQTRI2WGay6&rand=75462&pu=&expected_cookie=93b9b1b2-9127-4f75-a0e1-d30ed6ec9e0f

Request Chain 55

• https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=KrABAQZHS6sFluQTRI2WGay6&rnd=2263 HTTP 303
• https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=KrABAQZHS6sFluQTRI2WGay6&rnd=2263&_li_chk=true&previous_uuid=5eb1a7cc139a4951b7c6948cd1496f52 HTTP 303
• https://thrtle.com/sync?vxii_pid=7006&vxii_pdid=5eb1a7cc-139a-4951-b7c6-948cd1496f52&us_privacy=1YN- HTTP 302
• https://thrtle.com/sync?_reach=1&vxii_pdid=5eb1a7cc-139a-4951-b7c6-948cd1496f52&vxii_pid=12&vxii_pid1=7006&vxii_rcid=50383023-91d3-439a-8276-f5b4f87a3449&vxii_rmax=3

Request Chain 60

• https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=182772995&iiqidtype=2&iiqpcid=9466ac7d-922c-1102-16ac-4190350daae9&iiqpciddate=1747418950438&tsrnd=490_1747418950438&vrref=https%3A%2F%2Fportal.sandbox.refundid.com%2F&jsver=5.088&dw=1600&dh=1200&dpr=1&lan=en-US&uh=%7B%220%22%3A%22%22%2C%221%22%3A%22%3F0%22%2C%227%22%3A%22%3F0%22%2C%228%22%3A%22%22%7D&gdpr=0 HTTP 302
• https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=182772995&iiqidtype=2&iiqpcid=9466ac7d-922c-1102-16ac-4190350daae9&iiqpciddate=1747418950438&tsrnd=490_1747418950438&vrref=https%3A%2F%2Fportal.sandbox.refundid.com%2F&jsver=5.088&dw=1600&dh=1200&dpr=1&lan=en-US&uh=%7B%220%22%3A%22%22%2C%221%22%3A%22%3F0%22%2C%227%22%3A%22%3F0%22%2C%228%22%3A%22%22%7D&gdpr=&ckls=true&ci=wGubp46DAE&nc=false&trid=981221573

Request Chain 61

• https://ps.eyeota.net/pixel?pid=51md42u&t=ajs&e_pc=3&e_mr=0 HTTP 302
• https://ps.eyeota.net/pixel/bounce/?pid=51md42u&t=ajs&e_pc=3&e_mr=0

Request Chain 65

• https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&referrer_pid=51md42u HTTP 302
• https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=2877093655450808902&newuser=1&referrer_pid=51md42u

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
6 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response portal.sandbox.refundid.com/	2 KB 1 KB	1388ms 1228ms	Document text/html	2607:f8b0:4006:80e::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://portal.sandbox.refundid.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80e::2013 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 6c5e5053e557c4a7255c8160aead3a2e1c1d3dc4a87c4fb801cec9da037fbdba Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Response headers cache-control no-cache, must-revalidate content-encoding gzip content-type text/html date Fri, 16 May 2025 18:08:59 GMT etag "YmxE1g" expires Fri, 01 Jan 1990 00:00:00 GMT pragma no-cache server Google Frontend x-cloud-trace-context 9256f5a1dcb75f95f8e3cbde30f95b61
GET H2	200	js Show response www.googletagmanager.com/gtag/	375 KB 126 KB	220ms 123ms	Script application/javascript	2607:f8b0:4006:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-600Y2CB6KB Requested by Host: portal.sandbox.refundid.com URL: https://portal.sandbox.refundid.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 1f240bc2e8baa4dbf63b4afa375e42da9fa52ccb2d59533b6b8582fe11fd7cd9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://portal.sandbox.refundid.com/ Response headers content-encoding br report-to {"group":"ascgcycc:1075:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1075:0"}],} expires Fri, 16 May 2025 18:08:59 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 16 May 2025 18:08:59 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1075:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=ascgcycc:1075:0 content-length 128400 x-xss-protection 0 server Google Tag Manager
GET H2	200	js Show response maps.googleapis.com/maps/api/	556 KB 155 KB	203ms 111ms	Script text/javascript	2607:f8b0:4006:807::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps/api/js?key=AIzaSyDaZlyCABa8aWrZJPjy13xjac25Di3qtqs&libraries=places&language=en Requested by Host: portal.sandbox.refundid.com URL: https://portal.sandbox.refundid.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:807::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software scaffolding on HTTPServer2 / Resource Hash 48f7115a666174c9be121972046ab4c8cb8438dba0e51dc8b5aa45e50c0ed7e9 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://portal.sandbox.refundid.com/ Response headers cache-control public, max-age=1800, stale-while-revalidate=12600 timing-allow-origin * content-encoding gzip etag 130879c9 cross-origin-resource-policy cross-origin x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 158359 date Fri, 16 May 2025 18:08:59 GMT x-xss-protection 0 content-type text/javascript; charset=UTF-8 vary Origin, X-Origin, Referer server scaffolding on HTTPServer2 x-frame-options SAMEORIGIN
GET H2	200	index-Di0QizxQ.js Show response portal.sandbox.refundid.com/assets/	3 MB 968 KB	1340ms 1339ms	Script text/javascript	2607:f8b0:4006:80e::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://portal.sandbox.refundid.com/assets/index-Di0QizxQ.js Requested by Host: portal.sandbox.refundid.com URL: https://portal.sandbox.refundid.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80e::2013 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 06b2f83c01fb3dacf73a48460a58437705b8e5e3e28675ce2d807a2c5d4536e9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Origin https://portal.sandbox.refundid.com Referer https://portal.sandbox.refundid.com/ Response headers cache-control no-cache, must-revalidate content-encoding gzip etag "YmxE1g" pragma no-cache expires Fri, 01 Jan 1990 00:00:00 GMT date Fri, 16 May 2025 18:09:00 GMT x-cloud-trace-context 2e122f6157f0ba28f8e3cbde30f95d79;o=1 content-type text/javascript server Google Frontend
GET H2	200	style-B0d2xn0b.css portal.sandbox.refundid.com/assets/	23 KB 6 KB	345ms 344ms	Stylesheet text/css	2607:f8b0:4006:80e::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://portal.sandbox.refundid.com/assets/style-B0d2xn0b.css Requested by Host: portal.sandbox.refundid.com URL: https://portal.sandbox.refundid.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80e::2013 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 74904a7c32128f53ef37bf9ebbf2f6ac82a56ce63ca825ef791cc44d41c18422 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Origin https://portal.sandbox.refundid.com Referer https://portal.sandbox.refundid.com/ Response headers cache-control no-cache, must-revalidate content-encoding gzip etag "YmxE1g" pragma no-cache expires Fri, 01 Jan 1990 00:00:00 GMT date Fri, 16 May 2025 18:08:59 GMT x-cloud-trace-context 2e7c8421025ac581f8e3cbde30f95d54 content-type text/css server Google Frontend
GET H2	200	gen_204 Show response maps.googleapis.com/maps/api/mapsjs/	3 B 358 B	178ms 92ms	XHR application/json	2607:f8b0:4006:807::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true Requested by Host: maps.googleapis.com URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDaZlyCABa8aWrZJPjy13xjac25Di3qtqs&libraries=places&language=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:807::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software scaffolding on HTTPServer2 / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://portal.sandbox.refundid.com/ Response headers access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length content-encoding gzip x-content-type-options nosniff access-control-allow-origin https://portal.sandbox.refundid.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23 date Fri, 16 May 2025 18:08:59 GMT x-xss-protection 0 content-type application/json; charset=UTF-8 vary Origin, X-Origin, Referer server scaffolding on HTTPServer2 x-frame-options SAMEORIGIN
GET H2	200	css2 fonts.googleapis.com/	2 KB 890 B	188ms 95ms	Stylesheet text/css	2607:f8b0:4006:823::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=DM+Sans:opsz,wght@9..40,400;9..40,500;9..40,700&display=swap Requested by Host: portal.sandbox.refundid.com URL: https://portal.sandbox.refundid.com/assets/style-B0d2xn0b.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 91e1de76e1101c1e169ee18716a0ae668edcb6247e2ac07aa1c70cb3100b3ec0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://portal.sandbox.refundid.com/ Response headers content-encoding gzip x-content-type-options nosniff expires Fri, 16 May 2025 18:08:59 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 16 May 2025 18:08:59 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Fri, 16 May 2025 18:08:59 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
POST H2	204	collect www.google-analytics.com/g/	0 0	175ms 82ms	Fetch text/plain	2607:f8b0:4006:816::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-600Y2CB6KB&gtm=45je55e1v9119418138za200&_p=1747418939483&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101509157~103116025~103130498~103130500~103136993~103136995~103200001~103207802~103233427~103252644~103252646~103263073~103301114~103301116&cid=881345638.1747418940&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1747418939&sct=1&seg=0&dl=https%3A%2F%2Fportal.sandbox.refundid.com%2F&dt=Refundid%20%7C%20Your%20Refund%2C%20Instantly&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1902 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-600Y2CB6KB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://portal.sandbox.refundid.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:97:0 report-to {"group":"ascnsrsggc:97:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:97:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://portal.sandbox.refundid.com cross-origin-opener-policy-report-only same-origin; report-to=ascnsrsggc:97:0 content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 16 May 2025 18:09:00 GMT content-type text/plain server Golfe2
GET		cf206f6d-b726-48f8-9945-2a9d20f7e298 https://portal.sandbox.refundid.com/	0 0
POST H2	200	/ Show response o4505011203145728.ingest.sentry.io/api/4505050321911808/envelope/	2 B 300 B	214ms 91ms	Fetch application/json	34.120.195.249 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://o4505011203145728.ingest.sentry.io/api/4505050321911808/envelope/?sentry_version=7&sentry_key=600965856599499bb70f978c07b1ab39&sentry_client=sentry.javascript.react%2F9.15.0 Requested by Host: portal.sandbox.refundid.com URL: https://portal.sandbox.refundid.com/assets/index-Di0QizxQ.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 249.195.120.34.bc.googleusercontent.com Software nginx / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://portal.sandbox.refundid.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload access-control-expose-headers x-sentry-error,x-sentry-rate-limits,retry-after cross-origin-resource-policy cross-origin via 1.1 google access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2 date Fri, 16 May 2025 18:09:02 GMT content-type application/json vary origin, access-control-request-method, access-control-request-headers server nginx
GET H2	200	stripe.js Show response js.stripe.com/basil/	742 KB 176 KB	130ms 33ms	Script text/javascript	151.101.192.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/basil/stripe.js Requested by Host: portal.sandbox.refundid.com URL: https://portal.sandbox.refundid.com/assets/index-Di0QizxQ.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.192.176 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 3db03b708f85d49f70d6ef14194052affe6f7aa172fbed8c3868c0e40906d27e Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://portal.sandbox.refundid.com/ Response headers x-request-id 00dc160f-7054-41d3-a092-c5b825a7c7fa content-encoding br etag "4ad7b418365024adc96270ac96496d4b" age 2 x-content-type-options nosniff alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-cache HIT date Fri, 16 May 2025 18:09:02 GMT last-modified Fri, 16 May 2025 13:39:17 GMT content-type text/javascript; charset=utf-8 x-served-by cache-ewr-kewr1740060-EWR x-cache-hits 1 vary Accept-Encoding strict-transport-security max-age=31556926; includeSubDomains; preload cache-control max-age=60 timing-allow-origin * via 1.1 varnish accept-ranges bytes access-control-allow-origin * content-length 179972 server Fastly
GET H2	200	logo-black-DRe93lgP.png portal.sandbox.refundid.com/assets/	4 KB 4 KB	307ms 307ms	Image image/png	2607:f8b0:4006:80e::2013 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://portal.sandbox.refundid.com/assets/logo-black-DRe93lgP.png Requested by Host: portal.sandbox.refundid.com URL: https://portal.sandbox.refundid.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80e::2013 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 7015e11f9da28007c597cd8c99622f2db419fbad9856655c126eb64f3af81796 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://portal.sandbox.refundid.com/ Response headers cache-control no-cache, must-revalidate etag "YmxE1g" pragma no-cache expires Fri, 01 Jan 1990 00:00:00 GMT date Fri, 16 May 2025 18:09:02 GMT x-cloud-trace-context 72f3bc9aff9eb4c2005a470dbb071624 content-type image/png server Google Frontend
POST H2	204	collect Show response www.google-analytics.com/g/	0 57 B	38ms 37ms	Fetch text/plain	2607:f8b0:4006:816::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-600Y2CB6KB&gtm=45je55e1v9119418138za200&_p=1747418939483&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101509157~103116025~103130498~103130500~103136993~103136995~103200001~103207802~103233427~103252644~103252646~103263073~103301114~103301116&cid=881345638.1747418940&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEAAAAQ&_s=2&sid=1747418939&sct=1&seg=0&dl=https%3A%2F%2Fportal.sandbox.refundid.com%2F&dt=Refundid%20%7C%20Your%20Refund%2C%20Instantly&en=scroll&epn.percent_scrolled=90&_et=9&tfd=4410 Requested by Host: portal.sandbox.refundid.com URL: https://portal.sandbox.refundid.com/assets/index-Di0QizxQ.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://portal.sandbox.refundid.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:97:0 report-to {"group":"ascnsrsggc:97:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:97:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://portal.sandbox.refundid.com cross-origin-opener-policy-report-only same-origin; report-to=ascnsrsggc:97:0 content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 16 May 2025 18:09:02 GMT content-type text/plain server Golfe2
GET H2	401	auth Show response api.sandbox.refundid.com/	39 B 946 B	380ms 256ms	Fetch application/json	2606:4700:20::681a:3ac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.sandbox.refundid.com/auth Requested by Host: portal.sandbox.refundid.com URL: https://portal.sandbox.refundid.com/assets/index-Di0QizxQ.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:3ac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 83bc8e6642b7fa7c9a3ca14e98a5c3195e29992d302750bb64390cbc9baa8f2c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://portal.sandbox.refundid.com/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status DYNAMIC access-control-allow-credentials true report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dNwsmoeeJ9ZDT6XDCKd5g7hqQ5ZuOqdZlrgC4P8CO%2F3PYu364aEWTeu0qdv2VRCNG8AswaelsyLKIeVvCupvD9sfmX7A6eUgx77RJbxNuVHS9%2FkON7VHjJU4mJcWXXv4VgoAfOxuK%2FrZRspoFUt17mCAqyWpBA%3D%3D"}],"group":"cf-nel","max_age":604800} via 1.1 google cf-ray 940cd2e769c44400-EWR access-control-allow-origin https://portal.sandbox.refundid.com server-timing cfL4;desc="?proto=TCP&rtt=9463&min_rtt=8799&rtt_var=3123&sent=8&recv=8&lost=0&retrans=0&sent_bytes=4023&recv_bytes=2304&delivery_rate=463689&cwnd=254&unsent_bytes=0&cid=33f5eb466eb20c83&ts=283&x=0" content-length 39 date Fri, 16 May 2025 18:09:02 GMT x-cloud-trace-context aedb7f7e08c6f4c41a3717a360acb20c content-type application/json vary Origin server cloudflare
GET H2	200	sdk-xRuenYDiIekuzxVN Show response cdn.growthbook.io/api/features/	2 KB 1 KB	160ms 54ms	Fetch application/json	151.101.1.91 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.growthbook.io/api/features/sdk-xRuenYDiIekuzxVN Requested by Host: portal.sandbox.refundid.com URL: https://portal.sandbox.refundid.com/assets/index-Di0QizxQ.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Express Resource Hash c3995eb1a70eb65b430b93a3b042771487ed13dbc48ac9307f87b52d41dee904 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://portal.sandbox.refundid.com/ Response headers access-control-expose-headers x-sse-support content-encoding gzip etag W/"87d-kvnLB0EGqNSCOf7wVviVMJoGXhU" age 0 x-cache MISS, MISS date Fri, 16 May 2025 18:09:02 GMT content-type application/json; charset=utf-8 x-served-by cache-iad-kcgs7200154-IAD, cache-nyc-kteb1890023-NYC x-cache-hits 0, 0 vary Accept-Encoding cache-control public, max-age=30, stale-while-revalidate=3600, stale-if-error=36000 x-timer S1747418943.608845,VS0,VE23 via 1.1 varnish, 1.1 varnish accept-ranges bytes access-control-allow-origin * x-sse-support enabled content-length 815 x-powered-by Express
GET H2	200	sdk-xRuenYDiIekuzxVN cdn.growthbook.io/sub/	14 B 0	51ms 51ms	EventSource text/event-stream	151.101.1.91 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.growthbook.io/sub/sdk-xRuenYDiIekuzxVN Requested by Host: portal.sandbox.refundid.com URL: https://portal.sandbox.refundid.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Express Resource Hash Request headers Cache-Control no-cache Referer https://portal.sandbox.refundid.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Accept text/event-stream Response headers cache-control private, no-store x-timer S1747418943.660597,VS0,VE27 age 0 via 1.1 varnish, 1.1 varnish accept-ranges bytes access-control-allow-origin * x-cache MISS, MISS date Fri, 16 May 2025 18:09:02 GMT content-type text/event-stream x-powered-by Express x-served-by cache-iad-kjyo7100073-IAD, cache-nyc-kteb1890023-NYC x-cache-hits 0, 0
GET H2	200	vglnk.js Show response cdn.viglink.com/api/	84 KB 29 KB	274ms 32ms	Script text/javascript	108.138.128.110 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.viglink.com/api/vglnk.js Requested by Host: portal.sandbox.refundid.com URL: https://portal.sandbox.refundid.com/assets/index-Di0QizxQ.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.128.110 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-128-110.jfk50.r.cloudfront.net Software AmazonS3 / Resource Hash 71032845ccbdd843bb7ae8771543dd74c43e6351b350344e1d60eaed3d988d10 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://portal.sandbox.refundid.com/ Response headers cache-control public, max-age=604800 content-encoding gzip etag "bda994cfc78a3be4732d357cdab4f3bd" age 217070 via 1.1 2041b05ebafba84de0e785871a4269bc.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 29361 x-amz-cf-id nNoVN7kHSJUPomulRibwloTYwa_25sx3uvTU9gcDGkeQdYKMX7ipJQ== date Wed, 14 May 2025 05:51:13 GMT content-type text/javascript last-modified Wed, 07 May 2025 05:47:10 GMT server AmazonS3 x-amz-cf-pop JFK50-P4 x-amz-server-side-encryption AES256
GET DATA	200 OK	truncated /	744 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bb1aa6bf48e304db393b7c6d713c24aff1c4085f47212a72eb5aaa024e20293b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	196 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 63d3cb4bdb51a86fddb5d7cff12044fdbc07340fcf35d84cd6117e72bc7f0664 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	250 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2aada537dbcee5769d1d122dd9d84a7efe079d6014899da5f3917239e309c511 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	429 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 466258f3ce90ef0a0fcff00567c8db2cfc8bbc4953f989bed8af5e908e82f132 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	255 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5f8de95b4fd6fb9162d91cbdff1519b06fe2a1ea0e901d37b9ec1d2eca55e5cb Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	326 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2cf11529e0d87de9973fb60bd9756fb96e095c697b990c61e63d498d051abb58 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET H2	200	grey_curve--jm5rkqZ.png portal.sandbox.refundid.com/assets/	86 KB 86 KB	359ms 358ms	Image image/png	2607:f8b0:4006:80e::2013 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://portal.sandbox.refundid.com/assets/grey_curve--jm5rkqZ.png Requested by Host: portal.sandbox.refundid.com URL: https://portal.sandbox.refundid.com/auth Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80e::2013 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 8f4cbf00f6388282db9872f447d2ba174b151780f6c0a684a0f2d312719e072a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://portal.sandbox.refundid.com/auth Response headers cache-control no-cache, must-revalidate etag "YmxE1g" pragma no-cache expires Fri, 01 Jan 1990 00:00:00 GMT date Fri, 16 May 2025 18:09:03 GMT x-cloud-trace-context cef98d7dab39aa1f005a470dbb071ae4 content-type image/png server Google Frontend
GET H2	200	Axiforma-SemiBold-Ozmh0-P_.ttf portal.sandbox.refundid.com/assets/	125 KB 60 KB	1297ms 1297ms	Font font/ttf	2607:f8b0:4006:80e::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://portal.sandbox.refundid.com/assets/Axiforma-SemiBold-Ozmh0-P_.ttf Requested by Host: portal.sandbox.refundid.com URL: https://portal.sandbox.refundid.com/auth Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80e::2013 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 75377557047f9ba05fc9494e0bdf14d523c96ebf84b7cb3d7b30dd44cdd5fe12 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Origin https://portal.sandbox.refundid.com Referer https://portal.sandbox.refundid.com/ Response headers cache-control no-cache, must-revalidate content-encoding gzip etag "YmxE1g" pragma no-cache expires Fri, 01 Jan 1990 00:00:00 GMT date Fri, 16 May 2025 18:09:04 GMT x-cloud-trace-context 596a21a881af9cde005a470dbb071679 content-type font/ttf server Google Frontend
GET H2	200	Axiforma-Light-DTCRYpcv.ttf portal.sandbox.refundid.com/assets/	122 KB 58 KB	1333ms 1333ms	Font font/ttf	2607:f8b0:4006:80e::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://portal.sandbox.refundid.com/assets/Axiforma-Light-DTCRYpcv.ttf Requested by Host: portal.sandbox.refundid.com URL: https://portal.sandbox.refundid.com/auth Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80e::2013 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 997f2a7d7b86476e7d438e4a04232da5b604842a786a459cb88d38c218152a74 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Origin https://portal.sandbox.refundid.com Referer https://portal.sandbox.refundid.com/ Response headers cache-control no-cache, must-revalidate content-encoding gzip etag "YmxE1g" pragma no-cache expires Fri, 01 Jan 1990 00:00:00 GMT date Fri, 16 May 2025 18:09:04 GMT x-cloud-trace-context da64e8d29cb6b0c8005a470dbb071130 content-type font/ttf server Google Frontend
GET H2	200	refundid_black_logo.svg static.refundid.com/	16 KB 7 KB	320ms 184ms	Image image/svg+xml	2606:4700:20::681a:3ac CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.refundid.com/refundid_black_logo.svg Requested by Host: portal.sandbox.refundid.com URL: https://portal.sandbox.refundid.com/auth Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:3ac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 44880f10f7666327095b9f3cb9f7db491a821c0f8c5fb04e8ad3c0a3ce65b397 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://portal.sandbox.refundid.com/ Response headers x-goog-metageneration 1 access-control-expose-headers * content-encoding gzip x-goog-hash crc32c=Q+kzag==, md5=EGw//WlawRVvyKMnMlTPmA== etag "106c3ffd695ac1156fc8a3273254cf98" age 3528 cf-cache-status HIT report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rrzi4UZ3yyzVDYiEG4lS3zSxfSPjqbC3nR%2B0r8B588RUDb%2BPYs47%2FhVcs62oNCHzihTODrqrT2bkh9yszydKYkGCAXDPREU9W%2BhENFyOlCV9AeXgWnZjqk4qWbUxSmgJM9HpxX2Jy%2F58VwGtAHSBCU0%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-encoding gzip expires Fri, 16 May 2025 18:10:15 GMT server-timing cfL4;desc="?proto=TCP&rtt=9783&min_rtt=9070&rtt_var=3324&sent=7&recv=8&lost=0&retrans=0&sent_bytes=3996&recv_bytes=2324&delivery_rate=445074&cwnd=255&unsent_bytes=0&cid=f4dfea3c0d91ca7e&ts=195&x=0" x-goog-stored-content-length 6406 date Fri, 16 May 2025 18:09:03 GMT content-type image/svg+xml last-modified Tue, 09 Jul 2024 23:51:26 GMT vary Accept-Encoding x-guploader-uploadid ACJd0Nr3ZSRw3oJD-Kos1te__NgtFfj4K60cs-THOEJTQ9RmRKxNnnuI0fKDxA-96HsLrHSXbJxV9ldJ cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-goog-storage-class STANDARD cf-ray 940cd2eaef5443bc-EWR accept-ranges bytes access-control-allow-origin * x-goog-generation 1720569086883114 content-length 6406 server cloudflare
GET H2	200	commerce-js.iife.js Show response d35m0nfeeqvaj5.cloudfront.net/	178 KB 49 KB	162ms 34ms	Script text/javascript	2600:9000:211c:a00:1f:454e:4440:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d35m0nfeeqvaj5.cloudfront.net/commerce-js.iife.js?v=1.26.2 Requested by Host: cdn.viglink.com URL: https://cdn.viglink.com/api/vglnk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:211c:a00:1f:454e:4440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f3f9e51d3317c5d6b17cf6f630bf39b48e7ce09fb8c6e0ff5981d070f4983e44 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://portal.sandbox.refundid.com/ Response headers vary accept-encoding cache-control max-age=604800 content-encoding gzip etag W/"64840d55e464916743e413cf2eb665cf" age 181422 via 1.1 1f1744cc287fbe3723d548ac02f36c6a.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id sO4E3ksvTkG9T1AwMoLuyQJ7AbwsX_XPQIPYEmEU2HFVsVUts8dHCA== date Wed, 14 May 2025 15:45:22 GMT content-type text/javascript last-modified Wed, 07 May 2025 15:44:44 GMT server AmazonS3 x-amz-cf-pop JFK52-P4 x-amz-server-side-encryption AES256
GET H2	200	loader.min.js Show response comparisons.sovrn.com/js/	3 KB 1 KB	156ms 32ms	Script application/javascript	13.35.93.60 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://comparisons.sovrn.com/js/loader.min.js Requested by Host: cdn.viglink.com URL: https://cdn.viglink.com/api/vglnk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.93.60 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-93-60.jfk50.r.cloudfront.net Software AmazonS3 / Resource Hash 2122cc2d6a9e138c3b4035d403cd2760bc3491e3f00da7211abaa80557de0b3b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://portal.sandbox.refundid.com/ Response headers vary accept-encoding content-encoding br etag W/"977ae67d2ae005447e6e3ab0b242cab2" x-amz-version-id _N7Ldl34Z.PdZpMcZXLC7DYN2lTVj6Bm age 32714 via 1.1 67d3f8867c3d6540e7495f9026c9c57a.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id nfgnup7s_JYZ4FNEEXV3IMhfWqjDoDGHpmHZKarPUQfC_28mI4MZtw== date Fri, 16 May 2025 09:03:50 GMT content-type application/javascript last-modified Tue, 23 Jan 2024 08:56:04 GMT server AmazonS3 x-amz-cf-pop JFK50-P8 x-amz-server-side-encryption AES256
GET H2	200	commerce-js.css d35m0nfeeqvaj5.cloudfront.net/	50 KB 5 KB	43ms 43ms	Stylesheet text/css	2600:9000:211c:a00:1f:454e:4440:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d35m0nfeeqvaj5.cloudfront.net/commerce-js.css Requested by Host: d35m0nfeeqvaj5.cloudfront.net URL: https://d35m0nfeeqvaj5.cloudfront.net/commerce-js.iife.js?v=1.26.2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:211c:a00:1f:454e:4440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d8405a7f44816bf3c5eebbdc9158bb7bfc614adbdbabf99b6b8c1f7962f0e486 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://portal.sandbox.refundid.com/ Response headers vary accept-encoding cache-control max-age=604800 content-encoding gzip etag W/"3d8ec951ebfda571ebcba9ec7ff374ce" age 181422 via 1.1 1f1744cc287fbe3723d548ac02f36c6a.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id z94F6wgUeeZkdDf7GMFCBNyHy4EDGmirz-1ZzZz9QouQ3dAiQ41BNw== date Wed, 14 May 2025 15:45:22 GMT content-type text/css last-modified Wed, 07 May 2025 15:44:44 GMT server AmazonS3 x-amz-cf-pop JFK52-P4 x-amz-server-side-encryption AES256
POST H3	204	collect Show response www.google-analytics.com/g/	0 20 B	40ms 38ms	Fetch text/plain	2607:f8b0:4006:816::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-600Y2CB6KB&gtm=45je55e1v9119418138za200&_p=1747418939483&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101509157~103116025~103130498~103130500~103136993~103136995~103200001~103207802~103233427~103252644~103252646~103263073~103301114~103301116&cid=881345638.1747418940&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAAAAQ&dt=Refundid%20%7C%20Your%20Refund%2C%20Instantly&dl=https%3A%2F%2Fportal.sandbox.refundid.com%2F&dp=%2F&sid=1747418939&sct=1&seg=1&_s=3&tfd=5853 Requested by Host: portal.sandbox.refundid.com URL: https://portal.sandbox.refundid.com/assets/index-Di0QizxQ.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://portal.sandbox.refundid.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:97:0 report-to {"group":"ascnsrsggc:97:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:97:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://portal.sandbox.refundid.com cross-origin-opener-policy-report-only same-origin; report-to=ascnsrsggc:97:0 content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 16 May 2025 18:09:03 GMT content-type text/plain server Golfe2
GET H2	200	favicon.ico portal.sandbox.refundid.com/	15 KB 3 KB	1243ms 1240ms	Other image/vnd.microsoft.icon	2607:f8b0:4006:80e::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://portal.sandbox.refundid.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80e::2013 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 635dcfbbb7f5396c8d0148ed62477a89a7f5e865cd24f8bdf5b8df1d9976363e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://portal.sandbox.refundid.com/auth Response headers cache-control no-cache, must-revalidate content-encoding gzip etag "YmxE1g" pragma no-cache expires Fri, 01 Jan 1990 00:00:00 GMT date Fri, 16 May 2025 18:09:05 GMT x-cloud-trace-context 96afa9f94040059a005a470dbb071ad0 content-type image/vnd.microsoft.icon server Google Frontend
GET H3	200	common.js Show response maps.googleapis.com/maps-api-v3/api/js/60/12/	119 KB 35 KB	80ms 79ms	Script text/javascript	2607:f8b0:4006:807::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps-api-v3/api/js/60/12/common.js Requested by Host: maps.googleapis.com URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDaZlyCABa8aWrZJPjy13xjac25Di3qtqs&libraries=places&language=en Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:807::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e2c1097332090f70dfc3fd9800c3e43bab60e96b204456aecd77cca6374f5f82 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://portal.sandbox.refundid.com/ Response headers content-encoding br age 4917 report-to {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]} x-content-type-options nosniff expires Sat, 16 May 2026 16:47:07 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 16 May 2025 16:47:07 GMT last-modified Wed, 07 May 2025 17:43:41 GMT content-type text/javascript vary Accept-Encoding, Origin cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="maps-api-js" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js accept-ranges bytes content-length 35927 x-xss-protection 0 server sffe
GET H3	200	util.js Show response maps.googleapis.com/maps-api-v3/api/js/60/12/	318 KB 73 KB	84ms 83ms	Script text/javascript	2607:f8b0:4006:807::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps-api-v3/api/js/60/12/util.js Requested by Host: maps.googleapis.com URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDaZlyCABa8aWrZJPjy13xjac25Di3qtqs&libraries=places&language=en Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:807::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ab65d62e4c3ee23ba642a54b6635c56b0020df6fda7412d364135edf75a97ecc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://portal.sandbox.refundid.com/ Response headers content-encoding br age 5729 report-to {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]} x-content-type-options nosniff expires Sat, 16 May 2026 16:33:35 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 16 May 2025 16:33:35 GMT last-modified Wed, 07 May 2025 17:43:41 GMT content-type text/javascript vary Accept-Encoding, Origin cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="maps-api-js" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js accept-ranges bytes content-length 74418 x-xss-protection 0 server sffe
POST H/1.1	200 OK	ping Show response api.viglink.com/api/	242 B 978 B	150ms 34ms	XHR text/javascript	3.215.101.119 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.viglink.com/api/ping Requested by Host: portal.sandbox.refundid.com URL: https://portal.sandbox.refundid.com/assets/index-Di0QizxQ.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.215.101.119 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-215-101-119.compute-1.amazonaws.com Software Apache-Coyote/1.1 / Resource Hash 678c23312cca4cf4178fb32b8806469b94a47ebd6d7a6da77a45e5c5ec6b51a2 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Referer https://portal.sandbox.refundid.com/ Response headers Cache-Control no-cache, no-store Pragma no-cache Connection keep-alive Access-Control-Allow-Credentials true Expires Thu, 01 Jan 1970 00:00:00 GMT Access-Control-Allow-Origin https://portal.sandbox.refundid.com P3P CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI" Content-Length 242 Date Fri, 16 May 2025 18:09:04 GMT Content-Type text/javascript;charset=UTF-8 Server Apache-Coyote/1.1
GET H2	200	tag.min.js Show response get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/ Redirect Chain https://api.viglink.com/api/sync.js?key=5700c80580b8a5928dd3b3ffe0875ffa https://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js	29 KB 10 KB	150ms 31ms	Script application/javascript	18.238.55.50 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js Protocol H2 Server 18.238.55.50 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-55-50.jfk52.r.cloudfront.net Software AmazonS3 / Resource Hash 0a02c64d4975c450d06f30024d585680045665a7507cedce423095d70d814f79 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://portal.sandbox.refundid.com/ Response headers vary accept-encoding cache-control max-age=86400 content-encoding gzip x-amz-version-id UdMZMsoKpOh4z4oCI5o1lIkWVl4eTOYi etag W/"2f363f827542bdda4ae2773dfc38dd00" age 44633 via 1.1 2c8fc98e914dd92124c9f02bae44cffc.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id kUKKaDfnzm9HhERs9VtY7JP_ZYNExq6kNiUb6xdD5fjFp2gHzemaWg== date Fri, 16 May 2025 07:43:33 GMT content-type application/javascript last-modified Wed, 27 Mar 2024 16:18:24 GMT server AmazonS3 x-amz-cf-pop JFK52-P4 x-amz-server-side-encryption AES256 Redirect headers Cache-Control no-cache, no-store Location https://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js Pragma no-cache Connection keep-alive Expires Thu, 01 Jan 1970 00:00:00 GMT P3P CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI" Content-Length 0 Date Fri, 16 May 2025 18:09:04 GMT Server Apache-Coyote/1.1
GET H2	200	merge ce.lijit.com/ Redirect Chain https://api.viglink.com/api/sync.gif?key=5700c80580b8a5928dd3b3ffe0875ffa https://ce.lijit.com/merge?pid=8008&3pid=0395e1d2c400239e257e8afe2a093795 https://ce.lijit.com/merge?pid=8008&3pid=0395e1d2c400239e257e8afe2a093795&dnr=1	43 B 511 B	60ms 60ms	Image image/gif	54.92.227.175 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ce.lijit.com/merge?pid=8008&3pid=0395e1d2c400239e257e8afe2a093795&dnr=1 Protocol H2 Server 54.92.227.175 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-92-227-175.compute-1.amazonaws.com Software / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://portal.sandbox.refundid.com/ Response headers cache-control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 pragma no-cache expires Fri, 20 Mar 2009 00:00:00 GMT content-length 43 p3p CP="CUR ADM OUR NOR STA NID" date Fri, 16 May 2025 18:09:05 GMT content-type image/gif vary Accept-Encoding Redirect headers cache-control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 location https://ce.lijit.com/merge?pid=8008&3pid=0395e1d2c400239e257e8afe2a093795&dnr=1 pragma no-cache expires Fri, 20 Mar 2009 00:00:00 GMT content-length 0 p3p CP="CUR ADM OUR NOR STA NID" date Fri, 16 May 2025 18:09:05 GMT vary Accept-Encoding
POST H/1.1	200 OK	domains Show response api.viglink.com/api/	41 B 500 B	111ms 82ms	XHR text/javascript	3.215.101.119 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.viglink.com/api/domains Requested by Host: portal.sandbox.refundid.com URL: https://portal.sandbox.refundid.com/assets/index-Di0QizxQ.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.215.101.119 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-215-101-119.compute-1.amazonaws.com Software Apache-Coyote/1.1 / Resource Hash 6f1edece57177ce4208168344e89caa951a103a8060b87630d5f946217aaba7a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Referer https://portal.sandbox.refundid.com/ Response headers Cache-Control no-cache, no-store Pragma no-cache Connection keep-alive Access-Control-Allow-Credentials true Expires Thu, 01 Jan 1970 00:00:00 GMT Access-Control-Allow-Origin https://portal.sandbox.refundid.com P3P CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI" Content-Length 41 Date Fri, 16 May 2025 18:09:04 GMT Content-Type text/javascript;charset=UTF-8 Server Apache-Coyote/1.1
GET H2	200	/ Show response onetag-geo.s-onetag.com/	50 B 456 B	206ms 76ms	Fetch application/json	18.173.132.31 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://onetag-geo.s-onetag.com/ Requested by Host: portal.sandbox.refundid.com URL: https://portal.sandbox.refundid.com/assets/index-Di0QizxQ.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.132.31 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-132-31.jfk52.r.cloudfront.net Software / Resource Hash 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://portal.sandbox.refundid.com/ Response headers cache-control max-age=86400 x-amz-apigw-id KrDSUELuiYcEakg= x-amzn-requestid e1d848ae-d60e-4209-9b7a-72a50f3d667f via 1.1 db8c74a249442b107d8358be4371339e.cloudfront.net (CloudFront), 1.1 0bec03027031f991ae9cc48b95f1b35c.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Miss from cloudfront content-length 50 x-amz-cf-id bcTwf5s2xEYAES3PpaDJ2TyAuTgndqCwjWtG3y0Ux8uu1EMPbaL7mg== date Fri, 16 May 2025 18:09:05 GMT content-type application/json x-amz-cf-pop IAD12-P4, JFK52-P2
GET H2	200	/ Show response onetag-geo.s-onetag.com/	50 B 0	205ms 204ms	Fetch application/json	18.173.132.31 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://onetag-geo.s-onetag.com/ Requested by Host: portal.sandbox.refundid.com URL: https://portal.sandbox.refundid.com/assets/index-Di0QizxQ.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.132.31 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-132-31.jfk52.r.cloudfront.net Software / Resource Hash 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://portal.sandbox.refundid.com/ Response headers cache-control max-age=86400 x-amz-apigw-id KrDSUELuiYcEakg= x-amzn-requestid e1d848ae-d60e-4209-9b7a-72a50f3d667f via 1.1 db8c74a249442b107d8358be4371339e.cloudfront.net (CloudFront), 1.1 0bec03027031f991ae9cc48b95f1b35c.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Miss from cloudfront content-length 50 x-amz-cf-id bcTwf5s2xEYAES3PpaDJ2TyAuTgndqCwjWtG3y0Ux8uu1EMPbaL7mg== date Fri, 16 May 2025 18:09:05 GMT content-type application/json x-amz-cf-pop IAD12-P4, JFK52-P2
GET H2	200	dataBeacons.min.js Show response data-beacons.s-onetag.com/	5 KB 2 KB	208ms 46ms	Script text/javascript	13.33.252.99 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://data-beacons.s-onetag.com/dataBeacons.min.js Requested by Host: api.viglink.com URL: https://api.viglink.com/api/sync.js?key=5700c80580b8a5928dd3b3ffe0875ffa Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.252.99 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-252-99.jfk50.r.cloudfront.net Software AmazonS3 / Resource Hash e163818928211f02c67e6e681d6eaa2836d0b76bf6f7d788d2ac8b3559006cd1 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://portal.sandbox.refundid.com/ Response headers cache-control max-age=3600 content-encoding gzip x-amz-version-id qPB_DsY9PcNoqTcQmlYVavIgcqbEMkpN etag W/"55d68040e85314adc43d0fc5d17f0b10" age 1947 via 1.1 6365f8c2e6435e0ce1ea9fe112f73a92.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id _w3ugwwhDYIFi7Zu2hfv-J_G2-i1OkWbYpDUAvvu2gbz5pf06WcbEQ== date Fri, 16 May 2025 17:36:38 GMT content-type text/javascript last-modified Mon, 26 Feb 2024 21:11:41 GMT server AmazonS3 x-amz-cf-pop JFK50-P10 vary Accept-Encoding
GET H2	200	v2 Show response ap.lijit.com/readerinfo/	41 B 330 B	271ms 48ms	Fetch application/json	54.160.96.136 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://ap.lijit.com/readerinfo/v2 Requested by Host: portal.sandbox.refundid.com URL: https://portal.sandbox.refundid.com/assets/index-Di0QizxQ.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.160.96.136 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-160-96-136.compute-1.amazonaws.com Software / Resource Hash f299b73f20878a3b0f7462acebd68966525cd4fd0976a1031fcdc55e0d8f7aa2 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://portal.sandbox.refundid.com/ Response headers content-encoding gzip access-control-allow-credentials true access-control-allow-methods GET, POST, DELETE, PUT access-control-allow-origin https://portal.sandbox.refundid.com content-length 61 date Fri, 16 May 2025 18:09:06 GMT content-type application/json vary Accept-Encoding access-control-allow-headers X-Requested-With, Content-Type
GET H2	200	Portal.html Show response get.s-onetag.com/underground-sync-portal/ Frame AFBF	85 B 483 B	129ms 35ms	Document text/html	18.238.55.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://get.s-onetag.com/underground-sync-portal/Portal.html Requested by Host: api.viglink.com URL: https://api.viglink.com/api/sync.js?key=5700c80580b8a5928dd3b3ffe0875ffa Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.55.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-55-22.jfk52.r.cloudfront.net Software AmazonS3 / Resource Hash c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f Request headers Referer https://portal.sandbox.refundid.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 561029 cache-control max-age=864000 content-length 85 content-type text/html date Sat, 10 May 2025 06:18:38 GMT etag "131a68f1a3ad405d816af56e04b93481" last-modified Mon, 24 Aug 2020 10:07:31 GMT server AmazonS3 vary accept-encoding via 1.1 24d0edcfa57d0bf029e983a1d3e4649c.cloudfront.net (CloudFront) x-amz-cf-id 1zJZ4Vgj4KKH32ze7wNI5kac76wub4QVg8Lh4AiV-fZC5Zi1YuMsHw== x-amz-cf-pop JFK52-P4 x-amz-version-id DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu x-cache Hit from cloudfront
GET H2	200	Portal.js Show response get.s-onetag.com/underground-sync-portal/ Frame AFBF	766 B 1 KB	24ms 23ms	Script text/javascript	18.238.55.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://get.s-onetag.com/underground-sync-portal/Portal.js Requested by Host: get.s-onetag.com URL: https://get.s-onetag.com/underground-sync-portal/Portal.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.55.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-55-22.jfk52.r.cloudfront.net Software AmazonS3 / Resource Hash b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://get.s-onetag.com/underground-sync-portal/Portal.html Response headers cache-control max-age=864000 x-amz-version-id 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5 etag "145e495d0d92a3c8fd975bfe5485b72c" age 471847 via 1.1 24d0edcfa57d0bf029e983a1d3e4649c.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 766 x-amz-cf-id 0xttbSnSdfNsgpZJ-adUqxCFNHb3_zhMd1Xr0vbpuf1OxLlrwI-G9g== date Sun, 11 May 2025 07:05:00 GMT content-type text/javascript last-modified Mon, 24 Aug 2020 10:07:19 GMT server AmazonS3 x-amz-cf-pop JFK52-P4 vary accept-encoding
GET H2	200	merge ce.lijit.com/ Redirect Chain https://tag.crsspxl.com/c.gif?t=50288&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5110%263pid%3D%5BUID%5D https://tag.crsspxl.com/c.gif?cc=1&t=50288&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5110%263pid%3D%5BUID%5D https://ce.lijit.com/merge?pid=5110&3pid=6248933905034941980	43 B 751 B	26ms 26ms	Image image/gif	54.92.227.175 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ce.lijit.com/merge?pid=5110&3pid=6248933905034941980 Protocol H2 Server 54.92.227.175 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-92-227-175.compute-1.amazonaws.com Software / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://portal.sandbox.refundid.com/ Response headers cache-control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 pragma no-cache expires Fri, 20 Mar 2009 00:00:00 GMT content-length 43 p3p CP="CUR ADM OUR NOR STA NID" date Fri, 16 May 2025 18:09:07 GMT content-type image/gif vary Accept-Encoding Redirect headers Location https://ce.lijit.com/merge?pid=5110&3pid=6248933905034941980 Content-Length 0 Date Fri, 16 May 2025 18:09:07 GMT Connection close
GET H2	200	db_sync px.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/db_sync?pid=15697&puuid=KrABAQZHS6sFluQTRI2WGay6&rand=75462&pu= https://px.ads.linkedin.com/db_sync?pid=15697&puuid=KrABAQZHS6sFluQTRI2WGay6&rand=75462&pu=&expected_cookie=93b9b1b2-9127-4f75-a0e1-d30ed6ec9e0f	0 143 B	98ms 98ms	Image text/plain	2620:1ec:50::12 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px.ads.linkedin.com/db_sync?pid=15697&puuid=KrABAQZHS6sFluQTRI2WGay6&rand=75462&pu=&expected_cookie=93b9b1b2-9127-4f75-a0e1-d30ed6ec9e0f Protocol H2 Server 2620:1ec:50::12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://portal.sandbox.refundid.com/ Response headers linkedin-action 1 x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: 8300A873EDE045D0A06749B2822B165D Ref B: PHL30EDGE0114 Ref C: 2025-05-16T18:09:07Z x-li-fabric prod-ltx1 x-li-uuid AAY1RK2oIdHq9wgM/+iZcw== x-li-proto http/2 x-cache CONFIG_NOCACHE content-length 0 date Fri, 16 May 2025 18:09:07 GMT Redirect headers linkedin-action 1 x-li-pop afd-prod-ltx1-x location /db_sync?pid=15697&puuid=KrABAQZHS6sFluQTRI2WGay6&rand=75462&pu=&expected_cookie=93b9b1b2-9127-4f75-a0e1-d30ed6ec9e0f x-msedge-ref Ref A: 1056A71819B44E1ABBD1FBA36ACDF644 Ref B: PHL30EDGE0114 Ref C: 2025-05-16T18:09:07Z x-li-fabric prod-ltx1 x-li-uuid AAY1RK2mkydm5RNl7DnYpg== x-li-proto http/2 x-cache CONFIG_NOCACHE content-length 0 date Fri, 16 May 2025 18:09:07 GMT
GET H2	200	m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response js.stripe.com/v3/ Frame 00E3	200 B 1 KB	127ms 36ms	Document text/html	151.101.192.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html Requested by Host: js.stripe.com URL: https://js.stripe.com/basil/stripe.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.192.176 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://portal.sandbox.refundid.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Response headers accept-ranges bytes access-control-allow-origin * age 3304706 alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 cache-control max-age=31536000 content-encoding br content-length 122 content-security-policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Fri, 16 May 2025 18:09:07 GMT etag "3437aaddcdf6922d623e172c2d6f9278" last-modified Wed, 14 Aug 2024 20:40:27 GMT origin-agent-cluster ?1 server Fastly strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 varnish x-cache HIT x-cache-hits 411005 x-content-type-options nosniff x-request-id 1c25dca1-e11a-4c5f-a2f9-abeceaede08e x-served-by cache-ewr-kewr1740051-EWR
GET H2	200	m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 00E3	526 B 415 B	24ms 23ms	Script text/javascript	151.101.192.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.192.176 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html Response headers x-request-id cc1b06c0-80bf-456a-8691-b3124f6ff60d content-encoding br etag "d96c709017743c0759cf3853d1806ba5" age 2715930 x-content-type-options nosniff alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-cache HIT date Fri, 16 May 2025 18:09:07 GMT last-modified Wed, 14 Aug 2024 20:40:26 GMT content-type text/javascript; charset=utf-8 x-served-by cache-ewr-kewr1740051-EWR x-cache-hits 379508 vary Accept-Encoding strict-transport-security max-age=31556926; includeSubDomains; preload cache-control max-age=31536000 timing-allow-origin * via 1.1 varnish accept-ranges bytes access-control-allow-origin * content-length 256 server Fastly
POST H2	200	/ Show response api-js.mixpanel.com/track/	25 B 381 B	206ms 92ms	XHR application/json	35.186.241.51 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1747418947678 Requested by Host: portal.sandbox.refundid.com URL: https://portal.sandbox.refundid.com/assets/index-Di0QizxQ.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.186.241.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 51.241.186.35.bc.googleusercontent.com Software envoy / Resource Hash e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba Security Headers Name Value Strict-Transport-Security max-age=604800; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Referer https://portal.sandbox.refundid.com/ Response headers strict-transport-security max-age=604800; includeSubDomains access-control-max-age 1728000 access-control-expose-headers X-MP-CE-Backoff cache-control no-cache, no-store x-envoy-upstream-service-time 24 access-control-allow-credentials true access-control-allow-methods GET, POST, OPTIONS via 1.1 google access-control-allow-origin https://portal.sandbox.refundid.com alt-svc clear content-length 25 date Fri, 16 May 2025 18:09:07 GMT content-type application/json server envoy access-control-allow-headers X-Requested-With, Content-Type
GET H2	200	inner.html Show response m.stripe.network/ Frame 898F	930 B 2 KB	199ms 34ms	Document text/html	2600:9000:2514:8a00:19:7d10:bd80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/inner.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2514:8a00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Cloudfront / Resource Hash 34a85e78b5402c253c2bc4cf64426c2b6b18601602e8a9a71568139fb3ee6599 Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-5DA+a07wxWmEka9IdoWjSPVHb17Cp5284/lJzfbl8KA=' 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 34 cache-control max-age=300, public content-length 930 content-security-policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-5DA+a07wxWmEka9IdoWjSPVHb17Cp5284/lJzfbl8KA=' 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Fri, 16 May 2025 18:08:34 GMT etag "f5eaddb4dfc7e121aba2112e1ca3ef2d" last-modified Fri, 09 May 2025 17:26:51 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload vary Accept-Encoding, Origin via 1.1 c23bc76444fad08250d9cd740d061b4a.cloudfront.net (CloudFront) x-amz-cf-id DiU7CLsQiVIfRbGHzdAX4oEP3TUGwKsL0eH9HUyFqRv1yFZqYPCvpw== x-amz-cf-pop JFK50-P8 x-cache Hit from cloudfront x-content-type-options nosniff
GET H2	200	out-4.5.44.js Show response m.stripe.network/ Frame 898F	87 KB 16 KB	62ms 62ms	Script text/javascript	2600:9000:2514:8a00:19:7d10:bd80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/out-4.5.44.js Requested by Host: m.stripe.network URL: https://m.stripe.network/inner.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2514:8a00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Cloudfront / Resource Hash bd6e71e0a8f18b3dd4bbeb6fd673015fec896bd92e17c11f3dc8fe96a06de1f4 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://m.stripe.network/inner.html Response headers strict-transport-security max-age=31556926; includeSubDomains; preload cache-control max-age=300, public content-encoding gzip etag W/"fd35981a337052cd3ccd82dc674ff76d" age 206 x-content-type-options nosniff via 1.1 c23bc76444fad08250d9cd740d061b4a.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id KNQbCjjC0sj9zSRr7CvDpX-WxB2RaVBjl9yoDuvU9lSxYQk2GlMikA== date Fri, 16 May 2025 18:05:42 GMT content-type text/javascript; charset=utf-8 last-modified Fri, 09 May 2025 17:26:51 GMT server Cloudfront x-amz-cf-pop JFK50-P8 vary Accept-Encoding, Origin
GET		puid=KrABAQZHS6sFluQTRI2WGay6 d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzI4NTk1MzkzL3QvMg/kv/	0 0
POST H2	200	6 Show response m.stripe.com/ Frame 898F	156 B 837 B	337ms 96ms	XHR application/json	44.238.6.155 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.com/6 Requested by Host: m.stripe.network URL: https://m.stripe.network/out-4.5.44.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.238.6.155 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-238-6-155.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 791d3d622dec6d201d2f7304f26e2b5784f00b7ec2f00360e14808bc7ead9f3c Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://m.stripe.network/ Response headers x-stripe-proxy-response upstream x-envoy-attempt-count 1 x-content-type-options nosniff x-stripe-bg-intended-route-color green x-stripe-server-rpc-duration-micros 2245 x-stripe-outbound-proxy-type envoy x-stripe-inbound-proxy-type mesh-proxy date Fri, 16 May 2025 18:09:08 GMT content-type application/json;charset=utf-8 access-control-allow-headers Content-Type strict-transport-security max-age=31556926; includeSubDomains; preload x-stripe-server-envoy-upstream-service-time-ms 2 access-control-allow-credentials true x-stripe-upstream-host 10.73.200.186:1643 access-control-allow-origin https://m.stripe.network content-length 156 x-stripe-server-envoy-start-time-us 1747418948336994 x-stripe-client-envoy-start-time-us 1747418948336560 server nginx
POST H2	200	6 Show response m.stripe.com/ Frame 898F	156 B 836 B	220ms 217ms	XHR application/json	44.238.6.155 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.com/6 Requested by Host: m.stripe.network URL: https://m.stripe.network/out-4.5.44.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.238.6.155 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-238-6-155.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 791d3d622dec6d201d2f7304f26e2b5784f00b7ec2f00360e14808bc7ead9f3c Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://m.stripe.network/ Response headers x-stripe-proxy-response upstream x-envoy-attempt-count 1 x-content-type-options nosniff x-stripe-bg-intended-route-color green x-stripe-server-rpc-duration-micros 4759 x-stripe-outbound-proxy-type envoy x-stripe-inbound-proxy-type mesh-proxy date Fri, 16 May 2025 18:09:08 GMT content-type application/json;charset=utf-8 access-control-allow-headers Content-Type strict-transport-security max-age=31556926; includeSubDomains; preload x-stripe-server-envoy-upstream-service-time-ms 4 access-control-allow-credentials true x-stripe-upstream-host 10.73.182.120:1643 access-control-allow-origin https://m.stripe.network content-length 156 x-stripe-server-envoy-start-time-us 1747418948528740 x-stripe-client-envoy-start-time-us 1747418948528102 server nginx
GET H2	200	1540_03681 Show response track2.securedvisit.com/sync/	43 B 178 B	154ms 44ms	Script image/gif	34.200.104.83 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://track2.securedvisit.com/sync/1540_03681?id=KrABAQZHS6sFluQTRI2WGay6 Requested by Host: data-beacons.s-onetag.com URL: https://data-beacons.s-onetag.com/dataBeacons.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.200.104.83 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-200-104-83.compute-1.amazonaws.com Software nginx/1.24.0 / Resource Hash f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://portal.sandbox.refundid.com/ Response headers cache-control private, no-cache, proxy-revalidate content-length 43 date Fri, 16 May 2025 18:09:08 GMT pragma no-cache content-type image/gif server nginx/1.24.0
POST H3	204	collect Show response www.google-analytics.com/g/	0 20 B	38ms 37ms	Fetch text/plain	2607:f8b0:4006:816::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-600Y2CB6KB&gtm=45je55e1v9119418138za200&_p=1747418939483&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101509157~103116025~103130498~103130500~103136993~103136995~103200001~103207802~103233427~103252644~103252646~103263073~103301114~103301116&cid=881345638.1747418940&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEAAAAQ&_s=4&dl=https%3A%2F%2Fportal.sandbox.refundid.com%2Fauth&dr=https%3A%2F%2Fportal.sandbox.refundid.com%2F&sid=1747418939&sct=1&seg=1&dt=Refundid%20%7C%20Your%20Refund%2C%20Instantly&en=page_view&_et=907&tfd=10855 Requested by Host: portal.sandbox.refundid.com URL: https://portal.sandbox.refundid.com/assets/index-Di0QizxQ.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://portal.sandbox.refundid.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:97:0 report-to {"group":"ascnsrsggc:97:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:97:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://portal.sandbox.refundid.com cross-origin-opener-policy-report-only same-origin; report-to=ascnsrsggc:97:0 content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 16 May 2025 18:09:08 GMT content-type text/plain server Golfe2
GET		sync thrtle.com/ Redirect Chain https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=KrABAQZHS6sFluQTRI2WGay6&rnd=2263 https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=KrABAQZHS6sFluQTRI2WGay6&rnd=2263&_li_chk=true&previous_uuid=5eb1a7cc139a4951b7c6948cd1496f52 https://thrtle.com/sync?vxii_pid=7006&vxii_pdid=5eb1a7cc-139a-4951-b7c6-948cd1496f52&us_privacy=1YN- https://thrtle.com/sync?_reach=1&vxii_pdid=5eb1a7cc-139a-4951-b7c6-948cd1496f52&vxii_pid=12&vxii_pid1=7006&vxii_rcid=50383023-91d3-439a-8276-f5b4f87a3449&vxii_rmax=3	0 0
GET		pv=y bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=KrABAQZHS6sFluQTRI2WGay6/	0 0
GET H2	200	sdk-xRuenYDiIekuzxVN cdn.growthbook.io/sub/	22 B 0	25ms 23ms	EventSource text/event-stream	151.101.1.91 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.growthbook.io/sub/sdk-xRuenYDiIekuzxVN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Express Resource Hash Request headers Cache-Control no-cache Referer https://portal.sandbox.refundid.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Accept text/event-stream Response headers cache-control private, no-store x-timer S1747418950.796301,VS0,VE0 age 7 via 1.1 varnish, 1.1 varnish accept-ranges bytes access-control-allow-origin * x-cache MISS, HIT date Fri, 16 May 2025 18:09:09 GMT content-type text/event-stream x-powered-by Express x-served-by cache-iad-kjyo7100073-IAD, cache-nyc-kteb1890023-NYC x-cache-hits 0, 1
GET H2	200	ProfilesEngineServlet Show response api.intentiq.com/profiles_engine/ Frame 8F95	345 B 1 KB	180ms 76ms	Document text/html	18.238.55.74
General Check archive.org Show headers Download Go to Full URL https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=11304&maxed=1&rnd=8692 Requested by Host: data-beacons.s-onetag.com URL: https://data-beacons.s-onetag.com/dataBeacons.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.55.74 -, , ASN (), Reverse DNS Software / Resource Hash 1235a9b4d659d2e83bde4f1fec855f46c4647d57e17eed1efd0c08498e5d1443 Request headers Referer https://portal.sandbox.refundid.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type, Accept, X-Requested-With, remember-me, DNT,X-CustomHeader,Keep-Alive,User-Agent,If-Modified-Since,Cache-Control access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://portal.sandbox.refundid.com/ access-control-max-age 3600 alt-svc h3=":443"; ma=86400 content-disposition inline content-type text/html date Fri, 16 May 2025 18:09:10 GMT p3p CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC" vary Origin via 1.1 a09be795efaa72bd6adbcee7b35c4d1c.cloudfront.net (CloudFront) x-amz-cf-id H9aZakJUU0YfdWkR9ZgG5KqyuFwKFWPFnaRnwJIpCGZKvjcF6Kx-2g== x-amz-cf-pop JFK52-P4 x-cache Miss from cloudfront
GET H2	200	IIQUniversalID-sync.js Show response agent.intentiq.com/Agent/Hints/ Frame 8F95	16 KB 5 KB	210ms 33ms	Script application/javascript	2600:9000:21f9:8600:15:1f8e:8840:93a1
General Check archive.org Show headers Download Go to Full URL https://agent.intentiq.com/Agent/Hints/IIQUniversalID-sync.js Requested by Host: api.intentiq.com URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=11304&maxed=1&rnd=8692 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f9:8600:15:1f8e:8840:93a1 -, , ASN (), Reverse DNS Software AmazonS3 / Resource Hash f3ee00626500892f28d8ef92b554d64f2ef43a54b9f2aa9f167262f28db339c6 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://api.intentiq.com/ Response headers x-amz-cf-pop JFK52-P10 content-encoding br etag W/"26a760eb1716cf6b311e16ed82d0eeb5" age 26919 via 1.1 dc28f98cae38048729dcf641bb420f7c.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id MkTkRbbvGq-EpiQo7DIae3Fz7qRROI6EiaEw1LjnaB0jOGIxXTNOnw== date Fri, 16 May 2025 10:40:32 GMT content-type application/javascript vary accept-encoding server AmazonS3 last-modified Thu, 01 Aug 2024 16:29:32 GMT x-amz-server-side-encryption AES256
GET		ProfilesEngineServlet syncv4.intentiq.com/profiles_engine/ Frame 8F95 Redirect Chain https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=182772995&iiqidtype=2&iiqpcid=9466ac7d-922c-1102-16ac-4190350daae9&iiqpciddate=1747418950438&tsrnd=490_17474... https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=182772995&iiqidtype=2&iiqpcid=9466ac7d-922c-1102-16ac-4190350daae9&iiqpciddate=1747418950438&tsrnd=490_174...	0 0
GET H/1.1	200 OK	/ Show response ps.eyeota.net/pixel/bounce/ Redirect Chain https://ps.eyeota.net/pixel?pid=51md42u&t=ajs&e_pc=3&e_mr=0 https://ps.eyeota.net/pixel/bounce/?pid=51md42u&t=ajs&e_pc=3&e_mr=0	797 B 1 KB	28ms 27ms	Script application/javascript	54.156.26.12
General Check archive.org Show headers Download Go to Full URL https://ps.eyeota.net/pixel/bounce/?pid=51md42u&t=ajs&e_pc=3&e_mr=0 Protocol HTTP/1.1 Server 54.156.26.12 -, , ASN (), Reverse DNS Software / Resource Hash 15b8268460e4b306eaa3c2113addd6bb555c5a49a9fbe46856776a1cb854c2b5 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://portal.sandbox.refundid.com/ Response headers Content-Length 797 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Date Fri, 16 May 2025 18:09:10 GMT Content-Type application/javascript Redirect headers Location /pixel/bounce/?pid=51md42u&t=ajs&e_pc=3&e_mr=0 Content-Length 0 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Date Fri, 16 May 2025 18:09:10 GMT
GET		generic match.adsrvr.org/track/cmf/	0 0
GET		pixel cm.g.doubleclick.net/	0 0
GET		cms ups.analytics.yahoo.com/ups/58773/	0 0
GET H/1.1	200 OK	match ps.eyeota.net/ Redirect Chain https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&referrer_pid=51md42u https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=2877093655450808902&newuser=1&referrer_pid=51md42u	70 B 440 B	28ms 28ms	Image image/gif	54.156.26.12
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=2877093655450808902&newuser=1&referrer_pid=51md42u Protocol HTTP/1.1 Server 54.156.26.12 -, , ASN (), Reverse DNS Software / Resource Hash de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://portal.sandbox.refundid.com/ Response headers Content-Length 70 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Date Fri, 16 May 2025 18:09:10 GMT Content-Type image/gif Redirect headers cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 location https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=2877093655450808902&newuser=1&referrer_pid=51md42u p3p policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV" content-length 0 pragma no-cache date Fri, 16 May 2025 18:09:09 GMT
GET		getuid ib.adnxs.com/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

portal.sandbox.refundid.com

URL

blob:https://portal.sandbox.refundid.com/cf206f6d-b726-48f8-9945-2a9d20f7e298

Domain

d.turn.com

URL

https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzI4NTk1MzkzL3QvMg/kv/puid=KrABAQZHS6sFluQTRI2WGay6

Domain

thrtle.com

URL

https://thrtle.com/sync?_reach=1&vxii_pdid=5eb1a7cc-139a-4951-b7c6-948cd1496f52&vxii_pid=12&vxii_pid1=7006&vxii_rcid=50383023-91d3-439a-8276-f5b4f87a3449&vxii_rmax=3

Domain

bcp.crwdcntrl.net

URL

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=KrABAQZHS6sFluQTRI2WGay6/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}

Domain

syncv4.intentiq.com

URL

https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=182772995&iiqidtype=2&iiqpcid=9466ac7d-922c-1102-16ac-4190350daae9&iiqpciddate=1747418950438&tsrnd=490_1747418950438&vrref=https%3A%2F%2Fportal.sandbox.refundid.com%2F&jsver=5.088&dw=1600&dh=1200&dpr=1&lan=en-US&uh=%7B%220%22%3A%22%22%2C%221%22%3A%22%3F0%22%2C%227%22%3A%22%3F0%22%2C%228%22%3A%22%22%7D&gdpr=&ckls=true&ci=wGubp46DAE&nc=false&trid=981221573

Domain

match.adsrvr.org

URL

https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=

Domain

cm.g.doubleclick.net

URL

https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MnVxeXhoS2hfdVdlVDdtUGd5Q29JcTZ0ckllaFN5azVXY3hYeVo2bU5RMHc&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u

Domain

ups.analytics.yahoo.com

URL

https://ups.analytics.yahoo.com/ups/58773/cms?partner_id=Eyeot&gdpr=0&gdpr_consent=

Domain

ib.adnxs.com

URL

https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3D51md42u