turbox-tax-refund-usa-org.jigsy.com Open in urlscan Pro
70.33.222.6 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://turbox-tax-refund-usa-org.jigsy.com/
Effective URL:
https://turbox-tax-refund-usa-org.jigsy.com/
Submission: On February 15 via manual (February 15th 2022, 5:50:47 am UTC) from PH — Scanned from CA

Summary HTTP 105 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 36 IPs in 5 countries across 51 domains to perform 105 HTTP transactions. The main IP is 70.33.222.6, located in Vancouver, Canada and belongs to COGECO-PEER1, CA. The main domain is turbox-tax-refund-usa-org.jigsy.com.
TLS certificate: Issued by Sectigo ECC Domain Validation Secure ... on April 22nd 2021. Valid for: a year.

This is the only time turbox-tax-refund-usa-org.jigsy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	70.33.222.6 70.33.222.6	13768 (COGECO-PEER1) (COGECO-PEER1)
3	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	65.39.176.77 65.39.176.77	13768 (COGECO-PEER1) (COGECO-PEER1)
2	2607:f8b0:400... 2607:f8b0:4006:822::200a	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
28	172.66.42.247 172.66.42.247	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	67.202.105.32 67.202.105.32	32748 (STEADFAST) (STEADFAST)
2 7	23.54.68.240 23.54.68.240	16625 (AKAMAI-AS) (AKAMAI-AS)
1	51.222.39.185 51.222.39.185	16276 (OVH) (OVH)
4 4	8.28.7.82 8.28.7.82	62713 (AS-PUBMATIC) (AS-PUBMATIC)
6 8	142.250.80.98 142.250.80.98	15169 (GOOGLE) (GOOGLE)
1 1	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	104.36.115.114 104.36.115.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	68.67.179.155 68.67.179.155	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
4 4	52.45.33.138 52.45.33.138	14618 (AMAZON-AES) (AMAZON-AES)
4 4	199.127.204.142 199.127.204.142	26120 (RHYTHMONE) (RHYTHMONE)
7 8	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
4 4	64.74.236.31 64.74.236.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2 2	23.209.184.224 23.209.184.224	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	69.166.1.10 69.166.1.10	27630 (AS-XFERNET) (AS-XFERNET)
1	34.255.81.31 34.255.81.31	16509 (AMAZON-02) (AMAZON-02)
1 1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2 2	54.90.233.89 54.90.233.89	14618 (AMAZON-AES) (AMAZON-AES)
2 2	3.217.116.229 3.217.116.229	14618 (AMAZON-AES) (AMAZON-AES)
1 2	38.27.122.101 38.27.122.101	174 (COGENT-174) (COGENT-174)
1 1	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
2 2	63.251.86.50 63.251.86.50	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 1	199.38.167.128 199.38.167.128	54312 (ROCKETFUEL) (ROCKETFUEL)
7 7	67.202.105.24 67.202.105.24	32748 (STEADFAST) (STEADFAST)
1 2	13.225.230.52 13.225.230.52	16509 (AMAZON-02) (AMAZON-02)
1	23.54.68.197 23.54.68.197	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
2	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
1	2607:f8b0:400... 2607:f8b0:4006:816::200a	15169 (GOOGLE) (GOOGLE)
1 2	209.54.180.3 209.54.180.3	16509 (AMAZON-02) (AMAZON-02)
1	3.216.115.49 3.216.115.49	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.20.97.150 52.20.97.150	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2620:112:f002... 2620:112:f002:bbbb::21	6336 (TURN-US-ASN) (TURN-US-ASN)
7 8	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
3 3	35.190.90.30 35.190.90.30	15169 (GOOGLE) (GOOGLE)
3 4	107.178.246.49 107.178.246.49	15169 (GOOGLE) (GOOGLE)
1 1	2600:9000:21e... 2600:9000:21ec:5200:1a:609a:6780:93a1	16509 (AMAZON-02) (AMAZON-02)
1 3	104.107.5.93 104.107.5.93	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	34.196.42.166 34.196.42.166	14618 (AMAZON-AES) (AMAZON-AES)
1 1	52.205.171.189 52.205.171.189	14618 (AMAZON-AES) (AMAZON-AES)
6	34.117.239.71 34.117.239.71	15169 (GOOGLE) (GOOGLE)
2 2	216.200.232.249 216.200.232.249	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	2606:ae80:145... 2606:ae80:1451:12::1690	25751 (VALUECLICK) (VALUECLICK)
5 10	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	2600:1f18:4e9... 2600:1f18:4e9:5a02:1f9d:78fd:b4f5:2185	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:4998:14:... 2001:4998:14:800::1001	14777 (YAHOO) (YAHOO)
1	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
2 2	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
7	3.234.27.139 3.234.27.139	14618 (AMAZON-AES) (AMAZON-AES)
4	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
2 2	35.211.141.197 35.211.141.197	19527 (GOOGLE-2) (GOOGLE-2)
2 2	35.207.24.140 35.207.24.140	15169 (GOOGLE) (GOOGLE)
1	141.95.3.40 141.95.3.40	16276 (OVH) (OVH)
1	34.120.155.137 34.120.155.137	15169 (GOOGLE) (GOOGLE)
1	35.171.137.144 35.171.137.144	14618 (AMAZON-AES) (AMAZON-AES)
105	36

11 70.33.222.6 (Vancouver, Canada) 1 redirects

ASN13768 (COGECO-PEER1, CA)

turbox-tax-refund-usa-org.jigsy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.39.176.77 (Vancouver, Canada)

ASN13768 (COGECO-PEER1, CA)
PTR: bnidx.com

assets.bnidx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:822::200a (Queens, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:820::2003 (Queens, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 172.66.42.247 (United States)

ASN13335 (CLOUDFLARENET, US)

resources.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
router.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rt3045.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.202.105.32 (United States) 1 redirects

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hde.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.54.68.240 (Piscataway, United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-68-240.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.222.39.185 (Canada)

ASN16276 (OVH, FR)
PTR: ip185.ip-51-222-39.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 8.28.7.82 (United States) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.80.98 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.83 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.36.115.114 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.179.155 (Secaucus, United States) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.45.33.138 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.127.204.142 (United States) 4 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 15.197.193.217 (United States) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.74.236.31 (United States) 4 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.209.184.224 (Secaucus, United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-209-184-224.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.10 (United States) 1 redirects

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.81.31 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-81-31.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States) 1 redirects

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.90.233.89 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-90-233-89.compute-1.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.217.116.229 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-116-229.compute-1.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 38.27.122.101 (United States) 1 redirects

ASN174 (COGENT-174, US)

match.bnmla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.140 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.251.86.50 (United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.38.167.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 67.202.105.24 (United States) 7 redirects

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.230.52 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-230-52.jfk51.r.cloudfront.net

api.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.54.68.197 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-68-197.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:100:a001::c (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::200a (Queens, United States)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.54.180.3 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.216.115.49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-115-49.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.20.97.150 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-97-150.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:112:f002:bbbb::21 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.211.178.172 (North Charleston, United States) 7 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.90.30 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 107.178.246.49 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21ec:5200:1a:609a:6780:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.107.5.93 (Secaucus, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-107-5-93.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.196.42.166 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-42-166.compute-1.amazonaws.com

t.pswec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.205.171.189 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-171-189.compute-1.amazonaws.com

cms-xch.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.117.239.71 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 71.239.117.34.bc.googleusercontent.com

cms-xch-chicago.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.200.232.249 (United States) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:ae80:1451:12::1690 (United States) 2 redirects

ASN25751 (VALUECLICK, US)

33across-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 69.173.151.100 (United States) 5 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a02:1f9d:78fd:b4f5:2185 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4998:14:800::1001 (United States)

ASN14777 (YAHOO, US)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.234.27.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-27-139.compute-1.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

cdn.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.141.197 (North Charleston, United States) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 197.141.211.35.bc.googleusercontent.com

m.fg8dgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.207.24.140 (North Charleston, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.3.40 (France)

ASN16276 (OVH, FR)
PTR: p30.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.155.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.155.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.171.137.144 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-137-144.compute-1.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	infolinks.com resources.infolinks.com — Cisco Umbrella Rank: 7889 router.infolinks.com — Cisco Umbrella Rank: 2364 rt3045.infolinks.com — Cisco Umbrella Rank: 69299	286 KB
14	33across.com 8 redirects ssc-cms.33across.com — Cisco Umbrella Rank: 760 cms-xch.33across.com — Cisco Umbrella Rank: 2652 cms-xch-chicago.33across.com — Cisco Umbrella Rank: 1338	5 KB
13	rubiconproject.com 6 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 917 eus.rubiconproject.com — Cisco Umbrella Rank: 512 token.rubiconproject.com — Cisco Umbrella Rank: 593 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 935 pixel.rubiconproject.com — Cisco Umbrella Rank: 288	17 KB
11	revcontent.com trends.revcontent.com — Cisco Umbrella Rank: 1796 cdn.revcontent.com — Cisco Umbrella Rank: 6815 images.revcontent.com — Cisco Umbrella Rank: 6112	198 KB
11	jigsy.com 1 redirects turbox-tax-refund-usa-org.jigsy.com	36 KB
8	bidswitch.net 7 redirects x.bidswitch.net — Cisco Umbrella Rank: 265	4 KB
8	adsrvr.org 7 redirects match.adsrvr.org — Cisco Umbrella Rank: 295	4 KB
8	doubleclick.net 6 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 175	1 KB
8	pubmatic.com 7 redirects image8.pubmatic.com — Cisco Umbrella Rank: 543 image2.pubmatic.com — Cisco Umbrella Rank: 752 image4.pubmatic.com — Cisco Umbrella Rank: 738 ads.pubmatic.com — Cisco Umbrella Rank: 429	64 KB
7	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 463 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 488	8 KB
6	yahoo.com 5 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 269 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 419 ads.yahoo.com — Cisco Umbrella Rank: 835	2 KB
5	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 355 mug.criteo.com — Cisco Umbrella Rank: 3197	2 KB
4	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 357	2 KB
4	zemanta.com 4 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 523	3 KB
4	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 210	4 KB
3	mookie1.com 3 redirects odr.mookie1.com — Cisco Umbrella Rank: 776	2 KB
3	crwdcntrl.net 1 redirects bcp.crwdcntrl.net — Cisco Umbrella Rank: 629 id.crwdcntrl.net — Cisco Umbrella Rank: 1645	2 KB
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 480	2 KB
3	gstatic.com fonts.gstatic.com	75 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 imasdk.googleapis.com — Cisco Umbrella Rank: 407	122 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 197	29 KB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 610	38 KB
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com — Cisco Umbrella Rank: 740	892 B
2	fg8dgt.com 2 redirects m.fg8dgt.com — Cisco Umbrella Rank: 3745	775 B
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 491	631 B
2	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 548 api.rlcdn.com — Cisco Umbrella Rank: 739	715 B
2	dotomi.com 2 redirects 33across-match.dotomi.com — Cisco Umbrella Rank: 2416	616 B
2	pswec.com 2 redirects t.pswec.com — Cisco Umbrella Rank: 2718	1 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 266	2 KB
2	intentiq.com 1 redirects api.intentiq.com — Cisco Umbrella Rank: 1622	2 KB
2	mathtag.com sync.mathtag.com — Cisco Umbrella Rank: 387 Failed	1 KB
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 598	1 KB
2	bnmla.com 1 redirects match.bnmla.com — Cisco Umbrella Rank: 1320	1 KB
2	advertising.com 2 redirects pixel.advertising.com — Cisco Umbrella Rank: 307	677 B
2	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 621	647 B
2	bluekai.com 2 redirects stags.bluekai.com — Cisco Umbrella Rank: 447	2 KB
2	openx.net 2 redirects u.openx.net — Cisco Umbrella Rank: 636	632 B
2	tynt.com 1 redirects de.tynt.com — Cisco Umbrella Rank: 1078 hde.tynt.com — Cisco Umbrella Rank: 3924	3 KB
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 493	2 KB
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 388	679 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 653	425 B
1	adentifi.com rtb.adentifi.com — Cisco Umbrella Rank: 931	88 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 615	759 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 516	690 B
1	adkernel.com 1 redirects dsp.adkernel.com — Cisco Umbrella Rank: 3831	308 B
1	cpx.to s.cpx.to — Cisco Umbrella Rank: 1709	944 B
1	sonobi.com 1 redirects sync.go.sonobi.com — Cisco Umbrella Rank: 811	748 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 821	591 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 865	814 B
1	bnidx.com assets.bnidx.com — Cisco Umbrella Rank: 366464	2 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 546	30 KB
105	51

	Domain	Requested by
18	router.infolinks.com	resources.infolinks.com router.infolinks.com ssum-sec.casalemedia.com
11	turbox-tax-refund-usa-org.jigsy.com	1 redirects turbox-tax-refund-usa-org.jigsy.com
8	x.bidswitch.net	7 redirects ssum-sec.casalemedia.com
8	match.adsrvr.org	7 redirects ads.pubmatic.com
8	cm.g.doubleclick.net	6 redirects eus.rubiconproject.com
7	trends.revcontent.com	blank trends.revcontent.com turbox-tax-refund-usa-org.jigsy.com cdn.revcontent.com
7	ssc-cms.33across.com	7 redirects
7	resources.infolinks.com	turbox-tax-refund-usa-org.jigsy.com router.infolinks.com resources.infolinks.com
6	cms-xch-chicago.33across.com	hde.tynt.com eus.rubiconproject.com
5	token.rubiconproject.com	4 redirects eus.rubiconproject.com
4	pixel.rubiconproject.com	eus.rubiconproject.com
4	pixel.tapad.com	3 redirects resources.infolinks.com
4	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
4	b1sync.zemanta.com	4 redirects
4	ups.analytics.yahoo.com	4 redirects
4	ib.adnxs.com	4 redirects
4	image8.pubmatic.com	4 redirects
3	odr.mookie1.com	3 redirects
3	gum.criteo.com	1 redirects turbox-tax-refund-usa-org.jigsy.com
3	sync.1rx.io	3 redirects
3	ssum-sec.casalemedia.com	1 redirects router.infolinks.com ssum-sec.casalemedia.com
3	rt3045.infolinks.com	resources.infolinks.com turbox-tax-refund-usa-org.jigsy.com
3	fonts.gstatic.com	fonts.googleapis.com
3	cdnjs.cloudflare.com	turbox-tax-refund-usa-org.jigsy.com
3	maxcdn.bootstrapcdn.com	turbox-tax-refund-usa-org.jigsy.com
2	images.revcontent.com	turbox-tax-refund-usa-org.jigsy.com
2	rtb.mfadsrvr.com	2 redirects
2	m.fg8dgt.com	2 redirects
2	cdn.revcontent.com	turbox-tax-refund-usa-org.jigsy.com
2	sync-tm.everesttech.net	2 redirects
2	33across-match.dotomi.com	2 redirects
2	t.pswec.com	2 redirects
2	eus.rubiconproject.com	hde.tynt.com eus.rubiconproject.com
2	bcp.crwdcntrl.net	1 redirects ssum-sec.casalemedia.com
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	mug.criteo.com	turbox-tax-refund-usa-org.jigsy.com
2	api.intentiq.com	1 redirects turbox-tax-refund-usa-org.jigsy.com
2	sync.mathtag.com	router.infolinks.com
2	ap.lijit.com	2 redirects
2	match.bnmla.com	1 redirects router.infolinks.com
2	pixel.advertising.com	2 redirects
2	ad.360yield.com	2 redirects
2	stags.bluekai.com	2 redirects
2	u.openx.net	2 redirects
2	image4.pubmatic.com	2 redirects
2	fonts.googleapis.com	turbox-tax-refund-usa-org.jigsy.com client
1	id.crwdcntrl.net	ads.pubmatic.com
1	api.rlcdn.com	ads.pubmatic.com
1	id5-sync.com	ads.pubmatic.com
1	id.rlcdn.com	eus.rubiconproject.com
1	ads.yahoo.com	eus.rubiconproject.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	pixel-us-east.rubiconproject.com	1 redirects
1	cms-xch.33across.com	1 redirects
1	secure-assets.rubiconproject.com	1 redirects
1	aa.agkn.com	1 redirects
1	ad.turn.com	1 redirects
1	rtb.adentifi.com	ssum-sec.casalemedia.com
1	imasdk.googleapis.com	resources.infolinks.com
1	ads.pubmatic.com	resources.infolinks.com
1	p.rfihub.com	1 redirects
1	bh.contextweb.com	1 redirects
1	dsp.adkernel.com	1 redirects
1	s.cpx.to	router.infolinks.com
1	sync.go.sonobi.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	image2.pubmatic.com	1 redirects
1	onetag-sys.com	router.infolinks.com
1	hde.tynt.com	router.infolinks.com
1	de.tynt.com	1 redirects
1	assets.bnidx.com	turbox-tax-refund-usa-org.jigsy.com
1	code.jquery.com	turbox-tax-refund-usa-org.jigsy.com
105	72

This site contains links to these domains. Also see Links.

Domain
jigsy.com

Subject Issuer	Validity	Valid
*.jigsy.com Sectigo ECC Domain Validation Secure Server CA	`2021-04-22` - `2022-05-11`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.bnidx.com Sectigo ECC Domain Validation Secure Server CA	`2021-04-16` - `2022-05-12`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
adentifi.com Amazon	`2021-09-04` - `2022-10-03`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
revcontent.com Amazon	`2021-12-21` - `2023-01-19`	a year	crt.sh
cdn.revcontent.com R3	`2022-01-13` - `2022-04-13`	3 months	crt.sh
images.revcontent.com R3	`2022-01-10` - `2022-04-10`	3 months	crt.sh
*.id5-sync.com R3	`2021-12-20` - `2022-03-20`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://turbox-tax-refund-usa-org.jigsy.com/
Frame ID: 7C95983DC49C22710181796028FA6999
Requests: 39 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=turbox-tax-refund-usa-org.jigsy.com&purl=https%3A%2F%2Fturbox-tax-refund-usa-org.jigsy.com%2F
Frame ID: 8C4A695091BB135DEC426D0983A3B2CC
Requests: 18 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Frame ID: F40EB779CD02F139C7D58CB928EA2568
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Frame ID: D41E38245B410442E48438B12D636AB4
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Frame ID: 0F04E39297B7440B878E4BE1C2D7B0C3
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: F87997891C7ECE69071EE6901C35AFD4
Requests: 12 HTTP requests in this frame

Frame: https://trends.revcontent.com/serve.js.php?w=113005&t=rc_295&c=1644904235865&width=1600&referer=about%3Ablank
Frame ID: 0B79E5595BF481F2154AEA205DEDA04B
Requests: 15 HTTP requests in this frame

Frame: https://resources.infolinks.com/static/container-1.0.html
Frame ID: 51D76EF97747A032D91C99C5C4893F2B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Easy Website Builder, it's free! Jigsy.com

Page URL History Show full URLs

http://turbox-tax-refund-usa-org.jigsy.com/ HTTP 301
https://turbox-tax-refund-usa-org.jigsy.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

XRegExp (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

xregexp.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

105
Requests

59 %
HTTPS

19 %
IPv6

51
Domains

72
Subdomains

36
IPs

5
Countries

910 kB
Transfer

2510 kB
Size

135
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://jigsy.com/

Search URL Search Domain Scan URL

URL: https://jigsy.com/account/signup
Title: sign up

Search URL Search Domain Scan URL

URL: http://jigsy.com/about/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://jigsy.com/about/tos
Title: Terms of Service

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://turbox-tax-refund-usa-org.jigsy.com/ HTTP 301
https://turbox-tax-refund-usa-org.jigsy.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV HTTP 307
https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1

Request Chain 27

https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1

Request Chain 29

https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTI0MUM0RkUtQjI3OC00NDcwLUI3QUYtOTZBOERDQkJBRjUy&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTI0MUM0RkUtQjI3OC00NDcwLUI3QUYtOTZBOERDQkJBRjUy&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3DA241C4FE-B278-4470-B7AF-96A8DCBBAF52 HTTP 302
https://router.infolinks.com/dyn/pbm-usync?uid=A241C4FE-B278-4470-B7AF-96A8DCBBAF52

Request Chain 30

https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID HTTP 302
https://router.infolinks.com/dyn/apn-usync?user_id=8398611822624236906

Request Chain 31

https://u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D HTTP 302
https://router.infolinks.com/dyn/ox-usync?uid=0d3dfd45-d8d1-42cb-bf0c-92edc12d4256

Request Chain 32

https://ups.analytics.yahoo.com/ups/58422/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58422/occ?verify=true HTTP 302
https://router.infolinks.com/dyn/VR-usync?uid=y-nrsL445E2uHYkjufupiETNyIAN77yiIZi4KiM_0-~A

Request Chain 33

https://sync.1rx.io/usersync2/infolinks HTTP 302
https://sync.1rx.io/usersync2/infolinks?zcc=1&cb=1644904235227 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=805424387 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=805424387 HTTP 302
https://sync.1rx.io/usersync/tradedesk/94d9622f-d08e-4f7c-8987-c7464f03fe94 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-9e3e1265-27d4-47fd-bcac-8cdac7edf059-005?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-9e3e1265-27d4-47fd-bcac-8cdac7edf059-005 HTTP 302
https://router.infolinks.com/dyn/r1-usync?uid=RX-9e3e1265-27d4-47fd-bcac-8cdac7edf059-005

Request Chain 34

https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__ HTTP 302
https://stags.bluekai.com/site/23178?id=tbek7kOaE9e_nt6qs1Nt&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TPOV2GK4RONFXGM33MNFXGW4ZOMNXW2L3EPFXC66TNNYWXK43ZNZRT6ZLYMNUGC3THMU6WS3TGN5WGS3TLOMTHK2LEHV2GEZLLG5VU6YKFHFSV63TUGZYXGMKOOQ HTTP 302
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TPOV2GK4RONFXGM33MNFXGW4ZOMNXW2L3EPFXC66TNNYWXK43ZNZRT6ZLYMNUGC3THMU6WS3TGN5WGS3TLOMTHK2LEHV2GEZLLG5VU6YKFHFSV63TUGZYXGMKOOQ HTTP 302
https://router.infolinks.com/dyn/zmn-usync?uid=tbek7kOaE9e_nt6qs1Nt

Request Chain 35

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D HTTP 302
https://router.infolinks.com/dyn/sonobi-usync?uid=50587769-8de6-4789-b6b0-6fe7401b30da

Request Chain 36

https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fturbox-tax-refund-usa-org.jigsy.com%252F&pid=12306&adnxs_uid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fturbox-tax-refund-usa-org.jigsy.com%25252F%26pid%3D12306%26adnxs_uid%3D%24UID HTTP 302
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fturbox-tax-refund-usa-org.jigsy.com%2F&pid=12306&adnxs_uid=8398611822624236906

Request Chain 37

https://dsp.adkernel.com/sync?exchange=202&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fearn-usync%3Fuid%3D%7BUID%7D HTTP 302
https://router.infolinks.com/dyn/earn-usync?uid=A4404281201796502908

Request Chain 38

https://ad.360yield.com/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 HTTP 302
https://ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 HTTP 302
https://router.infolinks.com/dyn/imd-usync?user_id=0fecdec8-a8da-45a8-b14c-1df2b2fb71b8&partner_id=1531

Request Chain 39

https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP31dc66b4-8e23-11ec-a0bc-0a7d59dd54f1 HTTP 302
https://router.infolinks.com/dyn/outh-usync?uid=y-fJGPVYZE2uFN8AwZL8TGccEqtJvLMF7b~A~UP31dc66b4-8e23-11ec-a0bc-0a7d59dd54f1

Request Chain 40

https://match.bnmla.com/usersync?sspid=1000361&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fenbd-usync%3Fuid%3D%5BUUID%5D HTTP 302
https://bh.contextweb.com/bh/rtset?pid=558752&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D1%26uuid%3D%25%25VGUID%25%25 HTTP 302
https://match.bnmla.com/usersync?dspid=1&uuid=tmYIl0w4e6ky&ev=1&us_privacy=${us_privacy}&pid=558752

Request Chain 41

https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true HTTP 307
https://router.infolinks.com/dyn/sovrn-usync?uid=2ed50f70ed04a87e959d4673

Request Chain 42

https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3DA241C4FE-B278-4470-B7AF-96A8DCBBAF52 HTTP 302
https://router.infolinks.com/dyn/usersync?pmuservalue=A241C4FE-B278-4470-B7AF-96A8DCBBAF52

Request Chain 43

https://p.rfihub.com/cm?pub=43153&in=1 HTTP 302
https://router.infolinks.com/dyn/zeta-usync?uid=1783777311154695923

Request Chain 44

https://ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X HTTP 302
https://router.infolinks.com/dyn/33a-usync?uid=1907379469756

Request Chain 45

https://router.infolinks.com/dyn/iq-usync HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1509139146&pcid=a186493c-5fa4-417f-a171-e230f6624fa5&3rddpi=2023874098&3rdpcid=&3rddpi=1639354730&3rdpcid=&3rddpi=445262707&3rdpcid=&3rddpi=1402230080&3rdpcid=&3rddpi=541745869&3rdpcid=&3rddpi=1177082855&3rdpcid=&3rddpi=1213503647&3rdpcid=y-nrsL445E2uHYkjufupiETNyIAN77yiIZi4KiM_0-%7EA&3rddpi=1541423991&3rdpcid=&3rddpi=1239766150&3rdpcid=0d3dfd45-d8d1-42cb-bf0c-92edc12d4256 HTTP 302
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1509139146&pcid=a186493c-5fa4-417f-a171-e230f6624fa5&3rddpi=2023874098&3rdpcid=&3rddpi=1639354730&3rdpcid=&3rddpi=445262707&3rdpcid=&3rddpi=1402230080&3rdpcid=&3rddpi=541745869&3rdpcid=&3rddpi=1177082855&3rdpcid=&3rddpi=1213503647&3rdpcid=y-nrsL445E2uHYkjufupiETNyIAN77yiIZi4KiM_0-%7EA&3rddpi=1541423991&3rdpcid=&3rddpi=1239766150&3rdpcid=0d3dfd45-d8d1-42cb-bf0c-92edc12d4256&ckls=true&ci=TrhAOXoDTg&nc=false&trid=-113231397 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D1509139146%26rnd%3D-2081315275%26pcid%3D%23PMUID HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENWc59J5gG1aojk8Nn87dlA&google_cver=1 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:6EFDE42DC85B4379A055DF1A399569F2 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=1509139146&rnd=-2081315275&pcid=A241C4FE-B278-4470-B7AF-96A8DCBBAF52 HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D1509139146%3B1402230080%26rnd%3D543597611&pcid=$UID HTTP 302
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=1509139146;1402230080&rnd=543597611&pcid=8398611822624236906 HTTP 302
https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1486637409%26mi%3D10%26csh%3D1509139146%3B1402230080%3B1709765917%26rnd%3D1096226925%26pcid%3D HTTP 302
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1486637409&mi=10&csh=1509139146;1402230080;1709765917&rnd=1096226925&pcid=d10f3964-8743-4db4-baa6-333cd5c2a4d6 HTTP 302
https://ce.lijit.com/merge?pid=8101&3pid=TrhAOXoDTg&location=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D396218182%26mi%3D10%26csh%3D1509139146%3B1402230080%3B1709765917%3B1486637409%26rnd%3D763986715%26pcid%3D%5BSOVRNID%5D HTTP 302
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=396218182&mi=10&csh=1509139146;1402230080;1709765917;1486637409&rnd=763986715&pcid=2ed50f70ed04a87e959d4673 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1072441116%26mi%3D10%26csh%3D1509139146%3B1402230080%3B1709765917%3B1486637409%3B396218182%26rnd%3D1823658329%26pcid%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1072441116%26mi%3D10%26csh%3D1509139146%3B1402230080%3B1709765917%3B1486637409%3B396218182%26rnd%3D1823658329%26pcid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=327bf82f-8e23-11ec-859e-11d0974d0403 HTTP 302
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1072441116&mi=10&csh=1509139146;1402230080;1709765917;1486637409;396218182&rnd=1823658329&pcid=327bf7c7-8e23-11ec-859e-11d0974d0403 HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=10019&redir=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1678944572%26mi%3D10%26csh%3D1509139146%3B1402230080%3B1709765917%3B1486637409%3B396218182%3B1072441116%26rnd%3D-1257170138%26pcid=[MM_UUID]

Request Chain 46

https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=1509139146&pt=17&dpn=1&idtype=0&pcid=a186493c-5fa4-417f-a171-e230f6624fa5&iiqidtype=2&iiqpcid=70fedf8b-326d-44fc-af29-01bac0c71227&iiqpciddate=1644904235122&dbsaved=true&fbp=2503514551 HTTP 302
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=1509139146&pt=17&dpn=1&idtype=0&pcid=a186493c-5fa4-417f-a171-e230f6624fa5&iiqidtype=2&iiqpcid=70fedf8b-326d-44fc-af29-01bac0c71227&iiqpciddate=1644904235122&dbsaved=true&fbp=2503514551&ckls=true&ci=splP0bIZ5e&nc=false&trid=-1772904834

Request Chain 49

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fturbox-tax-refund-usa-org.jigsy.com%2F&domain=turbox-tax-refund-usa-org.jigsy.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=uQnPpnxmTm1ySnBuWE1vWjRNTTljZUZUK1p4T0cwam52a01BaUlVd1FpcW1RVUcrREx5enVlUWJpc2lkb1E2RUxqSnRLUEN6MmJaY1F6VWYyWCthaDdZRzY1cnZyZXVINjRHTW9waUdHbVNaQU1lMWc0V2tGOXo1T2JwN0J3V1JCOE8vbkpuUmF6NkswbFpXTzFRejJoWTgzM1ZhM05lQThjQmRxdnJxUGorczV5R3plQUwxVlpRSkovcG15N0pEWm9seFVDbGNtb3U5amVDbWtPRWMrQlJRMU5lN3VoSGZVYXNkbGdXTkhXMEl4NzNNbUVBSm5BUy9EbURWaVM0SXN3eFRKYVpXMTBwVEE4djBjM1dWdTRqWmFJQT09fA&cppv=2

Request Chain 53

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Ygs_K178iZntz_S7AOMXMQAAAhsAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Ygs_K178iZntz_S7AOMXMQAAAhsAAAIB&dcc=t

Request Chain 54

https://match.adsrvr.org/track/cmf/casale HTTP 302
https://match.adsrvr.org/track/cmb/casale HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=94d9622f-d08e-4f7c-8987-c7464f03fe94&expiration=1647496235&gdpr=0&gdpr_consent=

Request Chain 55

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Ygs_K178iZntz_S7AOMXMQAAAhsAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=Ygs_K178iZntz_S7AOMXMQAAAhsAAAIB&gdpr_consent=&us_privacy=&gdpr=&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEI0yXAPjEcrrvAM3a2ZPsU8&google_cver=1

Request Chain 56

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Ygs-K178iZntz-S7AOMXMQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEA6gUmtkfkVVT8wtxeju3sY&google_cver=1

Request Chain 58

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=Ygs-K178iZntz-S7AOMXMQAA%26539?gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=Ygs-K178iZntz-S7AOMXMQAA%26539?gdpr_consent=&us_privacy=&gdpr=

Request Chain 59

https://ad.turn.com/r/cs?pid=21 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4180921261382315743

Request Chain 60

https://x.bidswitch.net/sync?ssp=index HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=index HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=9f2b6b6b-c6c6-4a7b-994b-78dd098554be&ssp=index&gdpr=&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10593732964271608614&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dindex%26gdpr_consent%3D%26gdpr%3D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10593732964271608614&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dindex%26gdpr_consent%3D%26gdpr%3D HTTP 302
https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=c33398d8-86d5-4658-8a81-6b737222e4b6&ssp=index&gdpr_consent=&gdpr= HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=[mPlatform_cookie_ID]&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent= HTTP 302
https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=163850504063003335225&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=419&user_id=10593732964271608614&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=

Request Chain 62

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=

Request Chain 63

https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=the33across&us_privacy= HTTP 302
https://t.pswec.com/bsw_sync?ssp=the33across&bsw_user_id=9f2b6b6b-c6c6-4a7b-994b-78dd098554be HTTP 302
https://t.pswec.com/ul_cb/bsw_sync?ssp=the33across&bsw_user_id=9f2b6b6b-c6c6-4a7b-994b-78dd098554be HTTP 302
https://x.bidswitch.net/sync?dsp_id=2&user_id=d02bb0d1-11ae-435b-8479-adebe9024254&expires=3&user_group=1&ssp=the33across HTTP 302
https://ssc-cms.33across.com/ps/?gdpr_consent=&ri=10&ru=https%3A%2F%2Fcms-xch.33across.com%2Fmatch%3Fgdpr_58%3D%24gdpr_58%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D%26bidder_id%3D10%26external_user_id%3D9f2b6b6b-c6c6-4a7b-994b-78dd098554be HTTP 302
https://cms-xch.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=9f2b6b6b-c6c6-4a7b-994b-78dd098554be HTTP 301
https://cms-xch-chicago.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=9f2b6b6b-c6c6-4a7b-994b-78dd098554be

Request Chain 64

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1644904235240.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
https://cms-xch-chicago.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=1a24620b-3f2b-4100-80af-ad5f3b5769ff

Request Chain 65

https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-wXvXrB1E2uHqu6haQTOnxKrZ_CzxzcVL~A HTTP 302
https://cms-xch-chicago.33across.com/match?bidder_id=99&external_user_id=y-wXvXrB1E2uHqu6haQTOnxKrZ_CzxzcVL%7EA&ts=1644904235&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 66

https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
https://33across-match.dotomi.com/match/bounce/current?DotomiTest=4f820c5954ef11fe&is_secure=true&networkId=78390&version=1&us_privacy= HTTP 302
https://ssc-cms.33across.com/ps?xi=64&xu=AAAGZMIFjE1ViAMYj7lqAAAAAAA&expiration=1644990635&is_secure=true&us_privacy= HTTP 302
https://cms-xch-chicago.33across.com/match?bidder_id=64&external_user_id=AAAGZMIFjE1ViAMYj7lqAAAAAAA&ts=1644904235&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 67

https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy= HTTP 302
https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1647496235%26external_user_id%3D94d9622f-d08e-4f7c-8987-c7464f03fe94 HTTP 302
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1647496235&external_user_id=94d9622f-d08e-4f7c-8987-c7464f03fe94

Request Chain 73

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=KZNPIF6B-V-LJU0 HTTP 302
https://ssc-cms.33across.com/ps/?xi=1&xu=KZNPIF6B-V-LJU0 HTTP 302
https://cms-xch-chicago.33across.com/match?bidder_id=30&external_user_id=KZNPIF6B-V-LJU0&ts=1644904235&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 74

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/oUB2D68fz4bg3stt--qFHg?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5458779759513071702

Request Chain 75

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pOUElGNkItVi1MSlUw

Request Chain 76

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZNPIF6B-V-LJU0&sigv=1&esig=2~61fd746ef317c6aca67351b689efe3304f9e2256

Request Chain 77

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWU3OGU0MGNjNzEwZTQxZDJkM2Y1MjhlZDhkZDAxMDhiODBhYzZjMg

Request Chain 79

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=Ygs-KwAGVYSHRQBB HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=Ygs-KwAGVYSHRQBB&_test=Ygs-KwAGVYSHRQBB

Request Chain 80

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGyhPGx5v1cCmj3EW9pJ-8A&google_cver=1

Request Chain 81

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=1a24620b-3f2b-4100-80af-ad5f3b5769ff&expires=28

Request Chain 89

https://b1sync.zemanta.com/usersync/revcontent/?puid=NDliZThhOTZhMjk2ZGE4YTI2NjA4NmEwNjUwN2RhNmI%3D&cb=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3DNDliZThhOTZhMjk2ZGE4YTI2NjA4NmEwNjUwN2RhNmI%253D%26bidder%3D3%26bidder_uid%3D__ZUID__&rev_dt=1644904236 HTTP 302
https://stags.bluekai.com/site/23178?id=tbek7kOaE9e_nt6qs1Nt&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65DSMVXGI4ZOOJSXMY3PNZ2GK3TUFZRW63JPMNWS64DJPBSWYX3TPFXGGP3CNFSGIZLSHUZSMYTJMRSGK4S7OVUWIPLUMJSWWN3LJ5QUKOLFL5XHINTROMYU45BGMV4GG2DBNZTWKPLSMV3GG33OORSW45BGMV4GG2DBNZTWKX3VNFSD2TSENRUVUVDINBHVIWTIJVVGWMS2I5CTIWKUJEZE42SBGRHG2RLXJZVFK52OGJJGQTTNJESTGRA HTTP 302
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65DSMVXGI4ZOOJSXMY3PNZ2GK3TUFZRW63JPMNWS64DJPBSWYX3TPFXGGP3CNFSGIZLSHUZSMYTJMRSGK4S7OVUWIPLUMJSWWN3LJ5QUKOLFL5XHINTROMYU45BGMV4GG2DBNZTWKPLSMV3GG33OORSW45BGMV4GG2DBNZTWKX3VNFSD2TSENRUVUVDINBHVIWTIJVVGWMS2I5CTIWKUJEZE42SBGRHG2RLXJZVFK52OGJJGQTTNJESTGRA HTTP 302
https://trends.revcontent.com/cm/pixel_sync?bidder=3&bidder_uid=tbek7kOaE9e_nt6qs1Nt&exchange_uid=NDliZThhOTZhMjk2ZGE4YTI2NjA4NmEwNjUwN2RhNmI%3D

Request Chain 90

https://x.bidswitch.net/sync?ssp=revcontent&rev_dt=1644904236 HTTP 302
https://m.fg8dgt.com/sync?ssp=bidswitch&bidswitch_ssp_id=revcontent&ssp_uuid=9f2b6b6b-c6c6-4a7b-994b-78dd098554be HTTP 302
https://m.fg8dgt.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=revcontent&ssp_uuid=9f2b6b6b-c6c6-4a7b-994b-78dd098554be HTTP 302
https://x.bidswitch.net/sync?dsp_id=108&expires=14&ssp=revcontent&user_id=349e4a19-6576-4d8a-b497-4bf0ba174e8b HTTP 302
https://trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=9f2b6b6b-c6c6-4a7b-994b-78dd098554be

Request Chain 91

https://rtb.mfadsrvr.com/sync?ssp=revcontent&ssp_user_id=NDliZThhOTZhMjk2ZGE4YTI2NjA4NmEwNjUwN2RhNmI%3D&rev_dt=1644904236 HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=revcontent&ssp_user_id=NDliZThhOTZhMjk2ZGE4YTI2NjA4NmEwNjUwN2RhNmI%3D&rev_dt=1644904236 HTTP 302
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=NDliZThhOTZhMjk2ZGE4YTI2NjA4NmEwNjUwN2RhNmI=&bidder=154&bidder_uid=7bba594e-3dbd-4e03-94d6-e121f797c01a

Request Chain 99

https://pixel.tapad.com/idsync/ex/receive?partner_device_id=a186493c-5fa4-417f-a171-e230f6624fa5=&partner_id=3337 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=c33398d8-86d5-4658-8a81-6b737222e4b6%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=94d9622f-d08e-4f7c-8987-c7464f03fe94&ttd_puid=c33398d8-86d5-4658-8a81-6b737222e4b6%2C

105 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request / Show response
turbox-tax-refund-usa-org.jigsy.com/
Redirect Chain

http://turbox-tax-refund-usa-org.jigsy.com/
https://turbox-tax-refund-usa-org.jigsy.com/

4 KB
5 KB

432ms
162ms

Document
text/html

70.33.222.6
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://turbox-tax-refund-usa-org.jigsy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 70.33.222.6 Vancouver, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4 / Phusion Passenger 6.0.4
Resource Hash: 9323495b1e5df287a7c0ab02be4a6a1fbcc9b3e5ed803ab43ec9385f785dbbd4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

date: Tue, 15 Feb 2022 05:50:33 GMT
server: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4
cache-control: no-cache
x-request-id: 1ba5219eee76659999405e546c7d9fc4
x-ua-compatible: IE=Edge
x-runtime: 0.024999
x-rack-cache: miss
x-powered-by: Phusion Passenger 6.0.4
status: 404 Not Found
content-type: text/html; charset=utf-8

Redirect headers

Content-length: 0
Location: https://turbox-tax-refund-usa-org.jigsy.com/

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 51ms
22ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: turbox-tax-refund-usa-org.jigsy.com
URL: https://turbox-tax-refund-usa-org.jigsy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://turbox-tax-refund-usa-org.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 05:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 617, 718
age: 25730830
cdn-cachedat: 2021-03-11 04:57:54
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: fd9790f5364733fa4266619009a41568
cf-ray: 6ddc4266488e4bb8-YUL
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 49ms
19ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: turbox-tax-refund-usa-org.jigsy.com
URL: https://turbox-tax-refund-usa-org.jigsy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://turbox-tax-refund-usa-org.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 05:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 617, 617
age: 25730829
cdn-cachedat: 2021-03-10 13:26:27
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 898a5586476273b50179fca1a96b41f8
cf-ray: 6ddc426648904bb8-YUL
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H2 200 bootstrap-select.min.css
cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.12.4/css/ 6 KB
2 KB 46ms
17ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.12.4/css/bootstrap-select.min.css

Requested by

Host: turbox-tax-refund-usa-org.jigsy.com
URL: https://turbox-tax-refund-usa-org.jigsy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

feeb377a08b6715a7498491547c727a8bb2e0d8e819ab0eebd33d4b84af51c94

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://turbox-tax-refund-usa-org.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 05:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 83587
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1315
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:06:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d8e-19ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sZtGadQEWlr230bDyDjqST%2BQqQGTMpcbOHNSP%2Fi9Sl8M8S9SmG5SPqErShWVhd5b2cyTUKXkwqXa1G0bupFiF6KB1nFjp9fwLB69ne4u09nuFp0m%2B17pi6EvTnpYTesRDWu5Y0dW5Bu2BNbSVhaMEG05"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ddc42664dfb7154-YUL
expires: Sun, 05 Feb 2023 05:50:33 GMT

GET
H2 200 style-1b7c0e119bc58347e850590d5f2f6fd3.css
turbox-tax-refund-usa-org.jigsy.com/assets/responsive/ 9 KB
10 KB 148ms
146ms Stylesheet
text/css 70.33.222.6
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://turbox-tax-refund-usa-org.jigsy.com/assets/responsive/style-1b7c0e119bc58347e850590d5f2f6fd3.css
Requested by: Host: turbox-tax-refund-usa-org.jigsy.com
URL: https://turbox-tax-refund-usa-org.jigsy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 70.33.222.6 Vancouver, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4 / Phusion Passenger 6.0.4
Resource Hash: 37dcad0aea3a8073c2a28d1e2f2f5ce73a033ee61c9c961adf056d5fdf9bf5a0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://turbox-tax-refund-usa-org.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-runtime: 0.003351
date: Tue, 15 Feb 2022 05:50:34 GMT
x-content-digest: 23ddcdea5b46777aeb49678ccc9281f7dab07c82
last-modified: Tue, 08 Jun 2021 19:31:48 GMT
server: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4
age: 0
x-powered-by: Phusion Passenger 6.0.4
content-type: text/css
status: 200 OK
cache-control: public, max-age=31536000
x-request-id: d0c3a52ea8a39e3304c21a971e2ea855
content-length: 9444
etag: "1b7c0e119bc58347e850590d5f2f6fd3"
x-rack-cache: miss, store
x-ua-compatible: IE=Edge

GET
H2 200 helper-classes-7f703c796690e15e41571acefd4feed6.css
turbox-tax-refund-usa-org.jigsy.com/assets/responsive/ 166 B
612 B 143ms
141ms Stylesheet
text/css 70.33.222.6
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://turbox-tax-refund-usa-org.jigsy.com/assets/responsive/helper-classes-7f703c796690e15e41571acefd4feed6.css
Requested by: Host: turbox-tax-refund-usa-org.jigsy.com
URL: https://turbox-tax-refund-usa-org.jigsy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 70.33.222.6 Vancouver, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4 / Phusion Passenger 6.0.4
Resource Hash: 54829ef6edbc5fb8f6bd00c6e4f677b1093943e47d9d2528e25fbd08533f83e7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://turbox-tax-refund-usa-org.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-runtime: 0.003418
date: Tue, 15 Feb 2022 05:50:34 GMT
x-content-digest: f4a7c3ef80123f6b5ea85b03de7e1020999de185
last-modified: Tue, 08 Jun 2021 19:31:48 GMT
server: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4
age: 0
x-powered-by: Phusion Passenger 6.0.4
content-type: text/css
status: 200 OK
cache-control: public, max-age=31536000
x-request-id: 162001f1c59add05d047d18547df0d30
content-length: 166
etag: "7f703c796690e15e41571acefd4feed6"
x-rack-cache: miss, store
x-ua-compatible: IE=Edge

GET
H2 200 jigsy-f762e135464f4d07cbaa221229fb49a6.css
turbox-tax-refund-usa-org.jigsy.com/assets/responsive/ 3 KB
3 KB 152ms
148ms Stylesheet
text/css 70.33.222.6
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://turbox-tax-refund-usa-org.jigsy.com/assets/responsive/jigsy-f762e135464f4d07cbaa221229fb49a6.css
Requested by: Host: turbox-tax-refund-usa-org.jigsy.com
URL: https://turbox-tax-refund-usa-org.jigsy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 70.33.222.6 Vancouver, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4 / Phusion Passenger 6.0.4
Resource Hash: 477a95228c963cad1c13967a9b3eee0db6f9813cbc3c9a0aa13d00a46e472853

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://turbox-tax-refund-usa-org.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-runtime: 0.003394
date: Tue, 15 Feb 2022 05:50:34 GMT
x-content-digest: e8ecde58886faae00e94437dce0d2c83e1aa61af
last-modified: Tue, 08 Jun 2021 19:31:48 GMT
server: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4
age: 0
x-powered-by: Phusion Passenger 6.0.4
content-type: text/css
status: 200 OK
cache-control: public, max-age=31536000
x-request-id: 2514fe94e2d1e26233edaba5f5fa5a63
content-length: 3106
etag: "f762e135464f4d07cbaa221229fb49a6"
x-rack-cache: miss, store
x-ua-compatible: IE=Edge

GET
H2 200 jquery-3.2.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 78ms
25ms Script
application/javascript 2001:4de0:ac18::1:a:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: turbox-tax-refund-usa-org.jigsy.com
URL: https://turbox-tax-refund-usa-org.jigsy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://turbox-tax-refund-usa-org.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 05:50:34 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15283"
vary: Accept-Encoding
x-hw: 1644904234.dop204.dc2.t,1644904234.cds209.dc2.hn,1644904234.cds073.dc2.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30125

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
11 KB 45ms
18ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: turbox-tax-refund-usa-org.jigsy.com
URL: https://turbox-tax-refund-usa-org.jigsy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://turbox-tax-refund-usa-org.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 05:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 617, 617
age: 25730828
cdn-cachedat: 2021-03-10 13:26:26
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 53afe90ae1525b33eedeab47bbd5d8aa
cf-ray: 6ddc426648914bb8-YUL
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H2 200 bootstrap-select.min.js Show response
cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.12.4/js/ 33 KB
9 KB 48ms
21ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.12.4/js/bootstrap-select.min.js

Requested by

Host: turbox-tax-refund-usa-org.jigsy.com
URL: https://turbox-tax-refund-usa-org.jigsy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7d277ad3ded41d89d82daaa750df136efbe19dec4a0ffda83fd31d651e2d316

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://turbox-tax-refund-usa-org.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 05:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 165625
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8703
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:06:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d8e-8263"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H37U4kByhoDzK539JAzNQDP5gMSM5yVF7nAOKtdsEAvXZyAgZBiq2tNbZcWiIhJ40IBt5fvKfMRo6tGi4Ft62Z3pwdytE%2B9QRmH5FfSTcQx0cCkno9f7smAHJ1RJHhzktWR4%2B2gA%2FrcXgaJG14pwAgWQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ddc42665dfe7154-YUL
expires: Sun, 05 Feb 2023 05:50:33 GMT

GET
H2 200 xregexp-all.min.js Show response
cdnjs.cloudflare.com/ajax/libs/xregexp/3.2.0/ 78 KB
19 KB 44ms
18ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/xregexp/3.2.0/xregexp-all.min.js

Requested by

Host: turbox-tax-refund-usa-org.jigsy.com
URL: https://turbox-tax-refund-usa-org.jigsy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b16451935f2c828efe085e9e3419bf041c99f38143e720bcec92780379198369

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://turbox-tax-refund-usa-org.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 05:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1660138
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18708
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:57 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04035-13844"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y5XqlRd3vBYmaAJx01BWiZAi90IE5Re8JfguoQ00nOW3fRxWqY%2BXG9rmJ9ZfBDVNG3Xf3w%2Bd7RLWaLlUcTxhStnbHdWu0ZOqNiO2YA7StboRT1b8Etca9tDTtCKNyTy9OWZag4TzLNo%2B4Yhj4uANg%2BmF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ddc42665dff7154-YUL
expires: Sun, 05 Feb 2023 05:50:33 GMT

GET
H2 200 jigsy-ae828f57d7e73ce8be0baab9815bf39d.js Show response
turbox-tax-refund-usa-org.jigsy.com/assets/responsive/ 2 KB
2 KB 277ms
274ms Script
application/javascript 70.33.222.6
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://turbox-tax-refund-usa-org.jigsy.com/assets/responsive/jigsy-ae828f57d7e73ce8be0baab9815bf39d.js
Requested by: Host: turbox-tax-refund-usa-org.jigsy.com
URL: https://turbox-tax-refund-usa-org.jigsy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 70.33.222.6 Vancouver, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4 / Phusion Passenger 6.0.4
Resource Hash: 1d3cc74bdade25c9fd2992964780f06539ea7bf07d03b4da7d0d76afb9b016e9

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://turbox-tax-refund-usa-org.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-runtime: 0.003365
date: Tue, 15 Feb 2022 05:50:34 GMT
x-content-digest: 57cafd7253f2589b7edeea98ff28d3e2513b29fd
last-modified: Wed, 21 Jul 2021 18:27:00 GMT
server: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4
age: 0
x-powered-by: Phusion Passenger 6.0.4
content-type: application/javascript
status: 200 OK
cache-control: public, max-age=31536000
x-request-id: c0b5e3c039e0c009f8f68f6973c7b854
content-length: 1596
etag: "ae828f57d7e73ce8be0baab9815bf39d"
x-rack-cache: miss, store
x-ua-compatible: IE=Edge

GET
H2 200 jigsy.countdown-eb7237748346a9b56ca02c5ca99d335b.js Show response
turbox-tax-refund-usa-org.jigsy.com/assets/responsive/ 165 B
625 B 149ms
147ms Script
application/javascript 70.33.222.6
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://turbox-tax-refund-usa-org.jigsy.com/assets/responsive/jigsy.countdown-eb7237748346a9b56ca02c5ca99d335b.js
Requested by: Host: turbox-tax-refund-usa-org.jigsy.com
URL: https://turbox-tax-refund-usa-org.jigsy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 70.33.222.6 Vancouver, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4 / Phusion Passenger 6.0.4
Resource Hash: 7b6af6361d1836d3d5864f9a8e42e5201f432a518ff7a73fed6e64af10daeee9

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://turbox-tax-refund-usa-org.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-runtime: 0.003343
date: Tue, 15 Feb 2022 05:50:34 GMT
x-content-digest: 5013b6f831ab2693830c852cdd95becba3932508
last-modified: Tue, 08 Jun 2021 19:31:48 GMT
server: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4
age: 0
x-powered-by: Phusion Passenger 6.0.4
content-type: application/javascript
status: 200 OK
cache-control: public, max-age=31536000
x-request-id: 763108156f176be1456f0cfaa9138315
content-length: 165
etag: "eb7237748346a9b56ca02c5ca99d335b"
x-rack-cache: miss, store
x-ua-compatible: IE=Edge

GET
H2 200 jigsy.extensions-dd3b6a9aecc8ca06dd6386af6b3293cf.js Show response
turbox-tax-refund-usa-org.jigsy.com/assets/responsive/ 462 B
922 B 280ms
277ms Script
application/javascript 70.33.222.6
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://turbox-tax-refund-usa-org.jigsy.com/assets/responsive/jigsy.extensions-dd3b6a9aecc8ca06dd6386af6b3293cf.js
Requested by: Host: turbox-tax-refund-usa-org.jigsy.com
URL: https://turbox-tax-refund-usa-org.jigsy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 70.33.222.6 Vancouver, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4 / Phusion Passenger 6.0.4
Resource Hash: 359836ef917e6a8d43dadfe1a427808c18656f6df8290b4010e2439b43a440b4

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://turbox-tax-refund-usa-org.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-runtime: 0.003253
date: Tue, 15 Feb 2022 05:50:34 GMT
x-content-digest: 108bde0280e7cd09ab021606962d45f4e46b551f
last-modified: Tue, 08 Jun 2021 19:31:48 GMT
server: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4
age: 0
x-powered-by: Phusion Passenger 6.0.4
content-type: application/javascript
status: 200 OK
cache-control: public, max-age=31536000
x-request-id: a257912d53723fbca3843c2d83daf5d8
content-length: 462
etag: "dd3b6a9aecc8ca06dd6386af6b3293cf"
x-rack-cache: miss, store
x-ua-compatible: IE=Edge

GET
H2 200 jigsy.ajaxForms-b02294cb797aa3c7d5e870687ce759c8.js Show response
turbox-tax-refund-usa-org.jigsy.com/assets/responsive/ 381 B
841 B 148ms
146ms Script
application/javascript 70.33.222.6
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://turbox-tax-refund-usa-org.jigsy.com/assets/responsive/jigsy.ajaxForms-b02294cb797aa3c7d5e870687ce759c8.js
Requested by: Host: turbox-tax-refund-usa-org.jigsy.com
URL: https://turbox-tax-refund-usa-org.jigsy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 70.33.222.6 Vancouver, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4 / Phusion Passenger 6.0.4
Resource Hash: 034267c82673796f2f6fe56a3ef4230b47ddae481fd0d4bdd7a7038a1b332648

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://turbox-tax-refund-usa-org.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-runtime: 0.003530
date: Tue, 15 Feb 2022 05:50:34 GMT
x-content-digest: e6d0302d8fdfbd9dc6ff99f71976697ec1687440
last-modified: Tue, 08 Jun 2021 19:31:48 GMT
server: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4
age: 0
x-powered-by: Phusion Passenger 6.0.4
content-type: application/javascript
status: 200 OK
cache-control: public, max-age=31536000
x-request-id: c6d82719a4d9c20e688c577b698e128c
content-length: 381
etag: "b02294cb797aa3c7d5e870687ce759c8"
x-rack-cache: miss, store
x-ua-compatible: IE=Edge

GET
H2 200 jquery_ujs-f73e1bd169fae2ec00e76eb32d636a9a.js Show response
turbox-tax-refund-usa-org.jigsy.com/assets/ 7 KB
8 KB 280ms
278ms Script
application/javascript 70.33.222.6
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://turbox-tax-refund-usa-org.jigsy.com/assets/jquery_ujs-f73e1bd169fae2ec00e76eb32d636a9a.js
Requested by: Host: turbox-tax-refund-usa-org.jigsy.com
URL: https://turbox-tax-refund-usa-org.jigsy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 70.33.222.6 Vancouver, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4 / Phusion Passenger 6.0.4
Resource Hash: b34c0a3651292fe7652a929be7b36f17fcf40d1f0150a01989e0707527d489b2

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://turbox-tax-refund-usa-org.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-runtime: 0.003919
date: Tue, 15 Feb 2022 05:50:34 GMT
x-content-digest: 4e652faa2f2f3b8fafd800dccf62aca27212fc98
last-modified: Sat, 17 Apr 2021 06:36:56 GMT
server: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4
age: 0
x-powered-by: Phusion Passenger 6.0.4
content-type: application/javascript
status: 200 OK
cache-control: public, max-age=31536000
x-request-id: 2f4f4fc7e93c434e61c3a0ccfbdfbbf6
content-length: 7523
etag: "f73e1bd169fae2ec00e76eb32d636a9a"
x-rack-cache: miss, store
x-ua-compatible: IE=Edge

GET
H2 200 logo.png
turbox-tax-refund-usa-org.jigsy.com/images/jigsy/ 5 KB
5 KB 135ms
134ms Image
image/png 70.33.222.6
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turbox-tax-refund-usa-org.jigsy.com/images/jigsy/logo.png
Requested by: Host: turbox-tax-refund-usa-org.jigsy.com
URL: https://turbox-tax-refund-usa-org.jigsy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 70.33.222.6 Vancouver, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4 /
Resource Hash: d40000464c06127197135256da45cc0a3a2abda2e34b5d53a0e937c3bd23330f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://turbox-tax-refund-usa-org.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 05:50:34 GMT
last-modified: Wed, 15 Dec 2021 23:15:24 GMT
server: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4
accept-ranges: bytes
etag: "1322-5d3377b02db00"
content-length: 4898
content-type: image/png

GET
H2 200 loader.js Show response
assets.bnidx.com/jigsy/js/ 930 B
2 KB 624ms
253ms Script
text/html 65.39.176.77
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bnidx.com/jigsy/js/loader.js
Requested by: Host: turbox-tax-refund-usa-org.jigsy.com
URL: https://turbox-tax-refund-usa-org.jigsy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.39.176.77 Vancouver, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: bnidx.com
Software: Apache / PHP/7.2.24
Resource Hash: 2740dc691aeb3add71f54034b04fa4adf6f2b544940298d3bf215a62e88da4b8

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://turbox-tax-refund-usa-org.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 05:50:34 GMT
cache-control: no-cache, private
server: Apache
x-powered-by: PHP/7.2.24
content-length: 930
content-type: text/html; charset=UTF-8

GET
H2 200 css
fonts.googleapis.com/ 26 KB
2 KB 83ms
36ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i

Requested by

Host: turbox-tax-refund-usa-org.jigsy.com
URL: https://turbox-tax-refund-usa-org.jigsy.com/assets/responsive/jigsy-f762e135464f4d07cbaa221229fb49a6.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

035f76cad89b4436226962589da4573cdba89378ed3ef64029e73035d4e122c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://turbox-tax-refund-usa-org.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 05:24:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Feb 2022 05:50:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Feb 2022 05:50:34 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 66ms
19ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://turbox-tax-refund-usa-org.jigsy.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 13:43:38 GMT
x-content-type-options: nosniff
age: 230816
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sun, 12 Feb 2023 13:43:38 GMT

GET
H2 200 infolinks_main.js Show response
resources.infolinks.com/js/ 3 KB
2 KB 78ms
29ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/infolinks_main.js
Requested by: Host: turbox-tax-refund-usa-org.jigsy.com
URL: https://turbox-tax-refund-usa-org.jigsy.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 483bc7d183e97ee75656a646640e2387bc579e657a4a92aa6b61ada0c95a5721

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://turbox-tax-refund-usa-org.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

cf-ray: 6ddc426c29784004-YYZ
date: Tue, 15 Feb 2022 05:50:34 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 09 Feb 2022 08:26:37 GMT
server: cloudflare
age: 4994
etag: W/"d73-5d791979f01a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
content-encoding: gzip
expires: Tue, 15 Feb 2022 05:27:20 GMT

GET
H2 200 ice.js Show response
resources.infolinks.com/js/1786.003-3.025/ 178 KB
55 KB 36ms
35ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1786.003-3.025/ice.js
Requested by: Host: turbox-tax-refund-usa-org.jigsy.com
URL: https://turbox-tax-refund-usa-org.jigsy.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d51fc32f16709946cd68db3ca2ab3a88d7e8bf7dad9a28834a51e19aed8c3a8d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://turbox-tax-refund-usa-org.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

cf-ray: 6ddc426c69c44004-YYZ
date: Tue, 15 Feb 2022 05:50:34 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 26 Jan 2022 08:38:27 GMT
server: cloudflare
age: 3538
etag: W/"2c618-5d6782026a911"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
expires: Thu, 17 Mar 2022 04:51:36 GMT

GET
H2 200 manage Show response
router.infolinks.com/usync/ Frame 8C4A 9 KB
2 KB 63ms
51ms Document
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=turbox-tax-refund-usa-org.jigsy.com&purl=https%3A%2F%2Fturbox-tax-refund-usa-org.jigsy.com%2F
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1786.003-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7622871b897686f7e6907e17c5e13fad90f01d552185f2be61a09f574dd379a3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://turbox-tax-refund-usa-org.jigsy.com/

Response headers

date: Tue, 15 Feb 2022 05:50:35 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6ddc426cfa654004-YYZ
content-encoding: gzip

GET
H2 200 lcmanage Show response
router.infolinks.com/usync/ 263 B
305 B 58ms
50ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/lcmanage?pid=3235947&wsid=0&pdom=turbox-tax-refund-usa-org.jigsy.com&purl=https%3A%2F%2Fturbox-tax-refund-usa-org.jigsy.com%2F
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1786.003-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7feae16364e32e2050e215d4ddb72b1afd8be3c272eb6b5117876b9246ae9ae4

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://turbox-tax-refund-usa-org.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 05:50:35 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6ddc426cfa674004-YYZ
p3p: CP="NON DSP NID OUR COR"
content-encoding: gzip
cache-control: no-store
content-type: application/javascript;charset=ISO-8859-1

GET
H2 200 gsd Show response
router.infolinks.com/ 321 B
548 B 56ms
49ms Script
text/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/gsd?evt=afterGSD&pid=3235947&pdom=turbox-tax-refund-usa-org.jigsy.com&purl=https%3A%2F%2Fturbox-tax-refund-usa-org.jigsy.com%2F&jsv=1786.003-3.025&_cb=16449042350190
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1786.003-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0d3439d6d0c55feb5e28a9d9f22d9c9757f0ceac69fe58a0a6dc10ae6e7c0ce

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://turbox-tax-refund-usa-org.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 05:50:35 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: text/javascript;charset=UTF-8
content-encoding: gzip
cache-control: max-age=0
cf-ray: 6ddc426cfa684004-YYZ
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 doq.htm Show response
rt3045.infolinks.com/action/ 2 KB
2 KB 165ms
112ms XHR
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3045.infolinks.com/action/doq.htm?pcode=utf-8&r=16449042350911
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1786.003-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15e337c1ce426c5e9963c06fb99f42eb20bddef73f2e054f59bccf2fce8b1ffd

Request headers

Referer: https://turbox-tax-refund-usa-org.jigsy.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 15 Feb 2022 05:50:35 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NON DSP NID OUR COR"
content-type: text/html;charset=UTF-8
x-application-context: application:prod
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-language: en-CA
access-control-allow-origin: https://turbox-tax-refund-usa-org.jigsy.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
cf-ray: 6ddc426dbae25425-YYZ
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 iqusync-1.14.min.js Show response
resources.infolinks.com/static/usync/ 3 KB
1 KB 27ms
27ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/static/usync/iqusync-1.14.min.js
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/lcmanage?pid=3235947&wsid=0&pdom=turbox-tax-refund-usa-org.jigsy.com&purl=https%3A%2F%2Fturbox-tax-refund-usa-org.jigsy.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4672d29f833a7f7cc73b07fb9de14be1ebe2d293a913fe5196191e89ae5037b6

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://turbox-tax-refund-usa-org.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

cf-ray: 6ddc426d6ad14004-YYZ
date: Tue, 15 Feb 2022 05:50:35 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Sun, 09 Jan 2022 13:00:03 GMT
server: cloudflare
age: 6509
etag: W/"ab3-5d525cc6a0e71"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
expires: Thu, 17 Mar 2022 04:02:06 GMT

GET
H2

200

/ Show response
hde.tynt.com/deb/ Frame F40E
Redirect Chain

https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1

1 KB
2 KB

47ms
34ms

Document
text/html

67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=turbox-tax-refund-usa-org.jigsy.com&purl=https%3A%2F%2Fturbox-tax-refund-usa-org.jigsy.com%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: eb9831a6f22046a48da07318205a01f6f6eeba4b997de7a261da74b7a2104ee3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
expires: Sat, 26 Jul 1997 05:00:00 GMT
referrer-policy: unsafe-url
content-type: text/html
content-length: 1333
date: Tue, 15 Feb 2022 05:50:34 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

Redirect headers

location: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
expires: Sat, 26 Jul 1997 05:00:00 GMT
referrer-policy: unsafe-url
content-length: 0
date: Tue, 15 Feb 2022 05:50:34 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame D41E
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1

1 KB
3 KB

41ms
41ms

Document
text/html

23.54.68.240
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=turbox-tax-refund-usa-org.jigsy.com&purl=https%3A%2F%2Fturbox-tax-refund-usa-org.jigsy.com%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.54.68.240 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-54-68-240.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e27f5bea73fe9e9b2b90bc52e14e0e562a515167e3146f7b4453427a86c46dba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 241|39|230|45|188|221|4|51
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Expires: Tue, 15 Feb 2022 05:50:35 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 15 Feb 2022 05:50:35 GMT
Content-Length: 1506
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 311
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Tue, 15 Feb 2022 05:50:35 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 15 Feb 2022 05:50:35 GMT
Connection: keep-alive

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 0F04 2 KB
814 B 37ms
9ms Document
text/html 51.222.39.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=turbox-tax-refund-usa-org.jigsy.com&purl=https%3A%2F%2Fturbox-tax-refund-usa-org.jigsy.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.185 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip185.ip-51-222-39.net

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2

200

pbm-usync
router.infolinks.com/dyn/ Frame 8C4A
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTI0MUM0RkUtQjI3OC00NDcwLUI3QUYtOTZBOERDQkJBRjUy&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTI0MUM0RkUtQjI3OC00NDcwLUI3QUYtOTZBOERDQkJBRjUy&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3DA241C4FE-B278-4470-B7AF-96A8DCBBAF52
https://router.infolinks.com/dyn/pbm-usync?uid=A241C4FE-B278-4470-B7AF-96A8DCBBAF52

0
195 B

104ms
104ms

Image
text/html

172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/pbm-usync?uid=A241C4FE-B278-4470-B7AF-96A8DCBBAF52
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=turbox-tax-refund-usa-org.jigsy.com&purl=https%3A%2F%2Fturbox-tax-refund-usa-org.jigsy.com%2F
Protocol: H2
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 05:50:35 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, private
cf-ray: 6ddc42704e654004-YYZ
content-length: 0
expires: Mon, 15 Feb 2021 05:50:35 GMT

Redirect headers

location: https://router.infolinks.com/dyn/pbm-usync?uid=A241C4FE-B278-4470-B7AF-96A8DCBBAF52
date: Tue, 15 Feb 2022 05:50:35 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

apn-usync
router.infolinks.com/dyn/ Frame 8C4A
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
https://router.infolinks.com/dyn/apn-usync?user_id=8398611822624236906

35 B
187 B

51ms
51ms

Image
image/gif

172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/apn-usync?user_id=8398611822624236906
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=turbox-tax-refund-usa-org.jigsy.com&purl=https%3A%2F%2Fturbox-tax-refund-usa-org.jigsy.com%2F
Protocol: H2
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 05:50:35 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6ddc426e1b7c4004-YYZ
content-length: 35
expires: Mon, 15 Feb 2021 05:50:35 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 05:50:35 GMT
X-Proxy-Origin: 149.56.153.183; 149.56.153.183; 579.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: dbf23229-baa2-448c-96c7-26326d441a45
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://router.infolinks.com/dyn/apn-usync?user_id=8398611822624236906
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

ox-usync
router.infolinks.com/dyn/ Frame 8C4A
Redirect Chain

https://u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D
https://u.openx.net/w/1.0/cm?cc=1&id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D
https://router.infolinks.com/dyn/ox-usync?uid=0d3dfd45-d8d1-42cb-bf0c-92edc12d4256

35 B
200 B

47ms
47ms

Image
image/gif

172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/ox-usync?uid=0d3dfd45-d8d1-42cb-bf0c-92edc12d4256
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=turbox-tax-refund-usa-org.jigsy.com&purl=https%3A%2F%2Fturbox-tax-refund-usa-org.jigsy.com%2F
Protocol: H2
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 05:50:35 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6ddc426dfb624004-YYZ
content-length: 35
expires: Mon, 15 Feb 2021 05:50:35 GMT

Redirect headers

date: Tue, 15 Feb 2022 05:50:35 GMT
content-encoding: gzip
server: OXGW/17.1.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://router.infolinks.com/dyn/ox-usync?uid=0d3dfd45-d8d1-42cb-bf0c-92edc12d4256
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
via: 1.1 google

GET
H2

200

VR-usync
router.infolinks.com/dyn/ Frame 8C4A
Redirect Chain

https://ups.analytics.yahoo.com/ups/58422/occ
https://ups.analytics.yahoo.com/ups/58422/occ?verify=true
https://router.infolinks.com/dyn/VR-usync?uid=y-nrsL445E2uHYkjufupiETNyIAN77yiIZi4KiM_0-~A

35 B
209 B

50ms
49ms

Image
image/gif

172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/VR-usync?uid=y-nrsL445E2uHYkjufupiETNyIAN77yiIZi4KiM_0-~A
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=turbox-tax-refund-usa-org.jigsy.com&purl=https%3A%2F%2Fturbox-tax-refund-usa-org.jigsy.com%2F
Protocol: H2
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 05:50:35 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6ddc426e4bb54004-YYZ
content-length: 35
expires: Mon, 15 Feb 2021 05:50:35 GMT

Redirect headers

location: https://router.infolinks.com/dyn/VR-usync?uid=y-nrsL445E2uHYkjufupiETNyIAN77yiIZi4KiM_0-~A
date: Tue, 15 Feb 2022 05:50:35 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

r1-usync
router.infolinks.com/dyn/ Frame 8C4A
Redirect Chain

https://sync.1rx.io/usersync2/infolinks
https://sync.1rx.io/usersync2/infolinks?zcc=1&cb=1644904235227
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=805424387
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=805424387
https://sync.1rx.io/usersync/tradedesk/94d9622f-d08e-4f7c-8987-c7464f03fe94
https://sync.targeting.unrulymedia.com/csync/RX-9e3e1265-27d4-47fd-bcac-8cdac7edf059-005?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-9e3e1265-27d4-47fd-bcac-8cdac7edf059-005
https://router.infolinks.com/dyn/r1-usync?uid=RX-9e3e1265-27d4-47fd-bcac-8cdac7edf059-005

35 B
205 B

48ms
48ms

Image
image/gif

172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/r1-usync?uid=RX-9e3e1265-27d4-47fd-bcac-8cdac7edf059-005
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=turbox-tax-refund-usa-org.jigsy.com&purl=https%3A%2F%2Fturbox-tax-refund-usa-org.jigsy.com%2F
Protocol: H2
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 05:50:35 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6ddc42709ef14004-YYZ
content-length: 35
expires: Mon, 15 Feb 2021 05:50:35 GMT

Redirect headers

Date: Tue, 15 Feb 2022 05:50:35 GMT
Server: Tengine
ETag: RX9e3e126527d447fdbcac8cdac7edf059005
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location: https://router.infolinks.com/dyn/r1-usync?uid=RX-9e3e1265-27d4-47fd-bcac-8cdac7edf059-005
Connection: keep-alive
Content-Type: text/html

GET
H2

200

zmn-usync
router.infolinks.com/dyn/ Frame 8C4A
Redirect Chain

https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
https://stags.bluekai.com/site/23178?id=tbek7kOaE9e_nt6qs1Nt&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TPOV2GK4RONFXGM33MNFXGW4ZOMNXW2L3EPFXC66TN...
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TPOV2GK4RONFXGM33MNFXGW4ZOMNXW2L3EPFXC66TNNYWXK43ZNZRT6ZLYMNUGC3THMU6WS3TGN5WGS3TLOMTHK2LEHV2GEZLLG5VU6YKFHFSV63TUGZYXGMKOOQ
https://router.infolinks.com/dyn/zmn-usync?uid=tbek7kOaE9e_nt6qs1Nt

35 B
190 B

181ms
181ms

Image
image/gif

172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/zmn-usync?uid=tbek7kOaE9e_nt6qs1Nt
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=turbox-tax-refund-usa-org.jigsy.com&purl=https%3A%2F%2Fturbox-tax-refund-usa-org.jigsy.com%2F
Protocol: H2
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 05:50:35 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6ddc426fcdc64004-YYZ
content-length: 35
expires: Mon, 15 Feb 2021 05:50:35 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 05:50:35 GMT
P3p: CP="We do not support P3P header."
Location: https://router.infolinks.com/dyn/zmn-usync?uid=tbek7kOaE9e_nt6qs1Nt
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 90
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

sonobi-usync
router.infolinks.com/dyn/ Frame 8C4A
Redirect Chain

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D
https://router.infolinks.com/dyn/sonobi-usync?uid=50587769-8de6-4789-b6b0-6fe7401b30da

35 B
204 B

60ms
60ms

Image
image/gif

172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/sonobi-usync?uid=50587769-8de6-4789-b6b0-6fe7401b30da
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=turbox-tax-refund-usa-org.jigsy.com&purl=https%3A%2F%2Fturbox-tax-refund-usa-org.jigsy.com%2F
Protocol: H2
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 05:50:35 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6ddc426e2b8a4004-YYZ
content-length: 35
expires: Mon, 15 Feb 2021 05:50:35 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 05:50:35 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-38
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://router.infolinks.com/dyn/sonobi-usync?uid=50587769-8de6-4789-b6b0-6fe7401b30da
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ca.png
s.cpx.to/ Frame 8C4A
Redirect Chain

https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fturbox-tax-refund-usa-org.jigsy.com%252F&pid=12306&adnxs_uid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fturbox-tax-refund-usa-org.jigsy.com%25252F%26pid%3D12306%26adnxs_uid%3D%24UID
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fturbox-tax-refund-usa-org.jigsy.com%2F&pid=12306&adnxs_uid=8398611822624236906

95 B
944 B

407ms
100ms

Image
image/png

34.255.81.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?ref=https%3A%2F%2Fturbox-tax-refund-usa-org.jigsy.com%2F&pid=12306&adnxs_uid=8398611822624236906

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=turbox-tax-refund-usa-org.jigsy.com&purl=https%3A%2F%2Fturbox-tax-refund-usa-org.jigsy.com%2F

Protocol

HTTP/1.1

Server

34.255.81.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-255-81-31.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache, no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Tue, 15 Feb 2022 05:50:35 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0, no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Tue, 15 Feb 2022 05:50:35 UTC

Redirect headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 05:50:35 GMT
X-Proxy-Origin: 149.56.153.183; 149.56.153.183; 579.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: b1f9b301-1a27-4aba-ad48-48fdbda8fe41
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.cpx.to/ca.png?ref=https%3A%2F%2Fturbox-tax-refund-usa-org.jigsy.com%2F&pid=12306&adnxs_uid=8398611822624236906
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

earn-usync
router.infolinks.com/dyn/ Frame 8C4A
Redirect Chain

https://dsp.adkernel.com/sync?exchange=202&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fearn-usync%3Fuid%3D%7BUID%7D
https://router.infolinks.com/dyn/earn-usync?uid=A4404281201796502908

35 B
245 B

46ms
46ms

Image
image/gif

172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/earn-usync?uid=A4404281201796502908
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=turbox-tax-refund-usa-org.jigsy.com&purl=https%3A%2F%2Fturbox-tax-refund-usa-org.jigsy.com%2F
Protocol: H2
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 05:50:35 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6ddc426dfb644004-YYZ
content-length: 35
expires: Mon, 15 Feb 2021 05:50:35 GMT

Redirect headers

Location: https://router.infolinks.com/dyn/earn-usync?uid=A4404281201796502908
Date: Tue, 15 Feb 2022 05:50:35 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

imd-usync
router.infolinks.com/dyn/ Frame 8C4A
Redirect Chain

https://ad.360yield.com/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
https://ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
https://router.infolinks.com/dyn/imd-usync?user_id=0fecdec8-a8da-45a8-b14c-1df2b2fb71b8&partner_id=1531

35 B
200 B

48ms
48ms

Image
image/gif

172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/imd-usync?user_id=0fecdec8-a8da-45a8-b14c-1df2b2fb71b8&partner_id=1531
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=turbox-tax-refund-usa-org.jigsy.com&purl=https%3A%2F%2Fturbox-tax-refund-usa-org.jigsy.com%2F
Protocol: H2
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 05:50:35 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6ddc426e3baa4004-YYZ
content-length: 35
expires: Mon, 15 Feb 2021 05:50:35 GMT

Redirect headers

location: https://router.infolinks.com/dyn/imd-usync?user_id=0fecdec8-a8da-45a8-b14c-1df2b2fb71b8&partner_id=1531
date: Tue, 15 Feb 2022 05:50:35 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

outh-usync
router.infolinks.com/dyn/ Frame 8C4A
Redirect Chain

https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP31dc66b4-8e23-11ec-a0bc-0a7d59dd54f1
https://router.infolinks.com/dyn/outh-usync?uid=y-fJGPVYZE2uFN8AwZL8TGccEqtJvLMF7b~A~UP31dc66b4-8e23-11ec-a0bc-0a7d59dd54f1

35 B
236 B

48ms
48ms

Image
image/gif

172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/outh-usync?uid=y-fJGPVYZE2uFN8AwZL8TGccEqtJvLMF7b~A~UP31dc66b4-8e23-11ec-a0bc-0a7d59dd54f1
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=turbox-tax-refund-usa-org.jigsy.com&purl=https%3A%2F%2Fturbox-tax-refund-usa-org.jigsy.com%2F
Protocol: H2
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 05:50:35 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6ddc426f5d314004-YYZ
content-length: 35
expires: Mon, 15 Feb 2021 05:50:35 GMT

Redirect headers

location: https://router.infolinks.com/dyn/outh-usync?uid=y-fJGPVYZE2uFN8AwZL8TGccEqtJvLMF7b~A~UP31dc66b4-8e23-11ec-a0bc-0a7d59dd54f1
date: Tue, 15 Feb 2022 05:50:35 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

400
Bad Request

usersync
match.bnmla.com/ Frame 8C4A
Redirect Chain

https://match.bnmla.com/usersync?sspid=1000361&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fenbd-usync%3Fuid%3D%5BUUID%5D
https://bh.contextweb.com/bh/rtset?pid=558752&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D1%26uuid%3D%25%25VGUID%25%25
https://match.bnmla.com/usersync?dspid=1&uuid=tmYIl0w4e6ky&ev=1&us_privacy=${us_privacy}&pid=558752

0
137 B

30ms
30ms

Image
text/plain

38.27.122.101
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.bnmla.com/usersync?dspid=1&uuid=tmYIl0w4e6ky&ev=1&us_privacy=${us_privacy}&pid=558752
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=turbox-tax-refund-usa-org.jigsy.com&purl=https%3A%2F%2Fturbox-tax-refund-usa-org.jigsy.com%2F
Protocol: HTTP/1.1
Server: 38.27.122.101 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 15 Feb 2022 05:50:35 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-CA
location: https://match.bnmla.com/usersync?dspid=1&uuid=tmYIl0w4e6ky&ev=1&us_privacy=${us_privacy}&pid=558752
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-56659f45bd-flbhw
expires: -1

GET
H2

200

sovrn-usync
router.infolinks.com/dyn/ Frame 8C4A
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true
https://router.infolinks.com/dyn/sovrn-usync?uid=2ed50f70ed04a87e959d4673

35 B
194 B

48ms
47ms

Image
image/gif

172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/sovrn-usync?uid=2ed50f70ed04a87e959d4673
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=turbox-tax-refund-usa-org.jigsy.com&purl=https%3A%2F%2Fturbox-tax-refund-usa-org.jigsy.com%2F
Protocol: H2
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 05:50:35 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6ddc426fadb24004-YYZ
content-length: 35
expires: Mon, 15 Feb 2021 05:50:35 GMT

Redirect headers

Date: Tue, 15 Feb 2022 05:50:35 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://router.infolinks.com/dyn/sovrn-usync?uid=2ed50f70ed04a87e959d4673
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap2dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2

200

usersync
router.infolinks.com/dyn/ Frame 8C4A
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolink...
https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3DA241C4FE-B278-4470-B7AF-96A8DCBBAF52
https://router.infolinks.com/dyn/usersync?pmuservalue=A241C4FE-B278-4470-B7AF-96A8DCBBAF52

0
164 B

51ms
51ms

Image
text/plain

172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/usersync?pmuservalue=A241C4FE-B278-4470-B7AF-96A8DCBBAF52
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=turbox-tax-refund-usa-org.jigsy.com&purl=https%3A%2F%2Fturbox-tax-refund-usa-org.jigsy.com%2F
Protocol: H2
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 05:50:35 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
cache-control: no-store
cf-ray: 6ddc426f3d144004-YYZ
content-length: 0

Redirect headers

location: https://router.infolinks.com/dyn/usersync?pmuservalue=A241C4FE-B278-4470-B7AF-96A8DCBBAF52
date: Tue, 15 Feb 2022 05:50:34 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

zeta-usync
router.infolinks.com/dyn/ Frame 8C4A
Redirect Chain

https://p.rfihub.com/cm?pub=43153&in=1
https://router.infolinks.com/dyn/zeta-usync?uid=1783777311154695923

35 B
188 B

47ms
47ms

Image
image/gif

172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/zeta-usync?uid=1783777311154695923
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=turbox-tax-refund-usa-org.jigsy.com&purl=https%3A%2F%2Fturbox-tax-refund-usa-org.jigsy.com%2F
Protocol: H2
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 05:50:35 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6ddc426f2cf34004-YYZ
content-length: 35
expires: Mon, 15 Feb 2021 05:50:35 GMT

Redirect headers

Location: https://router.infolinks.com/dyn/zeta-usync?uid=1783777311154695923
Date: Tue, 15 Feb 2022 05:50:35 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

33a-usync
router.infolinks.com/dyn/ Frame 8C4A
Redirect Chain

https://ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
https://router.infolinks.com/dyn/33a-usync?uid=1907379469756

35 B
239 B

48ms
46ms

Image
image/gif

172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/33a-usync?uid=1907379469756
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=turbox-tax-refund-usa-org.jigsy.com&purl=https%3A%2F%2Fturbox-tax-refund-usa-org.jigsy.com%2F
Protocol: H2
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 05:50:35 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6ddc426f4d294004-YYZ
content-length: 35
expires: Mon, 15 Feb 2021 05:50:35 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Feb 2022 05:50:34 GMT
referrer-policy: unsafe-url
server: 33XP005
x-33x-status: 100000000008200000C
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://router.infolinks.com/dyn/33a-usync?uid=1907379469756
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET

img
sync.mathtag.com/sync/ Frame 8C4A
Redirect Chain

https://router.infolinks.com/dyn/iq-usync
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1509139146&pcid=a186493c-5fa4-417f-a171-e230f6624fa5&3rddpi=2023874098&3rdpcid=&3rddpi=1639354730&3rdpcid=&3rddpi=445...
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1509139146&pcid=a186493c-5fa4-417f-a171-e230f6624fa5&3rddpi=2023874098&3rdpcid=&3rddpi=1639354730&3rdpcid=&3rddpi=44...
https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D1509139146%26rnd%3...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENWc59J5gG1aojk8Nn87dlA&google_cver=1
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:6EFDE42DC85B4379A055DF1A399569F2
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=1509139146&rnd=-2081315275&pcid=A241C4FE-B278-4470-B7AF-96A8DCBBAF52
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D1509139146%3B1402230080%26rnd%3D543597611&pcid=...
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=1509139146;1402230080&rnd=543597611&pcid=8398611822624236906
https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1486637409%26mi%3D10%26csh%3D1509...
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1486637409&mi=10&csh=1509139146;1402230080;1709765917&rnd=1096226925&pcid=d10f3964-8743-4db4-baa6-333cd5c2a4d6
https://ce.lijit.com/merge?pid=8101&3pid=TrhAOXoDTg&location=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D396218182%26mi%3D10%26csh%3D1509139146%3B14...
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=396218182&mi=10&csh=1509139146;1402230080;1709765917;1486637409&rnd=763986715&pcid=2ed50f70ed04a87e959d4673
https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1072441116%26mi%3D10%26csh%3D1509139146%3B...
https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1072441116%26mi%3D10%26csh%3D1509139146%3B...
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1072441116&mi=10&csh=1509139146;1402230080;1709765917;1486637409;396218182&rnd=1823658329&pcid=327bf7c7-8e23-11ec-859e-11d...
https://sync.mathtag.com/sync/img?mt_exid=10019&redir=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1678944572%26mi%3D10%26csh%3D1509139146%3B14022300...

0
0

GET
H2

200

ProfilesEngineServlet Show response
api.intentiq.com/profiles_engine/
Redirect Chain

https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=1509139146&pt=17&dpn=1&idtype=0&pcid=a186493c-5fa4-417f-a171-e230f6624fa5&iiqidtype=2&iiqpcid=70fedf8b-326d-44fc-af29-...
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=1509139146&pt=17&dpn=1&idtype=0&pcid=a186493c-5fa4-417f-a171-e230f6624fa5&iiqidtype=2&iiqpcid=70fedf8b-326d-44fc-af29-...

15 B
839 B

30ms
30ms

XHR
text/html

13.225.230.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=1509139146&pt=17&dpn=1&idtype=0&pcid=a186493c-5fa4-417f-a171-e230f6624fa5&iiqidtype=2&iiqpcid=70fedf8b-326d-44fc-af29-01bac0c71227&iiqpciddate=1644904235122&dbsaved=true&fbp=2503514551&ckls=true&ci=splP0bIZ5e&nc=false&trid=-1772904834
Requested by: Host: turbox-tax-refund-usa-org.jigsy.com
URL: https://turbox-tax-refund-usa-org.jigsy.com/
Protocol: H2
Server: 13.225.230.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-230-52.jfk51.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: 30adcceef958c38a02a02125fb5794f73e88cd388a62ac554c5d406cab2dd431

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://turbox-tax-refund-usa-org.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 05:50:35 GMT
via: 1.1 027e28c3e3bc8e973485de11ace0dd5c.cloudfront.net (CloudFront)
vary: Origin
x-amz-cf-pop: JFK51-C1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent: https://www.almondnet.com/ip
pragma: no-cache
server: Apache-Coyote/1.1
access-control-max-age: 3600
access-control-allow-methods: POST, GET
content-type: text/html
access-control-allow-origin: https://turbox-tax-refund-usa-org.jigsy.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept, X-Requested-With, remember-me
x-amz-cf-id: -nLX3Ptqse8JwAhk1UGRLfDpCzavbr_kGofh7wLm6hvbm2MXXVvWXQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Tue, 15 Feb 2022 05:50:35 GMT
via: 1.1 027e28c3e3bc8e973485de11ace0dd5c.cloudfront.net (CloudFront)
vary: Origin
x-amz-cf-pop: JFK51-C1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent: https://www.almondnet.com/ip
content-length: 43
pragma: no-cache
access-control-allow-origin: https://turbox-tax-refund-usa-org.jigsy.com
server: Apache-Coyote/1.1
access-control-max-age: 3600
access-control-allow-methods: POST, GET
content-type: image/gif
location: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=1509139146&pt=17&dpn=1&idtype=0&pcid=a186493c-5fa4-417f-a171-e230f6624fa5&iiqidtype=2&iiqpcid=70fedf8b-326d-44fc-af29-01bac0c71227&iiqpciddate=1644904235122&dbsaved=true&fbp=2503514551&ckls=true&ci=splP0bIZ5e&nc=false&trid=-1772904834
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept, X-Requested-With, remember-me
x-amz-cf-id: FQfyQhA282CRmhqHZhyQovvuZOslLJGAfwIpRbfsWvrvd5yBMddEpg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/156872/3103/ 196 KB
62 KB 72ms
18ms Script
text/javascript 23.54.68.197
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/156872/3103/pwt.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/usync/iqusync-1.14.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-54-68-197.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 84e18d9144b52818f5ce1d7458c677100251597dacdecba06225b9ff265670ad

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://turbox-tax-refund-usa-org.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 05:50:35 GMT
content-encoding: gzip
last-modified: Wed, 01 Dec 2021 18:28:45 GMT
server: Apache/2.2.15 (CentOS)
etag: "1121326-3108a-5d219d81d0a54"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=31288
accept-ranges: bytes
content-type: text/javascript
content-length: 62966
expires: Tue, 15 Feb 2022 14:32:03 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 73ms
23ms Preflight
application/json 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fturbox-tax-refund-usa-org.jigsy.com%2F&domain=turbox-tax-refund-usa-org.jigsy.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://turbox-tax-refund-usa-org.jigsy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: https://turbox-tax-refund-usa-org.jigsy.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1367
date: Tue, 15 Feb 2022 05:50:34 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fturbox-tax-refund-usa-org.jigsy.com%2F&domain=turbox-tax-refund-usa-org.jigsy.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=uQnPpnxmTm1ySnBuWE1vWjRNTTljZUZUK1p4T0cwam52a01BaUlVd1FpcW1RVUcrREx5enVlUWJpc2lkb1E2RUxqSnRLUEN6MmJaY1F6VWYyWCthaDdZRzY1cnZyZXVINjRHTW9waUdHbVNaQU1lMWc0V2tGOXo1T2JwN0...

356 B
621 B

69ms
24ms

XHR
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=uQnPpnxmTm1ySnBuWE1vWjRNTTljZUZUK1p4T0cwam52a01BaUlVd1FpcW1RVUcrREx5enVlUWJpc2lkb1E2RUxqSnRLUEN6MmJaY1F6VWYyWCthaDdZRzY1cnZyZXVINjRHTW9waUdHbVNaQU1lMWc0V2tGOXo1T2JwN0J3V1JCOE8vbkpuUmF6NkswbFpXTzFRejJoWTgzM1ZhM05lQThjQmRxdnJxUGorczV5R3plQUwxVlpRSkovcG15N0pEWm9seFVDbGNtb3U5amVDbWtPRWMrQlJRMU5lN3VoSGZVYXNkbGdXTkhXMEl4NzNNbUVBSm5BUy9EbURWaVM0SXN3eFRKYVpXMTBwVEE4djBjM1dWdTRqWmFJQT09fA&cppv=2

Requested by

Host: turbox-tax-refund-usa-org.jigsy.com
URL: https://turbox-tax-refund-usa-org.jigsy.com/

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Resource Hash

42f0e3f418af22ea338416b21575bc35731ceb4a5f9a9a22965722c77a2b410c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://turbox-tax-refund-usa-org.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 05:50:34 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2963
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 15 Feb 2022 05:50:34 GMT
location: https://mug.criteo.com/sid?cpp=uQnPpnxmTm1ySnBuWE1vWjRNTTljZUZUK1p4T0cwam52a01BaUlVd1FpcW1RVUcrREx5enVlUWJpc2lkb1E2RUxqSnRLUEN6MmJaY1F6VWYyWCthaDdZRzY1cnZyZXVINjRHTW9waUdHbVNaQU1lMWc0V2tGOXo1T2JwN0J3V1JCOE8vbkpuUmF6NkswbFpXTzFRejJoWTgzM1ZhM05lQThjQmRxdnJxUGorczV5R3plQUwxVlpRSkovcG15N0pEWm9seFVDbGNtb3U5amVDbWtPRWMrQlJRMU5lN3VoSGZVYXNkbGdXTkhXMEl4NzNNbUVBSm5BUy9EbURWaVM0SXN3eFRKYVpXMTBwVEE4djBjM1dWdTRqWmFJQT09fA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://turbox-tax-refund-usa-org.jigsy.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1759
content-length: 541
expires: 0

GET
H2 200 in_search.js Show response
resources.infolinks.com/js/1786.003-3.025/ 123 KB
46 KB 27ms
27ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1786.003-3.025/in_search.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1786.003-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8882c05ade8d73602a50fccfc5e3d2ad0ff2427e6c7adafc2d8f13a1da7f1ec4

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://turbox-tax-refund-usa-org.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

cf-ray: 6ddc426e9c1b4004-YYZ
date: Tue, 15 Feb 2022 05:50:35 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 26 Jan 2022 08:38:27 GMT
server: cloudflare
age: 7432
etag: W/"1eb7c-5d6782026a911"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
expires: Thu, 17 Mar 2022 03:46:43 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 361 KB
120 KB 91ms
33ms Script
text/javascript 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1786.003-3.025/ice.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

154c955cdfcf4d64ee3406feb9c78ff356d22a66937620de997f169877c84f17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://turbox-tax-refund-usa-org.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 05:50:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122264
x-xss-protection: 0
expires: Tue, 15 Feb 2022 05:50:35 GMT

GET
H2 200 pbice.js Show response
resources.infolinks.com/js/pbice/3.025/ 279 KB
86 KB 30ms
30ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/pbice/3.025/pbice.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1786.003-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95efc6a1b0e18636b608c1280049e1e31e5dac2f28c111ae489cea912f8b927b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://turbox-tax-refund-usa-org.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

cf-ray: 6ddc426e9c1d4004-YYZ
date: Tue, 15 Feb 2022 05:50:35 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 30 Jun 2021 09:40:59 GMT
server: cloudflare
age: 9246
etag: W/"45adc-5c5f8851c3ea8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
expires: Thu, 17 Mar 2022 03:16:29 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame D41E
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Ygs_K178iZntz_S7AOMXMQAAAhsAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Ygs_K178iZntz_S7AOMXMQAAAhsAAAIB&dcc=t

43 B
932 B

43ms
42ms

Image
image/gif

209.54.180.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Ygs_K178iZntz_S7AOMXMQAAAhsAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1

Protocol

HTTP/1.1

Server

209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 05:50:35 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 7XJ5G2WP64KZ1SSXZ1N0
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 05:50:35 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 9KX91FV4S97SZV61HJWG
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Ygs_K178iZntz_S7AOMXMQAAAhsAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D41E
Redirect Chain

https://match.adsrvr.org/track/cmf/casale
https://match.adsrvr.org/track/cmb/casale?
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=94d9622f-d08e-4f7c-8987-c7464f03fe94&expiration=1647496235&gdpr=0&gdpr_consent=

43 B
1006 B

25ms
25ms

Image
image/gif

23.54.68.240
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=94d9622f-d08e-4f7c-8987-c7464f03fe94&expiration=1647496235&gdpr=0&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Server: 23.54.68.240 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-54-68-240.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 05:50:35 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 15 Feb 2022 05:50:35 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Feb 2022 05:50:35 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=94d9622f-d08e-4f7c-8987-c7464f03fe94&expiration=1647496235&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 323

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame D41E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Ygs_K178iZntz_S7AOMXMQAAAhsAAAIB&gdpr_consent=&us_privacy=&gdpr=
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=Ygs_K178iZntz_S7AOMXMQAAAhsAAAIB&gdpr_consent=&us_privacy=&gdpr=&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEI0yXAPjEcrrvAM3a2ZPsU8&google_cver=1

43 B
315 B

23ms
22ms

Image
image/gif

23.54.68.240
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEI0yXAPjEcrrvAM3a2ZPsU8&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Server: 23.54.68.240 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-54-68-240.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 05:50:35 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Tue, 15 Feb 2022 05:50:35 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Feb 2022 05:50:35 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEI0yXAPjEcrrvAM3a2ZPsU8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame D41E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Ygs-K178iZntz-S7AOMXMQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEA6gUmtkfkVVT8wtxeju3sY&google_cver=1

43 B
1 KB

26ms
25ms

Image
image/gif

23.54.68.240
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEA6gUmtkfkVVT8wtxeju3sY&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Server: 23.54.68.240 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-54-68-240.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 05:50:35 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 15 Feb 2022 05:50:35 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Feb 2022 05:50:35 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEA6gUmtkfkVVT8wtxeju3sY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK CookieIndex
rtb.adentifi.com/ Frame D41E 0
88 B 97ms
23ms Image
text/plain 3.216.115.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieIndex
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.115.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-115-49.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/plain

GET
H2

200

tpid=Ygs-K178iZntz-S7AOMXMQAA%26539
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame D41E
Redirect Chain

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=Ygs-K178iZntz-S7AOMXMQAA%26539?gdpr_consent=&us_privacy=&gdpr=
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=Ygs-K178iZntz-S7AOMXMQAA%26539?gdpr_consent=&us_privacy=&gdpr=

49 B
544 B

35ms
35ms

Image
image/gif

52.20.97.150
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=Ygs-K178iZntz-S7AOMXMQAA%26539?gdpr_consent=&us_privacy=&gdpr=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: H2
Server: 52.20.97.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-97-150.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 05:50:35 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.15.234
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 15 Feb 2022 05:50:35 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=Ygs-K178iZntz-S7AOMXMQAA%26539?gdpr_consent=&us_privacy=&gdpr=
cache-control: no-cache
x-server: 10.40.46.103
content-length: 0
expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D41E
Redirect Chain

https://ad.turn.com/r/cs?pid=21
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4180921261382315743

43 B
1 KB

48ms
25ms

Image
image/gif

23.54.68.240
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4180921261382315743
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Server: 23.54.68.240 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-54-68-240.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 05:50:35 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 15 Feb 2022 05:50:35 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4180921261382315743
pragma: no-cache
date: Tue, 15 Feb 2022 05:50:34 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

sync
x.bidswitch.net/ Frame D41E
Redirect Chain

https://x.bidswitch.net/sync?ssp=index
https://x.bidswitch.net/ul_cb/sync?ssp=index
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=9f2b6b6b-c6c6-4a7b-994b-78dd098554be&ssp=index&gdpr=&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10593732964271608614&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vis...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10593732964271608614&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26s...
https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=c33398d8-86d5-4658-8a81-6b737222e4b6&ssp=index&gdpr_consent=&gdpr=
https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=[mPlatform_cookie_ID]&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=163850504063003335225&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=419&user_id=10593732964271608614&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=

43 B
235 B

35ms
35ms

Image
image/gif

35.211.178.172
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=419&user_id=10593732964271608614&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Server: 35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 15 Feb 2022 05:50:35 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 15 Feb 2022 05:50:35 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://x.bidswitch.net/sync?dsp_id=419&user_id=10593732964271608614&ssp=<SSP_VALUE>&gdpr=&gdpr_consent=
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ix-usync
router.infolinks.com/dyn/ Frame D41E 35 B
267 B 50ms
49ms Image
image/gif 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/ix-usync?uid=Ygs-K178iZntz-S7AOMXMQAA%26539
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 05:50:35 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6ddc426ecc464004-YYZ
content-length: 35
expires: Mon, 15 Feb 2021 05:50:35 GMT

GET
H2

200

usync.html Show response
eus.rubiconproject.com/ Frame F879
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=

281 B
410 B

29ms
17ms

Document
text/html

104.107.5.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by: Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-107-5-93.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: about:blank

Response headers

server: Apache/2.2.15 (CentOS)
last-modified: Tue, 14 Dec 2021 23:07:59 GMT
etag: "402b2-119-5d32342a551c0"
accept-ranges: bytes
content-encoding: gzip
content-length: 233
content-type: text/html; charset=UTF-8
date: Tue, 15 Feb 2022 05:50:35 GMT
vary: Accept-Encoding

Redirect headers

server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
date: Tue, 15 Feb 2022 05:50:35 GMT
access-control-allow-credentials: true
access-control-allow-origin: *

GET
H2

200

match
cms-xch-chicago.33across.com/ Frame F40E
Redirect Chain

https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
https://x.bidswitch.net/ul_cb/sync?ssp=the33across&us_privacy=
https://t.pswec.com/bsw_sync?ssp=the33across&bsw_user_id=9f2b6b6b-c6c6-4a7b-994b-78dd098554be
https://t.pswec.com/ul_cb/bsw_sync?ssp=the33across&bsw_user_id=9f2b6b6b-c6c6-4a7b-994b-78dd098554be
https://x.bidswitch.net/sync?dsp_id=2&user_id=d02bb0d1-11ae-435b-8479-adebe9024254&expires=3&user_group=1&ssp=the33across
https://ssc-cms.33across.com/ps/?gdpr_consent=&ri=10&ru=https%3A%2F%2Fcms-xch.33across.com%2Fmatch%3Fgdpr_58%3D%24gdpr_58%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D%26bidder_id%3...
https://cms-xch.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=9f2b6b6b-c6c6-4a7b-994b-78dd098554be
https://cms-xch-chicago.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=9f2b6b6b-c6c6-4a7b-994b-78dd098554be

68 B
127 B

131ms
131ms

Image
image/png

34.117.239.71
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms-xch-chicago.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=9f2b6b6b-c6c6-4a7b-994b-78dd098554be
Requested by: Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Protocol: H2
Server: 34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 05:50:35 GMT
via: 1.1 google, 1.1 google
server: nginx/1.20.1
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: clear
content-length: 68
content-type: image/png

Redirect headers

location: https://cms-xch-chicago.33across.com:443/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=9f2b6b6b-c6c6-4a7b-994b-78dd098554be
date: Tue, 15 Feb 2022 05:50:35 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H2

200

match
cms-xch-chicago.33across.com/ Frame F40E
Redirect Chain

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1644904235240.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fc...
https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
https://cms-xch-chicago.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=1a24620b-3f2b-4100-80af-ad5f3b5769ff

68 B
127 B

27ms
27ms

Image
image/png

34.117.239.71
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms-xch-chicago.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=1a24620b-3f2b-4100-80af-ad5f3b5769ff
Requested by: Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Protocol: H2
Server: 34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 05:50:35 GMT
via: 1.1 google, 1.1 google
server: nginx/1.20.1
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: clear
content-length: 68
content-type: image/png

Redirect headers

Date: Tue, 15 Feb 2022 05:50:35 GMT
Server: MT3 4133 baa842e master ord-pixel-x2 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cms-xch-chicago.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=1a24620b-3f2b-4100-80af-ad5f3b5769ff
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 15 Feb 2022 05:50:34 GMT

GET
H2

200

match
cms-xch-chicago.33across.com/ Frame F40E
Redirect Chain

https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-wXvXrB1E2uHqu6haQTOnxKrZ_CzxzcVL~A
https://cms-xch-chicago.33across.com/match?bidder_id=99&external_user_id=y-wXvXrB1E2uHqu6haQTOnxKrZ_CzxzcVL%7EA&ts=1644904235&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

68 B
213 B

62ms
26ms

Image
image/png

34.117.239.71
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms-xch-chicago.33across.com/match?bidder_id=99&external_user_id=y-wXvXrB1E2uHqu6haQTOnxKrZ_CzxzcVL%7EA&ts=1644904235&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Protocol: H2
Server: 34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 05:50:35 GMT
via: 1.1 google, 1.1 google
server: nginx/1.20.1
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: clear
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Tue, 15 Feb 2022 05:50:34 GMT
referrer-policy: unsafe-url
server: 33XP005
x-33x-status: 8000000008200000C
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://cms-xch-chicago.33across.com/match?bidder_id=99&external_user_id=y-wXvXrB1E2uHqu6haQTOnxKrZ_CzxzcVL%7EA&ts=1644904235&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H2

200

match
cms-xch-chicago.33across.com/ Frame F40E
Redirect Chain

https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
https://33across-match.dotomi.com/match/bounce/current?DotomiTest=4f820c5954ef11fe&is_secure=true&networkId=78390&version=1&us_privacy=
https://ssc-cms.33across.com/ps?xi=64&xu=AAAGZMIFjE1ViAMYj7lqAAAAAAA&expiration=1644990635&is_secure=true&us_privacy=
https://cms-xch-chicago.33across.com/match?bidder_id=64&external_user_id=AAAGZMIFjE1ViAMYj7lqAAAAAAA&ts=1644904235&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

68 B
127 B

28ms
28ms

Image
image/png

34.117.239.71
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms-xch-chicago.33across.com/match?bidder_id=64&external_user_id=AAAGZMIFjE1ViAMYj7lqAAAAAAA&ts=1644904235&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Protocol: H2
Server: 34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 05:50:35 GMT
via: 1.1 google, 1.1 google
server: nginx/1.20.1
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: clear
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Tue, 15 Feb 2022 05:50:34 GMT
referrer-policy: unsafe-url
server: 33XP005
x-33x-status: 8000000008200000A
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://cms-xch-chicago.33across.com/match?bidder_id=64&external_user_id=AAAGZMIFjE1ViAMYj7lqAAAAAAA&ts=1644904235&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H2

200

match
cms-xch-chicago.33across.com/ Frame F40E
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy=
https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1647496235%26external_user_id%3D94d9622f-d08e-4f7c-8987-c7464f03fe94
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1647496235&external_user_id=94d9622f-d08e-4f7c-8987-c7464f03fe94

68 B
127 B

92ms
91ms

Image
image/png

34.117.239.71
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1647496235&external_user_id=94d9622f-d08e-4f7c-8987-c7464f03fe94
Requested by: Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Protocol: H2
Server: 34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 05:50:35 GMT
via: 1.1 google, 1.1 google
server: nginx/1.20.1
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: clear
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Tue, 15 Feb 2022 05:50:35 GMT
referrer-policy: unsafe-url
server: 33XP004
x-33x-status: 40000000008200000A
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1647496235&external_user_id=94d9622f-d08e-4f7c-8987-c7464f03fe94
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H2 200 getads.htm Show response
rt3045.infolinks.com/action/ 1 KB
1 KB 495ms
493ms Script
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3045.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22d_IL_INSEARCH%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22d%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22canada%22%2C%22scs%22%3A%22sYrKhQrK1c%22%7D%5D&rid=0624b3d6-42bd-4d74-b7ee-2831aab61c90&jsv=1786.003-3.025&sr=1600X1200&rts=1644904235335&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=98.0.4758.80&dv=p&ce=t&purl=https%3A%2F%2Fturbox-tax-refund-usa-org.jigsy.com%2F&tzo=-0000&c=c&strg=true&rsd=w_QMfS3_IiH8zjAyiEKF5GZd29P2Zg3ef0-ocgLUVKJwVeky3aloy_lM36TEDoBGE83sunK1X-Vs4hrRbleQXjofKvUdPxHH8cPamBGz9c_QSUyeT8j9tJH3pqnBor6uQDmT_twaLvjPhOmZaO9iaWLgr9RkxNgh&rsk=34&rcs=eTojaoHdgsKmKMq_zyHyRg&cuid=a186493c-5fa4-417f-a171-e230f6624fa5&pwtu=%7B%22pubcid%22%3A%22a54780bd-0a59-4ea8-8ec5-b19a583bab08%22%7D&hbnr=false
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1786.003-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b066bc46bdf31b728f9d50e87593957e57e77920477bfb60d9543e6289d4688c

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://turbox-tax-refund-usa-org.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 05:50:35 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
p3p: CP="NON DSP NID OUR COR"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-language: en-CA
content-type: text/html;charset=UTF-8
cache-control: no-cache,no-store
cf-ray: 6ddc426eec8c4004-YYZ
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 89ms
26ms Preflight
application/json 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1118
date: Tue, 15 Feb 2022 05:50:34 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 vidice.js Show response
resources.infolinks.com/js/vidice/2.0/ 333 KB
86 KB 38ms
38ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/vidice/2.0/vidice.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1786.003-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2bdac211f43fbee9eeb4d50f8755206599f76296cd15316a97c9d2cb2050d2f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://turbox-tax-refund-usa-org.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

cf-ray: 6ddc426fadb04004-YYZ
date: Tue, 15 Feb 2022 05:50:35 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Tue, 25 Jan 2022 09:20:02 GMT
server: cloudflare
age: 9596
etag: W/"5344d-5d6649709d511"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
expires: Thu, 17 Mar 2022 03:10:39 GMT

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame F879 32 KB
10 KB 18ms
18ms Script
text/html 104.107.5.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-107-5-93.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c3a874cea695b471953b4b56f79a6227003eba08e2d12a637095475d6333bf37

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 05:50:35 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 23:04:16 GMT
server: Apache/2.2.15 (CentOS)
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control: max-age=22065
content-type: text/html; charset=UTF-8
content-length: 9704
expires: Tue, 15 Feb 2022 11:58:20 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame F879 284 B
921 B 132ms
25ms Image
image/jpg 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 29af2665c43893332e84c235bac366c1
Content-Type: image/jpg

GET
H2

200

match
cms-xch-chicago.33across.com/ Frame F879
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=KZNPIF6B-V-LJU0
https://ssc-cms.33across.com/ps/?xi=1&xu=KZNPIF6B-V-LJU0
https://cms-xch-chicago.33across.com/match?bidder_id=30&external_user_id=KZNPIF6B-V-LJU0&ts=1644904235&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

68 B
127 B

26ms
26ms

Image
image/png

34.117.239.71
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms-xch-chicago.33across.com/match?bidder_id=30&external_user_id=KZNPIF6B-V-LJU0&ts=1644904235&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol: H2
Server: 34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 05:50:35 GMT
via: 1.1 google, 1.1 google
server: nginx/1.20.1
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: clear
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Tue, 15 Feb 2022 05:50:34 GMT
referrer-policy: unsafe-url
server: 33XP003
x-33x-status: 8000000008200000A
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://cms-xch-chicago.33across.com/match?bidder_id=30&external_user_id=KZNPIF6B-V-LJU0&ts=1644904235&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame F879
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/oUB2D68fz4bg3stt--qFHg?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5458779759513071702

42 B
678 B

23ms
22ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5458779759513071702
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: d3682eda7e5cb79782b1d5475f50e8fc
Content-Type: image/gif

Redirect headers

date: Tue, 15 Feb 2022 05:50:35 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5458779759513071702
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F879
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pOUElGNkItVi1MSlUw

170 B
188 B

43ms
43ms

Image
image/png

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pOUElGNkItVi1MSlUw

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=

Protocol

Server

142.250.80.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 05:50:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pOUElGNkItVi1MSlUw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c3b5432477546c086cd062707f625a76
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

204

v1
ads.yahoo.com/cms/ Frame F879
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZNPIF6B-V-LJU0&sigv=1&esig=2~61fd746ef317c6aca67351b689efe3304f9e2256

0
194 B

107ms
30ms

Image
text/plain

2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZNPIF6B-V-LJU0&sigv=1&esig=2~61fd746ef317c6aca67351b689efe3304f9e2256

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=

Protocol

Server

2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 05:50:35 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZNPIF6B-V-LJU0&sigv=1&esig=2~61fd746ef317c6aca67351b689efe3304f9e2256
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 0228ab361cece0438ff9eb16e4e5890e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F879
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWU3OGU0MGNjNzEwZTQxZDJkM2Y1MjhlZDhkZDAxMDhiODBhYzZjMg

170 B
188 B

43ms
43ms

Image
image/png

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWU3OGU0MGNjNzEwZTQxZDJkM2Y1MjhlZDhkZDAxMDhiODBhYzZjMg

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=

Protocol

Server

142.250.80.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 05:50:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWU3OGU0MGNjNzEwZTQxZDJkM2Y1MjhlZDhkZDAxMDhiODBhYzZjMg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8eb2d9eeed9b9c468975d0ba24565e5b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 709414.gif
id.rlcdn.com/ Frame F879 42 B
448 B 76ms
43ms Image
image/gif 35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 05:50:35 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame F879
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=Ygs-KwAGVYSHRQBB
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=Ygs-KwAGVYSHRQBB&_test=Ygs-KwAGVYSHRQBB

42 B
678 B

94ms
24ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=Ygs-KwAGVYSHRQBB&_test=Ygs-KwAGVYSHRQBB
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: c3b5432477546c086cd062707f625a76
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 15 Feb 2022 05:50:35 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1644904236.794023,VS0,VE0
x-served-by: cache-yul12820-YUL
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=Ygs-KwAGVYSHRQBB&_test=Ygs-KwAGVYSHRQBB
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame F879
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGyhPGx5v1cCmj3EW9pJ-8A&google_cver=1

42 B
678 B

101ms
32ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGyhPGx5v1cCmj3EW9pJ-8A&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: b5ba23d75d0dcd35432b720d73e3149b
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 15 Feb 2022 05:50:35 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGyhPGx5v1cCmj3EW9pJ-8A&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame F879
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=1a24620b-3f2b-4100-80af-ad5f3b5769ff&expires=28

42 B
678 B

103ms
33ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=1a24620b-3f2b-4100-80af-ad5f3b5769ff&expires=28
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 19ea072139d67f7022c6e463249c998e
Content-Type: image/gif

Redirect headers

Date: Tue, 15 Feb 2022 05:50:35 GMT
Server: MT3 4133 baa842e master ord-pixel-x18 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=1a24620b-3f2b-4100-80af-ad5f3b5769ff&expires=28
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 15 Feb 2022 05:50:34 GMT

GET
H2 200 adview.htm
rt3045.infolinks.com/action/ 0
128 B 106ms
104ms Image
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rt3045.infolinks.com/action/adview.htm?rid=0624b3d6-42bd-4d74-b7ee-2831aab61c90&bdc=1&midx=0&emd=MzU2fjE4ODU&rts=1644904235836&prod_t=d&jsv=1786.003-3.025&skin=sidebar&theme=nologo&sdata=canada&scs=sYrKhQrK1c&rsd=w_QMfS3_IiH8zjAyiEKF5GZd29P2Zg3ef0-ocgLUVKJwVeky3aloy_lM36TEDoBGE83sunK1X-Vs4hrRbleQXjofKvUdPxHH8cPamBGz9c_QSUyeT8j9tJH3pqnBor6uQDmT_twaLvjPhOmZaO9iaWLgr9RkxNgh&rsk=34&rcs=eTojaoHdgsKmKMq_zyHyRg
Requested by: Host: turbox-tax-refund-usa-org.jigsy.com
URL: https://turbox-tax-refund-usa-org.jigsy.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://turbox-tax-refund-usa-org.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 05:50:35 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: text/html;charset=UTF-8
cache-control: no-cache,no-store
cf-ray: 6ddc4272493c4004-YYZ
content-length: 0
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 serve.js.php Show response
trends.revcontent.com/ Frame 0B79 4 KB
1 KB 100ms
30ms Script
text/html 3.234.27.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/serve.js.php?w=113005&t=rc_295&c=1644904235865&width=1600&referer=about%3Ablank

Requested by

Host: blank
URL: about:blank

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.234.27.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-234-27-139.compute-1.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

a7538a4c5a9d01a52a3b00bbd937d837a63ec19aac30cd8e9876c33d87161627

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 05:50:35 GMT
content-encoding: gzip
server: Apache/2.4.25 (Debian)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=931536000; includeSubDomains
content-length: 1237

POST
H2 200 serve.js.php Show response
trends.revcontent.com/ Frame 0B79 58 KB
59 KB 185ms
134ms XHR
text/javascript 3.234.27.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/serve.js.php?w=113005&t=rc_295&c=1644904235865&width=1600&site_url=about%3Ablank&referer=&skip_iab=true

Requested by

Host: trends.revcontent.com
URL: https://trends.revcontent.com/serve.js.php?w=113005&t=rc_295&c=1644904235865&width=1600&referer=about%3Ablank

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.234.27.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-234-27-139.compute-1.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

7c19f9773bb4040fd3aafec5bc3fe0fa825e3273621e50058f7f241a478cea9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Tue, 15 Feb 2022 05:50:36 GMT
access-control-allow-credentials: true
server: Apache/2.4.25 (Debian)
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=931536000; includeSubDomains
p3p: CP="NOI DSP COR NID ADM DEV OUR NOR CNT"

GET
H2 200 sync Show response
gum.criteo.com/ Frame 0B79 56 B
379 B 24ms
24ms Script
text/javascript 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=446&r=2&j=revCriteoRTUSCallback

Requested by

Host: turbox-tax-refund-usa-org.jigsy.com
URL: https://turbox-tax-refund-usa-org.jigsy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Resource Hash

b1ebdd84bcc4265a86fc9765b670bce97d668e11ee0c9bee5ec9d8f5f507d646

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 05:50:36 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 1440
strict-transport-security: max-age=31536000; preload;
content-length: 172
expires: 60

GET
H2 200 rev2.min.css
cdn.revcontent.com/build/css/ Frame 0B79 83 KB
23 KB 96ms
26ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revcontent.com/build/css/rev2.min.css?v=8a3a2a6978afdbc7f3ab19beaf8d5c256995dd86
Requested by: Host: turbox-tax-refund-usa-org.jigsy.com
URL: https://turbox-tax-refund-usa-org.jigsy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: cfd9bd8cba6101b2aea532c6e97999727d60f644e4ac81acbbc5a97c2646eec4

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 05:50:36 GMT
content-encoding: gzip
last-modified: Mon, 07 Feb 2022 19:21:52 GMT
etag: "1644261712"
x-hw: 1644904236.cds093.dc2.hn,1644904236.cds036.dc2.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=43
accept-ranges: bytes
content-length: 23124

GET
H2 200 rev2.min.js Show response
cdn.revcontent.com/build/js/ Frame 0B79 280 KB
84 KB 119ms
48ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revcontent.com/build/js/rev2.min.js?v=8a3a2a6978afdbc7f3ab19beaf8d5c256995dd86&del=https://trends.revcontent.com/&lg=https://cdn.revcontent.com/assets/img/rc-logo.png&ci=https://cdn.revcontent.com/assets/img/icon-close.png&ab=https://trends.revcontent.com/rc-about.php&ldr=https://cdn.revcontent.com/assets/img/rc-spinner-md.gif&ht=https://trends.revcontent.com/rc-interests.php&env=p0&ca=1
Requested by: Host: turbox-tax-refund-usa-org.jigsy.com
URL: https://turbox-tax-refund-usa-org.jigsy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: eded12927f58b27c9311a59faf78cff563208a205e1e179ac664b6d5ed32a10a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 05:50:36 GMT
content-encoding: gzip
last-modified: Mon, 07 Feb 2022 19:21:52 GMT
etag: "1644261712"
x-hw: 1644904236.cds093.dc2.hn,1644904236.cds044.dc2.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=53
accept-ranges: bytes
content-length: 85555

GET
H3 200 css
fonts.googleapis.com/ Frame 0B79 6 KB
665 B 63ms
36ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500,700

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cf624cca88c1828e4dc1a61151d2ce6e826191ba2223f4cf4cdacc1d8a52981b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 05:21:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Feb 2022 05:50:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Feb 2022 05:50:36 GMT

GET
H2

200

pixel_sync
trends.revcontent.com/cm/ Frame 0B79
Redirect Chain

https://b1sync.zemanta.com/usersync/revcontent/?puid=NDliZThhOTZhMjk2ZGE4YTI2NjA4NmEwNjUwN2RhNmI%3D&cb=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3DNDliZThhOTZhMjk2ZGE4YTI...
https://stags.bluekai.com/site/23178?id=tbek7kOaE9e_nt6qs1Nt&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65DSMVXGI4ZOOJSXMY3PNZ2GK3TUFZRW63JPMNWS64DJ...
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65DSMVXGI4ZOOJSXMY3PNZ2GK3TUFZRW63JPMNWS64DJPBSWYX3TPFXGGP3CNFSGIZLSHUZSMYTJMRSGK4S7OVUWIPLUMJSWWN3LJ5QUKOLFL5XHINTROMYU45BGMV4GG...
https://trends.revcontent.com/cm/pixel_sync?bidder=3&bidder_uid=tbek7kOaE9e_nt6qs1Nt&exchange_uid=NDliZThhOTZhMjk2ZGE4YTI2NjA4NmEwNjUwN2RhNmI%3D

35 B
213 B

35ms
35ms

Image
image/gif

3.234.27.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=3&bidder_uid=tbek7kOaE9e_nt6qs1Nt&exchange_uid=NDliZThhOTZhMjk2ZGE4YTI2NjA4NmEwNjUwN2RhNmI%3D
Requested by: Host: turbox-tax-refund-usa-org.jigsy.com
URL: https://turbox-tax-refund-usa-org.jigsy.com/
Protocol: H2
Server: 3.234.27.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-27-139.compute-1.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 05:50:36 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 05:50:36 GMT
P3p: CP="We do not support P3P header."
Location: https://trends.revcontent.com/cm/pixel_sync?bidder=3&bidder_uid=tbek7kOaE9e_nt6qs1Nt&exchange_uid=NDliZThhOTZhMjk2ZGE4YTI2NjA4NmEwNjUwN2RhNmI%3D
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 175
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

pixel_sync
trends.revcontent.com/cm/ Frame 0B79
Redirect Chain

https://x.bidswitch.net/sync?ssp=revcontent&rev_dt=1644904236
https://m.fg8dgt.com/sync?ssp=bidswitch&bidswitch_ssp_id=revcontent&ssp_uuid=9f2b6b6b-c6c6-4a7b-994b-78dd098554be
https://m.fg8dgt.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=revcontent&ssp_uuid=9f2b6b6b-c6c6-4a7b-994b-78dd098554be
https://x.bidswitch.net/sync?dsp_id=108&expires=14&ssp=revcontent&user_id=349e4a19-6576-4d8a-b497-4bf0ba174e8b
https://trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=9f2b6b6b-c6c6-4a7b-994b-78dd098554be

35 B
336 B

32ms
32ms

Image
image/gif

3.234.27.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=9f2b6b6b-c6c6-4a7b-994b-78dd098554be
Protocol: H2
Server: 3.234.27.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-27-139.compute-1.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 05:50:36 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

Redirect headers

Location: //trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=9f2b6b6b-c6c6-4a7b-994b-78dd098554be
Date: Tue, 15 Feb 2022 05:50:36 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

pixel_sync
trends.revcontent.com/cm/ Frame 0B79
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=revcontent&ssp_user_id=NDliZThhOTZhMjk2ZGE4YTI2NjA4NmEwNjUwN2RhNmI%3D&rev_dt=1644904236
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=revcontent&ssp_user_id=NDliZThhOTZhMjk2ZGE4YTI2NjA4NmEwNjUwN2RhNmI%3D&rev_dt=1644904236
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=NDliZThhOTZhMjk2ZGE4YTI2NjA4NmEwNjUwN2RhNmI=&bidder=154&bidder_uid=7bba594e-3dbd-4e03-94d6-e121f797c01a

35 B
215 B

30ms
30ms

Image
image/gif

3.234.27.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?exchange_uid=NDliZThhOTZhMjk2ZGE4YTI2NjA4NmEwNjUwN2RhNmI=&bidder=154&bidder_uid=7bba594e-3dbd-4e03-94d6-e121f797c01a
Requested by: Host: turbox-tax-refund-usa-org.jigsy.com
URL: https://turbox-tax-refund-usa-org.jigsy.com/
Protocol: H2
Server: 3.234.27.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-27-139.compute-1.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 05:50:36 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

Redirect headers

location: //trends.revcontent.com/cm/pixel_sync?exchange_uid=NDliZThhOTZhMjk2ZGE4YTI2NjA4NmEwNjUwN2RhNmI=&bidder=154&bidder_uid=7bba594e-3dbd-4e03-94d6-e121f797c01a
date: Tue, 15 Feb 2022 05:50:36 GMT
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2 200 6102289ceb7161-44077369.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/ Frame 0B79 16 KB
17 KB 94ms
26ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/6102289ceb7161-44077369.jpg

Requested by

Host: turbox-tax-refund-usa-org.jigsy.com
URL: https://turbox-tax-refund-usa-org.jigsy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

5f181a378fc0bf128f66daa2481e5d31f630e65d53caf1dbd993a7a17295193c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 05:50:36 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="6102289ceb7161-44077369.webp"
server-timing: fastly;dur=95;cpu=0;start=2022-01-23T17:33:18.300Z;desc=hit,rtt;dur=0
content-length: 16746
last-modified: Thu, 29 Jul 2021 18:09:04 GMT
server: Cloudinary
etag: "ddd32a4ac1a519f7badc1f358e5a1f71"
vary: Accept
x-hw: 1644904236.cds191.dc2.hn,1644904236.cds186.dc2.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 15761662380899673505.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/ Frame 0B79 13 KB
13 KB 112ms
44ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/15761662380899673505.jpg

Requested by

Host: turbox-tax-refund-usa-org.jigsy.com
URL: https://turbox-tax-refund-usa-org.jigsy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

55390a1ec3664f399ee010062d794ede6a247ee62564fed1277fcae3ec747cbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 05:50:36 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="15761662380899673505.webp"
server-timing: fastly;dur=1;cpu=0;start=2022-02-12T16:22:30.084Z;desc=hit,rtt;dur=0
content-length: 13276
last-modified: Sun, 27 Sep 2020 06:41:25 GMT
server: Cloudinary
etag: "e27e26782aa677df3f8e243e5d576825"
vary: Accept
x-hw: 1644904236.cds191.dc2.hn,1644904236.cds186.dc2.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 0B79 15 KB
15 KB 46ms
19ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://turbox-tax-refund-usa-org.jigsy.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 08:30:30 GMT
x-content-type-options: nosniff
age: 422406
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 10 Feb 2023 08:30:30 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 0B79 15 KB
15 KB 46ms
23ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://turbox-tax-refund-usa-org.jigsy.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 14:35:30 GMT
x-content-type-options: nosniff
age: 573306
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 14:35:30 GMT

POST
H2 200 imp.php Show response
trends.revcontent.com/ Frame 0B79 0
179 B 34ms
34ms XHR
text/html 3.234.27.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/imp.php

Requested by

Host: cdn.revcontent.com
URL: https://cdn.revcontent.com/build/js/rev2.min.js?v=8a3a2a6978afdbc7f3ab19beaf8d5c256995dd86&del=https://trends.revcontent.com/&lg=https://cdn.revcontent.com/assets/img/rc-logo.png&ci=https://cdn.revcontent.com/assets/img/icon-close.png&ab=https://trends.revcontent.com/rc-about.php&ldr=https://cdn.revcontent.com/assets/img/rc-spinner-md.gif&ht=https://trends.revcontent.com/rc-interests.php&env=p0&ca=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.234.27.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-234-27-139.compute-1.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Accept: */*
Referer
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 15 Feb 2022 05:50:36 GMT
access-control-allow-credentials: true
server: Apache/2.4.25 (Debian)
content-length: 0
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/html; charset=UTF-8

POST
H2 200 view.php Show response
trends.revcontent.com/ Frame 0B79 0
179 B 40ms
40ms XHR
text/html 3.234.27.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/view.php

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.234.27.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-234-27-139.compute-1.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Accept: */*
Referer
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 15 Feb 2022 05:50:36 GMT
access-control-allow-credentials: true
server: Apache/2.4.25 (Debian)
content-length: 0
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/html; charset=UTF-8

GET
H2 200 container-1.0.html Show response
resources.infolinks.com/static/ Frame 51D7 430 B
474 B 28ms
28ms Document
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/static/container-1.0.html
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1786.003-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42307b6e2231b2de1535854ab77c8fd201f88822e3f87ca3c4e8d3624ce65678

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://turbox-tax-refund-usa-org.jigsy.com/

Response headers

date: Tue, 15 Feb 2022 05:50:36 GMT
content-type: text/html; charset=UTF-8
last-modified: Wed, 17 Nov 2021 13:25:02 GMT
cache-control: max-age=2592000
expires: Thu, 17 Mar 2022 05:02:02 GMT
via: 1.1 google
cf-cache-status: HIT
age: 2914
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6ddc42762dbe4004-YYZ
content-encoding: gzip

GET
H2

200

receive
pixel.tapad.com/idsync/ex/ Frame 51D7
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_device_id=a186493c-5fa4-417f-a171-e230f6624fa5=&partner_id=3337
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=c33398d8-86d5-4658-8a81-6b737222e4b6%252C&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=94d9622f-d08e-4f7c-8987-c7464f03fe94&ttd_puid=c33398d8-86d5-4658-8a81-6b737222e4b6%2C

95 B
431 B

37ms
37ms

Image
image/png

107.178.246.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=94d9622f-d08e-4f7c-8987-c7464f03fe94&ttd_puid=c33398d8-86d5-4658-8a81-6b737222e4b6%2C

Requested by

Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/container-1.0.html

Protocol

Server

107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.246.178.107.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://resources.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 05:50:36 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

pragma: no-cache
date: Tue, 15 Feb 2022 05:50:36 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=94d9622f-d08e-4f7c-8987-c7464f03fe94&ttd_puid=c33398d8-86d5-4658-8a81-6b737222e4b6%2C
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 353

POST
H/1.1 200 535.json Show response
id5-sync.com/g/v2/ 2 KB
2 KB 396ms
100ms XHR
application/json 141.95.3.40
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/535.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156872/3103/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

141.95.3.40 , France, ASN16276 (OVH, FR),

Reverse DNS

p30.id5-sync.com

Software

Resource Hash

b394d079aaaa52e6719768dbf21f4d2c47f7c860c530afc116a531c9253d7134

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://turbox-tax-refund-usa-org.jigsy.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 15 Feb 2022 05:50:36 GMT
Vary: Origin
P3P: CP="CAO PSA OUR"
Access-Control-Allow-Origin: https://turbox-tax-refund-usa-org.jigsy.com
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 0
267 B 73ms
40ms XHR
text/plain 34.120.155.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156872/3103/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.155.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.155.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://turbox-tax-refund-usa-org.jigsy.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 15 Feb 2022 05:50:37 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://turbox-tax-refund-usa-org.jigsy.com
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET
H2 200 id Show response
id.crwdcntrl.net/ 154 B
837 B 101ms
41ms XHR
application/json 35.171.137.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156872/3103/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.171.137.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-137-144.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 8648add7a09c2c53e0879edc3d345eba309673c579e5b3621c81b42d4cdd2811

Request headers

Referer: https://turbox-tax-refund-usa-org.jigsy.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 05:50:37 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://turbox-tax-refund-usa-org.jigsy.com
cache-control: no-cache
x-server: 10.40.15.234
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 154
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 108 B
698 B 24ms
24ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156872/3103/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 0f16a5db66dbc6b59588b12d52e956a73278afc94bbf36b60e464b5b3d48058a

Request headers

Referer: https://turbox-tax-refund-usa-org.jigsy.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 15 Feb 2022 05:50:37 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://turbox-tax-refund-usa-org.jigsy.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 108
expires: Thu, 17 Mar 2022 05:50:37 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.mathtag.com
URL: https://sync.mathtag.com/sync/img?mt_exid=10019&redir=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1678944572%26mi%3D10%26csh%3D1509139146%3B1402230080%3B1709765917%3B1486637409%3B396218182%3B1072441116%26rnd%3D-1257170138%26pcid=[MM_UUID]

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

135 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
turbox-tax-refund-usa-org.jigsy.com/	1969-12-31 23:59:59	Name: logglytrackingsession Value: bf2c7622-2083-4ab0-97b2-4dfe24d29869
.infolinks.com/	1970-01-20 18:26:16	Name: cuid Value: a186493c-5fa4-417f-a171-e230f6624fa5
.openx.net/	1970-01-20 09:40:40	Name: i Value: f506e08d-6282-4ab0-a415-6df75dadd43e\|1644904235
.adnxs.com/	1970-01-20 03:04:40	Name: uuid2 Value: 8398611822624236906
.adkernel.com/	1970-01-20 01:38:16	Name: ADKUID Value: A4404281201796502908
.yahoo.com/	1970-01-20 09:41:01	Name: A3 Value: d=AQABBCs_C2ICEMgV56LBhQX6LNi3rPuk8hwFEgEBAQGQDGIVYgAAAAAA_eMAAA&S=AQAAAk2kD-pzXcv0M0t7R_xA2A0
.360yield.com/	1970-01-20 03:04:40	Name: tuuid Value: 0fecdec8-a8da-45a8-b14c-1df2b2fb71b8
.360yield.com/	1970-01-20 03:04:40	Name: tuuid_lu Value: 1644904235
.casalemedia.com/	1970-01-20 09:40:40	Name: CMID Value: Ygs-K178iZntz-S7AOMXMQAA
.casalemedia.com/	1970-01-20 03:04:40	Name: CMPS Value: 465
.pubmatic.com/	1970-01-20 00:56:30	Name: KTPCACOOKIE Value: YES
.tynt.com/	1970-01-20 09:40:40	Name: uid Value: Fz+9X2ILPyvkSE0ablDViA==
.go.sonobi.com/	1970-01-20 01:38:16	Name: __uis Value: 50587769-8de6-4789-b6b0-6fe7401b30da
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8S Value: s8538\|Ygs/K
.pubmatic.com/	1970-01-20 03:04:40	Name: KADUSERCOOKIE Value: A241C4FE-B278-4470-B7AF-96A8DCBBAF52
.infolinks.com/	1970-01-20 00:56:30	Name: EARNUSERCOOKIE Value: A4404281201796502908
.infolinks.com/	1970-01-20 00:56:30	Name: OXUSERCOOKIE Value: 0d3dfd45-d8d1-42cb-bf0c-92edc12d4256
.casalemedia.com/	1970-01-20 03:04:40	Name: CMPRO Value: 539
.casalemedia.com/	1970-01-20 00:56:30	Name: CMST Value: Ygs-K2ILPysA
turbox-tax-refund-usa-org.jigsy.com/	1970-01-20 01:38:16	Name: _pbjs_userid_consent_data Value: 3524755945110770
.tynt.com/	1970-01-20 03:04:40	Name: pids Value: %5B%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1644904235240%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1644904235240%7D%2C%7B%22p%22%3A%22bac1bc34e2%22%2C%22f%22%3A1%2C%22ts%22%3A1644904235240%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1644904235240%7D%2C%7B%22p%22%3A%2222833ea406%22%2C%22f%22%3A1%2C%22ts%22%3A1644904235240%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1644904235240%7D%5D
.zemanta.com/	1970-01-20 09:40:40	Name: zuid Value: tbek7kOaE9e_nt6qs1Nt
.infolinks.com/	1970-01-20 03:04:40	Name: ANUSERCOOKIE Value: 8398611822624236906
.jigsy.com/	1970-01-20 05:14:16	Name: _pubcid Value: a54780bd-0a59-4ea8-8ec5-b19a583bab08
.infolinks.com/	1970-01-20 00:56:30	Name: SONOBIUSERCOOKIE Value: 50587769-8de6-4789-b6b0-6fe7401b30da
.infolinks.com/	1970-01-20 00:55:07	Name: IMDUSERCOOKIE Value: 0fecdec8-a8da-45a8-b14c-1df2b2fb71b8
.infolinks.com/	1970-01-20 00:56:30	Name: VRUSERCOOKIE Value: y-nrsL445E2uHYkjufupiETNyIAN77yiIZi4KiM_0-~A
.advertising.com/	1970-01-20 09:42:06	Name: APID Value: UP31dc66b4-8e23-11ec-a0bc-0a7d59dd54f1
.bnmla.com/	1970-01-20 00:55:04	Name: rx_sspurl_1000361 Value: https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fenbd-usync%3Fuid%3Dc0176cf6-be98-4b71-a892-9087a348225d
.bnmla.com/	1970-01-20 01:16:40	Name: rx_uuid Value: c0176cf6-be98-4b71-a892-9087a348225d
.bnmla.com/	1970-01-20 01:16:40	Name: rx_maxage_1000361 Value: 1646200235
.bnmla.com/	1970-01-20 00:55:04	Name: rx_sspid_1000361 Value: 1_6_170_162_175_181_19_203_213
.lijit.com/	1970-01-20 09:40:40	Name: ljt_reader Value: 2ed50f70ed04a87e959d4673
.infolinks.com/	1970-01-20 00:56:30	Name: IXUSERCOOKIE Value: Ygs-K178iZntz-S7AOMXMQAA&539
.rfihub.com/	1970-01-20 10:16:40	Name: rud Value: H4sIAAAAAAAAAOMSNjS3MDY3Nzc2NDQ0NTGzNLU0MhbiM9TNT0kqCys2DMnLNcmT4jU0MzGxNDAxMjY1NjMAALCRlxg0AAAA
.rfihub.com/	1970-01-20 10:16:40	Name: eud Value: H4sIAAAAAAAAAFslzmtoZmJiaWBiZGxqbGYIADw4WS4QAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNjS3MDY3Nzc2NDQ0NTGzNLU0MhbiM9TNT0kqCys2DMnLNckDAAwxtGwlAAAA
.adsrvr.org/	1970-01-20 09:40:40	Name: TDID Value: 94d9622f-d08e-4f7c-8987-c7464f03fe94
.analytics.yahoo.com/	1970-01-20 09:42:06	Name: IDSYNC Value: "192u~238t:190u~238t:18xp~238t"
.33across.com/	1970-01-20 09:40:40	Name: 33x_ps Value: u%3D1907379469812%3As1%3D1644904235390%3Ats%3D1644904235390
.contextweb.com/	1970-01-20 09:33:28	Name: V Value: tmYIl0w4e6ky
.contextweb.com/	1970-01-20 09:40:40	Name: pb_rtb_ev Value: 3-1c6o\|7hP.0.1
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: f56436495cc5c93f
.infolinks.com/	1970-01-20 00:56:30	Name: ZTUSERCOOKIE Value: 1783777311154695923
.bidswitch.net/	1970-01-20 09:40:40	Name: c Value: 1644904235
.bidswitch.net/	1970-01-20 09:40:40	Name: tuuid_lu Value: 1644904235
.bidswitch.net/	1970-01-20 09:40:40	Name: tuuid Value: 9f2b6b6b-c6c6-4a7b-994b-78dd098554be
.crwdcntrl.net/	1970-01-20 07:23:49	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 07:23:49	Name: _cc_id Value: 8fe82f8c4f23acdf10e7857f8680604a
.infolinks.com/	1970-01-20 00:56:30	Name: KADUSERCOOKIE Value: A241C4FE-B278-4470-B7AF-96A8DCBBAF52~1644904321814
.amazon-adsystem.com/	1970-01-20 06:23:23	Name: ad-id Value: A7rxBDIWpECzuqsYUdDFBIw
.amazon-adsystem.com/	1970-01-21 21:49:18	Name: ad-privacy Value: 0
.infolinks.com/	1970-01-20 03:04:40	Name: 33AUSERCOOKIE Value: 1907379469756
.doubleclick.net/	1970-01-20 18:26:16	Name: IDE Value: AHWqTUnSZGrNbE0FzyDfLUzwk3GQ43H5nX7h5UMnAUT-Ii5HYdu-Dfmh8dILxuexAxo
.intentiq.com/	1970-01-20 18:26:16	Name: IQver Value: 1.9
.intentiq.com/	1970-01-20 18:26:16	Name: intentIQ Value: TrhAOXoDTg
.1rx.io/	1970-01-20 09:40:40	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-9e3e1265-27d4-47fd-bcac-8cdac7edf059-005%22%2C%22nxtrdr%22%3Afalse%7D
.infolinks.com/	1970-01-20 00:56:30	Name: OUTHUSERCOOKIE Value: y-fJGPVYZE2uFN8AwZL8TGccEqtJvLMF7b~A~UP31dc66b4-8e23-11ec-a0bc-0a7d59dd54f1
.dotomi.com/	1970-01-20 00:55:04	Name: DotomiTest Value: 4f820c5954ef11fe
.turn.com/	1970-01-20 05:14:16	Name: uid Value: 4180921261382315743
.pubmatic.com/	1970-01-20 03:04:40	Name: PUBMDCID Value: 2
.infolinks.com/	1970-01-20 00:56:30	Name: SOVRNUSERCOOKIE Value: 2ed50f70ed04a87e959d4673
.casalemedia.com/	1970-01-20 09:40:40	Name: CMRUM3 Value: dd620b3f2b2760&33620b3f2b05a0&e6620b3f2b2760&2d620b3f2b05a0&bc620b3f2b05a0&f1620b3f2b05a0&04620b3f2b27604180921261382315743&27620b3f2b276094d9622f-d08e-4f7c-8987-c7464f03fe94
.mathtag.com/	1970-01-20 10:20:59	Name: uuid Value: 1a24620b-3f2b-4100-80af-ad5f3b5769ff
.intentiq.com/	1970-01-20 18:26:16	Name: intentIQCDate Value: 1644904235505
.intentiq.com/	1969-12-31 23:59:59	Name: IIQinfolinksCookieSync Value: 1644904235508
.intentiq.com/	1970-01-20 18:26:16	Name: ASDT Value: 0
.pubmatic.com/	1970-01-20 00:56:30	Name: pi Value: 156872:3
.mookie1.com/	1970-01-20 10:23:52	Name: id Value: 10593732964271608614
.mookie1.com/	1970-01-20 10:23:52	Name: mdata Value: 1\|10593732964271608614\|1644904235526
.mookie1.com/	1970-01-20 10:23:52	Name: ov Value: 667eebf0d49c50211ba1e3dae605f714
turbox-tax-refund-usa-org.jigsy.com/	1970-01-20 10:16:40	Name: cto_bidid Value: l-_QL19veDA3dCUyRmRIbG5GbEFKTXBMSWhMNnpxcU5mOHZENWhLT1RiWUFZYThsZVh4UWwlMkJQeHRCeVlZRDkwamFBeTIlMkJEa0J2UlRMTkRYVDBRTGhuOW9ZMlVOUSUzRCUzRA
turbox-tax-refund-usa-org.jigsy.com/	1970-01-20 10:16:40	Name: cto_bundle Value: iUIdSl80eVhxQWd4S0JHQ1FwM0hDRzV0ckl4bCUyRmJac1F3bm9uTmI0dE1SSUJ3RVFCZVFvQWxhd1FaV25zJTJCMUQ0WUFpSFlLY3UlMkI2Sm1zJTJCM1htZzJUU3R6WHNaOFliQlZ2RkRrMURlR1drSHFMMkdkSEg0cm1pdDBFJTJCSUlrOEclMkZCWTRiVg
.cpx.to/	1970-01-20 09:40:40	Name: cpSess Value: fa5216333930fdd
.cpx.to/	1970-01-20 09:40:40	Name: dsp_app_nexus Value: 8398611822624236906#1644904235543
.pswec.com/	1970-01-20 18:26:16	Name: tuuid Value: d02bb0d1-11ae-435b-8479-adebe9024254
.pswec.com/	1970-01-20 18:26:16	Name: c Value: 1644904235
.pswec.com/	1970-01-20 18:26:16	Name: tuuid_lu Value: 1644904235
.targeting.unrulymedia.com/	1970-01-20 09:40:40	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-9e3e1265-27d4-47fd-bcac-8cdac7edf059-005%22%7D
.rubiconproject.com/	1970-01-20 09:40:40	Name: khaos Value: KZNPIF6B-V-LJU0
.tapad.com/	1970-01-20 02:21:28	Name: TapAd_TS Value: 1644904235604
.tapad.com/	1970-01-20 02:21:28	Name: TapAd_DID Value: c33398d8-86d5-4658-8a81-6b737222e4b6
.pubmatic.com/	1970-01-20 03:04:40	Name: KRTBCOOKIE_80 Value: 16514-CAESENWc59J5gG1aojk8Nn87dlA&KRTB&22987-CAESENWc59J5gG1aojk8Nn87dlA&KRTB&23025-CAESENWc59J5gG1aojk8Nn87dlA
.pubmatic.com/	1970-01-20 03:04:40	Name: SyncRTB3 Value: 1646092800%3A21_220_13
.infolinks.com/	1970-01-20 03:04:40	Name: ZMNUSERCOOKIE Value: tbek7kOaE9e_nt6qs1Nt
.infolinks.com/	1970-01-20 00:56:30	Name: R1USERCOOKIE Value: RX-9e3e1265-27d4-47fd-bcac-8cdac7edf059-005
.infolinks.com/	1970-01-20 00:56:30	Name: PUBMUSERCOOKIE Value: A241C4FE-B278-4470-B7AF-96A8DCBBAF52
.mookie1.com/	1970-01-20 01:09:28	Name: syncdata_TAP Value: 1
.mathtag.com/	1970-01-20 01:38:16	Name: mt_mop Value: 9:1644904235
.simpli.fi/	1970-01-20 09:42:06	Name: suid Value: 6EFDE42DC85B4379A055DF1A399569F2
.everesttech.net/	1970-01-20 09:40:40	Name: everest_g_v2 Value: g_surferid~Ygs-KwAGVYSHRQBB
.pubmatic.com/	1970-01-20 01:38:16	Name: KRTBCOOKIE_148 Value: 19421-uid:6EFDE42DC85B4379A055DF1A399569F2
.pubmatic.com/	1970-01-20 01:38:16	Name: PugT Value: 1644878663
.rlcdn.com/	1970-01-20 09:40:40	Name: rlas3 Value: QsxhmUiB4Ph2qN/LED1J/55Z98/5cNKSBnIudM2VNxA=
.rlcdn.com/	1970-01-20 02:21:28	Name: pxrc Value: CAA=
.pubmatic.com/	1970-01-20 03:04:40	Name: chkChromeAb67Sec Value: 6
.turbox-tax-refund-usa-org.jigsy.com/	1970-01-20 09:40:40	Name: fc Value: %7B%22MzU2fjE4ODU%22%3A%221%3A1644904235834%22%7D
.turbox-tax-refund-usa-org.jigsy.com/	1970-01-20 09:40:40	Name: pv Value: %7B%22d%22%3A%221%3A1644904235835%22%7D
.intentiq.com/	1969-12-31 23:59:59	Name: IQPubmaticCookieSync Value: 1644904235844
.agkn.com/	1970-01-20 09:40:40	Name: ab Value: 0001%3A%2FpG6xPXWqWvCOS5eBjEQp%2BbI4xzoXbzT
.rubiconproject.com/	1970-01-20 09:40:40	Name: audit Value: 1\|tFSXvcN7ke+CVXxST3z9t407atP8whBGlAeHvJz8FYbWaDs14xzbSOK7NhnrTa146YCdW5w98ekiZ07GJqnMno4BjqNRGrmz
.mookie1.com/	1970-01-20 01:09:28	Name: syncdata_NEU Value: 1
.intentiq.com/	1969-12-31 23:59:59	Name: IQAppnexusCookieSync Value: 1644904235919
.infolinks.com/	1970-01-20 00:55:11	Name: tv Value: \|MzU2fjE4ODU~1
.intentiq.com/	1969-12-31 23:59:59	Name: IQOpenxPrimisCookieSync Value: 1644904235987
.lijit.com/	1970-01-20 09:40:40	Name: _ljtrtb_8101 Value: TrhAOXoDTg
.intentiq.com/	1969-12-31 23:59:59	Name: IQSovernCookieSync Value: 1644904236087
.intentiq.com/	1970-01-20 18:26:16	Name: IQadv Value: 1644904236087
.mfadsrvr.com/	1970-01-20 18:26:16	Name: tuuid Value: 7bba594e-3dbd-4e03-94d6-e121f797c01a
.mfadsrvr.com/	1970-01-20 18:26:16	Name: c Value: 1644904236
.mfadsrvr.com/	1970-01-20 18:26:16	Name: tuuid_lu Value: 1644904236
.spotxchange.com/	1970-01-20 09:40:44	Name: audience Value: 327bf7c7-8e23-11ec-859e-11d0974d0403
.mfadsrvr.com/	1970-01-20 18:26:16	Name: ssh Value: !revcontent,1644904236
.fg8dgt.com/	1970-01-20 18:26:16	Name: tuuid Value: 349e4a19-6576-4d8a-b497-4bf0ba174e8b
.fg8dgt.com/	1970-01-20 18:26:16	Name: c Value: 1644904236
.fg8dgt.com/	1970-01-20 18:26:16	Name: tuuid_lu Value: 1644904236
.revcontent.com/	1970-01-20 00:59:23	Name: v1_3 Value: 1
.revcontent.com/	1970-01-20 00:59:23	Name: v1_154 Value: 1
.intentiq.com/	1969-12-31 23:59:59	Name: IQSpotXPrimisCookieSync Value: 1644904236436
.intentiq.com/	1970-01-20 18:26:16	Name: CSDT Value: UEQ6MTUxMjBfMCZTeFVBWGl1IzIzXzAmU3hVQVhkSCMyNF8wJlN4VUFYWk0jMTUwMTlfMCZTeFVBWFR3IzEwMTM5XzAmU3hVQVhhWiMxNTExNV8wJlN4VUFYYmY
.intentiq.com/	1970-01-20 18:26:16	Name: IQPData Value: 2503514551#1644904236436#0#1644904235503
.revcontent.com/	1970-02-07 06:55:04	Name: __ID Value: 52e3fc32655844448b0c741c5e8881f6
.revcontent.com/	1970-01-20 00:57:57	Name: v1_118 Value: 1
.adsrvr.org/	1970-01-20 09:40:40	Name: TDCPM Value: CAESFAoFdGFwYWQSCwi4y83xo5S4OhAFGAEgASgCMgsIuMPQnrqUuDoQBTgBWgV0YXBhZGAC
.tapad.com/	1970-01-20 02:21:28	Name: TapAd_3WAY_SYNCS Value: 1!1109
turbox-tax-refund-usa-org.jigsy.com/	1970-01-20 00:55:07	Name: _lr_retry_request Value: true
turbox-tax-refund-usa-org.jigsy.com/	1970-01-20 01:38:16	Name: _lr_env_src_ats Value: false
turbox-tax-refund-usa-org.jigsy.com/	1970-01-20 02:21:28	Name: pbjs-unifiedid Value: %7B%22TDID%22%3A%2294d9622f-d08e-4f7c-8987-c7464f03fe94%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-01-15T05%3A50%3A37%22%7D
.crwdcntrl.net/	1970-01-20 07:23:52	Name: _cc_cc Value: "ACZ4XmNQsEhLtTBKs0g2STMyTkxOSTM0SDW3MDVPszCzMDAzMElkAIIkbntdEA0FAFLwCc0%3D"
.crwdcntrl.net/	1970-01-20 07:23:52	Name: _cc_aud Value: "ABR4XmNgYGBI4rbXBVJQAAAK4ADa"
.jigsy.com/	1969-12-31 23:59:59	Name: panoramaId_expiry Value: 1645509037343
.jigsy.com/	1970-01-20 07:23:52	Name: _cc_id Value: 8fe82f8c4f23acdf10e7857f8680604a
.jigsy.com/	1969-12-31 23:59:59	Name: panoramaId Value: 1f50bb5bb45b6b53384ac79b8f1316d53938e4f34ba03a565947a5bde6f6f4bf
.id5-sync.com/	1970-01-20 03:04:40	Name: 3pi Value:
.id5-sync.com/	1970-01-20 03:04:40	Name: id5 Value: 2d14cba8-cd44-3044-9e93-2b5cddf09a82#1644904237616#1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://turbox-tax-refund-usa-org.jigsy.com/ Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://match.bnmla.com/usersync?dspid=1&uuid=tmYIl0w4e6ky&ev=1&us_privacy=${us_privacy}&pid=558752 Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://sync.mathtag.com/sync/img?mt_exid=10019&redir=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1678944572%26mi%3D10%26csh%3D1509139146%3B1402230080%3B1709765917%3B1486637409%3B396218182%3B1072441116%26rnd%3D-1257170138%26pcid=[MM_UUID] Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1258 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

33across-match.dotomi.com
aa.agkn.com
ad.360yield.com
ad.turn.com
ads.pubmatic.com
ads.yahoo.com
ap.lijit.com
api.intentiq.com
api.rlcdn.com
assets.bnidx.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bh.contextweb.com
cdn.revcontent.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms-xch-chicago.33across.com
cms-xch.33across.com
code.jquery.com
de.tynt.com
dsp.adkernel.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
hde.tynt.com
ib.adnxs.com
id.crwdcntrl.net
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
images.revcontent.com
imasdk.googleapis.com
m.fg8dgt.com
match.adsrvr.org
match.bnmla.com
maxcdn.bootstrapcdn.com
mug.criteo.com
odr.mookie1.com
onetag-sys.com
p.rfihub.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
resources.infolinks.com
router.infolinks.com
rt3045.infolinks.com
rtb.adentifi.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
s.cpx.to
secure-assets.rubiconproject.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
stags.bluekai.com
sync-tm.everesttech.net
sync.1rx.io
sync.go.sonobi.com
sync.mathtag.com
sync.targeting.unrulymedia.com
t.pswec.com
token.rubiconproject.com
trends.revcontent.com
turbox-tax-refund-usa-org.jigsy.com
u.openx.net
ups.analytics.yahoo.com
x.bidswitch.net
sync.mathtag.com
104.107.5.93
104.36.115.114
107.178.246.49
13.225.230.52
141.95.3.40
142.250.80.98
15.197.193.217
151.101.2.49
151.139.128.11
172.66.42.247
174.137.133.49
198.148.27.140
199.127.204.142
199.38.167.128
2001:4998:14:800::1001
2001:4de0:ac18::1:a:3a
209.54.180.3
216.200.232.249
23.209.184.224
23.54.68.197
23.54.68.240
2600:1f18:4e9:5a02:1f9d:78fd:b4f5:2185
2600:9000:21ec:5200:1a:609a:6780:93a1
2606:4700::6810:135e
2606:4700::6812:acf
2606:ae80:1451:12::1690
2607:f8b0:4006:816::200a
2607:f8b0:4006:820::2003
2607:f8b0:4006:822::200a
2620:100:a001::c
2620:112:f002:bbbb::21
3.216.115.49
3.217.116.229
3.234.27.139
34.117.239.71
34.120.155.137
34.196.42.166
34.255.81.31
34.98.64.218
35.171.137.144
35.190.60.146
35.190.90.30
35.207.24.140
35.211.141.197
35.211.178.172
38.27.122.101
51.222.39.185
52.20.97.150
52.205.171.189
52.45.33.138
54.90.233.89
63.251.86.50
64.74.236.31
65.39.176.77
67.202.105.24
67.202.105.32
68.67.179.155
69.166.1.10
69.173.151.100
70.33.222.6
74.119.119.139
8.28.7.82
8.28.7.83
034267c82673796f2f6fe56a3ef4230b47ddae481fd0d4bdd7a7038a1b332648
035f76cad89b4436226962589da4573cdba89378ed3ef64029e73035d4e122c5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f16a5db66dbc6b59588b12d52e956a73278afc94bbf36b60e464b5b3d48058a
154c955cdfcf4d64ee3406feb9c78ff356d22a66937620de997f169877c84f17
15e337c1ce426c5e9963c06fb99f42eb20bddef73f2e054f59bccf2fce8b1ffd
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
1d3cc74bdade25c9fd2992964780f06539ea7bf07d03b4da7d0d76afb9b016e9
2740dc691aeb3add71f54034b04fa4adf6f2b544940298d3bf215a62e88da4b8
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30adcceef958c38a02a02125fb5794f73e88cd388a62ac554c5d406cab2dd431
359836ef917e6a8d43dadfe1a427808c18656f6df8290b4010e2439b43a440b4
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37dcad0aea3a8073c2a28d1e2f2f5ce73a033ee61c9c961adf056d5fdf9bf5a0
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42307b6e2231b2de1535854ab77c8fd201f88822e3f87ca3c4e8d3624ce65678
42f0e3f418af22ea338416b21575bc35731ceb4a5f9a9a22965722c77a2b410c
4672d29f833a7f7cc73b07fb9de14be1ebe2d293a913fe5196191e89ae5037b6
477a95228c963cad1c13967a9b3eee0db6f9813cbc3c9a0aa13d00a46e472853
483bc7d183e97ee75656a646640e2387bc579e657a4a92aa6b61ada0c95a5721
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
54829ef6edbc5fb8f6bd00c6e4f677b1093943e47d9d2528e25fbd08533f83e7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55390a1ec3664f399ee010062d794ede6a247ee62564fed1277fcae3ec747cbb
5f181a378fc0bf128f66daa2481e5d31f630e65d53caf1dbd993a7a17295193c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7622871b897686f7e6907e17c5e13fad90f01d552185f2be61a09f574dd379a3
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b6af6361d1836d3d5864f9a8e42e5201f432a518ff7a73fed6e64af10daeee9
7c19f9773bb4040fd3aafec5bc3fe0fa825e3273621e50058f7f241a478cea9e
7feae16364e32e2050e215d4ddb72b1afd8be3c272eb6b5117876b9246ae9ae4
84e18d9144b52818f5ce1d7458c677100251597dacdecba06225b9ff265670ad
8648add7a09c2c53e0879edc3d345eba309673c579e5b3621c81b42d4cdd2811
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8882c05ade8d73602a50fccfc5e3d2ad0ff2427e6c7adafc2d8f13a1da7f1ec4
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
9323495b1e5df287a7c0ab02be4a6a1fbcc9b3e5ed803ab43ec9385f785dbbd4
95efc6a1b0e18636b608c1280049e1e31e5dac2f28c111ae489cea912f8b927b
a7538a4c5a9d01a52a3b00bbd937d837a63ec19aac30cd8e9876c33d87161627
b066bc46bdf31b728f9d50e87593957e57e77920477bfb60d9543e6289d4688c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16451935f2c828efe085e9e3419bf041c99f38143e720bcec92780379198369
b1ebdd84bcc4265a86fc9765b670bce97d668e11ee0c9bee5ec9d8f5f507d646
b2bdac211f43fbee9eeb4d50f8755206599f76296cd15316a97c9d2cb2050d2f
b34c0a3651292fe7652a929be7b36f17fcf40d1f0150a01989e0707527d489b2
b394d079aaaa52e6719768dbf21f4d2c47f7c860c530afc116a531c9253d7134
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c0d3439d6d0c55feb5e28a9d9f22d9c9757f0ceac69fe58a0a6dc10ae6e7c0ce
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3a874cea695b471953b4b56f79a6227003eba08e2d12a637095475d6333bf37
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf624cca88c1828e4dc1a61151d2ce6e826191ba2223f4cf4cdacc1d8a52981b
cfd9bd8cba6101b2aea532c6e97999727d60f644e4ac81acbbc5a97c2646eec4
d40000464c06127197135256da45cc0a3a2abda2e34b5d53a0e937c3bd23330f
d51fc32f16709946cd68db3ca2ab3a88d7e8bf7dad9a28834a51e19aed8c3a8d
d7d277ad3ded41d89d82daaa750df136efbe19dec4a0ffda83fd31d651e2d316
e27f5bea73fe9e9b2b90bc52e14e0e562a515167e3146f7b4453427a86c46dba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb9831a6f22046a48da07318205a01f6f6eeba4b997de7a261da74b7a2104ee3
eded12927f58b27c9311a59faf78cff563208a205e1e179ac664b6d5ed32a10a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
feeb377a08b6715a7498491547c727a8bb2e0d8e819ab0eebd33d4b84af51c94

turbox-tax-refund-usa-org.jigsy.com Open in urlscan Pro 70.33.222.6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

105 Requests

59 %HTTPS

19 %IPv6

51 Domains

72 Subdomains

36 IPs

5 Countries

910 kBTransfer

2510 kBSize

135 Cookies

4 Outgoing links

Page URL History

Redirected requests

105 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

turbox-tax-refund-usa-org.jigsy.com Open in urlscan Pro
70.33.222.6 Public Scan

Screenshot
Live screenshot

Full Image

105
Requests

59 %
HTTPS

19 %
IPv6

51
Domains

72
Subdomains

36
IPs

5
Countries

910 kB
Transfer

2510 kB
Size

135
Cookies

105 HTTP transactions
0 data transactions