www.refundselection.com Open in urlscan Pro
156.55.92.236 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.refundselection.com/
Effective URL:
https://www.refundselection.com/refundselection/
Submission: On December 17 via manual (December 17th 2018, 2:35:31 pm UTC) from US

Summary HTTP 53 Redirects Behaviour Indicators

Summary

This website contacted 27 IPs in 6 countries across 23 domains to perform 53 HTTP transactions. The main IP is 156.55.92.236, located in Milwaukee, United States and belongs to FNIS - Fidelity National Information Services, Inc., US. The main domain is www.refundselection.com.
TLS certificate: Issued by RapidSSL RSA CA 2018 on May 10th 2018. Valid for: 2 years.

This is the only time www.refundselection.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 14	156.55.92.236 156.55.92.236	18434 (FNIS) (FNIS - Fidelity National Information Services)
8	23.38.53.224 23.38.53.224	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	23.211.0.20 23.211.0.20	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2	66.117.29.3 66.117.29.3	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
1 2	185.34.188.75 185.34.188.75	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
1	2a02:26f0:6c0... 2a02:26f0:6c00:196::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2.18.233.40 2.18.233.40	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
6 7	54.246.126.140 54.246.126.140	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2600:9000:204... 2600:9000:2047:b800:b:6d87:aa40:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	35.190.94.112 35.190.94.112	15169 (GOOGLE) (GOOGLE - Google LLC)
1	107.178.240.136 107.178.240.136	15169 (GOOGLE) (GOOGLE - Google LLC)
1	35.186.240.235 35.186.240.235	15169 (GOOGLE) (GOOGLE - Google LLC)
2	130.211.47.17 130.211.47.17	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1 2	35.156.114.230 35.156.114.230	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	213.19.162.90 213.19.162.90	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
2	151.101.2.2 151.101.2.2	54113 (FASTLY) (FASTLY - Fastly)
8 9	54.228.214.110 54.228.214.110	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC - PubMatic)
1 2	18.194.56.169 18.194.56.169	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1288:110... 2a00:1288:110:833::4000	34010 (YAHOO-IRD) (YAHOO-IRD)
1 2	18.153.11.16 18.153.11.16	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	37.252.172.80 37.252.172.80	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	52.44.134.29 52.44.134.29	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 2	173.241.240.143 173.241.240.143	36089 (OPENX-AS1) (OPENX-AS1 - OPENX TECHNOLOGIES)
1 1	216.58.207.66 216.58.207.66	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
53	27

14 156.55.92.236 (Milwaukee, United States) 3 redirects

ASN18434 (FNIS - Fidelity National Information Services, Inc., US)
PTR: refundselection.com

www.refundselection.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.38.53.224 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-38-53-224.deploy.static.akamaitechnologies.com

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.211.0.20 (Cambridge, United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-211-0-20.deploy.static.akamaitechnologies.com

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.117.29.3 (Lehi, United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)

higherone.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.34.188.75 (Netherlands) 1 redirects

ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: higheroneaccount.com.ssl.d1.sc.omtrdc.net

smetrics.higheroneaccount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:196::19fd (European Union)

ASN20940 (AKAMAI-ASN1, US)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.233.40 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-40.deploy.static.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.246.126.140 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-246-126-140.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2047:b800:b:6d87:aa40:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

pixel.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.94.112 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 112.94.190.35.bc.googleusercontent.com

data.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.240.136 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 136.240.178.107.bc.googleusercontent.com

page.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.240.235 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 235.240.186.35.bc.googleusercontent.com

view.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.47.17 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 17.47.211.130.bc.googleusercontent.com

ids.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
e.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.114.230 (Frankfurt, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-156-114-230.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (European Union) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.162.90 (United Kingdom)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.2 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 54.228.214.110 (Dublin, Ireland) 8 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-228-214-110.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.194.56.169 (Cambridge, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-194-56-169.eu-central-1.compute.amazonaws.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:833::4000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.153.11.16 (Cambridge, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-153-11-16.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.80 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 152.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.44.134.29 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-44-134-29.compute-1.amazonaws.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.241.240.143 (New York, United States) 1 redirects

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-143.xa.dc.openx.org

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.207.66 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s25-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	adroll.com 14 redirects s.adroll.com d.adroll.com	25 KB
14	refundselection.com 3 redirects www.refundselection.com	366 KB
9	typekit.net use.typekit.net p.typekit.net	194 KB
3	cdnbasket.net data.cdnbasket.net page.cdnbasket.net view.cdnbasket.net	1 KB
3	cdnwidget.com pixel.cdnwidget.com ids.cdnwidget.com e.cdnwidget.com	25 KB
3	adobedtm.com assets.adobedtm.com	86 KB
2	openx.net 1 redirects us-u.openx.net	599 B
2	bidswitch.net 1 redirects x.bidswitch.net	1 KB
2	3lift.com 1 redirects eb2.3lift.com	979 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	advertising.com 1 redirects pixel.advertising.com	646 B
2	facebook.net connect.facebook.net	58 KB
2	higheroneaccount.com 1 redirects smetrics.higheroneaccount.com	2 KB
2	omtrdc.net higherone.tt.omtrdc.net	1006 B
1	facebook.com www.facebook.com	248 B
1	doubleclick.net 1 redirects cm.g.doubleclick.net	442 B
1	rlcdn.com idsync.rlcdn.com	34 B
1	adnxs.com ib.adnxs.com	924 B
1	yahoo.com ads.yahoo.com	1 KB
1	taboola.com trc.taboola.com	250 B
1	pubmatic.com simage2.pubmatic.com	817 B
1	outbrain.com sync.outbrain.com	283 B
1	rubiconproject.com pixel.rubiconproject.com	371 B
53	23

	Domain	Requested by
16	d.adroll.com	14 redirects s.adroll.com
14	www.refundselection.com	3 redirects www.refundselection.com
8	use.typekit.net	www.refundselection.com use.typekit.net
4	s.adroll.com	www.refundselection.com s.adroll.com
3	assets.adobedtm.com	www.refundselection.com assets.adobedtm.com
2	us-u.openx.net	1 redirects
2	x.bidswitch.net	1 redirects
2	eb2.3lift.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	pixel.advertising.com	1 redirects
2	connect.facebook.net	s.adroll.com connect.facebook.net
2	smetrics.higheroneaccount.com	1 redirects www.refundselection.com
2	higherone.tt.omtrdc.net	assets.adobedtm.com www.refundselection.com
1	www.facebook.com
1	cm.g.doubleclick.net	1 redirects
1	idsync.rlcdn.com
1	ib.adnxs.com
1	ads.yahoo.com
1	trc.taboola.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	pixel.rubiconproject.com
1	e.cdnwidget.com
1	ids.cdnwidget.com	pixel.cdnwidget.com
1	view.cdnbasket.net	pixel.cdnwidget.com
1	page.cdnbasket.net	pixel.cdnwidget.com
1	data.cdnbasket.net	pixel.cdnwidget.com
1	pixel.cdnwidget.com	s.adroll.com
1	p.typekit.net	www.refundselection.com
53	29

This site contains no links.

Subject Issuer	Validity	Valid
www.refundselection.com RapidSSL RSA CA 2018	`2018-05-10` - `2020-05-09`	2 years	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2018-07-20` - `2020-01-03`	a year	crt.sh
assets.adobedtm.com DigiCert SHA2 High Assurance Server CA	`2018-04-06` - `2019-04-11`	a year	crt.sh
*.tt.omtrdc.net DigiCert SHA2 High Assurance Server CA	`2017-10-19` - `2020-11-25`	3 years	crt.sh
smetrics.higheroneaccount.com DigiCert SHA2 High Assurance Server CA	`2018-03-06` - `2019-06-04`	a year	crt.sh
*.adroll.com DigiCert SHA2 Secure Server CA	`2018-02-14` - `2019-02-14`	a year	crt.sh
*.cdnwidget.com COMODO RSA Domain Validation Secure Server CA	`2018-03-01` - `2019-03-01`	a year	crt.sh
*.cdnbasket.net Go Daddy Secure Certificate Authority - G2	`2018-09-19` - `2019-09-27`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2017-12-15` - `2019-03-22`	a year	crt.sh
pixel.advertising.com DigiCert SHA2 High Assurance Server CA	`2017-06-14` - `2020-06-18`	3 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2018-04-16` - `2019-02-06`	10 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2016-01-12` - `2019-03-01`	3 years	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2018-12-03` - `2019-09-07`	9 months	crt.sh
*.pubmatic.com COMODO RSA Organization Validation Secure Server CA	`2016-04-12` - `2019-05-27`	3 years	crt.sh
*.3lift.com Amazon	`2018-07-31` - `2019-08-31`	a year	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2018-07-05` - `2019-01-10`	6 months	crt.sh
*.bidswitch.net COMODO RSA Domain Validation Secure Server CA	`2018-03-22` - `2019-05-05`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2018-01-25` - `2019-01-25`	a year	crt.sh
*.rlcdn.com Go Daddy Secure Certificate Authority - G2	`2017-05-08` - `2019-06-21`	2 years	crt.sh
*.openx.net DigiCert ECC Secure Server CA	`2018-04-03` - `2019-04-08`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.refundselection.com/refundselection/
Frame ID: 7CE422AF5550AED97FF38153B7823FF9
Requests: 53 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.refundselection.com/ HTTP 302
https://www.refundselection.com// HTTP 302
https://www.refundselection.com/refundselection HTTP 301
https://www.refundselection.com/refundselection/ Page URL

Detected technologies

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

env /^angular$/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

env /^adroll_/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^moment$/i

SiteCatalyst (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^s_(?:account|objectID|code|INST)$/i

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

env /^Typekit$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Twitter Bootstrap () Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i

Page Statistics

53
Requests

100 %
HTTPS

18 %
IPv6

23
Domains

29
Subdomains

27
IPs

6
Countries

754 kB
Transfer

1870 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.refundselection.com/ HTTP 302
https://www.refundselection.com// HTTP 302
https://www.refundselection.com/refundselection HTTP 301
https://www.refundselection.com/refundselection/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://smetrics.higheroneaccount.com/b/ss/higheroneaccountprod/1/H.26.2-D6L7/s04092169268053?AQB=1&ndh=1&t=17%2F11%2F2018%2014%3A35%3A15%201%200&D=D%3D&fid=4170E4AD8019476A-251F93CED4D358F4&ce=UTF-8&ns=higheroneinc&g=https%3A%2F%2Fwww.refundselection.com%2Frefundselection%2F&cc=USD&server=www.refundselection.com&v4=New&c5=New&v9=D%3Dg&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
https://smetrics.higheroneaccount.com/b/ss/higheroneaccountprod/1/H.26.2-D6L7/s04092169268053?AQB=1&pccr=true&vidn=2E0BDA1205317D3A-6000010BC0000408&&ndh=1&t=17%2F11%2F2018%2014%3A35%3A15%201%200&D=D%3D&fid=4170E4AD8019476A-251F93CED4D358F4&ce=UTF-8&ns=higheroneinc&g=https%3A%2F%2Fwww.refundselection.com%2Frefundselection%2F&cc=USD&server=www.refundselection.com&v4=New&c5=New&v9=D%3Dg&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

Request Chain 34

https://d.adroll.com/pixel/UQP62OWII5HKHHO3IKJTDG/3EBAB2NVHRFJDEFDRWNWLB?adroll_fpc=b445772fdfe5e13ec02b8b5d01a4e148&pv=14570186146.317398&cookie=&adroll_s_ref=&keyw=&arrfrr=https%3A%2F%2Fwww.refundselection.com%2Frefundselection%2F HTTP 302
https://s.adroll.com/pixel/UQP62OWII5HKHHO3IKJTDG/3EBAB2NVHRFJDEFDRWNWLB/UP3EVLAUMZBWBHQ657EG6T.js

Request Chain 37

https://d.adroll.com/cm/aol/out?advertisable=UQP62OWII5HKHHO3IKJTDG HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=YWU1NTk2NzMxZTllM2U3MGM1ZTJmM2QxNGM2MzE1ZjI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=YWU1NTk2NzMxZTllM2U3MGM1ZTJmM2QxNGM2MzE1ZjI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true

Request Chain 38

https://d.adroll.com/cm/index/out?advertisable=UQP62OWII5HKHHO3IKJTDG HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YWU1NTk2NzMxZTllM2U3MGM1ZTJmM2QxNGM2MzE1ZjI&expiration=1576593317 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YWU1NTk2NzMxZTllM2U3MGM1ZTJmM2QxNGM2MzE1ZjI&expiration=1576593317&C=1

Request Chain 39

https://d.adroll.com/cm/n/out?advertisable=UQP62OWII5HKHHO3IKJTDG HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YWU1NTk2NzMxZTllM2U3MGM1ZTJmM2QxNGM2MzE1ZjI&expires=365

Request Chain 40

https://d.adroll.com/cm/outbrain/out?advertisable=UQP62OWII5HKHHO3IKJTDG HTTP 302
https://sync.outbrain.com/adroll/pixel?user_id=YWU1NTk2NzMxZTllM2U3MGM1ZTJmM2QxNGM2MzE1ZjI

Request Chain 41

https://d.adroll.com/cm/pubmatic/out?advertisable=UQP62OWII5HKHHO3IKJTDG HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=YWU1NTk2NzMxZTllM2U3MGM1ZTJmM2QxNGM2MzE1ZjI&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 42

https://d.adroll.com/cm/taboola/out?advertisable=UQP62OWII5HKHHO3IKJTDG HTTP 302
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=YWU1NTk2NzMxZTllM2U3MGM1ZTJmM2QxNGM2MzE1ZjI

Request Chain 43

https://d.adroll.com/cm/triplelift/out?advertisable=UQP62OWII5HKHHO3IKJTDG HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=YWU1NTk2NzMxZTllM2U3MGM1ZTJmM2QxNGM2MzE1ZjI&dongle=c85e HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=YWU1NTk2NzMxZTllM2U3MGM1ZTJmM2QxNGM2MzE1ZjI&dongle=c85e&gdpr=1&cmp_cs=

Request Chain 44

https://d.adroll.com/cm/r/out?advertisable=UQP62OWII5HKHHO3IKJTDG HTTP 302
https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1%26gdpr%3D1%26gdpr_consent%3DBOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 45

https://d.adroll.com/cm/b/out?advertisable=UQP62OWII5HKHHO3IKJTDG HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=YWU1NTk2NzMxZTllM2U3MGM1ZTJmM2QxNGM2MzE1ZjI HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YWU1NTk2NzMxZTllM2U3MGM1ZTJmM2QxNGM2MzE1ZjI

Request Chain 46

https://d.adroll.com/cm/x/out?advertisable=UQP62OWII5HKHHO3IKJTDG HTTP 302
https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid(%27YWU1NTk2NzMxZTllM2U3MGM1ZTJmM2QxNGM2MzE1ZjI%27)

Request Chain 47

https://d.adroll.com/cm/l/out?advertisable=UQP62OWII5HKHHO3IKJTDG HTTP 302
https://idsync.rlcdn.com/377928.gif?partner_uid=ae5596731e9e3e70c5e2f3d14c6315f2

Request Chain 48

https://d.adroll.com/cm/o/out?advertisable=UQP62OWII5HKHHO3IKJTDG HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=ae5596731e9e3e70c5e2f3d14c6315f2 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=ae5596731e9e3e70c5e2f3d14c6315f2

Request Chain 49

https://d.adroll.com/cm/g/out?advertisable=UQP62OWII5HKHHO3IKJTDG&google_nid=adroll5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=rlWWcx6ePnDF4vPRTGMV8g&google_ula=1535926 HTTP 302
https://d.adroll.com/cm/g/in?google_ula=1535926,0

53 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
200

Primary Request

Cookie set / Show response
www.refundselection.com/refundselection/
Redirect Chain

http://www.refundselection.com/
https://www.refundselection.com//
https://www.refundselection.com/refundselection
https://www.refundselection.com/refundselection/

6 KB
3 KB

188ms
187ms

Document
text/html

156.55.92.236
Fidelity National...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.refundselection.com/refundselection/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

156.55.92.236 Milwaukee, United States, ASN18434 (FNIS - Fidelity National Information Services, Inc., US),

Reverse DNS

refundselection.com

Software

Apache /

Resource Hash

a1e4deea5be8d94399ec58f58f519582ce06c7833b0076c1102256aeb1c20893

Security Headers

Name	Value
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Host: www.refundselection.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 17 Dec 2018 14:35:14 GMT
Server: Apache
Set-Cookie: JSESSIONID=A2A0B45A14F4885279E5CF1250617DE4.dsapphvn1-appds04_ds02; Path=/; Secure; HttpOnly mid=imWKyUJaAhpbgNIwkGSneOs7-v1; Max-Age=2147483647; Expires=Sat, 04-Jan-2087 17:49:21 GMT; Path=/; Secure; HttpOnly
X-Frame-Options: sameorigin
X-XSS-Protection: 1; mode=block
Cteonnt-Length: 5651
Keep-Alive: timeout=5, max=79
Connection: Keep-Alive
Content-Type: text/html;charset=UTF-8
Cache-Control: private
Content-Encoding: gzip
Content-Length: 2155

Redirect headers

Date: Mon, 17 Dec 2018 14:35:14 GMT
Server: Apache
Location: https://www.refundselection.com/refundselection/
Content-Length: 256
Keep-Alive: timeout=5, max=80
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 yfk8nia.js Show response
use.typekit.net/ 20 KB
8 KB 126ms
122ms Script
text/javascript 23.38.53.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/yfk8nia.js

Requested by

Host: www.refundselection.com
URL: https://www.refundselection.com/refundselection/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.38.53.224 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-38-53-224.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

6be5b9ab75d86370e1e7283d553b4fdc19320d0cc6141ad784dbacd5d628ce56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://www.refundselection.com/refundselection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
access-control-allow-origin: *
date: Mon, 17 Dec 2018 14:35:14 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
status: 200
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-length: 7609

GET
H/1.1 200
OK satelliteLib-3bb8b9139cfc74f672fa509ac8a0d3f88bc440b0.js Show response
assets.adobedtm.com/fb0d3146aecca79a8befe4c6c1d1562c11505229/ 92 KB
25 KB 66ms
22ms Script
application/x-javascript 23.211.0.20
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/fb0d3146aecca79a8befe4c6c1d1562c11505229/satelliteLib-3bb8b9139cfc74f672fa509ac8a0d3f88bc440b0.js
Requested by: Host: www.refundselection.com
URL: https://www.refundselection.com/refundselection/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.211.0.20 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-211-0-20.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5e56857d5cc7bedd3b4ace3cfe1035630392169cdb01a25655560027afbf14f8

Request headers

Referer: https://www.refundselection.com/refundselection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 17 Dec 2018 14:35:14 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Dec 2016 22:10:05 GMT
Server: Apache
ETag: "04006a71029e7cdac92cf7298badf6ff:1481667005"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *, *, *, *, *
Content-Length: 25394
Expires: Mon, 17 Dec 2018 15:35:14 GMT

GET
H/1.1 200
OK at.js Show response
www.refundselection.com/scripts/ 126 KB
126 KB 173ms
171ms Script
application/javascript 156.55.92.236
Fidelity National...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.refundselection.com/scripts/at.js
Requested by: Host: www.refundselection.com
URL: https://www.refundselection.com/refundselection/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 156.55.92.236 Milwaukee, United States, ASN18434 (FNIS - Fidelity National Information Services, Inc., US),
Reverse DNS: refundselection.com
Software: Apache /
Resource Hash: 8d65ad481496fe91333b56b3e3f92404a17ba2dddb5f29b8a17201b4af730cc7

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.refundselection.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.refundselection.com/refundselection/
Cookie: JSESSIONID=A2A0B45A14F4885279E5CF1250617DE4.dsapphvn1-appds04_ds02; mid=imWKyUJaAhpbgNIwkGSneOs7-v1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.refundselection.com/refundselection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 17 Dec 2018 14:35:14 GMT
Last-Modified: Thu, 15 Nov 2018 19:02:36 GMT
Server: Apache
ETag: "1f883-57ab8b19d4b00"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=78
Content-Length: 129155

GET
H/1.1 200
200 bootstrap.min.css
www.refundselection.com/refundselection/css/ 107 KB
20 KB 633ms
173ms Stylesheet
text/css 156.55.92.236
Fidelity National...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.refundselection.com/refundselection/css/bootstrap.min.css

Requested by

Host: www.refundselection.com
URL: https://www.refundselection.com/refundselection/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

156.55.92.236 Milwaukee, United States, ASN18434 (FNIS - Fidelity National Information Services, Inc., US),

Reverse DNS

refundselection.com

Software

Apache /

Resource Hash

b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732

Security Headers

Name	Value
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.refundselection.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://www.refundselection.com/refundselection/
Cookie: JSESSIONID=A2A0B45A14F4885279E5CF1250617DE4.dsapphvn1-appds04_ds02; mid=imWKyUJaAhpbgNIwkGSneOs7-v1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.refundselection.com/refundselection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Cteonnt-Length: 109518
Date: Mon, 17 Dec 2018 14:35:14 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Nov 2018 19:02:36 GMT
Server: Apache
ETag: W/"109518-1542308556000"
X-Frame-Options: sameorigin
Content-Type: text/css
Cache-Control: private
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
200 activation.css
www.refundselection.com/refundselection/css/ 31 KB
8 KB 632ms
171ms Stylesheet
text/css 156.55.92.236
Fidelity National...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.refundselection.com/refundselection/css/activation.css

Requested by

Host: www.refundselection.com
URL: https://www.refundselection.com/refundselection/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

156.55.92.236 Milwaukee, United States, ASN18434 (FNIS - Fidelity National Information Services, Inc., US),

Reverse DNS

refundselection.com

Software

Apache /

Resource Hash

017d70952475751f98682ed0734430dd8073aec196f65bf8abe3f61882bac09b

Security Headers

Name	Value
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.refundselection.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://www.refundselection.com/refundselection/
Cookie: JSESSIONID=A2A0B45A14F4885279E5CF1250617DE4.dsapphvn1-appds04_ds02; mid=imWKyUJaAhpbgNIwkGSneOs7-v1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.refundselection.com/refundselection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 17 Dec 2018 14:35:14 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Nov 2018 19:02:36 GMT
Server: Apache
ETag: W/"31860-1542308556000"
ntCoent-Length: 31860
X-Frame-Options: sameorigin
Content-Type: text/css
Cache-Control: private
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=66
Content-Length: 8042
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
200 animate.css
www.refundselection.com/refundselection/css/ 71 KB
6 KB 636ms
174ms Stylesheet
text/css 156.55.92.236
Fidelity National...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.refundselection.com/refundselection/css/animate.css

Requested by

Host: www.refundselection.com
URL: https://www.refundselection.com/refundselection/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

156.55.92.236 Milwaukee, United States, ASN18434 (FNIS - Fidelity National Information Services, Inc., US),

Reverse DNS

refundselection.com

Software

Apache /

Resource Hash

e948e5869da246bfe815e9957eb26f2782c0954928aa6b073cc1243e9ad8821e

Security Headers

Name	Value
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.refundselection.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://www.refundselection.com/refundselection/
Cookie: JSESSIONID=A2A0B45A14F4885279E5CF1250617DE4.dsapphvn1-appds04_ds02; mid=imWKyUJaAhpbgNIwkGSneOs7-v1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.refundselection.com/refundselection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 17 Dec 2018 14:35:14 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Nov 2018 19:02:36 GMT
Server: Apache
ETag: W/"73121-1542308556000"
ntCoent-Length: 73121
X-Frame-Options: sameorigin
Content-Type: text/css
Cache-Control: private
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
200 media-queries.css
www.refundselection.com/refundselection/css/ 23 KB
5 KB 642ms
177ms Stylesheet
text/css 156.55.92.236
Fidelity National...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.refundselection.com/refundselection/css/media-queries.css

Requested by

Host: www.refundselection.com
URL: https://www.refundselection.com/refundselection/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

156.55.92.236 Milwaukee, United States, ASN18434 (FNIS - Fidelity National Information Services, Inc., US),

Reverse DNS

refundselection.com

Software

Apache /

Resource Hash

835b631f99d46a39b5aadbb28a7598fa89720ffbb56ede452d9b05f3e22d2b2f

Security Headers

Name	Value
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.refundselection.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://www.refundselection.com/refundselection/
Cookie: JSESSIONID=A2A0B45A14F4885279E5CF1250617DE4.dsapphvn1-appds04_ds02; mid=imWKyUJaAhpbgNIwkGSneOs7-v1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.refundselection.com/refundselection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 17 Dec 2018 14:35:14 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Nov 2018 19:02:36 GMT
Server: Apache
ETag: W/"23330-1542308556000"
ntCoent-Length: 23330
X-Frame-Options: sameorigin
Content-Type: text/css
Cache-Control: private
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=65
Content-Length: 4942
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
200 activation5.css
www.refundselection.com/refundselection/css/ 102 KB
18 KB 647ms
181ms Stylesheet
text/css 156.55.92.236
Fidelity National...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.refundselection.com/refundselection/css/activation5.css

Requested by

Host: www.refundselection.com
URL: https://www.refundselection.com/refundselection/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

156.55.92.236 Milwaukee, United States, ASN18434 (FNIS - Fidelity National Information Services, Inc., US),

Reverse DNS

refundselection.com

Software

Apache /

Resource Hash

6a265be4d41911cfc2a20d485ffbea946a8d617d87bb5682fa6a3a80f2be37ce

Security Headers

Name	Value
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.refundselection.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://www.refundselection.com/refundselection/
Cookie: JSESSIONID=A2A0B45A14F4885279E5CF1250617DE4.dsapphvn1-appds04_ds02; mid=imWKyUJaAhpbgNIwkGSneOs7-v1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.refundselection.com/refundselection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Cteonnt-Length: 104198
Date: Mon, 17 Dec 2018 14:35:14 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Nov 2018 22:16:12 GMT
Server: Apache
ETag: W/"104198-1543529772000"
X-Frame-Options: sameorigin
Content-Type: text/css
Cache-Control: private
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=87
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
200 compressedGenLib.js Show response
www.refundselection.com/sbundles/gzip_N1331199678/bundles/ 458 KB
145 KB 680ms
171ms Script
text/javascript 156.55.92.236
Fidelity National...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.refundselection.com/sbundles/gzip_N1331199678/bundles/compressedGenLib.js

Requested by

Host: www.refundselection.com
URL: https://www.refundselection.com/refundselection/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

156.55.92.236 Milwaukee, United States, ASN18434 (FNIS - Fidelity National Information Services, Inc., US),

Reverse DNS

refundselection.com

Software

Apache /

Resource Hash

04e4de9266d6c2b2eca15026812b7a8926dd95ff45f393de1a42a21c9a4c48ee

Security Headers

Name	Value
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.refundselection.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.refundselection.com/refundselection/
Cookie: JSESSIONID=A2A0B45A14F4885279E5CF1250617DE4.dsapphvn1-appds04_ds02; mid=imWKyUJaAhpbgNIwkGSneOs7-v1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.refundselection.com/refundselection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 17 Dec 2018 14:35:15 GMT
Content-Encoding: gzip
Last-Modified: Sun, 06 Nov 2005 12:00:00 GMT
Server: Apache
ETag: 2740050219
X-Frame-Options: sameorigin
Content-Type: text/javascript;charset=UTF-8
Cache-Control: public, max-age=315360000, post-check=315360000, pre-check=315360000
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=77
X-XSS-Protection: 1; mode=block
Expires: Sun, 17 Dec 2028 14:35:15 GMT

GET
H/1.1 200
200 compressedStyleLib.js Show response
www.refundselection.com/sbundles/gzip_N193473758/bundles/ 38 KB
12 KB 802ms
170ms Script
text/javascript 156.55.92.236
Fidelity National...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.refundselection.com/sbundles/gzip_N193473758/bundles/compressedStyleLib.js

Requested by

Host: www.refundselection.com
URL: https://www.refundselection.com/refundselection/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

156.55.92.236 Milwaukee, United States, ASN18434 (FNIS - Fidelity National Information Services, Inc., US),

Reverse DNS

refundselection.com

Software

Apache /

Resource Hash

f64d427c92523c7e3f2b0ec8f799747715f61c0d234e206c18001908afe8c78c

Security Headers

Name	Value
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.refundselection.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.refundselection.com/refundselection/
Cookie: JSESSIONID=A2A0B45A14F4885279E5CF1250617DE4.dsapphvn1-appds04_ds02; mid=imWKyUJaAhpbgNIwkGSneOs7-v1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.refundselection.com/refundselection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 17 Dec 2018 14:35:15 GMT
Content-Encoding: gzip
Last-Modified: Sun, 06 Nov 2005 12:00:00 GMT
Server: Apache
ETag: 2740050219
X-Frame-Options: sameorigin
Content-Type: text/javascript;charset=UTF-8
Cache-Control: public, max-age=315360000, post-check=315360000, pre-check=315360000
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=84
X-XSS-Protection: 1; mode=block
Expires: Sun, 17 Dec 2028 14:35:15 GMT

GET
H/1.1 200
200 app.js Show response
www.refundselection.com/sbundles/gzip_N1315391206/bundles/ 90 KB
20 KB 806ms
171ms Script
text/javascript 156.55.92.236
Fidelity National...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.refundselection.com/sbundles/gzip_N1315391206/bundles/app.js

Requested by

Host: www.refundselection.com
URL: https://www.refundselection.com/refundselection/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

156.55.92.236 Milwaukee, United States, ASN18434 (FNIS - Fidelity National Information Services, Inc., US),

Reverse DNS

refundselection.com

Software

Apache /

Resource Hash

c586277151b548efbf9159569c9c86b52d5dd66a67a65d2659e146add71822ce

Security Headers

Name	Value
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.refundselection.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.refundselection.com/refundselection/
Cookie: JSESSIONID=A2A0B45A14F4885279E5CF1250617DE4.dsapphvn1-appds04_ds02; mid=imWKyUJaAhpbgNIwkGSneOs7-v1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.refundselection.com/refundselection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 17 Dec 2018 14:35:15 GMT
Content-Encoding: gzip
Last-Modified: Sun, 06 Nov 2005 12:00:00 GMT
Server: Apache
ETag: 2740050219
X-Frame-Options: sameorigin
Content-Type: text/javascript;charset=UTF-8
Cache-Control: public, max-age=315360000, post-check=315360000, pre-check=315360000
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=89
X-XSS-Protection: 1; mode=block
Expires: Sun, 17 Dec 2028 14:35:15 GMT

GET
H/1.1 200
OK mbox-contents-81c9b7e63ccadde0d0281c1cf5f25d2de48588d5.js Show response
assets.adobedtm.com/fb0d3146aecca79a8befe4c6c1d1562c11505229/ 126 KB
45 KB 22ms
21ms Script
application/x-javascript 23.211.0.20
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/fb0d3146aecca79a8befe4c6c1d1562c11505229/mbox-contents-81c9b7e63ccadde0d0281c1cf5f25d2de48588d5.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/fb0d3146aecca79a8befe4c6c1d1562c11505229/satelliteLib-3bb8b9139cfc74f672fa509ac8a0d3f88bc440b0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.211.0.20 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-211-0-20.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8d65ad481496fe91333b56b3e3f92404a17ba2dddb5f29b8a17201b4af730cc7

Request headers

Referer: https://www.refundselection.com/refundselection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 17 Dec 2018 14:35:14 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Dec 2016 22:10:05 GMT
Server: Apache
ETag: "528f9ce9b9399d14069b398568f9ff70:1481667005"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
Timing-Allow-Origin: *, *, *, *
Expires: Mon, 17 Dec 2018 15:35:14 GMT

GET
H2 200 json Show response
higherone.tt.omtrdc.net/m2/higherone/mbox/ 333 B
602 B 140ms
69ms XHR
application/json 66.117.29.3
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://higherone.tt.omtrdc.net/m2/higherone/mbox/json?screenHeight=1200&screenWidth=1600&colorDepth=24&browserWidth=1600&browserHeight=1200&browserTimeOffset=0&mboxPage=0b134f70231c4fc28e7a9fa365a39660&mboxVersion=0.9.3&mboxHost=www.refundselection.com&mboxURL=https%3A%2F%2Fwww.refundselection.com%2Frefundselection%2F&mboxReferrer=&mboxSession=6301afcadf7b4ce09b0f5abe314fa183&mboxPC=&mboxTime=1545057314653&mbox=target-global-mbox&mboxCount=1
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/fb0d3146aecca79a8befe4c6c1d1562c11505229/mbox-contents-81c9b7e63ccadde0d0281c1cf5f25d2de48588d5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.117.29.3 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
Software: /
Resource Hash: 919d7d452a12c00f65df0c370c7cd5e701827de7107ee901926ad1c05d9b9c38

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.refundselection.com/refundselection/
Origin: https://www.refundselection.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Dec 2018 14:35:14 GMT
status: 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.refundselection.com
cache-control: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 333
x-request-id: 35fbdfda-09ab-439b-9ad5-e01360bfb8f2

GET
H2 200 json Show response
higherone.tt.omtrdc.net/m2/higherone/mbox/ 332 B
404 B 21ms
21ms XHR
application/json 66.117.29.3
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://higherone.tt.omtrdc.net/m2/higherone/mbox/json?screenHeight=1200&screenWidth=1600&colorDepth=24&browserWidth=1600&browserHeight=1200&browserTimeOffset=0&mboxPage=8ab03ce2cf1c47bd860593cf05358c01&mboxVersion=0.9.3&mboxHost=www.refundselection.com&mboxURL=https%3A%2F%2Fwww.refundselection.com%2Frefundselection%2F&mboxReferrer=&mboxSession=b0e43ef5d2924b5f86418c5644a8a90e&mboxPC=&mboxTime=1545057314962&mbox=target-global-mbox&mboxCount=1
Requested by: Host: www.refundselection.com
URL: https://www.refundselection.com/scripts/at.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.117.29.3 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
Software: /
Resource Hash: 52cf6a8bf76b2a6a9deab85077ea96de7a9bbda5e317c6c548bfd19ff6859d3a

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.refundselection.com/refundselection/
Origin: https://www.refundselection.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Dec 2018 14:35:14 GMT
status: 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.refundselection.com
cache-control: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 332
x-request-id: 7c67027b-ae63-4973-98f0-796c70d16c8f

POST
H/1.1 403
403 Cookie set ccvfConstraint Show response
www.refundselection.com/rsws/ 1 KB
2 KB 195ms
194ms XHR
text/html 156.55.92.236
Fidelity National...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.refundselection.com/rsws/ccvfConstraint

Requested by

Host: www.refundselection.com
URL: https://www.refundselection.com/sbundles/gzip_N1331199678/bundles/compressedGenLib.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

156.55.92.236 Milwaukee, United States, ASN18434 (FNIS - Fidelity National Information Services, Inc., US),

Reverse DNS

refundselection.com

Software

Apache /

Resource Hash

da89bd3eac48868537b4708c16b6f997d59d3272b420dab96e16887c7b28e387

Security Headers

Name	Value
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Origin: https://www.refundselection.com
Accept-Encoding: gzip, deflate, br
X-CSRF-Token: 87c17aee-f013-4eba-a66f-da846014b349
Host: www.refundselection.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/json
Accept: */*
Cache-Control: no-cache
X-Requested-With: XMLHttpRequest
Cookie: mbox=session#b0e43ef5d2924b5f86418c5644a8a90e#1545059175|PC#b0e43ef5d2924b5f86418c5644a8a90e.26_3#1608302115
Connection: keep-alive
Referer: https://www.refundselection.com/refundselection/
Content-Length: 217
Accept: */*
Referer: https://www.refundselection.com/refundselection/
Origin: https://www.refundselection.com
X-CSRF-Token: 87c17aee-f013-4eba-a66f-da846014b349
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-Requested-With: XMLHttpRequest
Content-Type: application/json

Response headers

Date: Mon, 17 Dec 2018 14:35:15 GMT
Server: Apache
X-Frame-Options: sameorigin
Content-Language: en
Set-Cookie: JSESSIONID=8F2852EE1E8444239BED74AE8F2C4A8F.dsapphvn1-appds03_ds02; Path=/; Secure; HttpOnly mid=GQeRtqVEgwOw7fl6TMN0ihJV-v1; Max-Age=2147483647; Expires=Sat, 04-Jan-2087 17:49:22 GMT; Path=/; Secure; HttpOnly
Connection: Keep-Alive
Content-Type: text/html;charset=utf-8
Keep-Alive: timeout=5, max=74
Content-Length: 1061
X-XSS-Protection: 1; mode=block

GET
H2 200 l
use.typekit.net/af/919204/00000000000000003b9aefc2/27/ 31 KB
32 KB 13ms
13ms Font
application/font-woff2 23.38.53.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/919204/00000000000000003b9aefc2/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/yfk8nia.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.38.53.224 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-38-53-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 363ddcdad8fa8db6500ad554923cc22ab4bf968c15aa09c63e26a74cd5556b62

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.refundselection.com/refundselection/
Origin: https://www.refundselection.com

Response headers

date: Mon, 17 Dec 2018 14:35:15 GMT
server: nginx
access-control-allow-origin: *
etag: "e5c1837b5e8ba53b851934a88258676056eab6fa"
content-type: application/font-woff2
status: 200, 200 OK
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 32072

GET
H2 200 l
use.typekit.net/af/ef3ae3/00000000000000003b9aefc3/27/ 33 KB
33 KB 20ms
19ms Font
application/font-woff2 23.38.53.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/ef3ae3/00000000000000003b9aefc3/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/yfk8nia.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.38.53.224 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-38-53-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 3e26e046f6e08fda02a0ec7f73f44d2f64267bb9dd030ee815f32279f7ebd758

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.refundselection.com/refundselection/
Origin: https://www.refundselection.com

Response headers

date: Mon, 17 Dec 2018 14:35:15 GMT
server: nginx
access-control-allow-origin: *
etag: "b3ed0e219c2e84ba1e84f14a9375ec9d99c2bf65"
content-type: application/font-woff2
status: 200, 200 OK
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 33592

GET
H2 200 l
use.typekit.net/af/af96c8/00000000000000003b9aefc0/27/ 31 KB
31 KB 25ms
24ms Font
application/font-woff2 23.38.53.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/af96c8/00000000000000003b9aefc0/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/yfk8nia.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.38.53.224 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-38-53-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1e71dfd2075bdd8ab13805b0c9bc396c00c1a3d982d3e9ddde63ccfaf4f2eaaf

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.refundselection.com/refundselection/
Origin: https://www.refundselection.com

Response headers

date: Mon, 17 Dec 2018 14:35:15 GMT
server: nginx
access-control-allow-origin: *
etag: "625d31c6ff36363142e14c9d9cf9f2747ce3803a"
content-type: application/font-woff2
status: 200, 200 OK
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 31984

GET
H2 200 l
use.typekit.net/af/20aa1e/00000000000000003b9aefc1/27/ 33 KB
33 KB 26ms
26ms Font
application/font-woff2 23.38.53.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/20aa1e/00000000000000003b9aefc1/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/yfk8nia.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.38.53.224 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-38-53-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1ccdbe5fba95906eb04fed55b6d5fe05d4130f09d1ef62a2a195b07bfcd20d98

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.refundselection.com/refundselection/
Origin: https://www.refundselection.com

Response headers

date: Mon, 17 Dec 2018 14:35:15 GMT
server: nginx
access-control-allow-origin: *
etag: "0a37e0f13f84c73347be23130bb6d2063bc1d8a8"
content-type: application/font-woff2
status: 200, 200 OK
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 33796

GET
H2 200 l
use.typekit.net/af/b230ac/00000000000000000000ec0f/27/ 15 KB
15 KB 29ms
29ms Font
application/font-woff2 23.38.53.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/b230ac/00000000000000000000ec0f/27/l?subset_id=2&fvd=n1&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/yfk8nia.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.38.53.224 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-38-53-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c5c9fb8abc90fb7bf1b95d10f8bbdc304223e9ae82a72b90f38da328dbd10c9e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.refundselection.com/refundselection/
Origin: https://www.refundselection.com

Response headers

date: Mon, 17 Dec 2018 14:35:15 GMT
server: nginx
access-control-allow-origin: *
etag: "04dbb0ef698831b8dd45e2a93307e8a259ea883e"
content-type: application/font-woff2
status: 200, 200 OK
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 15180

GET
H2 200 l
use.typekit.net/af/53dec0/0000000000000000000100fe/27/ 16 KB
16 KB 32ms
32ms Font
application/font-woff2 23.38.53.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/53dec0/0000000000000000000100fe/27/l?subset_id=2&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/yfk8nia.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.38.53.224 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-38-53-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8380f8262369601af5a77d9b675552065e3fe95d08d309ee80f684aedfa550e4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.refundselection.com/refundselection/
Origin: https://www.refundselection.com

Response headers

date: Mon, 17 Dec 2018 14:35:15 GMT
server: nginx
access-control-allow-origin: *
etag: "5f991e009edb25dd5037028bd5fd8f93e770f483"
content-type: application/font-woff2
status: 200, 200 OK
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 16292

GET
H2 200 l
use.typekit.net/af/aa4f4e/000000000000000000012043/27/ 25 KB
25 KB 33ms
33ms Font
application/font-woff2 23.38.53.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/aa4f4e/000000000000000000012043/27/l?subset_id=2&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/yfk8nia.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.38.53.224 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-38-53-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b5bb676613a05928e232626d1d29e0a9c42262b08a6533384d5acb89d9c747cf

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.refundselection.com/refundselection/
Origin: https://www.refundselection.com

Response headers

date: Mon, 17 Dec 2018 14:35:15 GMT
server: nginx
access-control-allow-origin: *
etag: "61cf0bf3fc0c3830c335d57cda7b65c48e7cb4ce"
content-type: application/font-woff2
status: 200, 200 OK
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 25344

GET
H/1.1 200
OK s-code-contents-4efec383e2f864d9ccc747e0c3f7b3035bf78881.js Show response
assets.adobedtm.com/fb0d3146aecca79a8befe4c6c1d1562c11505229/ 38 KB
16 KB 17ms
17ms Script
application/x-javascript 23.211.0.20
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/fb0d3146aecca79a8befe4c6c1d1562c11505229/s-code-contents-4efec383e2f864d9ccc747e0c3f7b3035bf78881.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/fb0d3146aecca79a8befe4c6c1d1562c11505229/satelliteLib-3bb8b9139cfc74f672fa509ac8a0d3f88bc440b0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.211.0.20 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-211-0-20.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 4c4338687dee1a59ddd7ffd121d9799d2434782eb99760eb2ce72d23533aa3aa

Request headers

Referer: https://www.refundselection.com/refundselection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 17 Dec 2018 14:35:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Dec 2016 22:10:05 GMT
Server: Apache
ETag: "7f5b8f5d5d879b9bb943c457d3ff46f4:1481667005"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *, *, *, *, *, *, *, *
Content-Length: 15343
Expires: Mon, 17 Dec 2018 15:35:15 GMT

GET
H/1.1

200
OK

s04092169268053
smetrics.higheroneaccount.com/b/ss/higheroneaccountprod/1/H.26.2-D6L7/
Redirect Chain

https://smetrics.higheroneaccount.com/b/ss/higheroneaccountprod/1/H.26.2-D6L7/s04092169268053?AQB=1&ndh=1&t=17%2F11%2F2018%2014%3A35%3A15%201%200&D=D%3D&fid=4170E4AD8019476A-251F93CED4D358F4&ce=UTF...
https://smetrics.higheroneaccount.com/b/ss/higheroneaccountprod/1/H.26.2-D6L7/s04092169268053?AQB=1&pccr=true&vidn=2E0BDA1205317D3A-6000010BC0000408&&ndh=1&t=17%2F11%2F2018%2014%3A35%3A15%201%200&D...

43 B
754 B

29ms
29ms

Image
image/gif

185.34.188.75
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smetrics.higheroneaccount.com/b/ss/higheroneaccountprod/1/H.26.2-D6L7/s04092169268053?AQB=1&pccr=true&vidn=2E0BDA1205317D3A-6000010BC0000408&&ndh=1&t=17%2F11%2F2018%2014%3A35%3A15%201%200&D=D%3D&fid=4170E4AD8019476A-251F93CED4D358F4&ce=UTF-8&ns=higheroneinc&g=https%3A%2F%2Fwww.refundselection.com%2Frefundselection%2F&cc=USD&server=www.refundselection.com&v4=New&c5=New&v9=D%3Dg&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

Requested by

Host: www.refundselection.com
URL: https://www.refundselection.com/refundselection/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.34.188.75 , Netherlands, ASN15224 (OMNITURE - Adobe Systems Inc., US),

Reverse DNS

higheroneaccount.com.ssl.d1.sc.omtrdc.net

Software

Omniture DC/2.0.0 /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.refundselection.com/refundselection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 17 Dec 2018 14:35:16 GMT
X-Content-Type-Options: nosniff
X-C: ms-6.5.1
P3P: CP="This is not a P3P policy"
Connection: Keep-Alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Tue, 18 Dec 2018 14:35:16 GMT
Server: Omniture DC/2.0.0
xserver: www94
ETag: "3317985321419866112-6867779475484967955"
Vary: *
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, no-transform, private
Keep-Alive: timeout=15
Expires: Sun, 16 Dec 2018 14:35:16 GMT

Redirect headers

Date: Mon, 17 Dec 2018 14:35:16 GMT
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
X-C: ms-6.5.1
P3P: CP="This is not a P3P policy"
Connection: Keep-Alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Tue, 18 Dec 2018 14:35:16 GMT
Server: Omniture DC/2.0.0
xserver: www94
Content-Type: text/plain
Location: https://smetrics.higheroneaccount.com/b/ss/higheroneaccountprod/1/H.26.2-D6L7/s04092169268053?AQB=1&pccr=true&vidn=2E0BDA1205317D3A-6000010BC0000408&&ndh=1&t=17%2F11%2F2018%2014%3A35%3A15%201%200&D=D%3D&fid=4170E4AD8019476A-251F93CED4D358F4&ce=UTF-8&ns=higheroneinc&g=https%3A%2F%2Fwww.refundselection.com%2Frefundselection%2F&cc=USD&server=www.refundselection.com&v4=New&c5=New&v9=D%3Dg&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
Cache-Control: no-cache, no-store, max-age=0, no-transform, private
Keep-Alive: timeout=15
Expires: Sun, 16 Dec 2018 14:35:16 GMT

GET
H/1.1 200
OK p.gif
p.typekit.net/ 35 B
367 B 7ms
6ms Image
image/gif 2a02:26f0:6c00:196::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=yfk8nia&ht=tk&h=www.refundselection.com&f=173.174.175.176.2026.2028.2030&a=2041126&js=1.19.2&app=typekit&e=js&_=1545057315777
Requested by: Host: www.refundselection.com
URL: https://www.refundselection.com/refundselection/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:196::19fd , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer: https://www.refundselection.com/refundselection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 17 Dec 2018 14:35:15 GMT
Last-Modified: Thu, 12 Jul 2018 18:52:08 GMT
Server: nginx
ETag: "5b47a358-23"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35
Expires: Wed, 05 Dec 2018 15:09:53 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 32 KB
11 KB 87ms
22ms Script
text/javascript 2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.refundselection.com
URL: https://www.refundselection.com/refundselection/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: ecf74f827a3f7ff4c8e718bfac1591c46ae9bb3c2f56782e56d783fe8e08089b

Request headers

Referer: https://www.refundselection.com/refundselection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: 39tn_AebqRF_U41IkOA_qLVkPWXUce5S
Content-Encoding: gzip
x-amz-request-id: 91B5D05CA86F4F91
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 600
Date: Mon, 17 Dec 2018 14:35:16 GMT
Connection: keep-alive
Content-Length: 10327
x-amz-id-2: qdD9/HZgL1Qa1JRU5xJvaHX5PNP836Kmj0sIrdW9+23WBKmZedFeYFA+2maCHTi/2183gEBWV70=
Last-Modified: Thu, 06 Dec 2018 16:29:41 GMT
Server: AmazonS3
ETag: "26f3d6cad93fa863d92ab072d9fd9a75"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK UQP62OWII5HKHHO3IKJTDG Show response
d.adroll.com/consent/check/ 40 B
200 B 137ms
31ms Script
application/javascript 54.246.126.140
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/UQP62OWII5HKHHO3IKJTDG?_s=715ee8f9173b3bb175ca5a34c23af980
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.126.140 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-246-126-140.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 867bd168728faba904fe15de941932d1d7537130b0edb918970901435cf39929

Request headers

Referer: https://www.refundselection.com/refundselection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 17 Dec 2018 14:35:16 GMT
Server: nginx/1.12.1
Connection: keep-alive
Content-Length: 40
Content-Type: application/javascript

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/exp/UQP62OWII5HKHHO3IKJTDG/ 37 B
712 B 250ms
250ms Script
application/json 2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/UQP62OWII5HKHHO3IKJTDG/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2fb574e7bb951deb621f32ec4a6d95faa84d74218fdfaf60f77333c5c106b185

Request headers

Referer: https://www.refundselection.com/refundselection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: wocid16AVCpCyJYwsmJ5OGVEX.67Mtws
x-amz-request-id: AA53B9C962A16DAA
x-amz-server-side-encryption: AES256
Date: Mon, 17 Dec 2018 14:35:16 GMT
Connection: keep-alive
Content-Length: 37
x-amz-id-2: D0R2CS0ghdIEJEJm6eOYEDF+q60OGQ7BBOF2XY+6lsOBPwJzr+9mOMsbKuXu4MoOpq+6MPwZo6U=
Last-Modified: Sat, 08 Dec 2018 20:00:17 GMT
Server: AmazonS3
ETag: "3e831ba8e3905ef1055f66e223ec3042"
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 c.min.js Show response
pixel.cdnwidget.com/cdn/ 77 KB
24 KB 92ms
11ms Script
text/javascript 2600:9000:2047:b800:b:6d87:aa40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.cdnwidget.com/cdn/c.min.js?data-gdis=1&data-apikey=afaa2674&id=c.js&data-adcb=adroll_callback_adcb
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2047:b800:b:6d87:aa40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8e1634378db4493b3296b8eed71d6f40d3ffc6e4b0e974d3eb5011e1e0857bef

Request headers

Referer: https://www.refundselection.com/refundselection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 14 Dec 2018 19:31:39 GMT
content-encoding: gzip
last-modified: Fri, 14 Dec 2018 18:04:56 GMT
server: AmazonS3
age: 241418
etag: "54ed94087af88f6337b38e2e46cb00bc"
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
status: 200
cache-control: public,max-age=259200,no-transform
accept-ranges: bytes
content-length: 24492
via: 1.1 c483a0db2609b3ac0bb94a739fe72cc7.cloudfront.net (CloudFront)
x-amz-cf-id: xz5gkoVbNfeUUywENMsiGxnRm2a1-toOst64AkgVvluk0OD45bYl5g==

GET
H/1.1 200
OK / Show response
data.cdnbasket.net/ 100 B
425 B 575ms
245ms XHR
application/json 35.190.94.112
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://data.cdnbasket.net/
Requested by: Host: pixel.cdnwidget.com
URL: https://pixel.cdnwidget.com/cdn/c.min.js?data-gdis=1&data-apikey=afaa2674&id=c.js&data-adcb=adroll_callback_adcb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.94.112 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 112.94.190.35.bc.googleusercontent.com
Software: /
Resource Hash: f6623c6df8da6b9499297b74af30ba965d4d94c62ab7d7e45e02625e2a38fa09

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.refundselection.com/refundselection/
Origin: https://www.refundselection.com

Response headers

Pragma: no-cache
Date: Mon, 17 Dec 2018 14:35:17 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
page.cdnbasket.net/ 57 B
382 B 439ms
107ms XHR
application/json 107.178.240.136
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://page.cdnbasket.net/
Requested by: Host: pixel.cdnwidget.com
URL: https://pixel.cdnwidget.com/cdn/c.min.js?data-gdis=1&data-apikey=afaa2674&id=c.js&data-adcb=adroll_callback_adcb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.178.240.136 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 136.240.178.107.bc.googleusercontent.com
Software: /
Resource Hash: f8df28ffab35d9e6aa3a2749015435f0ae27c2abc4a8ee181ad9f14b73614c97

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.refundselection.com/refundselection/
Origin: https://www.refundselection.com

Response headers

Pragma: no-cache
Date: Mon, 17 Dec 2018 14:35:17 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
view.cdnbasket.net/ 100 B
425 B 578ms
244ms XHR
application/json 35.186.240.235
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://view.cdnbasket.net/
Requested by: Host: pixel.cdnwidget.com
URL: https://pixel.cdnwidget.com/cdn/c.min.js?data-gdis=1&data-apikey=afaa2674&id=c.js&data-adcb=adroll_callback_adcb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.240.235 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 235.240.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 3f333a6f1ad5111172809b8b8e7022703eb7cdd32360170283ff7fcef0916321

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.refundselection.com/refundselection/
Origin: https://www.refundselection.com

Response headers

Pragma: no-cache
Date: Mon, 17 Dec 2018 14:35:17 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H2 200 c Show response
ids.cdnwidget.com/ 37 B
183 B 169ms
117ms XHR
application/json 130.211.47.17
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ids.cdnwidget.com/c?cookieID=&deviceID=&iv=&v=&GCH1=5ea3797c449f3116f18ad857999c92de&SCH1=fe101234c8682cbcfeadd2db898019e5&GCS1=016001084&GCS2=MTQ4LjI1MS40NS4xNzAsMmEwMTo0Zjg6MjAyOmE5Ojoy&pe=false&log=%7B%22config%22%3A%7B%22gmEN%22%3Afalse%2C%22pixEN%22%3Afalse%2C%22graphEN%22%3Afalse%7D%2C%22apikey%22%3A%22afaa2674%22%2C%22cjsversion%22%3A%221.5.16%22%2C%22loadID%22%3A%22dUvwA0BWLfoy3qj%22%2C%22timing%22%3A%7B%22sessionStorageLoad%22%3A3%2C%22IDStageStart%22%3A3%2C%22netComplete%22%3A115%2C%22obsReq1%22%3A445%2C%22obsReq0%22%3A582%2C%22obsReq2%22%3A584%2C%22IDStagePrefire%22%3A585%7D%2C%22matches%22%3A%7B%22cookie%22%3Afalse%2C%22LS%22%3Afalse%7D%2C%22info%22%3A%7B%22isSpoofed%22%3Atrue%2C%22PM%22%3Afalse%2C%22DNT%22%3Afalse%2C%22deviceTimezone%22%3A0%2C%22extensionID%22%3Anull%2C%22externalID%22%3Anull%7D%7D
Requested by: Host: pixel.cdnwidget.com
URL: https://pixel.cdnwidget.com/cdn/c.min.js?data-gdis=1&data-apikey=afaa2674&id=c.js&data-adcb=adroll_callback_adcb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.211.47.17 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 17.47.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 33207c82efa045da3fbae51ad279020135b038e8a581fa89b34dd9faada6fb62

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.refundselection.com/refundselection/
Origin: https://www.refundselection.com

Response headers

status: 200
date: Mon, 17 Dec 2018 14:35:17 GMT
via: 1.1 google
access-control-allow-credentials: true
access-control-allow-origin: https://www.refundselection.com
alt-svc: clear
content-type: application/json

GET
H2 204 cjs-logger
e.cdnwidget.com/ 0
49 B 144ms
113ms Image
image/png 130.211.47.17
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.cdnwidget.com/cjs-logger?source=ID%20generation%20error&severity=Warning&error=Not%2520Allowed%2520on%2520EU%2520traffic&cookieID=&deviceID=&BXWID=&warpspeed=afaa2674&loadID=dUvwA0BWLfoy3qj&version=1.5.16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.211.47.17 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 17.47.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.refundselection.com/refundselection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 204
date: Mon, 17 Dec 2018 14:35:17 GMT
via: 1.1 google
alt-svc: clear
content-type: image/png

GET
H/1.1

200
OK

UP3EVLAUMZBWBHQ657EG6T.js Show response
s.adroll.com/pixel/UQP62OWII5HKHHO3IKJTDG/3EBAB2NVHRFJDEFDRWNWLB/
Redirect Chain

https://d.adroll.com/pixel/UQP62OWII5HKHHO3IKJTDG/3EBAB2NVHRFJDEFDRWNWLB?adroll_fpc=b445772fdfe5e13ec02b8b5d01a4e148&pv=14570186146.317398&cookie=&adroll_s_ref=&keyw=&arrfrr=https%3A%2F%2Fwww.refun...
https://s.adroll.com/pixel/UQP62OWII5HKHHO3IKJTDG/3EBAB2NVHRFJDEFDRWNWLB/UP3EVLAUMZBWBHQ657EG6T.js

5 KB
2 KB

228ms
228ms

Script
text/javascript

2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/UQP62OWII5HKHHO3IKJTDG/3EBAB2NVHRFJDEFDRWNWLB/UP3EVLAUMZBWBHQ657EG6T.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 0e7d8a390757e9003e345192f662775db8d16166cf7cb38492898e9124461b13

Request headers

Referer: https://www.refundselection.com/refundselection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: 2DrCdAmxy_7ZsVh.GOUGyZx_HjOwUVYr
Content-Encoding: gzip
x-amz-request-id: 8281CCD762BE34A2
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 600
Date: Mon, 17 Dec 2018 14:35:17 GMT
Connection: keep-alive
Content-Length: 1517
x-amz-id-2: 45b3Foy++FA6L1G0hDBqVLzxkhFgWTjbSmyesQsQ+PmXTemOb91T/gmPvpHdpavhrgbxIpJ8EwI=
Last-Modified: Mon, 17 Dec 2018 09:59:00 GMT
Server: AmazonS3
ETag: "b7b5519c97b18a02f1a1fd458520aa80"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Mon, 17 Dec 2018 14:35:17 GMT
X-Segment-Display-Name
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Connection: keep-alive
Content-Length: 0
Pragma: no-cache
X-Conversion-Value: 0.0
Server: nginx/1.12.1
X-Rule: *
X-Segment-Eid: UP3EVLAUMZBWBHQ657EG6T
Location: https://s.adroll.com/pixel/UQP62OWII5HKHHO3IKJTDG/3EBAB2NVHRFJDEFDRWNWLB/UP3EVLAUMZBWBHQ657EG6T.js
Cache-Control: no-store, no-cache, must-revalidate
X-Pixel-Eid: 3EBAB2NVHRFJDEFDRWNWLB
X-Segment-Name: *
X-Advertisable-Eid: UQP62OWII5HKHHO3IKJTDG
X-Conversion-Currency

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 51 KB
15 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: s.adroll.com
URL: https://s.adroll.com/pixel/UQP62OWII5HKHHO3IKJTDG/3EBAB2NVHRFJDEFDRWNWLB/UP3EVLAUMZBWBHQ657EG6T.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

50fd02e7397cb3745341be12701a2583d187f3f78115c41de0aa96a0cdf27775

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.refundselection.com/refundselection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 14861
x-xss-protection: 0
pragma: public
x-fb-debug: jEgKQvJubpiKBLoCV71uEhxP3sKXJOZpD+RGDm4+NlXM5HaD6l9ijIj5oItSu2ShRn5T1YOPMxAwQyOI3CdBcg==
date: Mon, 17 Dec 2018 14:35:17 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK sendrolling.js Show response
s.adroll.com/j/ 9 KB
3 KB 22ms
22ms Script
text/javascript 2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/sendrolling.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/pixel/UQP62OWII5HKHHO3IKJTDG/3EBAB2NVHRFJDEFDRWNWLB/UP3EVLAUMZBWBHQ657EG6T.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 0e8d3647d7007583e9190b3fce74c540b9bf0421c2208996a127cc19622b08aa

Request headers

Referer: https://www.refundselection.com/refundselection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: arl4cOkwzYKQov9f2LpCRnTYEsZwE8XH
Content-Encoding: gzip
x-amz-request-id: C56814786E9078E4
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 600
Date: Mon, 17 Dec 2018 14:35:17 GMT
Connection: keep-alive
Content-Length: 2039
x-amz-id-2: K2qzu2TwRn2aifQ3+u5tzzKsoiDxC8rfjHj0CnlS+VzecxKhJxQ6yLFCX4YS7Eo4eO5f0UgIeak=
Last-Modified: Wed, 05 Dec 2018 18:21:51 GMT
Server: AmazonS3
ETag: "85b93291e89d9a13691b42e5716334ee"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

204

sync
pixel.advertising.com/ups/55980/
Redirect Chain

https://d.adroll.com/cm/aol/out?advertisable=UQP62OWII5HKHHO3IKJTDG
https://pixel.advertising.com/ups/55980/sync?uid=YWU1NTk2NzMxZTllM2U3MGM1ZTJmM2QxNGM2MzE1ZjI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://pixel.advertising.com/ups/55980/sync?uid=YWU1NTk2NzMxZTllM2U3MGM1ZTJmM2QxNGM2MzE1ZjI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true

0
298 B

11ms
11ms

Image
text/plain

35.156.114.230
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.advertising.com/ups/55980/sync?uid=YWU1NTk2NzMxZTllM2U3MGM1ZTJmM2QxNGM2MzE1ZjI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.114.230 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-156-114-230.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.refundselection.com/refundselection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 204
date: Mon, 17 Dec 2018 14:35:17 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Mon, 17 Dec 2018 14:35:17 GMT
content-length: 0
location: https://pixel.advertising.com/ups/55980/sync?uid=YWU1NTk2NzMxZTllM2U3MGM1ZTJmM2QxNGM2MzE1ZjI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://d.adroll.com/cm/index/out?advertisable=UQP62OWII5HKHHO3IKJTDG
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YWU1NTk2NzMxZTllM2U3MGM1ZTJmM2QxNGM2MzE1ZjI&expiration=1576593317
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YWU1NTk2NzMxZTllM2U3MGM1ZTJmM2QxNGM2MzE1ZjI&expiration=1576593317&C=1

43 B
1 KB

34ms
34ms

Image
image/gif

2.18.234.21
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YWU1NTk2NzMxZTllM2U3MGM1ZTJmM2QxNGM2MzE1ZjI&expiration=1576593317&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.refundselection.com/refundselection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Dec 2018 14:35:18 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 17 Dec 2018 14:35:18 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 17 Dec 2018 14:35:18 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YWU1NTk2NzMxZTllM2U3MGM1ZTJmM2QxNGM2MzE1ZjI&expiration=1576593317&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 333
Expires: Mon, 17 Dec 2018 14:35:18 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://d.adroll.com/cm/n/out?advertisable=UQP62OWII5HKHHO3IKJTDG
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YWU1NTk2NzMxZTllM2U3MGM1ZTJmM2QxNGM2MzE1ZjI&expires=365

42 B
371 B

111ms
25ms

Image
image/gif

213.19.162.90
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YWU1NTk2NzMxZTllM2U3MGM1ZTJmM2QxNGM2MzE1ZjI&expires=365
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.90 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: Rubicon Project /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.refundselection.com/refundselection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Dec 2018 14:35:17 GMT
Server: Rubicon Project
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
X-RPHost: dQI9DqjoDjYE-47afVYnCg
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 17 Dec 2018 14:35:17 GMT
Server: nginx/1.12.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YWU1NTk2NzMxZTllM2U3MGM1ZTJmM2QxNGM2MzE1ZjI&expires=365
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 124

GET
H2

200

pixel
sync.outbrain.com/adroll/
Redirect Chain

https://d.adroll.com/cm/outbrain/out?advertisable=UQP62OWII5HKHHO3IKJTDG
https://sync.outbrain.com/adroll/pixel?user_id=YWU1NTk2NzMxZTllM2U3MGM1ZTJmM2QxNGM2MzE1ZjI

0
283 B

93ms
93ms

Image
text/plain

151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.outbrain.com/adroll/pixel?user_id=YWU1NTk2NzMxZTllM2U3MGM1ZTJmM2QxNGM2MzE1ZjI

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://www.refundselection.com/refundselection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=0; includeSubDomains;
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, JFK, HHN, Europe1
x-timer: S1545057318.007454,VS0,VE86
date: Mon, 17 Dec 2018 14:35:18 GMT
x-cache: MISS, MISS
status: 200
backend-ip: 104.156.90.50
x-cache-hits: 0, 0
accept-ranges: bytes, bytes
content-length: 0
x-served-by: cache-jfk8150-JFK, cache-hhn1537-HHN

Redirect headers

Pragma: no-cache
Date: Mon, 17 Dec 2018 14:35:17 GMT
Server: nginx/1.12.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://sync.outbrain.com/adroll/pixel?user_id=YWU1NTk2NzMxZTllM2U3MGM1ZTJmM2QxNGM2MzE1ZjI
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 96

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?advertisable=UQP62OWII5HKHHO3IKJTDG
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=YWU1NTk2NzMxZTllM2U3MGM1ZTJmM2QxNGM2MzE1ZjI&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENA...

1 B
817 B

65ms
14ms

Image
text/html

185.64.189.110
PubMatic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=YWU1NTk2NzMxZTllM2U3MGM1ZTJmM2QxNGM2MzE1ZjI&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.refundselection.com/refundselection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Dec 2018 14:35:18 GMT
X-lat: Pug22043:0:527
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Cache-Control: no-store, no-cache, private
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
X-Cnection: close
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

Pragma: no-cache
Date: Mon, 17 Dec 2018 14:35:18 GMT
Server: nginx/1.12.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=YWU1NTk2NzMxZTllM2U3MGM1ZTJmM2QxNGM2MzE1ZjI&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 220

GET
H2

204

/
trc.taboola.com/sg/adroll-network/1/rtb-h/
Redirect Chain

https://d.adroll.com/cm/taboola/out?advertisable=UQP62OWII5HKHHO3IKJTDG
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=YWU1NTk2NzMxZTllM2U3MGM1ZTJmM2QxNGM2MzE1ZjI

0
250 B

15ms
15ms

Image
text/plain

151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=YWU1NTk2NzMxZTllM2U3MGM1ZTJmM2QxNGM2MzE1ZjI
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.refundselection.com/refundselection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 17 Dec 2018 14:35:18 GMT
via: 1.1 varnish
server: nginx
x-timer: S1545057318.028158,VS0,VE8
x-cache: MISS
status: 204
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cache-hits: 0
accept-ranges: bytes
x-served-by: cache-hhn1537-HHN

Redirect headers

Pragma: no-cache
Date: Mon, 17 Dec 2018 14:35:18 GMT
Server: nginx/1.12.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=YWU1NTk2NzMxZTllM2U3MGM1ZTJmM2QxNGM2MzE1ZjI
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 111

GET
H/1.1

200
OK

xuid
eb2.3lift.com/
Redirect Chain

https://d.adroll.com/cm/triplelift/out?advertisable=UQP62OWII5HKHHO3IKJTDG
https://eb2.3lift.com/xuid?mid=4714&xuid=YWU1NTk2NzMxZTllM2U3MGM1ZTJmM2QxNGM2MzE1ZjI&dongle=c85e
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=YWU1NTk2NzMxZTllM2U3MGM1ZTJmM2QxNGM2MzE1ZjI&dongle=c85e&gdpr=1&cmp_cs=

37 B
466 B

10ms
9ms

Image
image/gif

18.194.56.169
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=YWU1NTk2NzMxZTllM2U3MGM1ZTJmM2QxNGM2MzE1ZjI&dongle=c85e&gdpr=1&cmp_cs=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.56.169 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-194-56-169.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.refundselection.com/refundselection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 17 Dec 2018 14:35:18 GMT
cache-control: no-cache, no-store, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 37
P3P: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=4714&xuid=YWU1NTk2NzMxZTllM2U3MGM1ZTJmM2QxNGM2MzE1ZjI&dongle=c85e&gdpr=1&cmp_cs=
date: Mon, 17 Dec 2018 14:35:18 GMT
cache-control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
P3P: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

pixel
ads.yahoo.com/
Redirect Chain

https://d.adroll.com/cm/r/out?advertisable=UQP62OWII5HKHHO3IKJTDG
https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1%26gdpr%3D1%26gdpr_con...

0
1 KB

125ms
39ms

Image
text/plain

2a00:1288:110:833::4000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1%26gdpr%3D1%26gdpr_consent%3DBOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:833::4000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.refundselection.com/refundselection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 17 Dec 2018 14:35:18 GMT
X-Content-Type-Options: nosniff
Server: ATS
Age: 0
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Public-Key-Pins-Report-Only: max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="K87oWBWM9UZfyddvDfoxL+8lpNyoUB2ptGtn0fv6G2Q="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="cGuxAXyFXFkWm61cF4HPWX8S0srS9j0aSqN0k4AP+4A="; pin-sha256="dolnbtzEBnELx/9lOEQ22e6OZO/QNb6VSSX2XHA3E7A="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only"
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

Redirect headers

Pragma: no-cache
Date: Mon, 17 Dec 2018 14:35:18 GMT
Server: nginx/1.12.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1%26gdpr%3D1%26gdpr_consent%3DBOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 248

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://d.adroll.com/cm/b/out?advertisable=UQP62OWII5HKHHO3IKJTDG
https://x.bidswitch.net/sync?dsp_id=44&user_id=YWU1NTk2NzMxZTllM2U3MGM1ZTJmM2QxNGM2MzE1ZjI
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YWU1NTk2NzMxZTllM2U3MGM1ZTJmM2QxNGM2MzE1ZjI

43 B
575 B

25ms
25ms

Image
image/gif

18.153.11.16
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YWU1NTk2NzMxZTllM2U3MGM1ZTJmM2QxNGM2MzE1ZjI
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.153.11.16 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-153-11-16.eu-central-1.compute.amazonaws.com
Software: nginx/1.12.0 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.refundselection.com/refundselection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 17 Dec 2018 14:35:18 GMT
Server: nginx/1.12.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=10
Content-Length: 43

Redirect headers

Date: Mon, 17 Dec 2018 14:35:18 GMT
Server: nginx/1.12.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YWU1NTk2NzMxZTllM2U3MGM1ZTJmM2QxNGM2MzE1ZjI
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 0

GET
H/1.1

200
OK

pxj
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?advertisable=UQP62OWII5HKHHO3IKJTDG
https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid(%27YWU1NTk2NzMxZTllM2U3MGM1ZTJmM2QxNGM2MzE1ZjI%27)

43 B
924 B

20ms
19ms

Image
image/gif

37.252.172.80
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid(%27YWU1NTk2NzMxZTllM2U3MGM1ZTJmM2QxNGM2MzE1ZjI%27)

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.80 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

152.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.refundselection.com/refundselection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Dec 2018 14:35:20 GMT
AN-X-Request-Uuid: 30c743eb-77db-4f7a-91c6-2a21cf35c505
Content-Type: image/gif
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.220.70.222; 185.220.70.222; 152.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.113:80
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 17 Dec 2018 14:35:18 GMT
Server: nginx/1.12.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid('YWU1NTk2NzMxZTllM2U3MGM1ZTJmM2QxNGM2MzE1ZjI')
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 113

GET
H2

204

377928.gif
idsync.rlcdn.com/
Redirect Chain

https://d.adroll.com/cm/l/out?advertisable=UQP62OWII5HKHHO3IKJTDG
https://idsync.rlcdn.com/377928.gif?partner_uid=ae5596731e9e3e70c5e2f3d14c6315f2

0
34 B

334ms
111ms

Image
text/plain

52.44.134.29
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/377928.gif?partner_uid=ae5596731e9e3e70c5e2f3d14c6315f2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.134.29 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-44-134-29.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.refundselection.com/refundselection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 204
date: Mon, 17 Dec 2018 14:35:18 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 17 Dec 2018 14:35:18 GMT
Server: nginx/1.12.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://idsync.rlcdn.com/377928.gif?partner_uid=ae5596731e9e3e70c5e2f3d14c6315f2
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 86

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?advertisable=UQP62OWII5HKHHO3IKJTDG
https://us-u.openx.net/w/1.0/sd?id=537103138&val=ae5596731e9e3e70c5e2f3d14c6315f2
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=ae5596731e9e3e70c5e2f3d14c6315f2

43 B
256 B

18ms
18ms

Image
image/gif

173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=ae5596731e9e3e70c5e2f3d14c6315f2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/16.117.2 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.refundselection.com/refundselection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Dec 2018 14:35:18 GMT
server: OXGW/16.117.2
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

status: 302
date: Mon, 17 Dec 2018 14:35:18 GMT
server: OXGW/16.117.2
content-length: 0
location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=ae5596731e9e3e70c5e2f3d14c6315f2
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?advertisable=UQP62OWII5HKHHO3IKJTDG&google_nid=adroll5
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=rlWWcx6ePnDF4vPRTGMV8g&google_ula=1535926
https://d.adroll.com/cm/g/in?google_ula=1535926,0

42 B
510 B

31ms
31ms

Image
image/gif

54.228.214.110
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in?google_ula=1535926,0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.214.110 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-228-214-110.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.refundselection.com/refundselection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Dec 2018 14:35:18 GMT
Server: nginx/1.12.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
X-Result: g.-1.-1.1535926.0.-1

Redirect headers

pragma: no-cache
date: Mon, 17 Dec 2018 14:35:18 GMT
server: HTTP server (unknown)
location: https://d.adroll.com/cm/g/in?google_ula=1535926,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 246
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 292945261143890 Show response
connect.facebook.net/signals/config/ 181 KB
44 KB 106ms
106ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/292945261143890?v=2.8.35&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

93ac8fee93e46745e1a0202cd57110418cb70ca2f53f4bfede7436ab9b08c81f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.refundselection.com/refundselection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 0
pragma: public
x-fb-debug: /ctR6ta2qqeciANNplcsjorEy8V+2HjG0tmeoXkWfoQz63rL0cTsl3BRaF+WpPhOaBBFKA7j7WptjJneT9ZjwA==
date: Mon, 17 Dec 2018 14:35:17 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
248 B 10ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=292945261143890&ev=PageView&dl=https%3A%2F%2Fwww.refundselection.com%2Frefundselection%2F&rl=&if=false&ts=1545057318020&cd[segment_eid]=UP3EVLAUMZBWBHQ657EG6T&sw=1600&sh=1200&v=2.8.35&r=stable&ec=0&o=29&fbp=fb.1.1545057318019.289974785&it=1545057317885&coo=false
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: https://www.refundselection.com/refundselection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 17 Dec 2018 14:35:18 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Mon, 17 Dec 2018 14:35:18 GMT

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.refundselection.com/	1970-01-18 21:10:59	Name: gpv_v11 Value: no%20value
.refundselection.com/	1969-12-31 23:59:59	Name: s_sq Value: %5B%5BB%5D%5D
.refundselection.com/	1970-01-19 05:56:33	Name: s_nr Value: 1545057315770-New
.refundselection.com/	1970-01-19 14:43:35	Name: s_fid Value: 4170E4AD8019476A-251F93CED4D358F4
.refundselection.com/	1969-12-31 23:59:59	Name: s_cc Value: true
www.refundselection.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 8F2852EE1E8444239BED74AE8F2C4A8F.dsapphvn1-appds03_ds02
www.refundselection.com/	1970-02-12 17:42:20	Name: mid Value: GQeRtqVEgwOw7fl6TMN0ihJV-v1
.refundselection.com/	1970-01-19 14:45:02	Name: mbox Value: session#b0e43ef5d2924b5f86418c5644a8a90e#1545059175\|PC#b0e43ef5d2924b5f86418c5644a8a90e.26_3#1608302115

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.yahoo.com
assets.adobedtm.com
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
data.cdnbasket.net
dsum-sec.casalemedia.com
e.cdnwidget.com
eb2.3lift.com
higherone.tt.omtrdc.net
ib.adnxs.com
ids.cdnwidget.com
idsync.rlcdn.com
p.typekit.net
page.cdnbasket.net
pixel.advertising.com
pixel.cdnwidget.com
pixel.rubiconproject.com
s.adroll.com
simage2.pubmatic.com
smetrics.higheroneaccount.com
sync.outbrain.com
trc.taboola.com
us-u.openx.net
use.typekit.net
view.cdnbasket.net
www.facebook.com
www.refundselection.com
x.bidswitch.net
107.178.240.136
130.211.47.17
151.101.2.2
156.55.92.236
173.241.240.143
18.153.11.16
18.194.56.169
185.34.188.75
185.64.189.110
2.18.233.40
2.18.234.21
213.19.162.90
216.58.207.66
23.211.0.20
23.38.53.224
2600:9000:2047:b800:b:6d87:aa40:93a1
2a00:1288:110:833::4000
2a02:26f0:6c00:196::19fd
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
35.156.114.230
35.186.240.235
35.190.94.112
37.252.172.80
52.44.134.29
54.228.214.110
54.246.126.140
66.117.29.3
017d70952475751f98682ed0734430dd8073aec196f65bf8abe3f61882bac09b
04e4de9266d6c2b2eca15026812b7a8926dd95ff45f393de1a42a21c9a4c48ee
0e7d8a390757e9003e345192f662775db8d16166cf7cb38492898e9124461b13
0e8d3647d7007583e9190b3fce74c540b9bf0421c2208996a127cc19622b08aa
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1ccdbe5fba95906eb04fed55b6d5fe05d4130f09d1ef62a2a195b07bfcd20d98
1e71dfd2075bdd8ab13805b0c9bc396c00c1a3d982d3e9ddde63ccfaf4f2eaaf
2fb574e7bb951deb621f32ec4a6d95faa84d74218fdfaf60f77333c5c106b185
33207c82efa045da3fbae51ad279020135b038e8a581fa89b34dd9faada6fb62
363ddcdad8fa8db6500ad554923cc22ab4bf968c15aa09c63e26a74cd5556b62
3e26e046f6e08fda02a0ec7f73f44d2f64267bb9dd030ee815f32279f7ebd758
3f333a6f1ad5111172809b8b8e7022703eb7cdd32360170283ff7fcef0916321
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c4338687dee1a59ddd7ffd121d9799d2434782eb99760eb2ce72d23533aa3aa
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50fd02e7397cb3745341be12701a2583d187f3f78115c41de0aa96a0cdf27775
52cf6a8bf76b2a6a9deab85077ea96de7a9bbda5e317c6c548bfd19ff6859d3a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5e56857d5cc7bedd3b4ace3cfe1035630392169cdb01a25655560027afbf14f8
6a265be4d41911cfc2a20d485ffbea946a8d617d87bb5682fa6a3a80f2be37ce
6be5b9ab75d86370e1e7283d553b4fdc19320d0cc6141ad784dbacd5d628ce56
835b631f99d46a39b5aadbb28a7598fa89720ffbb56ede452d9b05f3e22d2b2f
8380f8262369601af5a77d9b675552065e3fe95d08d309ee80f684aedfa550e4
867bd168728faba904fe15de941932d1d7537130b0edb918970901435cf39929
8d65ad481496fe91333b56b3e3f92404a17ba2dddb5f29b8a17201b4af730cc7
8e1634378db4493b3296b8eed71d6f40d3ffc6e4b0e974d3eb5011e1e0857bef
919d7d452a12c00f65df0c370c7cd5e701827de7107ee901926ad1c05d9b9c38
93ac8fee93e46745e1a0202cd57110418cb70ca2f53f4bfede7436ab9b08c81f
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
a1e4deea5be8d94399ec58f58f519582ce06c7833b0076c1102256aeb1c20893
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5bb676613a05928e232626d1d29e0a9c42262b08a6533384d5acb89d9c747cf
b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c586277151b548efbf9159569c9c86b52d5dd66a67a65d2659e146add71822ce
c5c9fb8abc90fb7bf1b95d10f8bbdc304223e9ae82a72b90f38da328dbd10c9e
da89bd3eac48868537b4708c16b6f997d59d3272b420dab96e16887c7b28e387
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e948e5869da246bfe815e9957eb26f2782c0954928aa6b073cc1243e9ad8821e
ecf74f827a3f7ff4c8e718bfac1591c46ae9bb3c2f56782e56d783fe8e08089b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f64d427c92523c7e3f2b0ec8f799747715f61c0d234e206c18001908afe8c78c
f6623c6df8da6b9499297b74af30ba965d4d94c62ab7d7e45e02625e2a38fa09
f8df28ffab35d9e6aa3a2749015435f0ae27c2abc4a8ee181ad9f14b73614c97

www.refundselection.com Open in urlscan Pro 156.55.92.236 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

100 %HTTPS

18 %IPv6

23 Domains

29 Subdomains

27 IPs

6 Countries

754 kBTransfer

1870 kBSize

8 Cookies

0 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.refundselection.com Open in urlscan Pro
156.55.92.236 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

100 %
HTTPS

18 %
IPv6

23
Domains

29
Subdomains

27
IPs

6
Countries

754 kB
Transfer

1870 kB
Size

8
Cookies

53 HTTP transactions
0 data transactions