Submitted URL: https://lzzgcc5d.r.us-east-1.awstrack.me/L0/https:%2F%2Fplaidsettlement.com%2Fsubmit-claim.php/1/0100018063a2b4cf-83b0f949-e19e-441d-8bc6...
Effective URL: https://plaidsettlement.com/submit-claim.php
Submission: On April 26 via manual from US — Scanned from US

Summary

This website contacted 21 IPs in 1 countries across 22 domains to perform 71 HTTP transactions. The main IP is 35.173.167.255, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is plaidsettlement.com. The Cisco Umbrella rank of the primary domain is 357295.
TLS certificate: Issued by Amazon on January 25th 2022. Valid for: a year.
This is the only time plaidsettlement.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.165.187.187 14618 (AMAZON-AES)
1 35.173.167.255 14618 (AMAZON-AES)
3 2607:f8b0:400... 15169 (GOOGLE)
24 52.216.106.43 16509 (AMAZON-02)
4 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
7 2600:9000:21e... 16509 (AMAZON-02)
5 8 15.197.193.217 16509 (AMAZON-02)
2 3 142.251.41.2 15169 (GOOGLE)
1 1 8.43.72.98 26667 (RUBICONPR...)
2 2 68.67.160.117 29990 (ASN-APPNEX)
2 2 54.175.87.114 14618 (AMAZON-AES)
1 2 23.52.162.21 16625 (AKAMAI-AS)
2 54.230.160.114 16509 (AMAZON-02)
4 2607:f8b0:400... 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
4 2607:f8b0:400... 15169 (GOOGLE)
2 23.23.244.189 14618 (AMAZON-AES)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 142.251.40.130 15169 (GOOGLE)
2 13.226.31.92 16509 (AMAZON-02)
1 1 8.28.7.83 62713 (AS-PUBMATIC)
2 2 35.211.178.172 15169 (GOOGLE)
71 21
Apex Domain
Subdomains
Transfer
26 amazonaws.com
angeion-public.s3.amazonaws.com — Cisco Umbrella Rank: 247927
uae4khqoag.execute-api.us-east-1.amazonaws.com — Cisco Umbrella Rank: 335143
1 MB
10 adsrvr.org
insight.adsrvr.org — Cisco Umbrella Rank: 579
match.adsrvr.org — Cisco Umbrella Rank: 326
js.adsrvr.org — Cisco Umbrella Rank: 1440
12 KB
9 digitaldisbursements.com
content.digitaldisbursements.com — Cisco Umbrella Rank: 398513
data.digitaldisbursements.com — Cisco Umbrella Rank: 415050
492 KB
8 gstatic.com
www.gstatic.com
fonts.gstatic.com
396 KB
4 unpkg.com
unpkg.com — Cisco Umbrella Rank: 864
43 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
24 KB
3 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 195
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
2 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 58
174 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 39
3 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 274
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 102
500 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
366 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 137
113 KB
2 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530
2 KB
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 283
708 B
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 226
2 KB
1 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 584
578 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 103
15 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 212
21 KB
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 318
915 B
1 plaidsettlement.com
plaidsettlement.com — Cisco Umbrella Rank: 357295
8 KB
1 awstrack.me
lzzgcc5d.r.us-east-1.awstrack.me — Cisco Umbrella Rank: 220313
158 B
71 22
Domain Requested by
24 angeion-public.s3.amazonaws.com plaidsettlement.com
angeion-public.s3.amazonaws.com
7 content.digitaldisbursements.com plaidsettlement.com
content.digitaldisbursements.com
6 match.adsrvr.org 4 redirects js.adsrvr.org
4 unpkg.com 2 redirects content.digitaldisbursements.com
4 fonts.gstatic.com fonts.googleapis.com
www.google.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com plaidsettlement.com
www.gstatic.com
www.google.com
3 www.googletagmanager.com plaidsettlement.com
www.googletagmanager.com
3 fonts.googleapis.com plaidsettlement.com
content.digitaldisbursements.com
2 x.bidswitch.net 2 redirects
2 data.digitaldisbursements.com content.digitaldisbursements.com
2 www.facebook.com plaidsettlement.com
2 www.google-analytics.com www.googletagmanager.com
2 uae4khqoag.execute-api.us-east-1.amazonaws.com angeion-public.s3.amazonaws.com
2 connect.facebook.net plaidsettlement.com
connect.facebook.net
2 js.adsrvr.org plaidsettlement.com
insight.adsrvr.org
2 dsum-sec.casalemedia.com 1 redirects plaidsettlement.com
2 ups.analytics.yahoo.com 2 redirects
2 ib.adnxs.com 2 redirects
2 cm.g.doubleclick.net 2 redirects
2 insight.adsrvr.org 1 redirects js.adsrvr.org
1 simage2.pubmatic.com 1 redirects
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 cdnjs.cloudflare.com content.digitaldisbursements.com
1 pixel.rubiconproject.com 1 redirects
1 plaidsettlement.com
1 lzzgcc5d.r.us-east-1.awstrack.me 1 redirects
71 28

This site contains links to these domains. Also see Links.

Domain
angeion-public.s3.amazonaws.com
Subject Issuer Validity Valid
nationalgridtcpasettlement.com
Amazon
2022-01-25 -
2023-02-23
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-04-11 -
2022-07-04
3 months crt.sh
*.s3.amazonaws.com
Amazon
2021-12-15 -
2022-12-03
a year crt.sh
www.google.com
GTS CA 1C3
2022-04-11 -
2022-07-04
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-04-11 -
2022-07-04
3 months crt.sh
*.digitaldisbursements.com
Amazon
2022-04-01 -
2023-04-30
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-04-11 -
2022-07-04
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-02-01 -
2022-05-02
3 months crt.sh
*.execute-api.us-east-1.amazonaws.com
Amazon
2021-07-22 -
2022-08-20
a year crt.sh
*.google.com
GTS CA 1C3
2022-04-11 -
2022-07-04
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-09-21 -
2022-09-20
a year crt.sh
www.googleadservices.com
GTS CA 1C3
2022-04-11 -
2022-07-04
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-04-11 -
2022-07-04
3 months crt.sh

This page contains 6 frames:

Primary Page: https://plaidsettlement.com/submit-claim.php
Frame ID: 77F72465DAA6CC58C50C8D49A666B2AE
Requests: 53 HTTP requests in this frame

Frame: https://content.digitaldisbursements.com/v1.4.3/index.html?d1e9c7e08cb9564b0dd7d52067b4573a25d2b197fe12d315b3186637792b2dcf&%7B%22verify%22%3Afalse%7D
Frame ID: 6E74632FCC32B1FCE5A408775FA9DBD6
Requests: 12 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeVdgEVAAAAAGLdvtrwMCDZcDZzJ300FZHqvmud&co=aHR0cHM6Ly9wbGFpZHNldHRsZW1lbnQuY29tOjQ0Mw..&hl=en&v=QENb_qRrX0-mQMyENQjD6Fuj&size=invisible&cb=frvid1dpr59c
Frame ID: 66C823E15DF8A5A5B44147C25AC55E15
Requests: 7 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=zdfda0f&ref=https%3A%2F%2Fplaidsettlement.com%2Fsubmit-claim.php&upid=h8uxpcj&upv=1.1.0
Frame ID: E5003F48150844AF00CB26FCD32EC960
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
Frame ID: F1FC3D30C9862BAABA951B3345036406
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Frame ID: BCC1E2929F8F4FF272391BAFC4D48AC2
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Submit Claim | Plaid Inc. Privacy Litigation

Page URL History Show full URLs

  1. https://lzzgcc5d.r.us-east-1.awstrack.me/L0/https:%2F%2Fplaidsettlement.com%2Fsubmit-claim.php/1/0100018063a2b4cf-83b... HTTP 302
    https://plaidsettlement.com/submit-claim.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

71
Requests

96 %
HTTPS

42 %
IPv6

22
Domains

28
Subdomains

21
IPs

1
Countries

2471 kB
Transfer

4413 kB
Size

27
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://lzzgcc5d.r.us-east-1.awstrack.me/L0/https:%2F%2Fplaidsettlement.com%2Fsubmit-claim.php/1/0100018063a2b4cf-83b0f949-e19e-441d-8bc6-8b11952ab730-000000/Dk_tFv7ta-3edWhSP92nasUsxCI=267 HTTP 302
    https://plaidsettlement.com/submit-claim.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://insight.adsrvr.org/track/pxl/?adv=zdfda0f&ct=0:c5vaoju&fmt=3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=ZDBjN2U5OTMtNzVjNy00ODkyLWE0ZTQtOWUxYjRiODZiYzll&gdpr=0&gdpr_consent=&ttd_tdid=d0c7e993-75c7-4892-a4e4-9e1b4b86bc9e HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm=&google_sc=&google_hm=ZDBjN2U5OTMtNzVjNy00ODkyLWE0ZTQtOWUxYjRiODZiYzll&gdpr=0&gdpr_consent=&ttd_tdid=d0c7e993-75c7-4892-a4e4-9e1b4b86bc9e&google_tc= HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=d0c7e993-75c7-4892-a4e4-9e1b4b86bc9e&google_gid=CAESEGtpyZri8pdAwJDWlx7LJKk&google_cver=1 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=d0c7e993-75c7-4892-a4e4-9e1b4b86bc9e&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=d0c7e993-75c7-4892-a4e4-9e1b4b86bc9e HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3Dd0c7e993-75c7-4892-a4e4-9e1b4b86bc9e HTTP 302
  • https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=6087077428651248729&ttd_tdid=d0c7e993-75c7-4892-a4e4-9e1b4b86bc9e HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=d0c7e993-75c7-4892-a4e4-9e1b4b86bc9e&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=d0c7e993-75c7-4892-a4e4-9e1b4b86bc9e&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-REpeJktE2uJZo7_D_ztm8DKjqp0fWxk-~A&gdpr=0&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=d0c7e993-75c7-4892-a4e4-9e1b4b86bc9e&expiration=1653568726&gdpr=0&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=d0c7e993-75c7-4892-a4e4-9e1b4b86bc9e&expiration=1653568726&gdpr=0&gdpr_consent=&C=1
Request Chain 45
  • https://unpkg.com/react@16/umd/react.production.min.js HTTP 302
  • https://unpkg.com/react@16.14.0/umd/react.production.min.js
Request Chain 46
  • https://unpkg.com/react-dom@16/umd/react-dom.production.min.js HTTP 302
  • https://unpkg.com/react-dom@16.14.0/umd/react-dom.production.min.js
Request Chain 70
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=d0c7e993-75c7-4892-a4e4-9e1b4b86bc9e&r=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dpubmatic HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
Request Chain 71
  • https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=d0c7e993-75c7-4892-a4e4-9e1b4b86bc9e&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch HTTP 302
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=93&user_group=1&user_id=d0c7e993-75c7-4892-a4e4-9e1b4b86bc9e&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch

71 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request submit-claim.php
plaidsettlement.com/
Redirect Chain
  • https://lzzgcc5d.r.us-east-1.awstrack.me/L0/https:%2F%2Fplaidsettlement.com%2Fsubmit-claim.php/1/0100018063a2b4cf-83b0f949-e19e-441d-8bc6-8b11952ab730-000000/Dk_tFv7ta-3edWhSP92nasUsxCI=267
  • https://plaidsettlement.com/submit-claim.php
35 KB
8 KB
Document
General
Full URL
https://plaidsettlement.com/submit-claim.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.173.167.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-167-255.compute-1.amazonaws.com
Software
Apache/2.4.46 (Unix) OpenSSL/1.1.1n / PHP/8.0.3
Resource Hash
e428c4478f26924cf79fd22ba93cbb3a9aa9a40533b5ac34918c5cf4b7981b3e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-length
7205
content-type
text/html; charset=UTF-8
date
Tue, 26 Apr 2022 12:38:45 GMT
server
Apache/2.4.46 (Unix) OpenSSL/1.1.1n
vary
Accept-Encoding
x-powered-by
PHP/8.0.3

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Tue, 26 Apr 2022 12:38:44 GMT
Location
https://plaidsettlement.com/submit-claim.php
css
fonts.googleapis.com/
17 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Oswald|Open+Sans:400italic,600italic,700italic,400,700,600
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f7184a4dcbea2645be5c8c236faa68d85d732024a0328fa70c382e8235b485a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 11:27:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 26 Apr 2022 12:38:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 26 Apr 2022 12:38:45 GMT
reset.css
angeion-public.s3.amazonaws.com/css/
1 KB
1 KB
Stylesheet
General
Full URL
https://angeion-public.s3.amazonaws.com/css/reset.css?v=0.07
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.106.43 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
ed555a279183c054222c873e78d92c40b512498e49359b6abfda36048f141988

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 12:38:46 GMT
Last-Modified
Thu, 06 Jun 2019 20:07:03 GMT
Server
AmazonS3
x-amz-request-id
E58PA4AQ7YETM3BW
ETag
"ba1d59b0e53d380b12b3e97a428b3314"
Content-Type
text/css
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
1092
x-amz-id-2
gh+gT+wB33EiM6yI0ukxLYKt8RWk/YPOtqI6FFmmqRw4VagfWQR3L7mQ4pcRJws0O1D2kSBX47s=
static.css
angeion-public.s3.amazonaws.com/css/
9 KB
10 KB
Stylesheet
General
Full URL
https://angeion-public.s3.amazonaws.com/css/static.css?v=0.07
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.106.43 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
52834a043833292f8d29a963e3db42db01ae6da0215d4aeca8140a211c54fcb3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 12:38:46 GMT
Last-Modified
Fri, 14 Jan 2022 17:09:31 GMT
Server
AmazonS3
x-amz-request-id
E58HFCDG55QGE07R
ETag
"1c5f463cb9c1fe59ad93e19ef679307c"
Content-Type
text/css
x-amz-version-id
75BZdP9INKnB13aY0_.nnnU9KHCdx9yX
Accept-Ranges
bytes
Content-Length
9648
x-amz-id-2
MJHB0nHnloXo0GCIijzDBYVm6TAaTnoxt7IQ1eVfmAvj0kamL81KGMQjQUmQoUCQQ9RW3sWsdnQ=
polyfill.js
angeion-public.s3.amazonaws.com/js/
17 KB
18 KB
Script
General
Full URL
https://angeion-public.s3.amazonaws.com/js/polyfill.js?v=0.07
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.106.43 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
4d0338c84a37206c2b96a06e28083301ac07b203fe1e5ed291fe7dd353defabb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 12:38:46 GMT
Last-Modified
Wed, 25 Sep 2019 14:04:58 GMT
Server
AmazonS3
x-amz-request-id
E58MR4ZQDR6R1NYH
ETag
"9707554026c98a554218d8c44ade0095"
Content-Type
application/javascript
x-amz-version-id
qsDXHpeIhr.67NMrhIzHOwcMrSQvgdoN
Accept-Ranges
bytes
Content-Length
17679
x-amz-id-2
vgxg/9b5KvA0LJ4rbdHc1OHkQFAEfqVGHJm/uQvhn1EMrzBernQS1Ct/318/BqbWI8R6cxfCJF4=
static.js
angeion-public.s3.amazonaws.com/js/
3 KB
4 KB
Script
General
Full URL
https://angeion-public.s3.amazonaws.com/js/static.js?v=0.07
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.106.43 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0320896ccfc97db75ac57b085daab0df5328379b5f0f64be139ab1e09223743d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 12:38:46 GMT
Last-Modified
Tue, 13 Jul 2021 23:10:27 GMT
Server
AmazonS3
x-amz-request-id
E58RKFPQJVR5WY25
ETag
"d25bc6f147982da042c1946d8162214f"
Content-Type
application/javascript
x-amz-version-id
ZRmLBkuNIJcWwRR2_PfG0nUI9YBEVnDQ
Accept-Ranges
bytes
Content-Length
3382
x-amz-id-2
tYE6Ad6ivWaHBtTnNLZdzoR1jmFv7KWP34qiq1HFje4iR6cq3N3kWq5f6s0Qtu+IW0WLaKn0C9k=
api.js
www.google.com/recaptcha/
884 B
1000 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=6LeVdgEVAAAAAGLdvtrwMCDZcDZzJ300FZHqvmud
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2004 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
314ba550be68224c4a5b53967dbbcb8551e7018f6ea203422bc4f089d00c219a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 12:38:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
587
x-xss-protection
1; mode=block
expires
Tue, 26 Apr 2022 12:38:45 GMT
axios.standalone.js
angeion-public.s3.amazonaws.com/js/api-gateway/lib/axios/dist/
27 KB
28 KB
Script
General
Full URL
https://angeion-public.s3.amazonaws.com/js/api-gateway/lib/axios/dist/axios.standalone.js?v=0.07
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.106.43 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
7959256390ff9d45f5f212f0511e1ffbc5919766c4e236e04b0eaf3d67e03fe2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 12:38:46 GMT
Last-Modified
Mon, 02 Nov 2020 20:03:22 GMT
Server
AmazonS3
x-amz-request-id
E58N6GA7VS3GBZM0
ETag
"b3cda1a3e912b6f8c138d0e90635f7f3"
Content-Type
application/javascript
x-amz-version-id
dhW.q79yFjETaACQ.YpE8GZMdCqeBk_9
Accept-Ranges
bytes
Content-Length
28123
x-amz-id-2
/mPKPmr/iUZPyFLXEoWK3k/HJ0YeM14MRwlsDiVeJcd9KSSj2pdbFr2kbZzU+L9ZZppUsreBH/E=
hmac-sha256.js
angeion-public.s3.amazonaws.com/js/api-gateway/lib/CryptoJS/rollups/
5 KB
6 KB
Script
General
Full URL
https://angeion-public.s3.amazonaws.com/js/api-gateway/lib/CryptoJS/rollups/hmac-sha256.js?v=0.07
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.106.43 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
d6f2b21914a528e96d06a38fea4aa7a0e54f440349d651652ad276afc1ee464a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 12:38:46 GMT
Last-Modified
Mon, 02 Nov 2020 20:03:22 GMT
Server
AmazonS3
x-amz-request-id
E58GJWNHDYXBCNYJ
ETag
"e355334677dcf7e7b062c1e1aff8e36d"
Content-Type
application/javascript
x-amz-version-id
Cp5g821m3oj3ajt0wOf5y4kk33Q6YUFA
Accept-Ranges
bytes
Content-Length
5228
x-amz-id-2
PDbExFmkspSla/Zp2XCsgkNy+dTk0fKZRXoSC3thHI1Exs92FgH8V8UsRkgqfzrpIsQ2YmAZ1CQ=
sha256.js
angeion-public.s3.amazonaws.com/js/api-gateway/lib/CryptoJS/rollups/
5 KB
5 KB
Script
General
Full URL
https://angeion-public.s3.amazonaws.com/js/api-gateway/lib/CryptoJS/rollups/sha256.js?v=0.07
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.106.43 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
f7bfb9a64082e0371de86c3b3ed83e05f22be1eac3190d73736298f2f0ec8425

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 12:38:46 GMT
Last-Modified
Mon, 02 Nov 2020 20:03:22 GMT
Server
AmazonS3
x-amz-request-id
E58GR3PFT9JN9ZTM
ETag
"e865bd9952e46357b2572dc64c6e7b78"
Content-Type
application/javascript
x-amz-version-id
RsyV9qFdbqVO4fEJp2t1frWfgX8r4Xco
Accept-Ranges
bytes
Content-Length
4608
x-amz-id-2
/+YRdGIOGjPkLwssaIy3zbKHMcNGnuBfUNZge8eSLqfC0JchKHmwPwTEbdff6DU2LtdLLKR/aTA=
hmac.js
angeion-public.s3.amazonaws.com/js/api-gateway/lib/CryptoJS/components/
4 KB
4 KB
Script
General
Full URL
https://angeion-public.s3.amazonaws.com/js/api-gateway/lib/CryptoJS/components/hmac.js?v=0.07
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.106.43 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
c76d2b9a9ef3522e33ab5721f2bf66c95ee792c2e8c390c6fa5dae1f28fd0b70

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 12:38:46 GMT
Last-Modified
Mon, 02 Nov 2020 20:03:22 GMT
Server
AmazonS3
x-amz-request-id
E58WRK7HJ8X6WC31
ETag
"8a816a10bd506d3fa9b9e2cd92d09b17"
Content-Type
application/javascript
x-amz-version-id
VY4pNeXtA7t4nkSubqw1Sn7GBEIsXyR5
Accept-Ranges
bytes
Content-Length
3806
x-amz-id-2
scwySVFPSXH0DvWyzVbhWxFWuTKxTPMyONbUCm+BKQSIAGm3OxH2KXcqVc1AJULw2H5GlzKa7xc=
enc-base64.js
angeion-public.s3.amazonaws.com/js/api-gateway/lib/CryptoJS/components/
3 KB
4 KB
Script
General
Full URL
https://angeion-public.s3.amazonaws.com/js/api-gateway/lib/CryptoJS/components/enc-base64.js?v=0.07
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.106.43 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
e337112ff57db84347ffaaf07622bb6b2b8a74fef331897bc80bb10e8fb8eec2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 12:38:46 GMT
Last-Modified
Mon, 02 Nov 2020 20:03:22 GMT
Server
AmazonS3
x-amz-request-id
E58YCY2XRYZAG0GT
ETag
"a5fb8f1f2d8134e0ed8d0ddd6e2ed216"
Content-Type
application/javascript
x-amz-version-id
zKLBpXPQ0a3WAfa28V03GbR.K8C8dUIw
Accept-Ranges
bytes
Content-Length
3338
x-amz-id-2
OiNqCkks7ljRDx9K4RDrTwTPlNqyNVFkXHLZso+o1aM0Shj6VU+AN6x/XfowElSHLECfHpXZ7fo=
url-template.js
angeion-public.s3.amazonaws.com/js/api-gateway/lib/url-template/
13 KB
13 KB
Script
General
Full URL
https://angeion-public.s3.amazonaws.com/js/api-gateway/lib/url-template/url-template.js?v=0.07
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.106.43 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
5c7ce67a9fb86337c254baf03948a73b4e6e361cfad272fdf6884dd069b13037

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 12:38:46 GMT
Last-Modified
Mon, 02 Nov 2020 20:03:22 GMT
Server
AmazonS3
x-amz-request-id
E58K9357964M1EVP
ETag
"16eeb1a057c1f2e031f120196dedfac0"
Content-Type
application/javascript
x-amz-version-id
.dEoookkgq_qAKtB4.MnaNc4wrxSfL0X
Accept-Ranges
bytes
Content-Length
13244
x-amz-id-2
iz+4iCeMz6hYlbYQYjJ13mEmrrpDPqRxpTrwO7VZ59FGZnmyylc+g3kOprf4NBOmRrNmY5BkGcY=
sigV4Client.js
angeion-public.s3.amazonaws.com/js/api-gateway/lib/apiGatewayCore/
8 KB
9 KB
Script
General
Full URL
https://angeion-public.s3.amazonaws.com/js/api-gateway/lib/apiGatewayCore/sigV4Client.js?v=0.07
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.106.43 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
b02596ba3158837b16f3c287bbba96098c323f4dd9ea6f4c875f726548b58d86

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 12:38:46 GMT
Last-Modified
Mon, 02 Nov 2020 20:03:22 GMT
Server
AmazonS3
x-amz-request-id
E58TTBEDKH3Y9MCW
ETag
"e9c199c87ba0a7db5012cd94060ee7c2"
Content-Type
application/javascript
x-amz-version-id
bACWBV7.NFDzjWsrRJtViCEibMKbHCsg
Accept-Ranges
bytes
Content-Length
8451
x-amz-id-2
yg+ZsicIuVYPwP9BXcZ6zwT5I2+jz7MbmryZbOIT9Zczsvy22qgaPWIjwiT/pXZtUF/ZLCvXAaM=
apiGatewayClient.js
angeion-public.s3.amazonaws.com/js/api-gateway/lib/apiGatewayCore/
2 KB
3 KB
Script
General
Full URL
https://angeion-public.s3.amazonaws.com/js/api-gateway/lib/apiGatewayCore/apiGatewayClient.js?v=0.07
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.106.43 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
6aa93baaa0cee35e05245fbfbe31b010fe4ef81288cb8a55785fb316001aa810

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 12:38:46 GMT
Last-Modified
Mon, 02 Nov 2020 20:03:22 GMT
Server
AmazonS3
x-amz-request-id
E58ZXSKAP51M8S6T
ETag
"f67a2fed68b1959f3c223a280f9df917"
Content-Type
application/javascript
x-amz-version-id
BTb6LoRZVkVBC6LOc.0ih8O8IvEo_o5v
Accept-Ranges
bytes
Content-Length
2429
x-amz-id-2
fkHblVWpRkyO3bT1FcmGImhaAoWC2nz9e38kS0CJZufozG4HA8NYHPtRKHpj2SHT9ktdMOZQ5yE=
simpleHttpClient.js
angeion-public.s3.amazonaws.com/js/api-gateway/lib/apiGatewayCore/
3 KB
3 KB
Script
General
Full URL
https://angeion-public.s3.amazonaws.com/js/api-gateway/lib/apiGatewayCore/simpleHttpClient.js?v=0.07
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.106.43 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
aae419d3427dc7e2eafd7f31d190c923ad55177205e992f43ec72208a1acf40c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 12:38:46 GMT
Last-Modified
Mon, 02 Nov 2020 20:03:22 GMT
Server
AmazonS3
x-amz-request-id
E58SMCD45VP5GNDS
ETag
"df1909ce114a6f5b208cbbc6c74a48ab"
Content-Type
application/javascript
x-amz-version-id
Q5Sk9AZ.L2p301k68hw2stwKZW53Uau4
Accept-Ranges
bytes
Content-Length
2966
x-amz-id-2
umc1hG9VlQTnIipXcbir5JNNdAKWyBJPlEtDQ391KQGF8z/Z1bu09s3xwjHu97b/9QSkepUrCtM=
utils.js
angeion-public.s3.amazonaws.com/js/api-gateway/lib/apiGatewayCore/
3 KB
3 KB
Script
General
Full URL
https://angeion-public.s3.amazonaws.com/js/api-gateway/lib/apiGatewayCore/utils.js?v=0.07
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.106.43 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
d9ca748c128ad36d663bcbfa94f9491e5ea8def9df64e5857d7112fc255b544f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 12:38:46 GMT
Last-Modified
Mon, 02 Nov 2020 20:03:22 GMT
Server
AmazonS3
x-amz-request-id
E58JQT00AGXSV2YV
ETag
"a8735571397700e877027ae5f32d29e2"
Content-Type
application/javascript
x-amz-version-id
d.D8aQEdIyr_aaQMdCmvbFtxAdoY.c.A
Accept-Ranges
bytes
Content-Length
2667
x-amz-id-2
7pyTib09dWvcM4vkx4bt3c/9hLtlDh4Y1R0hzoBwspPwCj9JB09AwfnhV3gAUKs4ReXjkzouYDg=
apigClient.js
angeion-public.s3.amazonaws.com/js/api-gateway/
46 KB
47 KB
Script
General
Full URL
https://angeion-public.s3.amazonaws.com/js/api-gateway/apigClient.js?v=0.07
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.106.43 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
391814b972a8329d83950d3e850c35255a5245fbac081d5e4edb1ecb7260e3e1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 12:38:46 GMT
Last-Modified
Mon, 28 Jun 2021 13:10:26 GMT
Server
AmazonS3
x-amz-request-id
E58N11JV2BCJ1SC7
ETag
"8215305bac6937df0009da38c9385293"
Content-Type
application/javascript
x-amz-version-id
bPqQwXBpz40wPCeCuMzcwNlmVyGRDprj
Accept-Ranges
bytes
Content-Length
47395
x-amz-id-2
26NhIMfJayN7TMjuxJhUKko3pupFrncz6IzLmAZZlFdZ/UZFD0bK7JQZKBhuIlP/1RSyZRoM4dM=
pikaday.css
angeion-public.s3.amazonaws.com/css/
4 KB
5 KB
Stylesheet
General
Full URL
https://angeion-public.s3.amazonaws.com/css/pikaday.css?v=0.07
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.106.43 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
3f978a1c2121cf4891c5067159f5d81c856350ca192f541616b2266b32ee6960

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 12:38:46 GMT
Last-Modified
Fri, 14 Jun 2019 13:51:08 GMT
Server
AmazonS3
x-amz-request-id
E58Q1GQ218YNAR7Q
ETag
"4f55c62a11f28c282aa1a1159752c764"
Content-Type
text/css
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
4398
x-amz-id-2
V1saEuxlGiJ8YwRJWLRhGNNrA1gzcFIXthcuOQFTXOfIj7xDIzuImlxExevmlHI7+qKEbOpM4IQ=
pikaday.js
angeion-public.s3.amazonaws.com/js/
41 KB
42 KB
Script
General
Full URL
https://angeion-public.s3.amazonaws.com/js/pikaday.js?v=0.07
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.106.43 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
36ed841f8769dac4ef2955e7c5227bd02b40eedfc98133ae3c8fa0dddaaa4dad

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 12:38:46 GMT
Last-Modified
Fri, 14 Jun 2019 13:50:44 GMT
Server
AmazonS3
x-amz-request-id
E58GKW3EZ831XS1V
ETag
"ea18809b49d28176e8acc7f84109eaff"
Content-Type
application/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
42199
x-amz-id-2
/bhbNxHYsKw+3k9P1Ey54Xl9G/vD5NZSKyxAA9q4oJto03fu2+0l8mgouH8Y3c2pv7DAh3mVpIo=
submit-claim.css
angeion-public.s3.amazonaws.com/css/
8 KB
8 KB
Stylesheet
General
Full URL
https://angeion-public.s3.amazonaws.com/css/submit-claim.css?v=0.07
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.106.43 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
9e6640eb3e061f6fac380366fbc0d6860c351fac89a913d01229706a878419dc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 12:38:46 GMT
Last-Modified
Thu, 06 Aug 2020 20:14:56 GMT
Server
AmazonS3
x-amz-request-id
E58P0BJKDYVBK367
ETag
"20354185d228ec0aba360676045bd7fa"
Content-Type
text/css
x-amz-version-id
jlIFKoAa0_1ohWfeWu4Eo8OdlntXVNEY
Accept-Ranges
bytes
Content-Length
7982
x-amz-id-2
kNcc0ZUNqnNuGAlJ8o+BmacLbKgoXFToTLY3hpqhi8A7lknVf06h1fIlnEfb28jX80XptvJfKtc=
submit-claim.js
angeion-public.s3.amazonaws.com/www.PlaidSettlement.com/js/
42 KB
43 KB
Script
General
Full URL
https://angeion-public.s3.amazonaws.com/www.PlaidSettlement.com/js/submit-claim.js?v=0.07
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.106.43 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
1ebc3867e8593011fdcb6c4fff04676525c456e568d207276f62001f83a49301

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 12:38:46 GMT
Last-Modified
Tue, 11 Jan 2022 18:36:45 GMT
Server
AmazonS3
x-amz-request-id
E58MPGWXYX3MA14E
ETag
"a29b289da78d2bbc2b33a93219917367"
Content-Type
application/javascript
x-amz-version-id
zOZ9N7Gk4LWnF_z_t0WkE5UPUlquuLlD
Accept-Ranges
bytes
Content-Length
43298
x-amz-id-2
8PiiaPqllL9zlUbYUzloOJRX8YqbvnkeemV+11QcCsXUOvZQrMN/wGHbEB2VyM9nyQMlX8gp91Y=
submit-claim-plaid.css
angeion-public.s3.amazonaws.com/www.PlaidSettlement.com/css/
1 KB
1 KB
Stylesheet
General
Full URL
https://angeion-public.s3.amazonaws.com/www.PlaidSettlement.com/css/submit-claim-plaid.css?v=0.07
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.106.43 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
f72c130968e9415b6724d4f53c489e3c8ae69f4dbf11bf37cce995caea77fa3e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 12:38:46 GMT
Last-Modified
Thu, 06 Jan 2022 18:59:26 GMT
Server
AmazonS3
x-amz-request-id
E58QE38XNJ8AAWTT
ETag
"b54b9f7559db6e7e30534ee9f91b2a3e"
Content-Type
text/css
x-amz-version-id
oqiZvntl7d2Rl6CI_KwZdnOeA1fXlU6q
Accept-Ranges
bytes
Content-Length
1105
x-amz-id-2
pSjjSzjAX/BBAmNGD9Xs1DFzZnk73lIHyaFkF9QqKayjfMMm679n7VG4g+gS71pdYlL3pbjtaqM=
submit-claim-plaid.js
angeion-public.s3.amazonaws.com/www.PlaidSettlement.com/js/
10 KB
10 KB
Script
General
Full URL
https://angeion-public.s3.amazonaws.com/www.PlaidSettlement.com/js/submit-claim-plaid.js?v=0.07
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.106.43 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
ab1c30193f9331b6143ac6fbe589a211fdc0171ae54bfa5ca5593a96a15e9622

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 12:38:46 GMT
Last-Modified
Fri, 25 Feb 2022 18:53:05 GMT
Server
AmazonS3
x-amz-request-id
E58ZR3BFQ9SMS3K3
ETag
"2fb6ab78fac6db906666ff2a8627c6ce"
Content-Type
application/javascript
x-amz-version-id
fAMG.GI8EnUg.gryc9RaaaTgH12Vwm3H
Accept-Ranges
bytes
Content-Length
10229
x-amz-id-2
6EwLPl/7wnhiuixwROk2j9zI3xvecz4KIMBsarto0VJVxJc7JIIFYseyXk9KXYm+nPgug9+3Hpc=
js
www.googletagmanager.com/gtag/
180 KB
67 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PEP1EPQ3K9
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2008 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2627b2e8bc243c3c4e36c2e074013c83d8423a47561a74c66b0052806a775142
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 12:38:46 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67834
x-xss-protection
0
expires
Tue, 26 Apr 2022 12:38:46 GMT
poster.jpg
angeion-public.s3.amazonaws.com/www.PlaidSettlement.com/embed/
860 KB
861 KB
Image
General
Full URL
https://angeion-public.s3.amazonaws.com/www.PlaidSettlement.com/embed/poster.jpg
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.106.43 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
e503b4ae287936cc741f769566857afb3e8b8077fb1282f189fa988d8b7e9d9d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 12:38:46 GMT
Last-Modified
Thu, 20 Jan 2022 17:40:02 GMT
Server
AmazonS3
x-amz-request-id
E58KTT663H60X7TK
ETag
"ea5b48591fb311f071393028b4c8c91d"
Content-Type
image/jpeg
x-amz-version-id
QgYleHLuIkgtuqTI9_P3CH5VGzLvQ02u
Accept-Ranges
bytes
Content-Length
880935
x-amz-id-2
Ie/YxyegEdfzQZ3yl1BNA8Kx82luEBzDjA5ZLfaeh7UydoVJm5m/nnsYV2tPzqc6/VKdLYajQII=
host.js
content.digitaldisbursements.com/v1.4.3/assets/
4 KB
4 KB
Script
General
Full URL
https://content.digitaldisbursements.com/v1.4.3/assets/host.js
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ea:5200:1c:a2a8:b080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
53f9b5223361ad333b292f033165a9fedd6dda6db9c701896dbb5fa3c08c73a0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 25 Apr 2022 16:06:37 GMT
via
1.1 d50f0ffd76e03cff5d1f6328069e44e0.cloudfront.net (CloudFront)
last-modified
Sun, 24 Apr 2022 16:05:24 GMT
server
AmazonS3
age
73930
etag
"56b8e774b978f003aa88bf83f5792f33"
x-cache
Hit from cloudfront
x-amz-version-id
nCWtxWehtK1tiqPg5RhXEsQb._iwAyzd
x-amz-cf-pop
EWR50-C1
accept-ranges
bytes
content-type
application/javascript
content-length
4183
x-amz-cf-id
VPncpzdavWVVK2Bk2CzKnUw_lseHyVDsAtzDk8OM-eoAQca2FNNwQQ==
rum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://insight.adsrvr.org/track/pxl/?adv=zdfda0f&ct=0:c5vaoju&fmt=3
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=ZDBjN2U5OTMtNzVjNy00ODkyLWE0ZTQtOWUxYjRiODZiYzll&gdpr=0&gdpr_consent=&ttd_tdid=d0c7e993-75c7-4892-a4e4-9e1b4...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm=&google_sc=&google_hm=ZDBjN2U5OTMtNzVjNy00ODkyLWE0ZTQtOWUxYjRiODZiYzll&gdpr=0&gdpr_consent=&ttd_tdid=d0c7e993-75c7-4892-a4e4-9e1...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=d0c7e993-75c7-4892-a4e4-9e1b4b86bc9e&google_gid=CAESEGtpyZri8pdAwJDWlx7LJKk&google_cver=1
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=d0c7e993-75c7-4892-a4e4-9e1b4b86bc9e&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=d0c7e993-75c7-4892-a4e4-9e1b4b86bc9e
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3Dd0c7e993-75c7-4892-a4e4-9e1b4b86bc9e
  • https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=6087077428651248729&ttd_tdid=d0c7e993-75c7-4892-a4e4-9e1b4b86bc9e
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=d0c7e993-75c7-4892-a4e4-9e1b4b86bc9e&_origin=1&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=d0c7e993-75c7-4892-a4e4-9e1b4b86bc9e&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-REpeJktE2uJZo7_D_ztm8DKjqp0fWxk-~A&gdpr=0&gdpr_consent=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=d0c7e993-75c7-4892-a4e4-9e1b4b86bc9e&expiration=1653568726&gdpr=0&gdpr_consent=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=d0c7e993-75c7-4892-a4e4-9e1b4b86bc9e&expiration=1653568726&gdpr=0&gdpr_consent=&C=1
43 B
1022 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=d0c7e993-75c7-4892-a4e4-9e1b4b86bc9e&expiration=1653568726&gdpr=0&gdpr_consent=&C=1
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Apr 2022 12:38:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 26 Apr 2022 12:38:47 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 26 Apr 2022 12:38:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=d0c7e993-75c7-4892-a4e4-9e1b4b86bc9e&expiration=1653568726&gdpr=0&gdpr_consent=&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
354
Expires
Tue, 26 Apr 2022 12:38:47 GMT
up_loader.1.1.0.js
js.adsrvr.org/
4 KB
5 KB
Script
General
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.160.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-160-114.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 03:16:59 GMT
Via
1.1 6f773b38a039c4c643665ffcabe35fd0.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
33708
ETag
"98d98b3499058b76d58073cf8ede2f10"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Content-Length
4593
X-Amz-Cf-Id
nYwAADyYw5yOvj19gXKaPF7f0AF1yAsDehOh5BzkXMEe8Jb2pJfc1g==
recaptcha__en.js
www.gstatic.com/recaptcha/releases/QENb_qRrX0-mQMyENQjD6Fuj/
361 KB
143 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/QENb_qRrX0-mQMyENQjD6Fuj/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LeVdgEVAAAAAGLdvtrwMCDZcDZzJ300FZHqvmud
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31a5016412f7921a8b08225560d181af8f4a8dc8c762c2709782a1af56b3e984
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://plaidsettlement.com/
Origin
https://plaidsettlement.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 05:38:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25241
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145969
x-xss-protection
0
last-modified
Mon, 18 Apr 2022 04:06:57 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Apr 2023 05:38:05 GMT
fbevents.js
connect.facebook.net/en_US/
99 KB
27 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f027:18:face:b00c:0:3 Chicago, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26311
x-xss-protection
0
pragma
public
x-fb-debug
vQptVGauU2bPHYwhQWeM4BRNovPiDk1sGTKFGsb8R+AxilKD/mVCyhmjJINggxUyaIoHQPM1XhEcGiT0UUhY+Q==
x-fb-trip-id
1781455057
x-frame-options
DENY
date
Tue, 26 Apr 2022 12:38:46 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v47/
10 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oswald/v47/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald|Open+Sans:400italic,600italic,700italic,400,700,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a354f3d28b56276cc1c16d970f65ddb3ecec48cb1b79a1a32e0e3929e584607
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://plaidsettlement.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:16:45 GMT
x-content-type-options
nosniff
age
487321
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9828
x-xss-protection
0
last-modified
Thu, 24 Feb 2022 18:03:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Apr 2023 21:16:45 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald|Open+Sans:400italic,600italic,700italic,400,700,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://plaidsettlement.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 22:45:59 GMT
x-content-type-options
nosniff
age
568367
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:03:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Apr 2023 22:45:59 GMT
Angeion_Plaid_Settlement_Video_(2).mp4
angeion-public.s3.amazonaws.com/www.PlaidSettlement.com/embed/
670 KB
0
Media
General
Full URL
https://angeion-public.s3.amazonaws.com/www.PlaidSettlement.com/embed/Angeion_Plaid_Settlement_Video_(2).mp4
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.106.43 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://plaidsettlement.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 26 Apr 2022 12:38:46 GMT
Last-Modified
Wed, 19 Jan 2022 22:48:51 GMT
Server
AmazonS3
x-amz-request-id
E58JJXQD5J485HMQ
ETag
"41f931a0427ff2f63bbefcb219785654-5"
Content-Type
video/mp4
Content-Range
bytes 0-76867860/76867861
x-amz-version-id
gagDHMk6.IFaH7Y3X.TAhnJiqHPS6dbx
Accept-Ranges
bytes
Content-Length
76867861
x-amz-id-2
abQFNYRpHq9UlfVdkxK7k0okTNKGeMc8c2qgsv7TMZTKIOxh1CxCDi+aIFRT4y4uHKyWt8wbdXk=
728463661459652
connect.facebook.net/signals/config/
305 KB
87 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/728463661459652?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f027:18:face:b00c:0:3 Chicago, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
40b02705e31cfc383fe3f957e4cd08c6f010b60627a54866a1921cede3be3a96
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
88800
x-xss-protection
0
pragma
public
x-fb-debug
NSiO2gKjaxiBEUzIG2ltm9SDmJOQHhN8YjXUl+LAb2r7Za/0b56ChG8Ar22/HPr+Ao8PDitnYmCD8pVAcQMFJw==
x-fb-trip-id
1781455057
x-frame-options
DENY
date
Tue, 26 Apr 2022 12:38:46 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
index.html
content.digitaldisbursements.com/v1.4.3/ Frame 6E74
815 B
1 KB
Document
General
Full URL
https://content.digitaldisbursements.com/v1.4.3/index.html?d1e9c7e08cb9564b0dd7d52067b4573a25d2b197fe12d315b3186637792b2dcf&%7B%22verify%22%3Afalse%7D
Requested by
Host: content.digitaldisbursements.com
URL: https://content.digitaldisbursements.com/v1.4.3/assets/host.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ea:5200:1c:a2a8:b080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
114e02e72cbbdf9ed3231e23769fb82df145059740c2e05ec768344c6a31f41c

Request headers

Referer
https://plaidsettlement.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
73911
content-length
815
content-type
text/html
date
Mon, 25 Apr 2022 16:06:56 GMT
etag
"efe0f4eb044fc5ad43675089f26e235d"
last-modified
Wed, 16 Sep 2020 21:01:34 GMT
server
AmazonS3
via
1.1 d50f0ffd76e03cff5d1f6328069e44e0.cloudfront.net (CloudFront)
x-amz-cf-id
2lT-27JvvFDFTg9oTi5SLUxfcbzeVnACA35aTRmAERWsiCUs7ovYzw==
x-amz-cf-pop
EWR50-C1
x-amz-version-id
null
x-cache
Hit from cloudfront
loading.gif
angeion-public.s3.amazonaws.com/img/
43 KB
43 KB
Image
General
Full URL
https://angeion-public.s3.amazonaws.com/img/loading.gif
Requested by
Host: angeion-public.s3.amazonaws.com
URL: https://angeion-public.s3.amazonaws.com/css/static.css?v=0.07
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.106.43 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
5efd90918cf06e52b0d529317f067ac0fc658356ca338d95c5a54ef9690ff77a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://angeion-public.s3.amazonaws.com/css/static.css?v=0.07
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 12:38:47 GMT
Last-Modified
Thu, 11 Jul 2019 15:30:37 GMT
Server
AmazonS3
x-amz-request-id
Z9D2QTWFET3C31HA
ETag
"f7ccc9e1852de0225d0800fc38406020"
Content-Type
image/gif
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
43906
x-amz-id-2
8eo3pAyCzT6kFwBKiZFzWPfaFbi0LKX5+kYDLuiEP1b9gz4RseaA9tKd5BQqCLsUgaE4MyEfppI=
deadline
uae4khqoag.execute-api.us-east-1.amazonaws.com/prod/claims/ Frame
0
0
Preflight
General
Full URL
https://uae4khqoag.execute-api.us-east-1.amazonaws.com/prod/claims/deadline?domain=www.plaidsettlement.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.23.244.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-244-189.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-api-key
Access-Control-Request-Method
GET
Origin
https://plaidsettlement.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
OPTIONS,GET
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Tue, 26 Apr 2022 12:38:46 GMT
x-amz-apigw-id
RMEpfEkeoAMFx5Q=
x-amzn-requestid
65323761-6365-4164-8333-8444ed42a80a
deadline
uae4khqoag.execute-api.us-east-1.amazonaws.com/prod/claims/
151 B
424 B
XHR
General
Full URL
https://uae4khqoag.execute-api.us-east-1.amazonaws.com/prod/claims/deadline?domain=www.plaidsettlement.com
Requested by
Host: angeion-public.s3.amazonaws.com
URL: https://angeion-public.s3.amazonaws.com/js/api-gateway/lib/axios/dist/axios.standalone.js?v=0.07
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.23.244.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-244-189.compute-1.amazonaws.com
Software
/
Resource Hash
403a9d8e1ee1d1488177686f45e02c4ca4df1a218931285694d17112e2ce781e

Request headers

Accept
application/json
Referer
https://plaidsettlement.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
x-api-key
AfbgDFMV5w3CQfrul1CMH4tLS0BYFqsl7FyjPEsB

Response headers

date
Tue, 26 Apr 2022 12:38:46 GMT
x-amzn-requestid
7cba2ba3-34f3-4e01-8378-dad5e864d6f5
x-custom-header
get angeion claim deadline information
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-6267e7d6-71c1da0e5fa8141a60c90515
access-control-allow-credentials
true
x-amz-apigw-id
RMEpgFJTIAMFoxg=
content-length
151
collect
www.google-analytics.com/g/
0
349 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-PEP1EPQ3K9&gtm=2oe4k0&_p=2068977153&_z=ccd.NbB&cid=1877147592.1650976726&ul=en-us&sr=1600x1200&_s=1&sid=1650976726&sct=1&seg=0&dl=https%3A%2F%2Fplaidsettlement.com%2Fsubmit-claim.php&dt=Submit%20Claim%20%7C%20Plaid%20Inc.%20Privacy%20Litigation&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PEP1EPQ3K9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200e Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Apr 2022 12:38:46 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://plaidsettlement.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
180 KB
66 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-W6YTEY4NZ1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PEP1EPQ3K9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2008 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b4d66b9dd7e081b9ce61362b20694bdafa8f9bd8abe8762d0e8695111cf8d8f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 12:38:46 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67870
x-xss-protection
0
expires
Tue, 26 Apr 2022 12:38:46 GMT
js
www.googletagmanager.com/gtag/
105 KB
41 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-10839088199&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PEP1EPQ3K9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2008 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0bc4f3de8ab70e0f47ff30405a963ed99e868437bfcaba08693d56f76937b518
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 12:38:46 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42267
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 26 Apr 2022 12:38:46 GMT
anchor
www.google.com/recaptcha/api2/ Frame 66C8
43 KB
22 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeVdgEVAAAAAGLdvtrwMCDZcDZzJ300FZHqvmud&co=aHR0cHM6Ly9wbGFpZHNldHRsZW1lbnQuY29tOjQ0Mw..&hl=en&v=QENb_qRrX0-mQMyENQjD6Fuj&size=invisible&cb=frvid1dpr59c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QENb_qRrX0-mQMyENQjD6Fuj/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2004 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e234ae0320a643f45c7a44c064f08d299285a49114b04c71c70f77df9531e663
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-EDpX6xmYV+kHMTMMMB3IlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://plaidsettlement.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22894
content-security-policy
script-src 'report-sample' 'nonce-EDpX6xmYV+kHMTMMMB3IlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 26 Apr 2022 12:38:46 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ Frame 6E74
8 KB
732 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Requested by
Host: content.digitaldisbursements.com
URL: https://content.digitaldisbursements.com/v1.4.3/index.html?d1e9c7e08cb9564b0dd7d52067b4573a25d2b197fe12d315b3186637792b2dcf&%7B%22verify%22%3Afalse%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3fa49132cfd4ae80349a262b643fc4f9afa40c41a56032d7e05c3500f4ec9313
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://content.digitaldisbursements.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 12:15:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 26 Apr 2022 12:38:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 26 Apr 2022 12:38:46 GMT
icon
fonts.googleapis.com/ Frame 6E74
569 B
367 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: content.digitaldisbursements.com
URL: https://content.digitaldisbursements.com/v1.4.3/index.html?d1e9c7e08cb9564b0dd7d52067b4573a25d2b197fe12d315b3186637792b2dcf&%7B%22verify%22%3Afalse%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c6d177b64657bb3568560df466c6e81d5117b3115b7f2f9945d852f565d72cde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://content.digitaldisbursements.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 12:38:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 26 Apr 2022 12:38:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 26 Apr 2022 12:38:46 GMT
browser-polyfill.min.js
cdnjs.cloudflare.com/ajax/libs/babel-core/5.6.15/ Frame 6E74
83 KB
21 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/babel-core/5.6.15/browser-polyfill.min.js
Requested by
Host: content.digitaldisbursements.com
URL: https://content.digitaldisbursements.com/v1.4.3/index.html?d1e9c7e08cb9564b0dd7d52067b4573a25d2b197fe12d315b3186637792b2dcf&%7B%22verify%22%3Afalse%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9c15a2727855b6b24591dc43d1c522d04a3859180ea246f4c990d4de63af0db
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://content.digitaldisbursements.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 12:38:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
86983
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21126
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:06:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d6a-14cd3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DzFG%2BkNcL7x0Qe%2FS6unjtys72tGFpeiOh%2F8K6PQbHGs%2BafpDukUMG%2FSMkoQwGUrd%2FA5M3WH2NR19DqhiW2W%2Fyhn74BjQ2hO7ZeRN1KSD%2BOTt0DbOYq6uqvo29IUvYiBN6EK2%2B9A6KwrrfW6mWgwgeDBu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
701f609b1892d15b-BUF
expires
Sun, 16 Apr 2023 12:38:46 GMT
react.production.min.js
unpkg.com/react@16.14.0/umd/ Frame 6E74
Redirect Chain
  • https://unpkg.com/react@16/umd/react.production.min.js
  • https://unpkg.com/react@16.14.0/umd/react.production.min.js
12 KB
5 KB
Script
General
Full URL
https://unpkg.com/react@16.14.0/umd/react.production.min.js
Requested by
Host: content.digitaldisbursements.com
URL: https://content.digitaldisbursements.com/v1.4.3/index.html?d1e9c7e08cb9564b0dd7d52067b4573a25d2b197fe12d315b3186637792b2dcf&%7B%22verify%22%3Afalse%7D
Protocol
H2
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cef9367d2bcaba25b74d20e0e139d2cf900e9123e5fde26101aee7f40f6b5cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://content.digitaldisbursements.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 12:38:46 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
4476117
fly-request-id
01FXDHAZ9B3Z88TMHKHCYZV3KV-lga
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"30af-G0yLdpwwlM9Jmz5wcsN3bvOe0C0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
701f609f78f2d15f-BUF

Redirect headers

date
Tue, 26 Apr 2022 12:38:46 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
EXPIRED
fly-request-id
01G1JY39CA38EX06NEWRFABJK9-lga
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/react@16.14.0/umd/react.production.min.js
cache-control
public, s-maxage=600, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
701f609b7c13d15f-BUF
react-dom.production.min.js
unpkg.com/react-dom@16.14.0/umd/ Frame 6E74
Redirect Chain
  • https://unpkg.com/react-dom@16/umd/react-dom.production.min.js
  • https://unpkg.com/react-dom@16.14.0/umd/react-dom.production.min.js
116 KB
38 KB
Script
General
Full URL
https://unpkg.com/react-dom@16.14.0/umd/react-dom.production.min.js
Requested by
Host: content.digitaldisbursements.com
URL: https://content.digitaldisbursements.com/v1.4.3/index.html?d1e9c7e08cb9564b0dd7d52067b4573a25d2b197fe12d315b3186637792b2dcf&%7B%22verify%22%3Afalse%7D
Protocol
H2
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4949f4e1cff9e8a960b44c9a8be70bc4bb10216eb4d0123ca61753e0908a0f87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://content.digitaldisbursements.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 12:38:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
15337688
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"1cf80-NADCsuguidx6ZmGXUZs/qIwlw4Q"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
b50678bd6cf0f414f8386c01f03f6bc2
cache-control
public, max-age=31536000
cf-ray
701f609e1d47d15f-BUF

Redirect headers

date
Tue, 26 Apr 2022 12:38:46 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
EXPIRED
fly-request-id
01G1JY36SBRWBD6VSFMN83X5HM-lga
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/react-dom@16.14.0/umd/react-dom.production.min.js
cache-control
public, s-maxage=600, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
701f609b7c18d15f-BUF
embedded.js
content.digitaldisbursements.com/v1.4.3/assets/ Frame 6E74
414 KB
415 KB
Script
General
Full URL
https://content.digitaldisbursements.com/v1.4.3/assets/embedded.js?1
Requested by
Host: content.digitaldisbursements.com
URL: https://content.digitaldisbursements.com/v1.4.3/index.html?d1e9c7e08cb9564b0dd7d52067b4573a25d2b197fe12d315b3186637792b2dcf&%7B%22verify%22%3Afalse%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ea:5200:1c:a2a8:b080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb4b9584d9fe120ba98c10023dfb38f32a3c3656d719789f8b69b6f0cca413c2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://content.digitaldisbursements.com/v1.4.3/index.html?d1e9c7e08cb9564b0dd7d52067b4573a25d2b197fe12d315b3186637792b2dcf&%7B%22verify%22%3Afalse%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 25 Apr 2022 16:06:38 GMT
via
1.1 d50f0ffd76e03cff5d1f6328069e44e0.cloudfront.net (CloudFront)
last-modified
Sun, 24 Apr 2022 16:05:24 GMT
server
AmazonS3
age
73929
etag
"f66946ac193e467943fc18c9e1e27d39"
x-cache
Hit from cloudfront
x-amz-version-id
7lqbvFvaeE2FNMfKeYzscUx_lg8y7rl6
x-amz-cf-pop
EWR50-C1
accept-ranges
bytes
content-type
application/javascript
content-length
423985
x-amz-cf-id
kwuNIwS1YfuygxUEUzvLOhFB8PfLLIilQzQ-bjT4eBxHp7JTWMpkcw==
/
www.facebook.com/tr/
44 B
409 B
Image
General
Full URL
https://www.facebook.com/tr/?id=728463661459652&ev=PageView&dl=https%3A%2F%2Fplaidsettlement.com%2Fsubmit-claim.php&rl=&if=false&ts=1650976726310&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1650976726303.1280351929&it=1650976726068&coo=false&rqm=GET
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f127:83:face:b00c:0:25de Chicago, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 12:38:46 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Tue, 26 Apr 2022 12:38:46 GMT
truncated
/
547 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
552 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
715 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
380 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type
image/svg+xml
styles__ltr.css
www.gstatic.com/recaptcha/releases/QENb_qRrX0-mQMyENQjD6Fuj/ Frame 66C8
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/QENb_qRrX0-mQMyENQjD6Fuj/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeVdgEVAAAAAGLdvtrwMCDZcDZzJ300FZHqvmud&co=aHR0cHM6Ly9wbGFpZHNldHRsZW1lbnQuY29tOjQ0Mw..&hl=en&v=QENb_qRrX0-mQMyENQjD6Fuj&size=invisible&cb=frvid1dpr59c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 05:38:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25232
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 18 Apr 2022 04:06:57 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Apr 2023 05:38:14 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/QENb_qRrX0-mQMyENQjD6Fuj/ Frame 66C8
361 KB
143 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/QENb_qRrX0-mQMyENQjD6Fuj/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeVdgEVAAAAAGLdvtrwMCDZcDZzJ300FZHqvmud&co=aHR0cHM6Ly9wbGFpZHNldHRsZW1lbnQuY29tOjQ0Mw..&hl=en&v=QENb_qRrX0-mQMyENQjD6Fuj&size=invisible&cb=frvid1dpr59c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31a5016412f7921a8b08225560d181af8f4a8dc8c762c2709782a1af56b3e984
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 05:38:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25241
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145969
x-xss-protection
0
last-modified
Mon, 18 Apr 2022 04:06:57 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Apr 2023 05:38:05 GMT
collect
www.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-W6YTEY4NZ1&gtm=2oe4k0&_p=2068977153&_z=ccd.NbB&cid=1877147592.1650976726&ul=en-us&sr=1600x1200&_s=1&sid=1650976726&sct=1&seg=0&dl=https%3A%2F%2Fplaidsettlement.com%2Fsubmit-claim.php&dt=Submit%20Claim%20%7C%20Plaid%20Inc.%20Privacy%20Litigation&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W6YTEY4NZ1&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200e Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Apr 2022 12:38:46 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://plaidsettlement.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/
39 KB
15 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10839088199&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
4902dcbc3d3c97271a66bc136ec40b0c72422ccd05bb9946aa76382e50c5d6fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 12:38:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14897
x-xss-protection
0
server
cafe
etag
9926226332162747720
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 26 Apr 2022 12:38:46 GMT
truncated
/
177 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
351 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
242 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type
image/svg+xml
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 66C8
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QENb_qRrX0-mQMyENQjD6Fuj/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/QENb_qRrX0-mQMyENQjD6Fuj/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sat, 23 Apr 2022 13:59:43 GMT
x-content-type-options
nosniff
age
254343
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Sat, 30 Apr 2022 13:59:43 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 66C8
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeVdgEVAAAAAGLdvtrwMCDZcDZzJ300FZHqvmud&co=aHR0cHM6Ly9wbGFpZHNldHRsZW1lbnQuY29tOjQ0Mw..&hl=en&v=QENb_qRrX0-mQMyENQjD6Fuj&size=invisible&cb=frvid1dpr59c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 15:59:51 GMT
x-content-type-options
nosniff
age
592735
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 19 Apr 2023 15:59:51 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 66C8
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeVdgEVAAAAAGLdvtrwMCDZcDZzJ300FZHqvmud&co=aHR0cHM6Ly9wbGFpZHNldHRsZW1lbnQuY29tOjQ0Mw..&hl=en&v=QENb_qRrX0-mQMyENQjD6Fuj&size=invisible&cb=frvid1dpr59c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 07:04:51 GMT
x-content-type-options
nosniff
age
20035
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Apr 2023 07:04:51 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 66C8
102 B
134 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=QENb_qRrX0-mQMyENQjD6Fuj
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeVdgEVAAAAAGLdvtrwMCDZcDZzJ300FZHqvmud&co=aHR0cHM6Ly9wbGFpZHNldHRsZW1lbnQuY29tOjQ0Mw..&hl=en&v=QENb_qRrX0-mQMyENQjD6Fuj&size=invisible&cb=frvid1dpr59c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2004 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ab7a109d14237f73ec66836579662feb032f6b77457d8013eed6af880d722100
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeVdgEVAAAAAGLdvtrwMCDZcDZzJ300FZHqvmud&co=aHR0cHM6Ly9wbGFpZHNldHRsZW1lbnQuY29tOjQ0Mw..&hl=en&v=QENb_qRrX0-mQMyENQjD6Fuj&size=invisible&cb=frvid1dpr59c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 12:38:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Tue, 26 Apr 2022 12:38:46 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10839088199/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10839088199/?random=1650976726715&cv=9&fst=1650976726715&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa4k0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fplaidsettlement.com%2Fsubmit-claim.php&tiba=Submit%20Claim%20%7C%20Plaid%20Inc.%20Privacy%20Litigation&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
e8a6d48cea282f8796872c5028c89f63612a5cdab2c85345cf535a4fb48554b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Apr 2022 12:38:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1041
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/10839088199/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/10839088199/?random=1650976726715&cv=9&fst=1650974400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa4k0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fplaidsettlement.com%2Fsubmit-claim.php&tiba=Submit%20Claim%20%7C%20Plaid%20Inc.%20Privacy%20Litigation&async=1&fmt=3&is_vtc=1&random=1620107163&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2004 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Apr 2022 12:38:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
settings
data.digitaldisbursements.com/js/ Frame 6E74
177 B
605 B
XHR
General
Full URL
https://data.digitaldisbursements.com/js/settings?publicKey=d1e9c7e08cb9564b0dd7d52067b4573a25d2b197fe12d315b3186637792b2dcf
Requested by
Host: content.digitaldisbursements.com
URL: https://content.digitaldisbursements.com/v1.4.3/assets/embedded.js?1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.31.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-31-92.ewr53.r.cloudfront.net
Software
/
Resource Hash
b6b39ae0bb963230954de9d6aabe79d0a221d886bb9a87b1937ce44587361745

Request headers

Referer
https://content.digitaldisbursements.com/
x-attempt
1
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 12:38:47 GMT
via
1.1 98ff52bb9a3187350f3ea674f4110afa.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
177
x-amz-cf-pop
EWR53-C2
x-amzn-requestid
d9912319-89f7-4566-8d37-28d633ce76c7
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
https://content.digitaldisbursements.com
x-amzn-trace-id
Root=1-6267e7d7-797b9c1067d9f5b8194488f2
x-amz-apigw-id
RMEpqG0BoAMFgZQ=
content-length
177
x-amz-cf-id
peWSlQnf1aix-IzPH2kEDbqMCZyi54jHCBYFupm36Cm0tAkGktjtOg==
settings
data.digitaldisbursements.com/js/ Frame
0
0
Preflight
General
Full URL
https://data.digitaldisbursements.com/js/settings?publicKey=d1e9c7e08cb9564b0dd7d52067b4573a25d2b197fe12d315b3186637792b2dcf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.31.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-31-92.ewr53.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-attempt
Access-Control-Request-Method
GET
Origin
https://content.digitaldisbursements.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent,X-Attempt
access-control-allow-methods
OPTIONS,GET
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Tue, 26 Apr 2022 12:38:47 GMT
via
1.1 98ff52bb9a3187350f3ea674f4110afa.cloudfront.net (CloudFront)
x-amz-apigw-id
RMEppHX3oAMFT-g=
x-amz-cf-id
Xh0oRX2yY7_XDOkxgVxeKAy1SMJ53w1Jp5dIQLYvAJFUaFa75P2ODw==
x-amz-cf-pop
EWR53-C2
x-amzn-requestid
1038b659-933f-4cfa-8f78-b41c4d49ecdd
x-amzn-trace-id
Root=1-6267e7d7-1aafcc636ee123ed10fd0d27
x-cache
Miss from cloudfront
up
insight.adsrvr.org/track/ Frame E500
833 B
1 KB
Document
General
Full URL
https://insight.adsrvr.org/track/up?adv=zdfda0f&ref=https%3A%2F%2Fplaidsettlement.com%2Fsubmit-claim.php&upid=h8uxpcj&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
b97242cffd3e49e8163565658f699fec2ef3cdfc1f1905572458c12c12e2a06b

Request headers

Referer
https://plaidsettlement.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Tue, 26 Apr 2022 12:38:47 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame E500
487 B
964 B
Script
General
Full URL
https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by
Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=zdfda0f&ref=https%3A%2F%2Fplaidsettlement.com%2Fsubmit-claim.php&upid=h8uxpcj&upv=1.1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.160.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-160-114.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://insight.adsrvr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 02:06:35 GMT
Via
1.1 6f773b38a039c4c643665ffcabe35fd0.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:32 GMT
Server
AmazonS3
Age
37933
ETag
"f0a7a3296da7382ce6bc1a3b6769e927"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Content-Length
487
X-Amz-Cf-Id
YU01v7bEiNa_B0Ok_VS4W-yl-xBQnA_rrECwHtZv2R_Py4w-J5APXA==
generic
match.adsrvr.org/track/cmf/ Frame F1FC
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=d0c7e993-75c7-4892-a4e4-9e1b4b86bc9e&r=https%3A%2F%2Fmatch.adsrvr.org%2...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
70 B
693 B
Document
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Tue, 26 Apr 2022 12:38:47 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, private
date
Tue, 26 Apr 2022 12:38:47 GMT
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
va1pug001:0:293
generic
match.adsrvr.org/track/cmf/ Frame BCC1
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=d0c7e993-75c7-4892-a4e4-9e1b4b86bc9e&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=93&user_group=1&user_id=d0c7e993-75c7-4892-a4e4-9e1b4b86bc9e&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
70 B
693 B
Document
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Tue, 26 Apr 2022 12:38:47 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Tue, 26 Apr 2022 12:38:47 GMT
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Server
nginx
config.json
content.digitaldisbursements.com/data/d1e9c7e08cb9564b0dd7d52067b4573a25d2b197fe12d315b3186637792b2dcf/ Frame 6E74
2 B
418 B
XHR
General
Full URL
https://content.digitaldisbursements.com/data/d1e9c7e08cb9564b0dd7d52067b4573a25d2b197fe12d315b3186637792b2dcf/config.json
Requested by
Host: content.digitaldisbursements.com
URL: https://content.digitaldisbursements.com/v1.4.3/assets/embedded.js?1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ea:5200:1c:a2a8:b080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://content.digitaldisbursements.com/v1.4.3/index.html?d1e9c7e08cb9564b0dd7d52067b4573a25d2b197fe12d315b3186637792b2dcf&%7B%22verify%22%3Afalse%7D
x-attempt
1
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 26 Apr 2022 12:38:48 GMT
via
1.1 d50f0ffd76e03cff5d1f6328069e44e0.cloudfront.net (CloudFront)
last-modified
Wed, 04 Aug 2021 18:28:06 GMT
server
AmazonS3
x-amz-cf-pop
EWR50-C1
etag
"99914b932bd37a50b983c5e7c90ae93b"
x-cache
Error from cloudfront
x-amz-version-id
1lbMtohYRqbP8prtJAR4z7oW8MUqAcTQ
cache-control
no-store, max-age=0
accept-ranges
bytes
content-type
application/json
content-length
2
x-amz-cf-id
LyPWm_JplgroZ53KIxxMq69dba-Htj7zl7IuM3kdXgv2xKxXGRuqWw==
paypal.png
content.digitaldisbursements.com/v1.4.3/assets/ Frame 6E74
38 KB
38 KB
Image
General
Full URL
https://content.digitaldisbursements.com/v1.4.3/assets/paypal.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ea:5200:1c:a2a8:b080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9e33847ccd5dad9d677c08c7cab1d1540ec421185bc5e200a4a33ad5b313931c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://content.digitaldisbursements.com/v1.4.3/index.html?d1e9c7e08cb9564b0dd7d52067b4573a25d2b197fe12d315b3186637792b2dcf&%7B%22verify%22%3Afalse%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 16:06:59 GMT
via
1.1 d50f0ffd76e03cff5d1f6328069e44e0.cloudfront.net (CloudFront)
last-modified
Sat, 08 Aug 2020 02:36:17 GMT
server
AmazonS3
age
73909
etag
"03f2cd032c4d6c7dcf76e385866c8a71"
x-cache
Hit from cloudfront
x-amz-version-id
null
x-amz-cf-pop
EWR50-C1
accept-ranges
bytes
content-type
image/png
content-length
38968
x-amz-cf-id
fmtwZYLujVL5dYYHVql_MqyoHJsmBzxGXC-UqbbgUI-eBvqMjan6SA==
venmo.png
content.digitaldisbursements.com/v1.4.3/assets/ Frame 6E74
19 KB
19 KB
Image
General
Full URL
https://content.digitaldisbursements.com/v1.4.3/assets/venmo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ea:5200:1c:a2a8:b080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f0f7ba42166efa996e55ea4c79890fdf7bd272b9ddeaaaf9c180f9d7a98098e4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://content.digitaldisbursements.com/v1.4.3/index.html?d1e9c7e08cb9564b0dd7d52067b4573a25d2b197fe12d315b3186637792b2dcf&%7B%22verify%22%3Afalse%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 16:06:59 GMT
via
1.1 d50f0ffd76e03cff5d1f6328069e44e0.cloudfront.net (CloudFront)
last-modified
Sat, 08 Aug 2020 02:36:17 GMT
server
AmazonS3
age
73909
etag
"cb7f37ac752a1127e61585c5e792229f"
x-cache
Hit from cloudfront
x-amz-version-id
null
x-amz-cf-pop
EWR50-C1
accept-ranges
bytes
content-type
image/png
content-length
19121
x-amz-cf-id
UmBGeZOHYyLQVmqnMIeykIPE30zUJJbXyjRdgWo0a4ECE47ZRCq9fA==
ach.png
content.digitaldisbursements.com/v1.4.3/assets/ Frame 6E74
13 KB
13 KB
Image
General
Full URL
https://content.digitaldisbursements.com/v1.4.3/assets/ach.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ea:5200:1c:a2a8:b080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8019ea74ff5b9805afe7a3cd2cc34b0a121938d7456c9798e17f4c2e5f77a620

Request headers

accept-language
en-US,en;q=0.9
Referer
https://content.digitaldisbursements.com/v1.4.3/index.html?d1e9c7e08cb9564b0dd7d52067b4573a25d2b197fe12d315b3186637792b2dcf&%7B%22verify%22%3Afalse%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 16:06:39 GMT
via
1.1 d50f0ffd76e03cff5d1f6328069e44e0.cloudfront.net (CloudFront)
last-modified
Sat, 08 Aug 2020 02:36:16 GMT
server
AmazonS3
age
73929
etag
"7494b4bf46acb79d5573be5352ddb7fa"
x-cache
Hit from cloudfront
x-amz-version-id
null
x-amz-cf-pop
EWR50-C1
accept-ranges
bytes
content-type
image/png
content-length
13399
x-amz-cf-id
1dLShtwlaMK3d2W_9IuRCj8DTC0nbHugaoFjbCFdzlk3rUPRYL4ZTw==
/
www.facebook.com/tr/
44 B
91 B
Image
General
Full URL
https://www.facebook.com/tr/?id=728463661459652&ev=Microdata&dl=https%3A%2F%2Fplaidsettlement.com%2Fsubmit-claim.php&rl=&if=false&ts=1650976727815&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Submit%20Claim%20%7C%20Plaid%20Inc.%20Privacy%20Litigation%22%2C%22meta%3Akeywords%22%3A%22plaid%20app%2C%20account%20login%2C%20plaid%20bank%2C%20plaid%20account%2C%20plaid%20not%20connecting%20to%20bank%2C%20plaid%20login%2C%20plaid%20financial%2C%20plaid%20to%20link%20bank%20account%2C%20plaid%20link%2C%20plaid%20bank%20account%2C%20plaid%20link%20bank%2C%20using%20plaid%20to%20link%20bank%20account%2C%20apps%20that%20use%20plaid%2C%20plaid%20connect%20to%20bank%2C%20plaid%20credentials%2C%20plaid%20bank%20linking%2C%20banks%20that%20use%20plaid%2C%20plaid%20for%20banking%2C%20plaid%20linking%20bank%20account%2C%20plaid%20apps%2C%20plaid%20banking%20app%2C%20plaid%20privacy%2C%20plaid%20bank%20login%2C%20bank%20not%20on%20plaid%2C%20plaid%20bank%20connection%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1650976726303.1280351929&it=1650976726068&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f127:83:face:b00c:0:25de Chicago, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 12:38:47 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 26 Apr 2022 12:38:47 GMT

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| closeFAQ function| openFAQ function| scrollFAQ object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| axios object| CryptoJS function| uritemplate object| apiGateway object| apigClientFactory function| Pikaday function| safeTag function| localDatetime function| displayMessage function| clearMessage function| loadMember function| toggleFieldError function| toggleFieldWarning function| validateField function| validRequire function| validFileSize function| validFileType function| validURL function| validEmail function| validZipCode function| validPhone function| validInteger function| validFloat function| validPrice function| validMinLength function| validMaxLength function| validGreaterThan function| validLessThan function| validDate function| validMinDate function| validMaxDate function| validRegex function| customInitFields function| customInitClaim function| customLoadMember function| customProcessClaim function| customConfirmation function| customValidateField function| customToggleFieldError function| requireRow function| toggleRequiredField function| gtag object| dataLayer function| fbq function| _fbq function| dstPaymentForm function| ttd_dom_ready function| TTDUniversalPixelApi object| google_tag_manager object| google_tag_data object| gaGlobal function| onYouTubeIframeAPIReady object| recaptcha object| closure_lm_885136 function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO

27 Cookies

Domain/Path Name / Value
plaidsettlement.com/ Name: AWSALB
Value: HqguRNEXkWdTanMKJvZf99eZRVd7aGuY9Xr0dmxTEdroaQaAlN7oearajmz9jx1+XlmwtX0UfcPhw9GvjTuSwevRun3CTOnjaT/WsJNW1IIB4psa11LimYYI35MH
plaidsettlement.com/ Name: AWSALBCORS
Value: HqguRNEXkWdTanMKJvZf99eZRVd7aGuY9Xr0dmxTEdroaQaAlN7oearajmz9jx1+XlmwtX0UfcPhw9GvjTuSwevRun3CTOnjaT/WsJNW1IIB4psa11LimYYI35MH
.adsrvr.org/ Name: TDID
Value: d0c7e993-75c7-4892-a4e4-9e1b4b86bc9e
.plaidsettlement.com/ Name: _ga
Value: GA1.1.1877147592.1650976726
.doubleclick.net/ Name: IDE
Value: AHWqTUkNliv0MiBbvNtq62ZXUTWgUTC4DPcGJY21wHAsNOWJQeIG5RA-zg12eWYkNSw
.plaidsettlement.com/ Name: _fbp
Value: fb.1.1650976726303.1280351929
.plaidsettlement.com/ Name: _gcl_au
Value: 1.1.1229515229.1650976726
.facebook.com/ Name: fr
Value: 08cbGmEjWN9FVJ5XY..BiZ-fW...1.0.BiZ-fW.
.rubiconproject.com/ Name: khaos
Value: L2G4WZ55-U-53HL
.rubiconproject.com/ Name: audit
Value: 1|hEBU5vdGPlcGnnPt7Pes5ZO4qjWHqnMqfh2iHFmToX9+xL8LlrcUaIpBpASDIwxhlChkXYsWDpeM1KxoLazIt9i2Wk5FrGos0XY24Ec+XLsc/LVKTmxqkYUp6qfTcCEwPUYgGFOPjrsQyXACeBvLJ3zq2RacNwSsNRiGzdJL1f9bOz6AjJtUa8ZnH3r7x5VAdeodiyl5GGjkt77VmXBK7kiCfUmSYXqD+ohH/uuQN8oOr/S07bYDcYQkZmofZQkSVSwKu1RXSJT0/fhu8/pkBO4VeIulq+4M1TRwmTZWV3Xc6UO785F0Pw==
.adnxs.com/ Name: uuid2
Value: 6087077428651248729
.yahoo.com/ Name: A3
Value: d=AQABBNbnZ2ICEFQaSfPtFe6cYb7478GTQZMFEgEBAQE5aWJxYgAAAAAA_eMAAA&S=AQAAAuxnX_IMt-V-MT9SheOPi7s
.analytics.yahoo.com/ Name: IDSYNC
Value: 1769~24jo
.casalemedia.com/ Name: CMID
Value: Ymfn1xphq6byDEUi6iHhIQAA
.casalemedia.com/ Name: CMPS
Value: 1018
.casalemedia.com/ Name: CMPRO
Value: 518
.casalemedia.com/ Name: CMRUM3
Value: 276267e7d72760d0c7e993-75c7-4892-a4e4-9e1b4b86bc9e
.casalemedia.com/ Name: CMST
Value: Ymfn12Jn59cA
.plaidsettlement.com/ Name: _ga_PEP1EPQ3K9
Value: GS1.1.1650976726.1.0.1650976727.0
.plaidsettlement.com/ Name: _ga_W6YTEY4NZ1
Value: GS1.1.1650976726.1.0.1650976727.0
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-d0c7e993-75c7-4892-a4e4-9e1b4b86bc9e&KRTB&22918-d0c7e993-75c7-4892-a4e4-9e1b4b86bc9e&KRTB&23031-d0c7e993-75c7-4892-a4e4-9e1b4b86bc9e
.pubmatic.com/ Name: PugT
Value: 1650976727
.pubmatic.com/ Name: PUBMDCID
Value: 2
.bidswitch.net/ Name: tuuid
Value: 79b5952c-3d8b-4596-86a2-04afbfda8e8d
.bidswitch.net/ Name: c
Value: 1650976727
.bidswitch.net/ Name: tuuid_lu
Value: 1650976727
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsI7Iyu0ffi0zoQBRIWCgdydWJpY29uEgsI7Iyu0ffi0zoQBRIXCghhcHBuZXh1cxILCLSQ7NX34tM6EAUSGQoKcmlnaHRtZWRpYRILCLSQ7NX34tM6EAUSFQoGY2FzYWxlEgsIuuKa1_fi0zoQBRIXCghwdWJtYXRpYxILCLTU_Nn34tM6EAUSGAoJYmlkc3dpdGNoEgsItNT82ffi0zoQBRgFIAIoAzILCLTM_4aO49M6EAVCDyINCAESCQoFdGllcjMQAVoHemRmZGEwZmAB

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

angeion-public.s3.amazonaws.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
content.digitaldisbursements.com
data.digitaldisbursements.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
insight.adsrvr.org
js.adsrvr.org
lzzgcc5d.r.us-east-1.awstrack.me
match.adsrvr.org
pixel.rubiconproject.com
plaidsettlement.com
simage2.pubmatic.com
uae4khqoag.execute-api.us-east-1.amazonaws.com
unpkg.com
ups.analytics.yahoo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
13.226.31.92
142.251.40.130
142.251.41.2
15.197.193.217
23.23.244.189
23.52.162.21
2600:9000:21ea:5200:1c:a2a8:b080:93a1
2606:4700::6810:7aaf
2606:4700::6811:190e
2607:f8b0:4006:809::2008
2607:f8b0:4006:816::200e
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81f::2004
2607:f8b0:4006:820::2003
2607:f8b0:4006:824::2003
2a03:2880:f027:18:face:b00c:0:3
2a03:2880:f127:83:face:b00c:0:25de
35.173.167.255
35.211.178.172
52.216.106.43
54.165.187.187
54.175.87.114
54.230.160.114
68.67.160.117
8.28.7.83
8.43.72.98
0320896ccfc97db75ac57b085daab0df5328379b5f0f64be139ab1e09223743d
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
0bc4f3de8ab70e0f47ff30405a963ed99e868437bfcaba08693d56f76937b518
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
114e02e72cbbdf9ed3231e23769fb82df145059740c2e05ec768344c6a31f41c
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1ebc3867e8593011fdcb6c4fff04676525c456e568d207276f62001f83a49301
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
2627b2e8bc243c3c4e36c2e074013c83d8423a47561a74c66b0052806a775142
314ba550be68224c4a5b53967dbbcb8551e7018f6ea203422bc4f089d00c219a
31a5016412f7921a8b08225560d181af8f4a8dc8c762c2709782a1af56b3e984
36ed841f8769dac4ef2955e7c5227bd02b40eedfc98133ae3c8fa0dddaaa4dad
391814b972a8329d83950d3e850c35255a5245fbac081d5e4edb1ecb7260e3e1
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f978a1c2121cf4891c5067159f5d81c856350ca192f541616b2266b32ee6960
3fa49132cfd4ae80349a262b643fc4f9afa40c41a56032d7e05c3500f4ec9313
403a9d8e1ee1d1488177686f45e02c4ca4df1a218931285694d17112e2ce781e
40b02705e31cfc383fe3f957e4cd08c6f010b60627a54866a1921cede3be3a96
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4902dcbc3d3c97271a66bc136ec40b0c72422ccd05bb9946aa76382e50c5d6fc
4949f4e1cff9e8a960b44c9a8be70bc4bb10216eb4d0123ca61753e0908a0f87
4a354f3d28b56276cc1c16d970f65ddb3ecec48cb1b79a1a32e0e3929e584607
4d0338c84a37206c2b96a06e28083301ac07b203fe1e5ed291fe7dd353defabb
52834a043833292f8d29a963e3db42db01ae6da0215d4aeca8140a211c54fcb3
53f9b5223361ad333b292f033165a9fedd6dda6db9c701896dbb5fa3c08c73a0
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c7ce67a9fb86337c254baf03948a73b4e6e361cfad272fdf6884dd069b13037
5cef9367d2bcaba25b74d20e0e139d2cf900e9123e5fde26101aee7f40f6b5cf
5efd90918cf06e52b0d529317f067ac0fc658356ca338d95c5a54ef9690ff77a
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
6aa93baaa0cee35e05245fbfbe31b010fe4ef81288cb8a55785fb316001aa810
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
7959256390ff9d45f5f212f0511e1ffbc5919766c4e236e04b0eaf3d67e03fe2
8019ea74ff5b9805afe7a3cd2cc34b0a121938d7456c9798e17f4c2e5f77a620
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9e33847ccd5dad9d677c08c7cab1d1540ec421185bc5e200a4a33ad5b313931c
9e6640eb3e061f6fac380366fbc0d6860c351fac89a913d01229706a878419dc
aae419d3427dc7e2eafd7f31d190c923ad55177205e992f43ec72208a1acf40c
ab1c30193f9331b6143ac6fbe589a211fdc0171ae54bfa5ca5593a96a15e9622
ab7a109d14237f73ec66836579662feb032f6b77457d8013eed6af880d722100
b02596ba3158837b16f3c287bbba96098c323f4dd9ea6f4c875f726548b58d86
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4d66b9dd7e081b9ce61362b20694bdafa8f9bd8abe8762d0e8695111cf8d8f4
b6b39ae0bb963230954de9d6aabe79d0a221d886bb9a87b1937ce44587361745
b97242cffd3e49e8163565658f699fec2ef3cdfc1f1905572458c12c12e2a06b
c6d177b64657bb3568560df466c6e81d5117b3115b7f2f9945d852f565d72cde
c76d2b9a9ef3522e33ab5721f2bf66c95ee792c2e8c390c6fa5dae1f28fd0b70
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d6f2b21914a528e96d06a38fea4aa7a0e54f440349d651652ad276afc1ee464a
d9ca748c128ad36d663bcbfa94f9491e5ea8def9df64e5857d7112fc255b544f
e234ae0320a643f45c7a44c064f08d299285a49114b04c71c70f77df9531e663
e337112ff57db84347ffaaf07622bb6b2b8a74fef331897bc80bb10e8fb8eec2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e428c4478f26924cf79fd22ba93cbb3a9aa9a40533b5ac34918c5cf4b7981b3e
e503b4ae287936cc741f769566857afb3e8b8077fb1282f189fa988d8b7e9d9d
e8a6d48cea282f8796872c5028c89f63612a5cdab2c85345cf535a4fb48554b1
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ed555a279183c054222c873e78d92c40b512498e49359b6abfda36048f141988
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f7ba42166efa996e55ea4c79890fdf7bd272b9ddeaaaf9c180f9d7a98098e4
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
f7184a4dcbea2645be5c8c236faa68d85d732024a0328fa70c382e8235b485a1
f72c130968e9415b6724d4f53c489e3c8ae69f4dbf11bf37cce995caea77fa3e
f7bfb9a64082e0371de86c3b3ed83e05f22be1eac3190d73736298f2f0ec8425
f9c15a2727855b6b24591dc43d1c522d04a3859180ea246f4c990d4de63af0db
fb4b9584d9fe120ba98c10023dfb38f32a3c3656d719789f8b69b6f0cca413c2