secure.debthelper.com Open in urlscan Pro
170.55.108.74 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://dhdr.com/
Effective URL:
https://secure.debthelper.com/bkonline/
Submission: On September 12 via api (September 12th 2024, 12:27:16 pm UTC) from US — Scanned from DE

Summary HTTP 30 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 10 domains to perform 30 HTTP transactions. The main IP is 170.55.108.74, located in Pompano Beach, United States and belongs to CROWNCASTLE-AS33132, US. The main domain is secure.debthelper.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on July 3rd 2024. Valid for: a year.

This is the only time secure.debthelper.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.33.251.168 3.33.251.168	16509 (AMAZON-02) (AMAZON-02)
12	170.55.108.74 170.55.108.74	33132 (CROWNCAST...) (CROWNCASTLE-AS33132)
2	173.201.249.4 173.201.249.4	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
6	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 _) (CDN77 _)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	2600:1f14:5db... 2600:1f14:5db:eb00:7810:b675:35d7:cc97	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
30	10

1 3.33.251.168 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com

dhdr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 170.55.108.74 (Pompano Beach, United States)

ASN33132 (CROWNCASTLE-AS33132, US)

secure.debthelper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.201.249.4 (United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-173-201-249-4.ip.secureserver.net

seal.godaddy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f14:5db:eb00:7810:b675:35d7:cc97 (Boardman, United States)

ASN16509 (AMAZON-02, US)

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	debthelper.com secure.debthelper.com	75 KB
8	userway.org cdn.userway.org — Cisco Umbrella Rank: 6941 api.userway.org — Cisco Umbrella Rank: 6788	64 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	170 KB
2	godaddy.com seal.godaddy.com — Cisco Umbrella Rank: 43972	6 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6716	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 252	258 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3773
1	youtube.com www.youtube.com — Cisco Umbrella Rank: 84
1	dhdr.com 1 redirects dhdr.com	327 B
30	10

	Domain	Requested by
12	secure.debthelper.com	secure.debthelper.com
6	cdn.userway.org	secure.debthelper.com cdn.userway.org
2	api.userway.org	cdn.userway.org
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	secure.debthelper.com www.googletagmanager.com
2	seal.godaddy.com	secure.debthelper.com
1	www.google.de	secure.debthelper.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	www.youtube.com	secure.debthelper.com
1	dhdr.com	1 redirects
30	11

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com

Subject Issuer	Validity	Valid
secure.debthelper.com Go Daddy Secure Certificate Authority - G2	`2024-07-03` - `2025-07-20`	a year	crt.sh
mastercert.ext.pki.godaddy.com Go Daddy Secure Certificate Authority - G2	`2024-07-26` - `2025-08-27`	a year	crt.sh
1667503734.rsc.cdn77.org E5	`2024-07-16` - `2024-10-14`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
api.userway.org Amazon RSA 2048 M02	`2024-08-02` - `2025-08-31`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.google.de WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://secure.debthelper.com/bkonline/
Frame ID: E79E747AC96D3A876A84E52C1D1ACB2F
Requests: 29 HTTP requests in this frame

Frame: https://www.youtube.com/embed/9_XFxBdt3p8?rel=0
Frame ID: 882882F3C36AC16033612CE7FBE4D8EF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Debt Helper: Online Financial Education Courses, Start Here. www.mybkcourse.com

Page URL History Show full URLs

https://dhdr.com/ HTTP 301
https://secure.debthelper.com/bkonline/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

30
Requests

100 %
HTTPS

73 %
IPv6

10
Domains

11
Subdomains

10
IPs

3
Countries

336 kB
Transfer

891 kB
Size

8
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/debthelpercom

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Debthelper/timeline/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://dhdr.com/ HTTP 301
https://secure.debthelper.com/bkonline/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
secure.debthelper.com/bkonline/
Redirect Chain

https://dhdr.com/
https://secure.debthelper.com/bkonline/

19 KB
7 KB

606ms
142ms

Document
text/html

170.55.108.74
CROWNCASTLE-AS33132

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.debthelper.com/bkonline/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 170.55.108.74 Pompano Beach, United States, ASN33132 (CROWNCASTLE-AS33132, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7af0da01a5770e140c74b5fbb680ea554a13795a48a394fab6c776090c031bb0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control: private
content-encoding: gzip
content-length: 6964
content-type: text/html; charset=utf-8
date: Thu, 12 Sep 2024 12:27:04 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

Redirect headers

Connection: close
Content-Length: 74
Content-Type: text/html; charset=utf-8
Date: Thu, 12 Sep 2024 12:27:04 GMT
Location: https://secure.debthelper.com/bkonline/
Server: ip-100-74-4-56.eu-west-2.compute.internal
Vary: Accept-Encoding
X-Request-Id: dd327b2b-caff-4d5b-b2bb-9fdd1bca7deb

GET
H2 200 BKOnlineStyle.css
secure.debthelper.com/bkonline/css/ 54 KB
12 KB 159ms
139ms Stylesheet
text/css 170.55.108.74
CROWNCASTLE-AS33132

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.debthelper.com/bkonline/css/BKOnlineStyle.css
Requested by: Host: secure.debthelper.com
URL: https://secure.debthelper.com/bkonline/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 170.55.108.74 Pompano Beach, United States, ASN33132 (CROWNCASTLE-AS33132, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 38bef68696bb7a8254dabf6b39946df79f984a4529d746668eae048ac8e5ef03

Request headers

Referer: https://secure.debthelper.com/bkonline/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 12:27:04 GMT
content-encoding: gzip
last-modified: Wed, 15 Jan 2020 14:21:42 GMT
server: Microsoft-IIS/10.0
etag: "2c5b91cafcbd51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 12238

GET
H2 200 jquery-1.3.1.min.js Show response
secure.debthelper.com/bkonline/scripts/ 54 KB
24 KB 283ms
263ms Script
application/javascript 170.55.108.74
CROWNCASTLE-AS33132

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.debthelper.com/bkonline/scripts/jquery-1.3.1.min.js
Requested by: Host: secure.debthelper.com
URL: https://secure.debthelper.com/bkonline/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 170.55.108.74 Pompano Beach, United States, ASN33132 (CROWNCASTLE-AS33132, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f862442d54bf6790ee4f0d931e9dca082fe40b1ac162f883708b0ef19f84e8bf

Request headers

Referer: https://secure.debthelper.com/bkonline/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 12:27:04 GMT
content-encoding: gzip
last-modified: Wed, 26 May 2010 15:38:46 GMT
server: Microsoft-IIS/10.0
etag: "0473d87e9fcca1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 24343

GET
H2 200 faq-icon.png
secure.debthelper.com/bkonline/images/ 500 B
591 B 153ms
133ms Image
image/png 170.55.108.74
CROWNCASTLE-AS33132

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.debthelper.com/bkonline/images/faq-icon.png
Requested by: Host: secure.debthelper.com
URL: https://secure.debthelper.com/bkonline/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 170.55.108.74 Pompano Beach, United States, ASN33132 (CROWNCASTLE-AS33132, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fdbcca097680c2167da5e3746c7b235f7a23fa1e546ea1a7529e9421f690ada0

Request headers

Referer: https://secure.debthelper.com/bkonline/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 12:27:04 GMT
last-modified: Tue, 28 Jan 2014 17:43:09 GMT
server: Microsoft-IIS/10.0
etag: "64ffa268501ccf1:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 500

GET
H2 200 login-icon.png
secure.debthelper.com/bkonline/images/ 517 B
596 B 154ms
135ms Image
image/png 170.55.108.74
CROWNCASTLE-AS33132

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.debthelper.com/bkonline/images/login-icon.png
Requested by: Host: secure.debthelper.com
URL: https://secure.debthelper.com/bkonline/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 170.55.108.74 Pompano Beach, United States, ASN33132 (CROWNCASTLE-AS33132, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 744f2171953363e525df1bb888b95fa89ac85a42548dbed842515fb069b3290e

Request headers

Referer: https://secure.debthelper.com/bkonline/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 12:27:04 GMT
last-modified: Tue, 28 Jan 2014 17:29:08 GMT
server: Microsoft-IIS/10.0
etag: "7b2d5d734e1ccf1:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 517

GET
H2 200 logo.png
secure.debthelper.com/bkonline/images/ 24 KB
24 KB 286ms
203ms Image
image/png 170.55.108.74
CROWNCASTLE-AS33132

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.debthelper.com/bkonline/images/logo.png
Requested by: Host: secure.debthelper.com
URL: https://secure.debthelper.com/bkonline/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 170.55.108.74 Pompano Beach, United States, ASN33132 (CROWNCASTLE-AS33132, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c56349171c15007740f88b33ab82bd76b3497a5ec2fb09e5eba8a7ef1eddb70e

Request headers

Referer: https://secure.debthelper.com/bkonline/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 12:27:04 GMT
last-modified: Tue, 28 Jan 2014 16:06:57 GMT
server: Microsoft-IIS/10.0
etag: "80c8f7f7421ccf1:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 24948

GET
H2 200 quotator.js Show response
secure.debthelper.com/bkonline/scripts/ 1 KB
641 B 286ms
204ms Script
application/javascript 170.55.108.74
CROWNCASTLE-AS33132

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.debthelper.com/bkonline/scripts/quotator.js
Requested by: Host: secure.debthelper.com
URL: https://secure.debthelper.com/bkonline/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 170.55.108.74 Pompano Beach, United States, ASN33132 (CROWNCASTLE-AS33132, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 577481c0ec8386571f6dfc9bb3c80a45bb35c9e868edaae6079ab9d0dc72faaa

Request headers

Referer: https://secure.debthelper.com/bkonline/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 12:27:04 GMT
content-encoding: gzip
last-modified: Wed, 29 Jan 2014 17:35:35 GMT
server: Microsoft-IIS/10.0
etag: "3ea2a84181dcf1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 561

GET
H2 200 BKOnlineDefault1.css
secure.debthelper.com/bkonline/css/ 2 KB
543 B 226ms
191ms Stylesheet
text/css 170.55.108.74
CROWNCASTLE-AS33132

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.debthelper.com/bkonline/css/BKOnlineDefault1.css
Requested by: Host: secure.debthelper.com
URL: https://secure.debthelper.com/bkonline/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 170.55.108.74 Pompano Beach, United States, ASN33132 (CROWNCASTLE-AS33132, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8b04b40c05a282dc90f650c36a6ea70034899223df5d8d3197594f4f5396e6c3

Request headers

Referer: https://secure.debthelper.com/bkonline/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 12:27:04 GMT
content-encoding: gzip
last-modified: Mon, 10 Mar 2014 20:49:21 GMT
server: Microsoft-IIS/10.0
etag: "5b275636a23ccf1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 462

GET
H/1.1 200
OK getSeal Show response
seal.godaddy.com/ 4 KB
2 KB 1040ms
183ms Script
text/html 173.201.249.4
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://seal.godaddy.com/getSeal?sealID=avJxdlen5TexB0RxyJtoKuGiSgRsHAazRl78s3C6B3kt7PxvDf7uZM
Requested by: Host: secure.debthelper.com
URL: https://secure.debthelper.com/bkonline/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.249.4 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-249-4.ip.secureserver.net
Software: Apache /
Resource Hash: 16c95153be9904de6633ee71dcb4d9a7b5cab195ca36efe2bf16f4fefc8b677c

Request headers

Referer: https://secure.debthelper.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Thu, 12 Sep 2024 12:27:06 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/html
Cache-Control: max-age=14400
Expires: Thu, 12 Sep 2024 16:27:06 GMT

GET
H2 200 twitter.png
secure.debthelper.com/bkonline/images/ 1 KB
1 KB 220ms
192ms Image
image/png 170.55.108.74
CROWNCASTLE-AS33132

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.debthelper.com/bkonline/images/twitter.png
Requested by: Host: secure.debthelper.com
URL: https://secure.debthelper.com/bkonline/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 170.55.108.74 Pompano Beach, United States, ASN33132 (CROWNCASTLE-AS33132, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ba988539d11e834c4602ed65dae985ba2b48db94fffd77200a0c0b83331be7a3

Request headers

Referer: https://secure.debthelper.com/bkonline/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 12:27:04 GMT
last-modified: Mon, 15 Jul 2013 15:55:44 GMT
server: Microsoft-IIS/10.0
etag: "04069c37381ce1:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 1436

GET
H2 200 facebook.png
secure.debthelper.com/bkonline/images/ 1 KB
1 KB 220ms
192ms Image
image/png 170.55.108.74
CROWNCASTLE-AS33132

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.debthelper.com/bkonline/images/facebook.png
Requested by: Host: secure.debthelper.com
URL: https://secure.debthelper.com/bkonline/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 170.55.108.74 Pompano Beach, United States, ASN33132 (CROWNCASTLE-AS33132, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b425f350cd3308afeba1b27cd7849a86dc218bf08c9d9bc81a623764ea492d03

Request headers

Referer: https://secure.debthelper.com/bkonline/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 12:27:04 GMT
last-modified: Tue, 09 Jul 2013 22:23:48 GMT
server: Microsoft-IIS/10.0
etag: "f04198fbf27cce1:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 1390

GET
H2 200 widget.js Show response
cdn.userway.org/ 2 KB
2 KB 538ms
43ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widget.js
Requested by: Host: secure.debthelper.com
URL: https://secure.debthelper.com/bkonline/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 03dce1db4de3e8ca9359a6a90fab5f2aeb40a06b2137286bf59139a2e73ba98d

Request headers

Referer: https://secure.debthelper.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 12 Sep 2024 12:27:05 GMT
via: 1.1 47bf742fc3975367a1788e300150d028.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 363
x-amz-server-side-encryption: AES256
x-accel-date-max: 1725875190
x-77-cache: HIT
x-cache: HIT
x-age: 1999
x-accel-date: 1726142026
x-77-nzt: EgwBw7WvJwH3zwcAAAwBJRPCMQG3CQAAAA
x-accel-expires: @1726145626
x-77-age: 1999
last-modified: Mon, 09 Sep 2024 09:44:52 GMT
server: CDN77-Turbo
etag: W/"aa6d498b8b1946bfdbe8287c13607a58"
x-77-nzt-ray: 25b02131ce19ee4d19dee2668c144536
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=3600, public
vary: Accept-Encoding
x-amz-cf-id: eI9TOgoy567xajyX1fJT0SIlcy5vReE_5ri3qF7iQB8xWfpFxcitfQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 211 KB
76 KB 382ms
30ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-361171-4

Requested by

Host: secure.debthelper.com
URL: https://secure.debthelper.com/bkonline/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ab65604b3cb2eb625c6921dc02fb0db4889483c0e09a1720ee4eb8a827fdcafd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secure.debthelper.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 12:27:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77618
x-xss-protection: 0
last-modified: Thu, 12 Sep 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 12 Sep 2024 12:27:05 GMT

GET
H2 200 9_XFxBdt3p8
www.youtube.com/embed/ Frame 8828 0
0 468ms
152ms Document
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/9_XFxBdt3p8?rel=0

Requested by

Host: secure.debthelper.com
URL: https://secure.debthelper.com/bkonline/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.debthelper.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 12 Sep 2024 12:27:06 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK siteseal_gd_3_h_l_m.gif
seal.godaddy.com/images/3/en/ 4 KB
4 KB 194ms
180ms Image
image/gif 173.201.249.4
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://seal.godaddy.com/images/3/en/siteseal_gd_3_h_l_m.gif
Requested by: Host: secure.debthelper.com
URL: https://secure.debthelper.com/bkonline/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.249.4 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-249-4.ip.secureserver.net
Software: Apache /
Resource Hash: 1449346947ba3d2266f702cc5488e1a0fb75ef67cdb105d5dbe178eff0af14b2

Request headers

Referer: https://secure.debthelper.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif
Date: Thu, 12 Sep 2024 12:27:06 GMT
Cache-Control: max-age=86400
Server: Apache
Accept-Ranges: bytes
Content-Length: 3827
Expires: Fri, 13 Sep 2024 12:27:06 GMT

GET
H2 200 quotator_quotes.js Show response
secure.debthelper.com/bkonline/scripts/ 2 KB
1 KB 169ms
134ms XHR
application/javascript 170.55.108.74
CROWNCASTLE-AS33132

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.debthelper.com/bkonline/scripts/quotator_quotes.js
Requested by: Host: secure.debthelper.com
URL: https://secure.debthelper.com/bkonline/scripts/jquery-1.3.1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 170.55.108.74 Pompano Beach, United States, ASN33132 (CROWNCASTLE-AS33132, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2446e5725bc7dd8fa8dcc370ea3f0ae08167100be8c55c86086d622c6e7fbf67

Request headers

Accept: application/json, text/javascript, */*
Referer: https://secure.debthelper.com/bkonline/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 12:27:05 GMT
content-encoding: gzip
last-modified: Thu, 10 Jan 2013 15:19:56 GMT
server: Microsoft-IIS/10.0
etag: "0f644f245efcd1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1078

GET
H2 200 widget_app_base_1725874918757.js Show response
cdn.userway.org/widgetapp/2024-09-09-09-41-58/ 156 KB
44 KB 116ms
38ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-09-09-09-41-58/widget_app_base_1725874918757.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ce76c8cab5e2836062b24e92e0cd2c45e8ab2386ba65d9648bfe3837bf22e141

Request headers

Referer: https://secure.debthelper.com/
Origin: https://secure.debthelper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 12 Sep 2024 12:27:06 GMT
via: 1.1 fd6dc3eaf39d0b931b4b1369a7e91ac0.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 362
x-amz-server-side-encryption: AES256
x-accel-date-max: 1725875191
x-77-cache: HIT
x-cache: HIT
x-age: 268464
x-accel-date: 1725875562
x-77-nzt: EgwBw7WvJwH3sBgEAAwBnJIhJwG3CgAAAA
x-accel-expires: @1751795552
x-77-age: 268464
last-modified: Mon, 09 Sep 2024 09:44:39 GMT
server: CDN77-Turbo
etag: W/"b592aa0211d152fd2bd11548e2007911"
x-77-nzt-ray: 25b02131c44b7c881adee2669490b720
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: Visr9e1huEVVCUgX0nF-Mqf5xu0uq7BHgfJWBRbCBInY4SpDphV6UQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 265 KB
93 KB 68ms
41ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5HRGGW9TZQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-361171-4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d02fdb54dcdb7afc0875c7e35801dff3cda29c7fcd05722df49b23573765a3b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secure.debthelper.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 12:27:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95466
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 12 Sep 2024 12:27:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 202ms
8ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-361171-4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.debthelper.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 12 Sep 2024 11:20:02 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4024
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 12 Sep 2024 13:20:02 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
210 B 44ms
36ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1330895868&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.debthelper.com%2Fbkonline%2F&ul=de-de&de=UTF-8&dt=Debt%20Helper%3A%20Online%20Financial%20Education%20Courses%2C%20Start%20Here.%20www.mybkcourse.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1254286188&gjid=1041259639&cid=113643594.1726144027&tid=UA-361171-4&_gid=935428214.1726144027&_r=1&gtm=457e4990za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&jsscut=1&npa=1&z=1887346601

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.debthelper.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 12 Sep 2024 12:27:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.debthelper.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 W6NCUXZx4X Show response
api.userway.org/api/tunings/ 577 B
963 B 792ms
326ms XHR
application/json 2600:1f14:5db:eb00:7810:b675:35d7:cc97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/W6NCUXZx4X
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-09-09-09-41-58/widget_app_base_1725874918757.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb00:7810:b675:35d7:cc97 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f774814819f0903f40526449614ecf819f9a4bed16c150cd55c5528b3cc248f5

Request headers

Referer: https://secure.debthelper.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 12 Sep 2024 12:27:07 GMT
etag: W/"241-p5Ic6n05mewC+GIvfmS2gOa9eQM"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-service-request-id: usr31a449718581472
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 577
x-service-version: uw-pr

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 255ms
18ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-5HRGGW9TZQ&gtm=45je4990v9118014460za200&_p=1726144026447&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=113643594.1726144027&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1726144026&sct=1&seg=0&dl=https%3A%2F%2Fsecure.debthelper.com%2Fbkonline%2F&dt=Debt%20Helper%3A%20Online%20Financial%20Education%20Courses%2C%20Start%20Here.%20www.mybkcourse.com&en=page_view&_fv=1&_ss=1&tfd=3160
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5HRGGW9TZQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://secure.debthelper.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Sep 2024 12:27:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.debthelper.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
258 B 254ms
39ms Ping
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-5HRGGW9TZQ&cid=113643594.1726144027&gtm=45je4990v9118014460za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5HRGGW9TZQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.debthelper.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Sep 2024 12:27:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.debthelper.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 273ms
63ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-5HRGGW9TZQ&cid=113643594.1726144027&gtm=45je4990v9118014460za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=1357244626

Requested by

Host: secure.debthelper.com
URL: https://secure.debthelper.com/bkonline/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.debthelper.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Sep 2024 12:27:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en-US.json Show response
cdn.userway.org/widgetapp/2024-09-09-09-41-58/locales/ 607 B
1 KB 18ms
17ms XHR
application/json 2a02:6ea0:c700::11
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-09-09-09-41-58/locales/en-US.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-09-09-09-41-58/widget_app_base_1725874918757.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c46936850cfa993988f2c32b0b04a5c4b0f94c30d36aca502626befbd2b802de

Request headers

Referer: https://secure.debthelper.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 12 Sep 2024 12:27:07 GMT
via: 1.1 67a9db8bae62321fca21cfd1c50bec56.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 357
x-amz-server-side-encryption: AES256
x-accel-date-max: 1725875198
x-77-cache: HIT
x-cache: HIT
x-age: 268462
x-accel-date: 1725875565
x-77-nzt: EgwBw7WvJwH3rhgEAAwBJRPCNAG3CwAAAA
x-accel-expires: @1751795554
x-77-age: 268462
last-modified: Mon, 09 Sep 2024 09:44:38 GMT
server: CDN77-Turbo
etag: W/"971644f50e2020e1ff22e37edcad46f6"
x-77-nzt-ray: 25b02131c44b7c881bdee26674d19a28
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: 3sJVQpCNQcIxKi3mGhG9QzwHHGhOlzLVSz-V6o2b_82rhqVY6PTt5g==

GET
H2 404 favicon.ico
secure.debthelper.com/ 1 KB
1 KB 125ms
124ms Other
text/html 170.55.108.74
CROWNCASTLE-AS33132

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.debthelper.com/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 170.55.108.74 Pompano Beach, United States, ASN33132 (CROWNCASTLE-AS33132, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

Referer: https://secure.debthelper.com/bkonline/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 12:27:07 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 1245
content-type: text/html

GET
H2 200 remediation-tool-free.js Show response
cdn.userway.org/remediation/2024-09-09-09-41-58/free/ 31 KB
13 KB 25ms
20ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediation/2024-09-09-09-41-58/free/remediation-tool-free.js?ts=1725874918757
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-09-09-09-41-58/widget_app_base_1725874918757.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: fd58fd8fbcffdcc1255bdf0cb1d4e2c8cd12fbf672113d5347393565d6e2b2fb

Request headers

Referer: https://secure.debthelper.com/
Origin: https://secure.debthelper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 12 Sep 2024 12:27:08 GMT
via: 1.1 b61ff825a3ca0ff851caf7741034ca52.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 361
x-amz-server-side-encryption: AES256
x-accel-date-max: 1725875194
x-77-cache: HIT
x-cache: HIT
x-age: 268463
x-accel-date: 1725875565
x-77-nzt: EgwBw7WvJwH3rxgEAAwBnJIhJwG3CwAAAA
x-accel-expires: @1751795554
x-77-age: 268463
last-modified: Mon, 09 Sep 2024 09:44:49 GMT
server: CDN77-Turbo
etag: W/"01eb4ed07283f9ce727e9a8830aa83da"
x-77-nzt-ray: 25b02131c44b7c881cdee266688d570b
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: 1W8SasK_NZtfk0eut5wEma8Gehm_tCIvGkngOCbf5jiDuOjDiREMbA==

GET
H2 200 wheel_right_wh.svg
cdn.userway.org/widgetapp/images/ 3 KB
2 KB 28ms
27ms Image
image/svg+xml 2a02:6ea0:c700::11
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/wheel_right_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3e6b781c7c17a33e8505761c3647280a3a9038e25babb36e1aae6c1ce628f8ca

Request headers

Referer: https://secure.debthelper.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 12 Sep 2024 12:27:08 GMT
via: 1.1 3c13cc51908e4d37d2a5046d7703e256.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 2
x-amz-server-side-encryption: AES256
x-accel-date-max: 1725875554
x-77-cache: HIT
x-cache: HIT
x-age: 268454
x-accel-date: 1725875574
x-77-nzt: EgwBw7WvJwH3phgEAAwBJRPCLgG3EwAAAA
x-accel-expires: @1751795555
x-77-age: 268454
last-modified: Mon, 09 Sep 2024 09:44:41 GMT
server: CDN77-Turbo
etag: W/"06c6df2a4bebb363295045224214514f"
x-77-nzt-ray: 25b02131ce19ee4d1cdee26626ff780c
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: 0qHwLBtUbHuYrhG_a6Ci4YkyQVc8Eewz0Zk_GP1QeTtD5P5g_yk6og==

GET
H2 200 spin_wh.svg
cdn.userway.org/widgetapp/images/ 2 KB
1 KB 29ms
28ms Image
image/svg+xml 2a02:6ea0:c700::11
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

Referer: https://secure.debthelper.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 12 Sep 2024 12:27:08 GMT
via: 1.1 965181b6d91907befd5a0165af38daf0.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
x-accel-date-max: 1725875553
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 268468
x-accel-date: 1725875560
x-77-nzt: EgwBw7WvJwH3tBgEAAwBJRPCNAG3BwAAAA
x-accel-expires: @1751795553
x-77-age: 268468
last-modified: Mon, 09 Sep 2024 09:44:41 GMT
server: CDN77-Turbo
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray: 25b02131ce19ee4d1cdee26648d9800c
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: zOBcGnI5C_KzZuLDwn7pUmr5QaPZY8l31QdUCN9Mdy9V8tmCOSvsBw==

GET
H2 200 status Show response
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fsecure.debthelper.com%2Fbkonline%2F/DESKTOP/WIDGET_OFF/ 77 B
454 B 164ms
163ms Fetch
application/json 2600:1f14:5db:eb00:7810:b675:35d7:cc97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fsecure.debthelper.com%2Fbkonline%2F/DESKTOP/WIDGET_OFF/status
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-09-09-09-41-58/widget_app_base_1725874918757.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb00:7810:b675:35d7:cc97 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c

Request headers

Referer: https://secure.debthelper.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 12:27:13 GMT
etag: W/"4d-wYLRLrbWidRwnfhEvoB+Y2U04NY"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
vary: Accept-Encoding
access-control-allow-headers: *
content-length: 77
x-service-version: seo-w-bf1cccec

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
secure.debthelper.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: ktqkgq2skvtase5bcq3t2jy5
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 0tnTX4Pb-uU
.youtube.com/	1970-01-21 03:48:16	Name: VISITOR_INFO1_LIVE Value: fBSQxsg7SJ4
.youtube.com/	1970-01-21 03:48:16	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgGQ%3D%3D
.debthelper.com/	1970-01-20 23:30:30	Name: _gid Value: GA1.2.935428214.1726144027
.debthelper.com/	1970-01-20 23:29:04	Name: _gat_gtag_UA_361171_4 Value: 1
.debthelper.com/	1970-01-21 09:05:04	Name: _ga_5HRGGW9TZQ Value: GS1.1.1726144026.1.0.1726144026.60.0.0
.debthelper.com/	1970-01-21 09:05:04	Name: _ga Value: GA1.1.113643594.1726144027

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://secure.debthelper.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.userway.org
cdn.userway.org
dhdr.com
region1.analytics.google.com
seal.godaddy.com
secure.debthelper.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.youtube.com
170.55.108.74
173.201.249.4
2001:4860:4802:34::36
2600:1f14:5db:eb00:7810:b675:35d7:cc97
2a00:1450:4001:812::200e
2a00:1450:4001:827::2003
2a00:1450:4001:827::200e
2a00:1450:4001:82f::2008
2a00:1450:400c:c0c::9c
2a02:6ea0:c700::11
3.33.251.168
03dce1db4de3e8ca9359a6a90fab5f2aeb40a06b2137286bf59139a2e73ba98d
1449346947ba3d2266f702cc5488e1a0fb75ef67cdb105d5dbe178eff0af14b2
16c95153be9904de6633ee71dcb4d9a7b5cab195ca36efe2bf16f4fefc8b677c
2446e5725bc7dd8fa8dcc370ea3f0ae08167100be8c55c86086d622c6e7fbf67
38bef68696bb7a8254dabf6b39946df79f984a4529d746668eae048ac8e5ef03
3e6b781c7c17a33e8505761c3647280a3a9038e25babb36e1aae6c1ce628f8ca
577481c0ec8386571f6dfc9bb3c80a45bb35c9e868edaae6079ab9d0dc72faaa
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
744f2171953363e525df1bb888b95fa89ac85a42548dbed842515fb069b3290e
7af0da01a5770e140c74b5fbb680ea554a13795a48a394fab6c776090c031bb0
8b04b40c05a282dc90f650c36a6ea70034899223df5d8d3197594f4f5396e6c3
ab65604b3cb2eb625c6921dc02fb0db4889483c0e09a1720ee4eb8a827fdcafd
b425f350cd3308afeba1b27cd7849a86dc218bf08c9d9bc81a623764ea492d03
ba988539d11e834c4602ed65dae985ba2b48db94fffd77200a0c0b83331be7a3
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c46936850cfa993988f2c32b0b04a5c4b0f94c30d36aca502626befbd2b802de
c56349171c15007740f88b33ab82bd76b3497a5ec2fb09e5eba8a7ef1eddb70e
ce76c8cab5e2836062b24e92e0cd2c45e8ab2386ba65d9648bfe3837bf22e141
d02fdb54dcdb7afc0875c7e35801dff3cda29c7fcd05722df49b23573765a3b6
d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f774814819f0903f40526449614ecf819f9a4bed16c150cd55c5528b3cc248f5
f862442d54bf6790ee4f0d931e9dca082fe40b1ac162f883708b0ef19f84e8bf
fd58fd8fbcffdcc1255bdf0cb1d4e2c8cd12fbf672113d5347393565d6e2b2fb
fdbcca097680c2167da5e3746c7b235f7a23fa1e546ea1a7529e9421f690ada0

secure.debthelper.com Open in urlscan Pro 170.55.108.74 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

30 Requests

100 %HTTPS

73 %IPv6

10 Domains

11 Subdomains

10 IPs

3 Countries

336 kBTransfer

891 kBSize

8 Cookies

2 Outgoing links

Page URL History

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

secure.debthelper.com Open in urlscan Pro
170.55.108.74 Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

100 %
HTTPS

73 %
IPv6

10
Domains

11
Subdomains

10
IPs

3
Countries

336 kB
Transfer

891 kB
Size

8
Cookies

30 HTTP transactions
0 data transactions