Submitted URL: https://lzzgcc5d.r.us-east-1.awstrack.me/L0/https://plaidsettlement.com/submit-claim.php/2/0100018063c99993-ec71ef28-dd75-41ef-81a7-57003...
Effective URL: https://plaidsettlement.com/submit-claim.php
Submission: On April 28 via api from US — Scanned from US

Summary

This website contacted 21 IPs in 2 countries across 22 domains to perform 71 HTTP transactions. The main IP is 52.54.81.24, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is plaidsettlement.com. The Cisco Umbrella rank of the primary domain is 173082.
TLS certificate: Issued by Amazon on January 25th 2022. Valid for: a year.
This is the only time plaidsettlement.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.146.236.119 14618 (AMAZON-AES)
1 52.54.81.24 14618 (AMAZON-AES)
3 142.250.80.106 15169 (GOOGLE)
24 52.217.142.25 16509 (AMAZON-02)
4 142.250.64.68 15169 (GOOGLE)
3 142.251.40.200 15169 (GOOGLE)
7 65.8.164.20 16509 (AMAZON-02)
5 8 52.223.40.198 16509 (AMAZON-02)
1 1 8.43.72.98 26667 (RUBICONPR...)
2 2 3.218.90.66 14618 (AMAZON-AES)
2 3 142.250.65.162 15169 (GOOGLE)
2 2 68.67.178.10 29990 (ASN-APPNEX)
1 2 184.84.230.169 16625 (AKAMAI-AS)
2 13.35.90.156 16509 (AMAZON-02)
4 142.250.65.227 15169 (GOOGLE)
2 31.13.71.7 32934 (FACEBOOK)
4 142.250.80.67 15169 (GOOGLE)
2 31.13.71.36 32934 (FACEBOOK)
2 142.250.81.238 15169 (GOOGLE)
1 142.251.41.2 15169 (GOOGLE)
2 3.221.177.13 14618 (AMAZON-AES)
1 104.17.25.14 13335 (CLOUDFLAR...)
2 4 104.16.122.175 13335 (CLOUDFLAR...)
2 108.139.1.64 16509 (AMAZON-02)
1 1 8.28.7.83 62713 (AS-PUBMATIC)
2 2 35.211.178.172 19527 (GOOGLE-2)
71 21
Apex Domain
Subdomains
Transfer
26 amazonaws.com
angeion-public.s3.amazonaws.com — Cisco Umbrella Rank: 182068
uae4khqoag.execute-api.us-east-1.amazonaws.com — Cisco Umbrella Rank: 211762
1 MB
10 adsrvr.org
insight.adsrvr.org — Cisco Umbrella Rank: 529
match.adsrvr.org — Cisco Umbrella Rank: 325
js.adsrvr.org — Cisco Umbrella Rank: 1393
9 KB
9 digitaldisbursements.com
content.digitaldisbursements.com — Cisco Umbrella Rank: 210239
data.digitaldisbursements.com — Cisco Umbrella Rank: 213172
492 KB
8 gstatic.com
www.gstatic.com
fonts.gstatic.com
395 KB
4 unpkg.com
unpkg.com — Cisco Umbrella Rank: 823
43 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
22 KB
3 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 191
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
2 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 53
174 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 39
3 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 274
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
366 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
501 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 131
114 KB
2 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 503
2 KB
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 217
2 KB
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 281
708 B
1 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 568
577 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 203
21 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 105
15 KB
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 313
915 B
1 plaidsettlement.com
plaidsettlement.com — Cisco Umbrella Rank: 173082
8 KB
1 awstrack.me
lzzgcc5d.r.us-east-1.awstrack.me — Cisco Umbrella Rank: 133632
158 B
71 22
Domain Requested by
24 angeion-public.s3.amazonaws.com plaidsettlement.com
angeion-public.s3.amazonaws.com
7 content.digitaldisbursements.com plaidsettlement.com
content.digitaldisbursements.com
6 match.adsrvr.org 4 redirects js.adsrvr.org
4 unpkg.com 2 redirects content.digitaldisbursements.com
4 fonts.gstatic.com fonts.googleapis.com
www.google.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com plaidsettlement.com
www.gstatic.com
www.google.com
3 www.googletagmanager.com plaidsettlement.com
www.googletagmanager.com
3 fonts.googleapis.com plaidsettlement.com
content.digitaldisbursements.com
2 x.bidswitch.net 2 redirects
2 data.digitaldisbursements.com content.digitaldisbursements.com
2 uae4khqoag.execute-api.us-east-1.amazonaws.com angeion-public.s3.amazonaws.com
2 www.google-analytics.com www.googletagmanager.com
2 www.facebook.com plaidsettlement.com
2 connect.facebook.net plaidsettlement.com
connect.facebook.net
2 js.adsrvr.org plaidsettlement.com
insight.adsrvr.org
2 dsum-sec.casalemedia.com 1 redirects plaidsettlement.com
2 ib.adnxs.com 2 redirects
2 cm.g.doubleclick.net 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 insight.adsrvr.org 1 redirects js.adsrvr.org
1 simage2.pubmatic.com 1 redirects
1 cdnjs.cloudflare.com content.digitaldisbursements.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 pixel.rubiconproject.com 1 redirects
1 plaidsettlement.com
1 lzzgcc5d.r.us-east-1.awstrack.me 1 redirects
71 28

This site contains links to these domains. Also see Links.

Domain
angeion-public.s3.amazonaws.com
Subject Issuer Validity Valid
nationalgridtcpasettlement.com
Amazon
2022-01-25 -
2023-02-23
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-04-11 -
2022-07-04
3 months crt.sh
*.s3.amazonaws.com
Amazon
2021-12-15 -
2022-12-03
a year crt.sh
www.google.com
GTS CA 1C3
2022-04-11 -
2022-07-04
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-04-11 -
2022-07-04
3 months crt.sh
*.digitaldisbursements.com
Amazon
2022-04-01 -
2023-04-30
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-04-11 -
2022-07-04
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-02-04 -
2022-05-05
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2022-04-11 -
2022-07-04
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-04-11 -
2022-07-04
3 months crt.sh
*.google.com
GTS CA 1C3
2022-04-11 -
2022-07-04
3 months crt.sh
*.execute-api.us-east-1.amazonaws.com
Amazon
2021-07-22 -
2022-08-20
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-09-21 -
2022-09-20
a year crt.sh

This page contains 6 frames:

Primary Page: https://plaidsettlement.com/submit-claim.php
Frame ID: E32B977999DACF5BC26E5590D6A60517
Requests: 53 HTTP requests in this frame

Frame: https://content.digitaldisbursements.com/v1.4.3/index.html?d1e9c7e08cb9564b0dd7d52067b4573a25d2b197fe12d315b3186637792b2dcf&%7B%22verify%22%3Afalse%7D
Frame ID: 2826140620639A1BE1B02B6DE68652A1
Requests: 12 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeVdgEVAAAAAGLdvtrwMCDZcDZzJ300FZHqvmud&co=aHR0cHM6Ly9wbGFpZHNldHRsZW1lbnQuY29tOjQ0Mw..&hl=en&v=2W_gRz39xX8G13fM-OdyQPlc&size=invisible&cb=rc9vlz1b1292
Frame ID: 3D2A8A73E362D439781996B9EBCB10B0
Requests: 7 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=zdfda0f&ref=https%3A%2F%2Fplaidsettlement.com%2Fsubmit-claim.php&upid=h8uxpcj&upv=1.1.0
Frame ID: 5F8A3EFFB147FAB24BC5720D3CD1A836
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
Frame ID: DA39DA3DF2CED8BAEC084B88BC5ED122
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Frame ID: 603DE1D72196A21327942B5C7F2B6E17
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Submit Claim | Plaid Inc. Privacy Litigation

Page URL History Show full URLs

  1. https://lzzgcc5d.r.us-east-1.awstrack.me/L0/https://plaidsettlement.com/submit-claim.php/2/0100018063c99993-ec71ef28-... HTTP 302
    https://plaidsettlement.com/submit-claim.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

71
Requests

96 %
HTTPS

0 %
IPv6

22
Domains

28
Subdomains

21
IPs

2
Countries

2466 kB
Transfer

5321 kB
Size

27
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://lzzgcc5d.r.us-east-1.awstrack.me/L0/https://plaidsettlement.com/submit-claim.php/2/0100018063c99993-ec71ef28-dd75-41ef-81a7-57003a71fbb3-000000/DCXcfRWEC9Px89iGUB-if91Ksb4=267 HTTP 302
    https://plaidsettlement.com/submit-claim.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://insight.adsrvr.org/track/pxl/?adv=zdfda0f&ct=0:c5vaoju&fmt=3 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=44db42e3-a299-4e69-acbb-22e89184d6ae&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=44db42e3-a299-4e69-acbb-22e89184d6ae&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=44db42e3-a299-4e69-acbb-22e89184d6ae&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-z7Rsj4hE2uINlg.DYKaf1NEYi4hWAYU-~A&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=NDRkYjQyZTMtYTI5OS00ZTY5LWFjYmItMjJlODkxODRkNmFl&gdpr=0&gdpr_consent=&ttd_tdid=44db42e3-a299-4e69-acbb-22e89184d6ae HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm=&google_sc=&google_hm=NDRkYjQyZTMtYTI5OS00ZTY5LWFjYmItMjJlODkxODRkNmFl&gdpr=0&gdpr_consent=&ttd_tdid=44db42e3-a299-4e69-acbb-22e89184d6ae&google_tc= HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=44db42e3-a299-4e69-acbb-22e89184d6ae&google_gid=CAESEJ7bOufMfwj31JfiGDlTb3M&google_cver=1 HTTP 302
  • https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=44db42e3-a299-4e69-acbb-22e89184d6ae HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3D44db42e3-a299-4e69-acbb-22e89184d6ae HTTP 302
  • https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=7694084169723127402&ttd_tdid=44db42e3-a299-4e69-acbb-22e89184d6ae HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=44db42e3-a299-4e69-acbb-22e89184d6ae&expiration=1653705274&gdpr=0&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=44db42e3-a299-4e69-acbb-22e89184d6ae&expiration=1653705274&gdpr=0&gdpr_consent=&C=1
Request Chain 56
  • https://unpkg.com/react@16/umd/react.production.min.js HTTP 302
  • https://unpkg.com/react@16.14.0/umd/react.production.min.js
Request Chain 57
  • https://unpkg.com/react-dom@16/umd/react-dom.production.min.js HTTP 302
  • https://unpkg.com/react-dom@16.14.0/umd/react-dom.production.min.js
Request Chain 70
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=44db42e3-a299-4e69-acbb-22e89184d6ae&r=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dpubmatic HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
Request Chain 71
  • https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=44db42e3-a299-4e69-acbb-22e89184d6ae&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch HTTP 302
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=93&user_group=1&user_id=44db42e3-a299-4e69-acbb-22e89184d6ae&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch

71 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request submit-claim.php
plaidsettlement.com/
Redirect Chain
  • https://lzzgcc5d.r.us-east-1.awstrack.me/L0/https://plaidsettlement.com/submit-claim.php/2/0100018063c99993-ec71ef28-dd75-41ef-81a7-57003a71fbb3-000000/DCXcfRWEC9Px89iGUB-if91Ksb4=267
  • https://plaidsettlement.com/submit-claim.php
35 KB
8 KB
Document
General
Full URL
https://plaidsettlement.com/submit-claim.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.81.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-81-24.compute-1.amazonaws.com
Software
Apache/2.4.46 (Unix) OpenSSL/1.1.1n / PHP/8.0.3
Resource Hash
02baecbced6f1dd90c6c3a5ea29927a92271ef12c787942148d406d62b3b69bf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-length
7205
content-type
text/html; charset=UTF-8
date
Thu, 28 Apr 2022 02:34:34 GMT
server
Apache/2.4.46 (Unix) OpenSSL/1.1.1n
vary
Accept-Encoding
x-powered-by
PHP/8.0.3

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Thu, 28 Apr 2022 02:34:33 GMT
Location
https://plaidsettlement.com/submit-claim.php
css
fonts.googleapis.com/
17 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Oswald|Open+Sans:400italic,600italic,700italic,400,700,600
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f10.1e100.net
Software
ESF /
Resource Hash
f7184a4dcbea2645be5c8c236faa68d85d732024a0328fa70c382e8235b485a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 28 Apr 2022 02:34:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 28 Apr 2022 02:34:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 28 Apr 2022 02:34:34 GMT
reset.css
angeion-public.s3.amazonaws.com/css/
1 KB
1 KB
Stylesheet
General
Full URL
https://angeion-public.s3.amazonaws.com/css/reset.css?v=0.07
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.142.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
ed555a279183c054222c873e78d92c40b512498e49359b6abfda36048f141988

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 28 Apr 2022 02:34:35 GMT
Last-Modified
Thu, 06 Jun 2019 20:07:03 GMT
Server
AmazonS3
x-amz-request-id
WPX1XX8KEH04H986
ETag
"ba1d59b0e53d380b12b3e97a428b3314"
Content-Type
text/css
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
1092
x-amz-id-2
4lNWQxoi/PWL1jN09ZTwyMHnIHavPPavEvO9bjf7QtUn9fFY59Sazmo8lk1PJ31d3kbEEKHMskk=
static.css
angeion-public.s3.amazonaws.com/css/
9 KB
10 KB
Stylesheet
General
Full URL
https://angeion-public.s3.amazonaws.com/css/static.css?v=0.07
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.142.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
52834a043833292f8d29a963e3db42db01ae6da0215d4aeca8140a211c54fcb3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 28 Apr 2022 02:34:35 GMT
Last-Modified
Fri, 14 Jan 2022 17:09:31 GMT
Server
AmazonS3
x-amz-request-id
WPX3C783ZFV3E4FV
ETag
"1c5f463cb9c1fe59ad93e19ef679307c"
Content-Type
text/css
x-amz-version-id
75BZdP9INKnB13aY0_.nnnU9KHCdx9yX
Accept-Ranges
bytes
Content-Length
9648
x-amz-id-2
AD1Sy9bjxs/ajlfbevsauX11JK8mvTbasJSB8nPWsniD4KnJyQP8ZaTUEsp9C+v15n6saMExHVw=
polyfill.js
angeion-public.s3.amazonaws.com/js/
17 KB
18 KB
Script
General
Full URL
https://angeion-public.s3.amazonaws.com/js/polyfill.js?v=0.07
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.142.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
4d0338c84a37206c2b96a06e28083301ac07b203fe1e5ed291fe7dd353defabb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 28 Apr 2022 02:34:35 GMT
Last-Modified
Wed, 25 Sep 2019 14:04:58 GMT
Server
AmazonS3
x-amz-request-id
WPX4H0ACKT71633Q
ETag
"9707554026c98a554218d8c44ade0095"
Content-Type
application/javascript
x-amz-version-id
qsDXHpeIhr.67NMrhIzHOwcMrSQvgdoN
Accept-Ranges
bytes
Content-Length
17679
x-amz-id-2
4Jc6CGlSgcfGFR90/dxoQempT5sk2DE/ETVU3OF7Z83XJVeufssgTlCvSORKmIWmXJkTZB9QMd0=
static.js
angeion-public.s3.amazonaws.com/js/
3 KB
4 KB
Script
General
Full URL
https://angeion-public.s3.amazonaws.com/js/static.js?v=0.07
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.142.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0320896ccfc97db75ac57b085daab0df5328379b5f0f64be139ab1e09223743d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 28 Apr 2022 02:34:35 GMT
Last-Modified
Tue, 13 Jul 2021 23:10:27 GMT
Server
AmazonS3
x-amz-request-id
WPX7V84QN14WFFT7
ETag
"d25bc6f147982da042c1946d8162214f"
Content-Type
application/javascript
x-amz-version-id
ZRmLBkuNIJcWwRR2_PfG0nUI9YBEVnDQ
Accept-Ranges
bytes
Content-Length
3382
x-amz-id-2
ovqI92EdsjpWgGlv/QVPpFLFTcWKfGPGqleSzYjSqPHHEpWJ61IFyW2ecJfiiYu+f0z489szaqI=
api.js
www.google.com/recaptcha/
884 B
1001 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=6LeVdgEVAAAAAGLdvtrwMCDZcDZzJ300FZHqvmud
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.64.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s30-in-f4.1e100.net
Software
GSE /
Resource Hash
9799a54de2794814a5290324523f5ca46924d159d61211353ec9ee6b37c34a04
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 02:34:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
588
x-xss-protection
1; mode=block
expires
Thu, 28 Apr 2022 02:34:34 GMT
axios.standalone.js
angeion-public.s3.amazonaws.com/js/api-gateway/lib/axios/dist/
27 KB
28 KB
Script
General
Full URL
https://angeion-public.s3.amazonaws.com/js/api-gateway/lib/axios/dist/axios.standalone.js?v=0.07
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.142.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
7959256390ff9d45f5f212f0511e1ffbc5919766c4e236e04b0eaf3d67e03fe2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 28 Apr 2022 02:34:35 GMT
Last-Modified
Mon, 02 Nov 2020 20:03:22 GMT
Server
AmazonS3
x-amz-request-id
WPXE61B86463FXDK
ETag
"b3cda1a3e912b6f8c138d0e90635f7f3"
Content-Type
application/javascript
x-amz-version-id
dhW.q79yFjETaACQ.YpE8GZMdCqeBk_9
Accept-Ranges
bytes
Content-Length
28123
x-amz-id-2
yDON+5GsLeo77VeS4zA4sOJTi4Xg+sLUkkGHLshlzVYV6AdqBaC2u/bwK7yShj/UtWT1A/zvJqo=
hmac-sha256.js
angeion-public.s3.amazonaws.com/js/api-gateway/lib/CryptoJS/rollups/
5 KB
6 KB
Script
General
Full URL
https://angeion-public.s3.amazonaws.com/js/api-gateway/lib/CryptoJS/rollups/hmac-sha256.js?v=0.07
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.142.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
d6f2b21914a528e96d06a38fea4aa7a0e54f440349d651652ad276afc1ee464a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 28 Apr 2022 02:34:35 GMT
Last-Modified
Mon, 02 Nov 2020 20:03:22 GMT
Server
AmazonS3
x-amz-request-id
WPX4Q7HR8HXR50SW
ETag
"e355334677dcf7e7b062c1e1aff8e36d"
Content-Type
application/javascript
x-amz-version-id
Cp5g821m3oj3ajt0wOf5y4kk33Q6YUFA
Accept-Ranges
bytes
Content-Length
5228
x-amz-id-2
GQ1N9tktFAqiyN4Rf7yP1GlrELa3Ks7BKDiwvR39BvvKL6wnGZYA8Uf1oyRj9nJbetqM7PwNC3w=
sha256.js
angeion-public.s3.amazonaws.com/js/api-gateway/lib/CryptoJS/rollups/
5 KB
5 KB
Script
General
Full URL
https://angeion-public.s3.amazonaws.com/js/api-gateway/lib/CryptoJS/rollups/sha256.js?v=0.07
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.142.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
f7bfb9a64082e0371de86c3b3ed83e05f22be1eac3190d73736298f2f0ec8425

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 28 Apr 2022 02:34:35 GMT
Last-Modified
Mon, 02 Nov 2020 20:03:22 GMT
Server
AmazonS3
x-amz-request-id
WPXFX0CNV5B2QJAA
ETag
"e865bd9952e46357b2572dc64c6e7b78"
Content-Type
application/javascript
x-amz-version-id
RsyV9qFdbqVO4fEJp2t1frWfgX8r4Xco
Accept-Ranges
bytes
Content-Length
4608
x-amz-id-2
pTG52JdcW5fkSNlKeAmJ7VnK6sbGW4pJj3cEZZ+vgYkD6q6QQCZRAYB3Z7UdtH2z3uiQDhpfjK0=
hmac.js
angeion-public.s3.amazonaws.com/js/api-gateway/lib/CryptoJS/components/
4 KB
4 KB
Script
General
Full URL
https://angeion-public.s3.amazonaws.com/js/api-gateway/lib/CryptoJS/components/hmac.js?v=0.07
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.142.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
c76d2b9a9ef3522e33ab5721f2bf66c95ee792c2e8c390c6fa5dae1f28fd0b70

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 28 Apr 2022 02:34:35 GMT
Last-Modified
Mon, 02 Nov 2020 20:03:22 GMT
Server
AmazonS3
x-amz-request-id
WPX2XB8C30A25YCX
ETag
"8a816a10bd506d3fa9b9e2cd92d09b17"
Content-Type
application/javascript
x-amz-version-id
VY4pNeXtA7t4nkSubqw1Sn7GBEIsXyR5
Accept-Ranges
bytes
Content-Length
3806
x-amz-id-2
9V6pnkYLZT5Q7lWyh59kLz15RzepL23Qcq7YmxejoHV/tPUrgvljAt5CF4OmuRnSIl0IoBvUbYE=
enc-base64.js
angeion-public.s3.amazonaws.com/js/api-gateway/lib/CryptoJS/components/
3 KB
4 KB
Script
General
Full URL
https://angeion-public.s3.amazonaws.com/js/api-gateway/lib/CryptoJS/components/enc-base64.js?v=0.07
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.142.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
e337112ff57db84347ffaaf07622bb6b2b8a74fef331897bc80bb10e8fb8eec2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 28 Apr 2022 02:34:35 GMT
Last-Modified
Mon, 02 Nov 2020 20:03:22 GMT
Server
AmazonS3
x-amz-request-id
WPXEQZDBBVS6GED4
ETag
"a5fb8f1f2d8134e0ed8d0ddd6e2ed216"
Content-Type
application/javascript
x-amz-version-id
zKLBpXPQ0a3WAfa28V03GbR.K8C8dUIw
Accept-Ranges
bytes
Content-Length
3338
x-amz-id-2
pVYAoQEx1qrPNOFSBRlmXLC8ht5b4sIHbNxfbRqele0e3TZa6+3qSeHJiSNglB1aZ/dFXsegHro=
url-template.js
angeion-public.s3.amazonaws.com/js/api-gateway/lib/url-template/
13 KB
13 KB
Script
General
Full URL
https://angeion-public.s3.amazonaws.com/js/api-gateway/lib/url-template/url-template.js?v=0.07
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.142.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
5c7ce67a9fb86337c254baf03948a73b4e6e361cfad272fdf6884dd069b13037

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 28 Apr 2022 02:34:35 GMT
Last-Modified
Mon, 02 Nov 2020 20:03:22 GMT
Server
AmazonS3
x-amz-request-id
WPX8V2KS6WKJRBG1
ETag
"16eeb1a057c1f2e031f120196dedfac0"
Content-Type
application/javascript
x-amz-version-id
.dEoookkgq_qAKtB4.MnaNc4wrxSfL0X
Accept-Ranges
bytes
Content-Length
13244
x-amz-id-2
tAUa6p7e+WOF58TuD0YEGHNnRwOFxT9iuavwg7v7OH/MJD4jVZiRsyaA/MPGUNHtHFz+eoskrxQ=
sigV4Client.js
angeion-public.s3.amazonaws.com/js/api-gateway/lib/apiGatewayCore/
8 KB
9 KB
Script
General
Full URL
https://angeion-public.s3.amazonaws.com/js/api-gateway/lib/apiGatewayCore/sigV4Client.js?v=0.07
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.142.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
b02596ba3158837b16f3c287bbba96098c323f4dd9ea6f4c875f726548b58d86

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 28 Apr 2022 02:34:35 GMT
Last-Modified
Mon, 02 Nov 2020 20:03:22 GMT
Server
AmazonS3
x-amz-request-id
WPXF1BYGJXW0PGTX
ETag
"e9c199c87ba0a7db5012cd94060ee7c2"
Content-Type
application/javascript
x-amz-version-id
bACWBV7.NFDzjWsrRJtViCEibMKbHCsg
Accept-Ranges
bytes
Content-Length
8451
x-amz-id-2
Iwb1W5WjcVMVgdglacdUjTUgcdzzLf0FXLih9Ve/eX4kzuwwKPYkCP39akz1UwzWfa0AmhAYrMg=
apiGatewayClient.js
angeion-public.s3.amazonaws.com/js/api-gateway/lib/apiGatewayCore/
2 KB
3 KB
Script
General
Full URL
https://angeion-public.s3.amazonaws.com/js/api-gateway/lib/apiGatewayCore/apiGatewayClient.js?v=0.07
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.142.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
6aa93baaa0cee35e05245fbfbe31b010fe4ef81288cb8a55785fb316001aa810

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 28 Apr 2022 02:34:35 GMT
Last-Modified
Mon, 02 Nov 2020 20:03:22 GMT
Server
AmazonS3
x-amz-request-id
WPXEJK74AEAYDZDT
ETag
"f67a2fed68b1959f3c223a280f9df917"
Content-Type
application/javascript
x-amz-version-id
BTb6LoRZVkVBC6LOc.0ih8O8IvEo_o5v
Accept-Ranges
bytes
Content-Length
2429
x-amz-id-2
NktmsrLDa1hepmibiOJthKa6L600+q/gTFNdQAcNHf8up7lqqSibc+2+J4oUgqC0iotf2gGh6Cs=
simpleHttpClient.js
angeion-public.s3.amazonaws.com/js/api-gateway/lib/apiGatewayCore/
3 KB
3 KB
Script
General
Full URL
https://angeion-public.s3.amazonaws.com/js/api-gateway/lib/apiGatewayCore/simpleHttpClient.js?v=0.07
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.142.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
aae419d3427dc7e2eafd7f31d190c923ad55177205e992f43ec72208a1acf40c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 28 Apr 2022 02:34:35 GMT
Last-Modified
Mon, 02 Nov 2020 20:03:22 GMT
Server
AmazonS3
x-amz-request-id
WPXD2167THDHJS7R
ETag
"df1909ce114a6f5b208cbbc6c74a48ab"
Content-Type
application/javascript
x-amz-version-id
Q5Sk9AZ.L2p301k68hw2stwKZW53Uau4
Accept-Ranges
bytes
Content-Length
2966
x-amz-id-2
fsCP6Vauu0RB1XjrftuUQDX8kNYLLnV0rtKSbYJnu+nnMBpK6HPoRpEVDktNL40zX+hBYIi1gcs=
utils.js
angeion-public.s3.amazonaws.com/js/api-gateway/lib/apiGatewayCore/
3 KB
3 KB
Script
General
Full URL
https://angeion-public.s3.amazonaws.com/js/api-gateway/lib/apiGatewayCore/utils.js?v=0.07
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.142.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
d9ca748c128ad36d663bcbfa94f9491e5ea8def9df64e5857d7112fc255b544f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 28 Apr 2022 02:34:35 GMT
Last-Modified
Mon, 02 Nov 2020 20:03:22 GMT
Server
AmazonS3
x-amz-request-id
WPX26GB1XX04NMKW
ETag
"a8735571397700e877027ae5f32d29e2"
Content-Type
application/javascript
x-amz-version-id
d.D8aQEdIyr_aaQMdCmvbFtxAdoY.c.A
Accept-Ranges
bytes
Content-Length
2667
x-amz-id-2
RRpT1zeVfkTaUd6htJHT1AzT413b9vmWxQbhUJR9WAMdWJaEXj9jd04MF9KasR+i128xnRPAhrk=
apigClient.js
angeion-public.s3.amazonaws.com/js/api-gateway/
46 KB
47 KB
Script
General
Full URL
https://angeion-public.s3.amazonaws.com/js/api-gateway/apigClient.js?v=0.07
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.142.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
391814b972a8329d83950d3e850c35255a5245fbac081d5e4edb1ecb7260e3e1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 28 Apr 2022 02:34:35 GMT
Last-Modified
Mon, 28 Jun 2021 13:10:26 GMT
Server
AmazonS3
x-amz-request-id
WPX5SV65GF1D8GBY
ETag
"8215305bac6937df0009da38c9385293"
Content-Type
application/javascript
x-amz-version-id
bPqQwXBpz40wPCeCuMzcwNlmVyGRDprj
Accept-Ranges
bytes
Content-Length
47395
x-amz-id-2
YGIuFec7h/6dXFEYxfYX9zTe6iIKvVv79KyaQ0dbSJAHlqlTHJtKNDOb/fsD+PXIbowtLkieHFw=
pikaday.css
angeion-public.s3.amazonaws.com/css/
4 KB
5 KB
Stylesheet
General
Full URL
https://angeion-public.s3.amazonaws.com/css/pikaday.css?v=0.07
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.142.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
3f978a1c2121cf4891c5067159f5d81c856350ca192f541616b2266b32ee6960

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 28 Apr 2022 02:34:35 GMT
Last-Modified
Fri, 14 Jun 2019 13:51:08 GMT
Server
AmazonS3
x-amz-request-id
WPX388PE215SEQHF
ETag
"4f55c62a11f28c282aa1a1159752c764"
Content-Type
text/css
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
4398
x-amz-id-2
WPaBPFnodlFZnlguZ933FaqlRKslT5Dnguyvty/5VfK8ZyCParPRQrz/qYDBhFlCJQizxiCBNzg=
pikaday.js
angeion-public.s3.amazonaws.com/js/
41 KB
42 KB
Script
General
Full URL
https://angeion-public.s3.amazonaws.com/js/pikaday.js?v=0.07
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.142.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
36ed841f8769dac4ef2955e7c5227bd02b40eedfc98133ae3c8fa0dddaaa4dad

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 28 Apr 2022 02:34:35 GMT
Last-Modified
Fri, 14 Jun 2019 13:50:44 GMT
Server
AmazonS3
x-amz-request-id
WPX55YZA0EHMBX5G
ETag
"ea18809b49d28176e8acc7f84109eaff"
Content-Type
application/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
42199
x-amz-id-2
2u6wfqYvHiklrp/T9+7q0dbfZ2skuKYkhSjf5K3XSC1YNCbCY5BwKXeQFsca0ytLSUZlJQA3VBI=
submit-claim.css
angeion-public.s3.amazonaws.com/css/
8 KB
8 KB
Stylesheet
General
Full URL
https://angeion-public.s3.amazonaws.com/css/submit-claim.css?v=0.07
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.142.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
9e6640eb3e061f6fac380366fbc0d6860c351fac89a913d01229706a878419dc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 28 Apr 2022 02:34:35 GMT
Last-Modified
Thu, 06 Aug 2020 20:14:56 GMT
Server
AmazonS3
x-amz-request-id
WPXB9QM01HCXW2M2
ETag
"20354185d228ec0aba360676045bd7fa"
Content-Type
text/css
x-amz-version-id
jlIFKoAa0_1ohWfeWu4Eo8OdlntXVNEY
Accept-Ranges
bytes
Content-Length
7982
x-amz-id-2
TfQDysafbELLM0ENdGpnzzX9g5l354hq4o8QQI0s67USgRTQgb+XZhAgx+++c34CePx4FcgVSiw=
submit-claim.js
angeion-public.s3.amazonaws.com/www.PlaidSettlement.com/js/
42 KB
43 KB
Script
General
Full URL
https://angeion-public.s3.amazonaws.com/www.PlaidSettlement.com/js/submit-claim.js?v=0.07
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.142.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
1ebc3867e8593011fdcb6c4fff04676525c456e568d207276f62001f83a49301

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 28 Apr 2022 02:34:35 GMT
Last-Modified
Tue, 11 Jan 2022 18:36:45 GMT
Server
AmazonS3
x-amz-request-id
WPXBP33NNN27JVBN
ETag
"a29b289da78d2bbc2b33a93219917367"
Content-Type
application/javascript
x-amz-version-id
zOZ9N7Gk4LWnF_z_t0WkE5UPUlquuLlD
Accept-Ranges
bytes
Content-Length
43298
x-amz-id-2
lCEBqBNPcgUBTJk2u6r67ytg2j8HiXx93BNGfKqM88sQuClNeqXSntPNJaUSO8Lize2HhXJqfV0=
submit-claim-plaid.css
angeion-public.s3.amazonaws.com/www.PlaidSettlement.com/css/
1 KB
1 KB
Stylesheet
General
Full URL
https://angeion-public.s3.amazonaws.com/www.PlaidSettlement.com/css/submit-claim-plaid.css?v=0.07
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.142.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
f72c130968e9415b6724d4f53c489e3c8ae69f4dbf11bf37cce995caea77fa3e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 28 Apr 2022 02:34:35 GMT
Last-Modified
Thu, 06 Jan 2022 18:59:26 GMT
Server
AmazonS3
x-amz-request-id
WPX48WKKBRN9ANYW
ETag
"b54b9f7559db6e7e30534ee9f91b2a3e"
Content-Type
text/css
x-amz-version-id
oqiZvntl7d2Rl6CI_KwZdnOeA1fXlU6q
Accept-Ranges
bytes
Content-Length
1105
x-amz-id-2
oeDwENrRLzR+cOkvkC8BUmCnByqzMYRSD7OB7ShLTpSLbqELrEDop6S0R04tvwoTk1LEu8PmYyY=
submit-claim-plaid.js
angeion-public.s3.amazonaws.com/www.PlaidSettlement.com/js/
10 KB
10 KB
Script
General
Full URL
https://angeion-public.s3.amazonaws.com/www.PlaidSettlement.com/js/submit-claim-plaid.js?v=0.07
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.142.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
ab1c30193f9331b6143ac6fbe589a211fdc0171ae54bfa5ca5593a96a15e9622

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 28 Apr 2022 02:34:35 GMT
Last-Modified
Fri, 25 Feb 2022 18:53:05 GMT
Server
AmazonS3
x-amz-request-id
WPX7YYDKDAHTRMYM
ETag
"2fb6ab78fac6db906666ff2a8627c6ce"
Content-Type
application/javascript
x-amz-version-id
fAMG.GI8EnUg.gryc9RaaaTgH12Vwm3H
Accept-Ranges
bytes
Content-Length
10229
x-amz-id-2
79FkzB/CEVo9En/xl8GHmYwHuuA9GK6iXrgBqVhBtKGfj2hNGl7Jp9aSrfZ/xsTXP/EPJxFPxSo=
js
www.googletagmanager.com/gtag/
180 KB
67 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PEP1EPQ3K9
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
edbdcb4cdc0c5b96c7ed8b8cbdfc4021d4b7402f8b2be62c7673f5221708cd58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 02:34:34 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67648
x-xss-protection
0
expires
Thu, 28 Apr 2022 02:34:34 GMT
poster.jpg
angeion-public.s3.amazonaws.com/www.PlaidSettlement.com/embed/
860 KB
861 KB
Image
General
Full URL
https://angeion-public.s3.amazonaws.com/www.PlaidSettlement.com/embed/poster.jpg
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.142.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
e503b4ae287936cc741f769566857afb3e8b8077fb1282f189fa988d8b7e9d9d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 28 Apr 2022 02:34:35 GMT
Last-Modified
Thu, 20 Jan 2022 17:40:02 GMT
Server
AmazonS3
x-amz-request-id
WPX1G9AAK413P6SC
ETag
"ea5b48591fb311f071393028b4c8c91d"
Content-Type
image/jpeg
x-amz-version-id
QgYleHLuIkgtuqTI9_P3CH5VGzLvQ02u
Accept-Ranges
bytes
Content-Length
880935
x-amz-id-2
MxtZltmdqf4mV0LzVDuBFuR5/0KK8a4rLeSAKqTkMWZmYaxCmi8wPQEy41CpYY17s3yqlBi4fzk=
host.js
content.digitaldisbursements.com/v1.4.3/assets/
4 KB
4 KB
Script
General
Full URL
https://content.digitaldisbursements.com/v1.4.3/assets/host.js
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.164.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-164-20.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53f9b5223361ad333b292f033165a9fedd6dda6db9c701896dbb5fa3c08c73a0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
NCyAOgOC_XGD38mLTP_C0aJgFZSueZDL
via
1.1 098d11622fcaacdb87ba92e6eaca351c.cloudfront.net (CloudFront)
etag
"56b8e774b978f003aa88bf83f5792f33"
last-modified
Tue, 26 Apr 2022 18:32:10 GMT
server
AmazonS3
age
28930
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
date
Wed, 27 Apr 2022 18:33:18 GMT
x-amz-cf-pop
SFO53-C1
accept-ranges
bytes
content-length
4183
x-amz-cf-id
y5_EUJYfko3qUCppYDrU3vygGwj2iBvmCj8wt51ahuUqVuNQFerSZQ==
rum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://insight.adsrvr.org/track/pxl/?adv=zdfda0f&ct=0:c5vaoju&fmt=3
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=44db42e3-a299-4e69-acbb-22e89184d6ae&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=44db42e3-a299-4e69-acbb-22e89184d6ae&_origin=1&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=44db42e3-a299-4e69-acbb-22e89184d6ae&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-z7Rsj4hE2uINlg.DYKaf1NEYi4hWAYU-~A&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=NDRkYjQyZTMtYTI5OS00ZTY5LWFjYmItMjJlODkxODRkNmFl&gdpr=0&gdpr_consent=&ttd_tdid=44db42e3-a299-4e69-acbb-22e89...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm=&google_sc=&google_hm=NDRkYjQyZTMtYTI5OS00ZTY5LWFjYmItMjJlODkxODRkNmFl&gdpr=0&gdpr_consent=&ttd_tdid=44db42e3-a299-4e69-acbb-22e...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=44db42e3-a299-4e69-acbb-22e89184d6ae&google_gid=CAESEJ7bOufMfwj31JfiGDlTb3M&google_cver=1
  • https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=44db42e3-a299-4e69-acbb-22e89184d6ae
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3D44db42e3-a299-4e69-acbb-22e89184d6ae
  • https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=7694084169723127402&ttd_tdid=44db42e3-a299-4e69-acbb-22e89184d6ae
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=44db42e3-a299-4e69-acbb-22e89184d6ae&expiration=1653705274&gdpr=0&gdpr_consent=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=44db42e3-a299-4e69-acbb-22e89184d6ae&expiration=1653705274&gdpr=0&gdpr_consent=&C=1
43 B
1022 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=44db42e3-a299-4e69-acbb-22e89184d6ae&expiration=1653705274&gdpr=0&gdpr_consent=&C=1
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Server
184.84.230.169 Chicago, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-84-230-169.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 28 Apr 2022 02:34:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 28 Apr 2022 02:34:34 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 28 Apr 2022 02:34:34 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=44db42e3-a299-4e69-acbb-22e89184d6ae&expiration=1653705274&gdpr=0&gdpr_consent=&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
354
Expires
Thu, 28 Apr 2022 02:34:34 GMT
up_loader.1.1.0.js
js.adsrvr.org/
4 KB
2 KB
Script
General
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.90.156 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-90-156.lax3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Wed, 27 Apr 2022 16:36:25 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
35890
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 d61de279b5f7e6f904ebef90a08fb3c0.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
LAX3-C2
X-Amz-Cf-Id
HExwsoHdTqbo8Qd_k-_uT_PANd4AJ4KYvI1ADLD2dSNqGkUC0UglIw==
recaptcha__en.js
www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/
360 KB
143 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LeVdgEVAAAAAGLdvtrwMCDZcDZzJ300FZHqvmud
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f3.1e100.net
Software
sffe /
Resource Hash
a1ac660767f0b902644fec786e9321a1fc2f2d50fac439eaaca062fb60d88124
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://plaidsettlement.com/
Origin
https://plaidsettlement.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 01:50:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2639
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145349
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 04:02:19 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 28 Apr 2023 01:50:35 GMT
fbevents.js
connect.facebook.net/en_US/
99 KB
27 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-lga3.fbcdn.net
Software
/
Resource Hash
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26311
x-xss-protection
0
pragma
public
x-fb-debug
qdpFad3QnmwRq8eTjs734s1r9q96uPxoW3N9OI5IJOGaHH6L/qzDGuOm83CItUmZ3DeL6fX7bi6ZBPKGCg2qHA==
x-fb-trip-id
1512268381
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 28 Apr 2022 02:34:34 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v47/
10 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oswald/v47/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald|Open+Sans:400italic,600italic,700italic,400,700,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f3.1e100.net
Software
sffe /
Resource Hash
4a354f3d28b56276cc1c16d970f65ddb3ecec48cb1b79a1a32e0e3929e584607
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://plaidsettlement.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 21:16:45 GMT
x-content-type-options
nosniff
age
19069
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9828
x-xss-protection
0
last-modified
Thu, 24 Feb 2022 18:03:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Apr 2023 21:16:45 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald|Open+Sans:400italic,600italic,700italic,400,700,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f3.1e100.net
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://plaidsettlement.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 22:45:59 GMT
x-content-type-options
nosniff
age
100115
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:03:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Apr 2023 22:45:59 GMT
Angeion_Plaid_Settlement_Video_(2).mp4
angeion-public.s3.amazonaws.com/www.PlaidSettlement.com/embed/
2 MB
0
Media
General
Full URL
https://angeion-public.s3.amazonaws.com/www.PlaidSettlement.com/embed/Angeion_Plaid_Settlement_Video_(2).mp4
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.142.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://plaidsettlement.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Range
bytes=0-

Response headers

Date
Thu, 28 Apr 2022 02:34:35 GMT
Last-Modified
Wed, 19 Jan 2022 22:48:51 GMT
Server
AmazonS3
x-amz-request-id
WPX9N5ESKRR7AT8R
ETag
"41f931a0427ff2f63bbefcb219785654-5"
Content-Type
video/mp4
Content-Range
bytes 0-76867860/76867861
x-amz-version-id
gagDHMk6.IFaH7Y3X.TAhnJiqHPS6dbx
Accept-Ranges
bytes
Content-Length
76867861
x-amz-id-2
oojwQVqo7BhNeGtsg3Lp3mUugCkTRmR0a8LQ6QU0yvGlIr0DM87gsx3sbpu4FvbB9pI7IehKHAA=
728463661459652
connect.facebook.net/signals/config/
305 KB
87 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/728463661459652?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-lga3.fbcdn.net
Software
/
Resource Hash
40b02705e31cfc383fe3f957e4cd08c6f010b60627a54866a1921cede3be3a96
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
88800
x-xss-protection
0
pragma
public
x-fb-debug
hNFaenhnsGfKdhfUwwI7NF6K6HcKiWJ5tKy0dioZLbeQPN25vXei9Gxk+RVFZXArPwhcwSXFGTfhMSq3kL5dXA==
x-fb-trip-id
1512268381
x-frame-options
DENY
date
Thu, 28 Apr 2022 02:34:34 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
44 B
410 B
Image
General
Full URL
https://www.facebook.com/tr/?id=728463661459652&ev=PageView&dl=https%3A%2F%2Fplaidsettlement.com%2Fsubmit-claim.php&rl=&if=false&ts=1651113274286&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1651113274284.417718648&it=1651113274235&coo=false&rqm=GET
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-lga3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 02:34:34 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Thu, 28 Apr 2022 02:34:34 GMT
collect
www.google-analytics.com/g/
0
349 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-PEP1EPQ3K9&gtm=2oe4p0&_p=2100165977&_z=ccd.NbB&cid=180211031.1651113274&ul=en-us&sr=1600x1200&_s=1&sid=1651113274&sct=1&seg=0&dl=https%3A%2F%2Fplaidsettlement.com%2Fsubmit-claim.php&dt=Submit%20Claim%20%7C%20Plaid%20Inc.%20Privacy%20Litigation&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PEP1EPQ3K9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.81.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Apr 2022 02:34:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://plaidsettlement.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
180 KB
66 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-W6YTEY4NZ1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PEP1EPQ3K9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
accb52cbe5526e5c670a81b8d5f09af8d75890b6f0a9587aff83743f41e03230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 02:34:34 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67683
x-xss-protection
0
expires
Thu, 28 Apr 2022 02:34:34 GMT
js
www.googletagmanager.com/gtag/
105 KB
41 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-10839088199&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PEP1EPQ3K9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
73e2c519df87d30b992aad95b7c4f3e1830ac88cb2eb6c0ef7242b135812b3da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 02:34:34 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42208
x-xss-protection
0
last-modified
Thu, 28 Apr 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 28 Apr 2022 02:34:34 GMT
collect
www.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-W6YTEY4NZ1&gtm=2oe4p0&_p=2100165977&_z=ccd.NbB&cid=180211031.1651113274&ul=en-us&sr=1600x1200&_s=1&sid=1651113274&sct=1&seg=0&dl=https%3A%2F%2Fplaidsettlement.com%2Fsubmit-claim.php&dt=Submit%20Claim%20%7C%20Plaid%20Inc.%20Privacy%20Litigation&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W6YTEY4NZ1&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Apr 2022 02:34:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://plaidsettlement.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/
39 KB
15 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10839088199&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
4902dcbc3d3c97271a66bc136ec40b0c72422ccd05bb9946aa76382e50c5d6fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 02:34:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14897
x-xss-protection
0
server
cafe
etag
9926226332162747720
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 28 Apr 2022 02:34:34 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10839088199/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10839088199/?random=1651113274464&cv=9&fst=1651113274464&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa4p0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fplaidsettlement.com%2Fsubmit-claim.php&tiba=Submit%20Claim%20%7C%20Plaid%20Inc.%20Privacy%20Litigation&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
b9d424a36deb2a7bf52cf1ebb8d1156e08b4eaeff9c43b9153c68124cf778c9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Apr 2022 02:34:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1052
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/10839088199/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/10839088199/?random=1651113274464&cv=9&fst=1651111200000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa4p0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fplaidsettlement.com%2Fsubmit-claim.php&tiba=Submit%20Claim%20%7C%20Plaid%20Inc.%20Privacy%20Litigation&async=1&fmt=3&is_vtc=1&random=2430630405&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: plaidsettlement.com
URL: https://plaidsettlement.com/submit-claim.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s30-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Apr 2022 02:34:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
content.digitaldisbursements.com/v1.4.3/ Frame 2826
815 B
1 KB
Document
General
Full URL
https://content.digitaldisbursements.com/v1.4.3/index.html?d1e9c7e08cb9564b0dd7d52067b4573a25d2b197fe12d315b3186637792b2dcf&%7B%22verify%22%3Afalse%7D
Requested by
Host: content.digitaldisbursements.com
URL: https://content.digitaldisbursements.com/v1.4.3/assets/host.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.164.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-164-20.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
114e02e72cbbdf9ed3231e23769fb82df145059740c2e05ec768344c6a31f41c

Request headers

Referer
https://plaidsettlement.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
28930
content-length
815
content-type
text/html
date
Wed, 27 Apr 2022 18:33:18 GMT
etag
"efe0f4eb044fc5ad43675089f26e235d"
last-modified
Wed, 16 Sep 2020 21:01:34 GMT
server
AmazonS3
via
1.1 098d11622fcaacdb87ba92e6eaca351c.cloudfront.net (CloudFront)
x-amz-cf-id
lywNGle6QBcClcYVVofc9muulTLFSousLJ3qMwggWv0mED_QPjhD8Q==
x-amz-cf-pop
SFO53-C1
x-amz-version-id
null
x-cache
Hit from cloudfront
loading.gif
angeion-public.s3.amazonaws.com/img/
43 KB
43 KB
Image
General
Full URL
https://angeion-public.s3.amazonaws.com/img/loading.gif
Requested by
Host: angeion-public.s3.amazonaws.com
URL: https://angeion-public.s3.amazonaws.com/css/static.css?v=0.07
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.142.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
5efd90918cf06e52b0d529317f067ac0fc658356ca338d95c5a54ef9690ff77a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://angeion-public.s3.amazonaws.com/css/static.css?v=0.07
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 28 Apr 2022 02:34:35 GMT
Last-Modified
Thu, 11 Jul 2019 15:30:37 GMT
Server
AmazonS3
x-amz-request-id
WPX69PF0D71NDGTT
ETag
"f7ccc9e1852de0225d0800fc38406020"
Content-Type
image/gif
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
43906
x-amz-id-2
ZJmOBifW9s7xLatJ8gFBF4zxWxsRX4RA2SXEv95na79QGbYLIWL1cQ1lvt77gkVaSVJRVVoN470=
deadline
uae4khqoag.execute-api.us-east-1.amazonaws.com/prod/claims/ Frame
0
0
Preflight
General
Full URL
https://uae4khqoag.execute-api.us-east-1.amazonaws.com/prod/claims/deadline?domain=www.plaidsettlement.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.177.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-177-13.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-api-key
Access-Control-Request-Method
GET
Origin
https://plaidsettlement.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
OPTIONS,GET
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Thu, 28 Apr 2022 02:34:34 GMT
x-amz-apigw-id
RRSBNHfYIAMFxOA=
x-amzn-requestid
d272b0cf-4d81-49a5-8283-441860dab152
deadline
uae4khqoag.execute-api.us-east-1.amazonaws.com/prod/claims/
151 B
425 B
XHR
General
Full URL
https://uae4khqoag.execute-api.us-east-1.amazonaws.com/prod/claims/deadline?domain=www.plaidsettlement.com
Requested by
Host: angeion-public.s3.amazonaws.com
URL: https://angeion-public.s3.amazonaws.com/js/api-gateway/lib/axios/dist/axios.standalone.js?v=0.07
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.177.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-177-13.compute-1.amazonaws.com
Software
/
Resource Hash
403a9d8e1ee1d1488177686f45e02c4ca4df1a218931285694d17112e2ce781e

Request headers

Accept
application/json
Referer
https://plaidsettlement.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
x-api-key
AfbgDFMV5w3CQfrul1CMH4tLS0BYFqsl7FyjPEsB

Response headers

date
Thu, 28 Apr 2022 02:34:34 GMT
x-amzn-requestid
21fb604b-6f80-4ef8-87a3-6ab20ced22f0
x-custom-header
get angeion claim deadline information
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-6269fd3a-698799403cc12bbb5bd5abc9
access-control-allow-credentials
true
x-amz-apigw-id
RRSBOHWpoAMFUFA=
content-length
151
anchor
www.google.com/recaptcha/api2/ Frame 3D2A
41 KB
21 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeVdgEVAAAAAGLdvtrwMCDZcDZzJ300FZHqvmud&co=aHR0cHM6Ly9wbGFpZHNldHRsZW1lbnQuY29tOjQ0Mw..&hl=en&v=2W_gRz39xX8G13fM-OdyQPlc&size=invisible&cb=rc9vlz1b1292
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s30-in-f4.1e100.net
Software
GSE /
Resource Hash
ace00f36f31baff93c31a06a783534ae6b74c19838727da8d9bfcf52661c5035
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-88PlUlXj+P5UNu6VuqSU1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://plaidsettlement.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
21684
content-security-policy
script-src 'report-sample' 'nonce-88PlUlXj+P5UNu6VuqSU1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 28 Apr 2022 02:34:34 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/ Frame 3D2A
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeVdgEVAAAAAGLdvtrwMCDZcDZzJ300FZHqvmud&co=aHR0cHM6Ly9wbGFpZHNldHRsZW1lbnQuY29tOjQ0Mw..&hl=en&v=2W_gRz39xX8G13fM-OdyQPlc&size=invisible&cb=rc9vlz1b1292
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f3.1e100.net
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 00:58:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5770
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 04:02:19 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 28 Apr 2023 00:58:24 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/ Frame 3D2A
360 KB
142 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeVdgEVAAAAAGLdvtrwMCDZcDZzJ300FZHqvmud&co=aHR0cHM6Ly9wbGFpZHNldHRsZW1lbnQuY29tOjQ0Mw..&hl=en&v=2W_gRz39xX8G13fM-OdyQPlc&size=invisible&cb=rc9vlz1b1292
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f3.1e100.net
Software
sffe /
Resource Hash
a1ac660767f0b902644fec786e9321a1fc2f2d50fac439eaaca062fb60d88124
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 01:50:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2639
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145349
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 04:02:19 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 28 Apr 2023 01:50:35 GMT
truncated
/
547 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
552 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
715 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
380 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/svg+xml
css
fonts.googleapis.com/ Frame 2826
8 KB
732 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Requested by
Host: content.digitaldisbursements.com
URL: https://content.digitaldisbursements.com/v1.4.3/index.html?d1e9c7e08cb9564b0dd7d52067b4573a25d2b197fe12d315b3186637792b2dcf&%7B%22verify%22%3Afalse%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f10.1e100.net
Software
ESF /
Resource Hash
3fa49132cfd4ae80349a262b643fc4f9afa40c41a56032d7e05c3500f4ec9313
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://content.digitaldisbursements.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 28 Apr 2022 01:33:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 28 Apr 2022 02:34:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 28 Apr 2022 02:34:34 GMT
icon
fonts.googleapis.com/ Frame 2826
569 B
367 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: content.digitaldisbursements.com
URL: https://content.digitaldisbursements.com/v1.4.3/index.html?d1e9c7e08cb9564b0dd7d52067b4573a25d2b197fe12d315b3186637792b2dcf&%7B%22verify%22%3Afalse%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f10.1e100.net
Software
ESF /
Resource Hash
786f8e86896c85d5941a05d0519c32b261947a8c229f5581f308595381b7448e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://content.digitaldisbursements.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 28 Apr 2022 02:34:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 28 Apr 2022 02:34:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 28 Apr 2022 02:34:34 GMT
browser-polyfill.min.js
cdnjs.cloudflare.com/ajax/libs/babel-core/5.6.15/ Frame 2826
83 KB
21 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/babel-core/5.6.15/browser-polyfill.min.js
Requested by
Host: content.digitaldisbursements.com
URL: https://content.digitaldisbursements.com/v1.4.3/index.html?d1e9c7e08cb9564b0dd7d52067b4573a25d2b197fe12d315b3186637792b2dcf&%7B%22verify%22%3Afalse%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9c15a2727855b6b24591dc43d1c522d04a3859180ea246f4c990d4de63af0db
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://content.digitaldisbursements.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 02:34:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
624685
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21126
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:06:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d6a-14cd3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wf1Y7s4EkZFsQzGBs1OWQw4eK6piZGu86CvKMjh9D%2Ba1Hb%2FY3L3987hSE%2BhYo1QMdc8pNlYFl%2FPeXT7CIZLjrNQ4Z8mRDP2HnGqeF5KxrPxnIxbH5cOURE%2B%2B1Lw9u%2BrhAAsdqMiz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
702c6650198132d9-EWR
expires
Tue, 18 Apr 2023 02:34:34 GMT
react.production.min.js
unpkg.com/react@16.14.0/umd/ Frame 2826
Redirect Chain
  • https://unpkg.com/react@16/umd/react.production.min.js
  • https://unpkg.com/react@16.14.0/umd/react.production.min.js
12 KB
5 KB
Script
General
Full URL
https://unpkg.com/react@16.14.0/umd/react.production.min.js
Requested by
Host: content.digitaldisbursements.com
URL: https://content.digitaldisbursements.com/v1.4.3/index.html?d1e9c7e08cb9564b0dd7d52067b4573a25d2b197fe12d315b3186637792b2dcf&%7B%22verify%22%3Afalse%7D
Protocol
H2
Server
104.16.122.175 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cef9367d2bcaba25b74d20e0e139d2cf900e9123e5fde26101aee7f40f6b5cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://content.digitaldisbursements.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 02:34:34 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
29154587
fly-request-id
01F6J4AJFMCA2QZXPFW1B84MMR
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"30af-G0yLdpwwlM9Jmz5wcsN3bvOe0C0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
702c66508ead9e04-EWR

Redirect headers

date
Thu, 28 Apr 2022 02:34:34 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01G1Q00CVJYV5AZKSS5X936XD5-lga
server
cloudflare
age
325
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/react@16.14.0/umd/react.production.min.js
cache-control
public, s-maxage=600, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
702c66502d979e04-EWR
access-control-allow-origin
*
react-dom.production.min.js
unpkg.com/react-dom@16.14.0/umd/ Frame 2826
Redirect Chain
  • https://unpkg.com/react-dom@16/umd/react-dom.production.min.js
  • https://unpkg.com/react-dom@16.14.0/umd/react-dom.production.min.js
116 KB
38 KB
Script
General
Full URL
https://unpkg.com/react-dom@16.14.0/umd/react-dom.production.min.js
Requested by
Host: content.digitaldisbursements.com
URL: https://content.digitaldisbursements.com/v1.4.3/index.html?d1e9c7e08cb9564b0dd7d52067b4573a25d2b197fe12d315b3186637792b2dcf&%7B%22verify%22%3Afalse%7D
Protocol
H2
Server
104.16.122.175 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4949f4e1cff9e8a960b44c9a8be70bc4bb10216eb4d0123ca61753e0908a0f87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://content.digitaldisbursements.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 02:34:34 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
29154561
fly-request-id
01F6J4AH2NNVNSSDAGRKTTME7E
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"1cf80-NADCsuguidx6ZmGXUZs/qIwlw4Q"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
702c66508eb99e04-EWR

Redirect headers

date
Thu, 28 Apr 2022 02:34:34 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01G1Q083XCXSZYMMPMM0H4Y13N-lga
server
cloudflare
age
72
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/react-dom@16.14.0/umd/react-dom.production.min.js
cache-control
public, s-maxage=600, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
702c66502d999e04-EWR
access-control-allow-origin
*
embedded.js
content.digitaldisbursements.com/v1.4.3/assets/ Frame 2826
414 KB
415 KB
Script
General
Full URL
https://content.digitaldisbursements.com/v1.4.3/assets/embedded.js?1
Requested by
Host: content.digitaldisbursements.com
URL: https://content.digitaldisbursements.com/v1.4.3/index.html?d1e9c7e08cb9564b0dd7d52067b4573a25d2b197fe12d315b3186637792b2dcf&%7B%22verify%22%3Afalse%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.164.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-164-20.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
45c533e8ff83b4d52b4890d851c22a9680005791d6f24a5bda9324e93bef934a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://content.digitaldisbursements.com/v1.4.3/index.html?d1e9c7e08cb9564b0dd7d52067b4573a25d2b197fe12d315b3186637792b2dcf&%7B%22verify%22%3Afalse%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
IBVFr3mvdWS4xRhRIwyOaH2hpFg2hmwf
via
1.1 098d11622fcaacdb87ba92e6eaca351c.cloudfront.net (CloudFront)
etag
"a66d42f14e9972f8c9f6e8ae1a0c137b"
last-modified
Tue, 26 Apr 2022 18:32:10 GMT
server
AmazonS3
age
28930
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
date
Wed, 27 Apr 2022 18:32:25 GMT
x-amz-cf-pop
SFO53-C1
accept-ranges
bytes
content-length
423986
x-amz-cf-id
FsUiUTxIUdWHA1T0iwW_D-WNX3WTkWgY2wvjn1NzYFfDNjtrkThGrg==
truncated
/
177 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
351 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
242 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/svg+xml
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 3D2A
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f3.1e100.net
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 23 Apr 2022 13:59:43 GMT
x-content-type-options
nosniff
age
390891
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Sat, 30 Apr 2022 13:59:43 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3D2A
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeVdgEVAAAAAGLdvtrwMCDZcDZzJ300FZHqvmud&co=aHR0cHM6Ly9wbGFpZHNldHRsZW1lbnQuY29tOjQ0Mw..&hl=en&v=2W_gRz39xX8G13fM-OdyQPlc&size=invisible&cb=rc9vlz1b1292
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:59:51 GMT
x-content-type-options
nosniff
age
124483
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 26 Apr 2023 15:59:51 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3D2A
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeVdgEVAAAAAGLdvtrwMCDZcDZzJ300FZHqvmud&co=aHR0cHM6Ly9wbGFpZHNldHRsZW1lbnQuY29tOjQ0Mw..&hl=en&v=2W_gRz39xX8G13fM-OdyQPlc&size=invisible&cb=rc9vlz1b1292
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f3.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 07:04:51 GMT
x-content-type-options
nosniff
age
156583
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Apr 2023 07:04:51 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 3D2A
102 B
134 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=2W_gRz39xX8G13fM-OdyQPlc
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeVdgEVAAAAAGLdvtrwMCDZcDZzJ300FZHqvmud&co=aHR0cHM6Ly9wbGFpZHNldHRsZW1lbnQuY29tOjQ0Mw..&hl=en&v=2W_gRz39xX8G13fM-OdyQPlc&size=invisible&cb=rc9vlz1b1292
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s30-in-f4.1e100.net
Software
GSE /
Resource Hash
d3c8c63b8dc1ba55a49ce52f0a6b1942a9fe9ebb163651a4bdf130316f2bbbfd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeVdgEVAAAAAGLdvtrwMCDZcDZzJ300FZHqvmud&co=aHR0cHM6Ly9wbGFpZHNldHRsZW1lbnQuY29tOjQ0Mw..&hl=en&v=2W_gRz39xX8G13fM-OdyQPlc&size=invisible&cb=rc9vlz1b1292
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 02:34:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Thu, 28 Apr 2022 02:34:34 GMT
settings
data.digitaldisbursements.com/js/ Frame 2826
177 B
602 B
XHR
General
Full URL
https://data.digitaldisbursements.com/js/settings?publicKey=d1e9c7e08cb9564b0dd7d52067b4573a25d2b197fe12d315b3186637792b2dcf
Requested by
Host: content.digitaldisbursements.com
URL: https://content.digitaldisbursements.com/v1.4.3/assets/embedded.js?1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.1.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-1-64.sfo5.r.cloudfront.net
Software
/
Resource Hash
b6b39ae0bb963230954de9d6aabe79d0a221d886bb9a87b1937ce44587361745

Request headers

Referer
https://content.digitaldisbursements.com/
x-attempt
1
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 02:34:35 GMT
via
1.1 22d43bf299ac98b08849f5a01a8af246.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
177
x-amz-cf-pop
SFO5-P2
x-amzn-requestid
74393322-7dbc-4368-a6bc-0a90ea181b2b
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
https://content.digitaldisbursements.com
x-amzn-trace-id
Root=1-6269fd3b-252b2a696951c2ab122b83a6
x-amz-apigw-id
RRSBZEu3oAMFqBw=
content-length
177
x-amz-cf-id
RimL-f1JP7decDqfyw09COhXWioWcVze1Y-q1FQ-vpBRL3pT_yjSXw==
settings
data.digitaldisbursements.com/js/ Frame
0
0
Preflight
General
Full URL
https://data.digitaldisbursements.com/js/settings?publicKey=d1e9c7e08cb9564b0dd7d52067b4573a25d2b197fe12d315b3186637792b2dcf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.1.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-1-64.sfo5.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-attempt
Access-Control-Request-Method
GET
Origin
https://content.digitaldisbursements.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent,X-Attempt
access-control-allow-methods
OPTIONS,GET
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Thu, 28 Apr 2022 02:34:35 GMT
via
1.1 22d43bf299ac98b08849f5a01a8af246.cloudfront.net (CloudFront)
x-amz-apigw-id
RRSBXEY5IAMFsAg=
x-amz-cf-id
ZpCvYxgdkKvuWSxrMh6xeHzv0Uvob8IVajM59hnzGvopx2IoIvoMjw==
x-amz-cf-pop
SFO5-P2
x-amzn-requestid
43d7a081-f539-4511-852b-aaa26af2a096
x-amzn-trace-id
Root=1-6269fd3b-49e9107f71c4b48f70e21150
x-cache
Miss from cloudfront
up
insight.adsrvr.org/track/ Frame 5F8A
833 B
1 KB
Document
General
Full URL
https://insight.adsrvr.org/track/up?adv=zdfda0f&ref=https%3A%2F%2Fplaidsettlement.com%2Fsubmit-claim.php&upid=h8uxpcj&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
3cdb4eaa18e7309bdcebe689e29d8bf8fd7c4e7195e7106ecd8bdf2189b63932

Request headers

Referer
https://plaidsettlement.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Thu, 28 Apr 2022 02:34:35 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame 5F8A
487 B
963 B
Script
General
Full URL
https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by
Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=zdfda0f&ref=https%3A%2F%2Fplaidsettlement.com%2Fsubmit-claim.php&upid=h8uxpcj&upv=1.1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.90.156 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-90-156.lax3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://insight.adsrvr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Wed, 27 Apr 2022 13:24:01 GMT
Via
1.1 d61de279b5f7e6f904ebef90a08fb3c0.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:32 GMT
Server
AmazonS3
Age
47435
ETag
"f0a7a3296da7382ce6bc1a3b6769e927"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
X-Amz-Cf-Pop
LAX3-C2
Accept-Ranges
bytes
Content-Length
487
X-Amz-Cf-Id
uWvv6qgfT8FUeYZfNqooz7RS8pFd8DsL4WBsX8Adj9LBrzFQ0lDlFg==
generic
match.adsrvr.org/track/cmf/ Frame DA39
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=44db42e3-a299-4e69-acbb-22e89184d6ae&r=https%3A%2F%2Fmatch.adsrvr.org%2...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
70 B
694 B
Document
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Thu, 28 Apr 2022 02:34:35 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 28 Apr 2022 02:34:35 GMT
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
va1pug013:0:533
generic
match.adsrvr.org/track/cmf/ Frame 603D
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=44db42e3-a299-4e69-acbb-22e89184d6ae&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=93&user_group=1&user_id=44db42e3-a299-4e69-acbb-22e89184d6ae&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
70 B
694 B
Document
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Thu, 28 Apr 2022 02:34:36 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Thu, 28 Apr 2022 02:34:36 GMT
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Server
nginx
/
www.facebook.com/tr/
44 B
91 B
Image
General
Full URL
https://www.facebook.com/tr/?id=728463661459652&ev=Microdata&dl=https%3A%2F%2Fplaidsettlement.com%2Fsubmit-claim.php&rl=&if=false&ts=1651113275790&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Submit%20Claim%20%7C%20Plaid%20Inc.%20Privacy%20Litigation%22%2C%22meta%3Akeywords%22%3A%22plaid%20app%2C%20account%20login%2C%20plaid%20bank%2C%20plaid%20account%2C%20plaid%20not%20connecting%20to%20bank%2C%20plaid%20login%2C%20plaid%20financial%2C%20plaid%20to%20link%20bank%20account%2C%20plaid%20link%2C%20plaid%20bank%20account%2C%20plaid%20link%20bank%2C%20using%20plaid%20to%20link%20bank%20account%2C%20apps%20that%20use%20plaid%2C%20plaid%20connect%20to%20bank%2C%20plaid%20credentials%2C%20plaid%20bank%20linking%2C%20banks%20that%20use%20plaid%2C%20plaid%20for%20banking%2C%20plaid%20linking%20bank%20account%2C%20plaid%20apps%2C%20plaid%20banking%20app%2C%20plaid%20privacy%2C%20plaid%20bank%20login%2C%20bank%20not%20on%20plaid%2C%20plaid%20bank%20connection%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1651113274284.417718648&it=1651113274235&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-lga3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://plaidsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 02:34:35 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Thu, 28 Apr 2022 02:34:35 GMT
config.json
content.digitaldisbursements.com/data/d1e9c7e08cb9564b0dd7d52067b4573a25d2b197fe12d315b3186637792b2dcf/ Frame 2826
2 B
416 B
XHR
General
Full URL
https://content.digitaldisbursements.com/data/d1e9c7e08cb9564b0dd7d52067b4573a25d2b197fe12d315b3186637792b2dcf/config.json
Requested by
Host: content.digitaldisbursements.com
URL: https://content.digitaldisbursements.com/v1.4.3/assets/embedded.js?1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.164.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-164-20.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://content.digitaldisbursements.com/v1.4.3/index.html?d1e9c7e08cb9564b0dd7d52067b4573a25d2b197fe12d315b3186637792b2dcf&%7B%22verify%22%3Afalse%7D
x-attempt
1
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 28 Apr 2022 02:34:37 GMT
via
1.1 098d11622fcaacdb87ba92e6eaca351c.cloudfront.net (CloudFront)
last-modified
Wed, 04 Aug 2021 18:28:06 GMT
server
AmazonS3
x-amz-cf-pop
SFO53-C1
etag
"99914b932bd37a50b983c5e7c90ae93b"
x-cache
Error from cloudfront
x-amz-version-id
1lbMtohYRqbP8prtJAR4z7oW8MUqAcTQ
cache-control
no-store, max-age=0
accept-ranges
bytes
content-type
application/json
content-length
2
x-amz-cf-id
ipvOfSHe2bKzrT2UtwAKFxfA2-gCpcxIAQ8qBU1_4kHPrzzjPcTchw==
paypal.png
content.digitaldisbursements.com/v1.4.3/assets/ Frame 2826
38 KB
38 KB
Image
General
Full URL
https://content.digitaldisbursements.com/v1.4.3/assets/paypal.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.164.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-164-20.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e33847ccd5dad9d677c08c7cab1d1540ec421185bc5e200a4a33ad5b313931c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://content.digitaldisbursements.com/v1.4.3/index.html?d1e9c7e08cb9564b0dd7d52067b4573a25d2b197fe12d315b3186637792b2dcf&%7B%22verify%22%3Afalse%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 098d11622fcaacdb87ba92e6eaca351c.cloudfront.net (CloudFront)
last-modified
Sat, 08 Aug 2020 02:36:17 GMT
server
AmazonS3
age
28934
etag
"03f2cd032c4d6c7dcf76e385866c8a71"
x-cache
Hit from cloudfront
content-type
image/png
date
Wed, 27 Apr 2022 18:37:18 GMT
x-amz-cf-pop
SFO53-C1
accept-ranges
bytes
content-length
38968
x-amz-cf-id
s8CdocLHQkSFuzRHZBQWW69HKsgZhOVNwcIavjSgRLmFGHI5aSKx5A==
venmo.png
content.digitaldisbursements.com/v1.4.3/assets/ Frame 2826
19 KB
19 KB
Image
General
Full URL
https://content.digitaldisbursements.com/v1.4.3/assets/venmo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.164.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-164-20.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f0f7ba42166efa996e55ea4c79890fdf7bd272b9ddeaaaf9c180f9d7a98098e4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://content.digitaldisbursements.com/v1.4.3/index.html?d1e9c7e08cb9564b0dd7d52067b4573a25d2b197fe12d315b3186637792b2dcf&%7B%22verify%22%3Afalse%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 098d11622fcaacdb87ba92e6eaca351c.cloudfront.net (CloudFront)
last-modified
Sat, 08 Aug 2020 02:36:17 GMT
server
AmazonS3
age
28934
etag
"cb7f37ac752a1127e61585c5e792229f"
x-cache
Hit from cloudfront
content-type
image/png
date
Wed, 27 Apr 2022 18:37:18 GMT
x-amz-cf-pop
SFO53-C1
accept-ranges
bytes
content-length
19121
x-amz-cf-id
zIofNfWdTM8Bh_71o2w9PmlJYiEL1R6oh-8YVAiRv4oG1nrvjgBmlQ==
ach.png
content.digitaldisbursements.com/v1.4.3/assets/ Frame 2826
13 KB
13 KB
Image
General
Full URL
https://content.digitaldisbursements.com/v1.4.3/assets/ach.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.164.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-164-20.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8019ea74ff5b9805afe7a3cd2cc34b0a121938d7456c9798e17f4c2e5f77a620

Request headers

accept-language
en-US,en;q=0.9
Referer
https://content.digitaldisbursements.com/v1.4.3/index.html?d1e9c7e08cb9564b0dd7d52067b4573a25d2b197fe12d315b3186637792b2dcf&%7B%22verify%22%3Afalse%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 098d11622fcaacdb87ba92e6eaca351c.cloudfront.net (CloudFront)
last-modified
Sat, 08 Aug 2020 02:36:16 GMT
server
AmazonS3
age
28934
etag
"7494b4bf46acb79d5573be5352ddb7fa"
x-cache
Hit from cloudfront
content-type
image/png
date
Wed, 27 Apr 2022 18:37:18 GMT
x-amz-cf-pop
SFO53-C1
accept-ranges
bytes
content-length
13399
x-amz-cf-id
irMay6KNJL9OlHCEqfi_uDFger113DKT_Y67x7L1sgE5bXOqZK2RWA==

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails function| closeFAQ function| openFAQ function| scrollFAQ object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| axios object| CryptoJS function| uritemplate object| apiGateway object| apigClientFactory function| Pikaday function| safeTag function| localDatetime function| displayMessage function| clearMessage function| loadMember function| toggleFieldError function| toggleFieldWarning function| validateField function| validRequire function| validFileSize function| validFileType function| validURL function| validEmail function| validZipCode function| validPhone function| validInteger function| validFloat function| validPrice function| validMinLength function| validMaxLength function| validGreaterThan function| validLessThan function| validDate function| validMinDate function| validMaxDate function| validRegex function| customInitFields function| customInitClaim function| customLoadMember function| customProcessClaim function| customConfirmation function| customValidateField function| customToggleFieldError function| requireRow function| toggleRequiredField function| gtag object| dataLayer function| fbq function| _fbq object| recaptcha object| google_tag_manager object| google_tag_data object| gaGlobal function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| dstPaymentForm function| ttd_dom_ready function| TTDUniversalPixelApi object| closure_lm_301446 function| onYouTubeIframeAPIReady

27 Cookies

Domain/Path Name / Value
plaidsettlement.com/ Name: AWSALB
Value: sMZEwee2ZTRDK3uzqkcBbAzKlfE4xnVJwIG8f9/F00t45k3CiOLyo/LLK3E3cJqMpMFiDsWwos6U9xSrw4bsikruJPNaVQNgSUkIOKLiWRgThemPgyV1KnFt2ZKy
plaidsettlement.com/ Name: AWSALBCORS
Value: sMZEwee2ZTRDK3uzqkcBbAzKlfE4xnVJwIG8f9/F00t45k3CiOLyo/LLK3E3cJqMpMFiDsWwos6U9xSrw4bsikruJPNaVQNgSUkIOKLiWRgThemPgyV1KnFt2ZKy
.adsrvr.org/ Name: TDID
Value: 44db42e3-a299-4e69-acbb-22e89184d6ae
.plaidsettlement.com/ Name: _fbp
Value: fb.1.1651113274284.417718648
.rubiconproject.com/ Name: khaos
Value: L2IE7O34-N-2DF6
.rubiconproject.com/ Name: audit
Value: 1|WqZdA91EDOBXb/JnT/JuXSS86oWrk3s7Th2S5wZpuzl3VTvB6ouZN1u1krbBOjyUghteVqqUMipw0S94mtzOH0pB9H8pjytykCdHvyxZSdYUmM5yBSd9OtSo1TfotExOlXpjusEqqMus/XeGaRoBeNU3weMvDgrji8N7BAmaQgdJt49mPrPRUFyo1mMSXCQ85kHVXO4iITS/uI9Aj+Yjkr7KKI+4mJy3oGirqm5gUhh8KMm0j6uXBGY3KwFBcKEE94+z9/eToJrLtHkR71fkUv/JTzblBZm7jOq1oSpaE+yma+WVcS1g3g==
.facebook.com/ Name: fr
Value: 0BlPDiuMQeDfY8UdE..Biaf06...1.0.Biaf06.
.plaidsettlement.com/ Name: _ga
Value: GA1.1.180211031.1651113274
.yahoo.com/ Name: A3
Value: d=AQABBDr9aWICEJHJPnYKuUmEhll6M7-ZPIoFEgEBAQFOa2JzYgAAAAAA_eMAAA&S=AQAAAgsspUfxD3cah9DExxBQ7HU
.analytics.yahoo.com/ Name: IDSYNC
Value: 1769~24kq
.plaidsettlement.com/ Name: _gcl_au
Value: 1.1.585976018.1651113274
.doubleclick.net/ Name: IDE
Value: AHWqTUlH3y-A7qpQtEvUXUYU8G-8Rn0G7KVIUqAt31z7lBrsftT4uKrp1CSp2GTw
.adnxs.com/ Name: uuid2
Value: 7694084169723127402
.casalemedia.com/ Name: CMID
Value: Ymn9OqFnlBrtld-NlK9ABQAA
.casalemedia.com/ Name: CMPS
Value: 3791
.casalemedia.com/ Name: CMPRO
Value: 195
.casalemedia.com/ Name: CMST
Value: Ymn9OmJp-ToA
.casalemedia.com/ Name: CMRUM3
Value: 276269fd3a276044db42e3-a299-4e69-acbb-22e89184d6ae
.plaidsettlement.com/ Name: _ga_PEP1EPQ3K9
Value: GS1.1.1651113274.1.0.1651113275.0
.plaidsettlement.com/ Name: _ga_W6YTEY4NZ1
Value: GS1.1.1651113274.1.0.1651113275.0
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-44db42e3-a299-4e69-acbb-22e89184d6ae&KRTB&22918-44db42e3-a299-4e69-acbb-22e89184d6ae&KRTB&23031-44db42e3-a299-4e69-acbb-22e89184d6ae
.pubmatic.com/ Name: PugT
Value: 1651113275
.pubmatic.com/ Name: PUBMDCID
Value: 2
.bidswitch.net/ Name: tuuid
Value: 4d88e32f-1ad1-4e09-893e-2ee669578acb
.bidswitch.net/ Name: c
Value: 1651113276
.bidswitch.net/ Name: tuuid_lu
Value: 1651113276
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHcnViaWNvbhILCKK5k6C1stQ6EAUSGQoKcmlnaHRtZWRpYRILCLzDi6G1stQ6EAUSFQoGZ29vZ2xlEgsI1tC4orWy1DoQBRIXCghhcHBuZXh1cxILCIDXtqK1stQ6EAUSFQoGY2FzYWxlEgsIgNe2orWy1DoQBRIXCghwdWJtYXRpYxILCJDTyKq1stQ6EAUSGAoJYmlkc3dpdGNoEgsIkNPIqrWy1DoQBRgFIAIoAzILCJDLy9fLstQ6EAVCDyINCAESCQoFdGllcjMQAVoHemRmZGEwZmAB

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

angeion-public.s3.amazonaws.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
content.digitaldisbursements.com
data.digitaldisbursements.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
insight.adsrvr.org
js.adsrvr.org
lzzgcc5d.r.us-east-1.awstrack.me
match.adsrvr.org
pixel.rubiconproject.com
plaidsettlement.com
simage2.pubmatic.com
uae4khqoag.execute-api.us-east-1.amazonaws.com
unpkg.com
ups.analytics.yahoo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
104.16.122.175
104.17.25.14
108.139.1.64
13.35.90.156
142.250.64.68
142.250.65.162
142.250.65.227
142.250.80.106
142.250.80.67
142.250.81.238
142.251.40.200
142.251.41.2
184.84.230.169
3.218.90.66
3.221.177.13
31.13.71.36
31.13.71.7
35.211.178.172
52.217.142.25
52.223.40.198
52.54.81.24
54.146.236.119
65.8.164.20
68.67.178.10
8.28.7.83
8.43.72.98
02baecbced6f1dd90c6c3a5ea29927a92271ef12c787942148d406d62b3b69bf
0320896ccfc97db75ac57b085daab0df5328379b5f0f64be139ab1e09223743d
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
114e02e72cbbdf9ed3231e23769fb82df145059740c2e05ec768344c6a31f41c
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1ebc3867e8593011fdcb6c4fff04676525c456e568d207276f62001f83a49301
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
36ed841f8769dac4ef2955e7c5227bd02b40eedfc98133ae3c8fa0dddaaa4dad
391814b972a8329d83950d3e850c35255a5245fbac081d5e4edb1ecb7260e3e1
3cdb4eaa18e7309bdcebe689e29d8bf8fd7c4e7195e7106ecd8bdf2189b63932
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f978a1c2121cf4891c5067159f5d81c856350ca192f541616b2266b32ee6960
3fa49132cfd4ae80349a262b643fc4f9afa40c41a56032d7e05c3500f4ec9313
403a9d8e1ee1d1488177686f45e02c4ca4df1a218931285694d17112e2ce781e
40b02705e31cfc383fe3f957e4cd08c6f010b60627a54866a1921cede3be3a96
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45c533e8ff83b4d52b4890d851c22a9680005791d6f24a5bda9324e93bef934a
4902dcbc3d3c97271a66bc136ec40b0c72422ccd05bb9946aa76382e50c5d6fc
4949f4e1cff9e8a960b44c9a8be70bc4bb10216eb4d0123ca61753e0908a0f87
4a354f3d28b56276cc1c16d970f65ddb3ecec48cb1b79a1a32e0e3929e584607
4d0338c84a37206c2b96a06e28083301ac07b203fe1e5ed291fe7dd353defabb
52834a043833292f8d29a963e3db42db01ae6da0215d4aeca8140a211c54fcb3
53f9b5223361ad333b292f033165a9fedd6dda6db9c701896dbb5fa3c08c73a0
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c7ce67a9fb86337c254baf03948a73b4e6e361cfad272fdf6884dd069b13037
5cef9367d2bcaba25b74d20e0e139d2cf900e9123e5fde26101aee7f40f6b5cf
5efd90918cf06e52b0d529317f067ac0fc658356ca338d95c5a54ef9690ff77a
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
6aa93baaa0cee35e05245fbfbe31b010fe4ef81288cb8a55785fb316001aa810
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
73e2c519df87d30b992aad95b7c4f3e1830ac88cb2eb6c0ef7242b135812b3da
786f8e86896c85d5941a05d0519c32b261947a8c229f5581f308595381b7448e
7959256390ff9d45f5f212f0511e1ffbc5919766c4e236e04b0eaf3d67e03fe2
8019ea74ff5b9805afe7a3cd2cc34b0a121938d7456c9798e17f4c2e5f77a620
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9799a54de2794814a5290324523f5ca46924d159d61211353ec9ee6b37c34a04
9e33847ccd5dad9d677c08c7cab1d1540ec421185bc5e200a4a33ad5b313931c
9e6640eb3e061f6fac380366fbc0d6860c351fac89a913d01229706a878419dc
a1ac660767f0b902644fec786e9321a1fc2f2d50fac439eaaca062fb60d88124
aae419d3427dc7e2eafd7f31d190c923ad55177205e992f43ec72208a1acf40c
ab1c30193f9331b6143ac6fbe589a211fdc0171ae54bfa5ca5593a96a15e9622
accb52cbe5526e5c670a81b8d5f09af8d75890b6f0a9587aff83743f41e03230
ace00f36f31baff93c31a06a783534ae6b74c19838727da8d9bfcf52661c5035
b02596ba3158837b16f3c287bbba96098c323f4dd9ea6f4c875f726548b58d86
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6b39ae0bb963230954de9d6aabe79d0a221d886bb9a87b1937ce44587361745
b9d424a36deb2a7bf52cf1ebb8d1156e08b4eaeff9c43b9153c68124cf778c9a
c76d2b9a9ef3522e33ab5721f2bf66c95ee792c2e8c390c6fa5dae1f28fd0b70
d3c8c63b8dc1ba55a49ce52f0a6b1942a9fe9ebb163651a4bdf130316f2bbbfd
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d6f2b21914a528e96d06a38fea4aa7a0e54f440349d651652ad276afc1ee464a
d9ca748c128ad36d663bcbfa94f9491e5ea8def9df64e5857d7112fc255b544f
e337112ff57db84347ffaaf07622bb6b2b8a74fef331897bc80bb10e8fb8eec2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e503b4ae287936cc741f769566857afb3e8b8077fb1282f189fa988d8b7e9d9d
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ed555a279183c054222c873e78d92c40b512498e49359b6abfda36048f141988
edbdcb4cdc0c5b96c7ed8b8cbdfc4021d4b7402f8b2be62c7673f5221708cd58
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f7ba42166efa996e55ea4c79890fdf7bd272b9ddeaaaf9c180f9d7a98098e4
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
f7184a4dcbea2645be5c8c236faa68d85d732024a0328fa70c382e8235b485a1
f72c130968e9415b6724d4f53c489e3c8ae69f4dbf11bf37cce995caea77fa3e
f7bfb9a64082e0371de86c3b3ed83e05f22be1eac3190d73736298f2f0ec8425
f9c15a2727855b6b24591dc43d1c522d04a3859180ea246f4c990d4de63af0db