rpsettlement.com Open in urlscan Pro
174.138.108.232 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://rpsettlement.com/
Effective URL:
https://rpsettlement.com/
Submission: On October 15 via manual (October 15th 2024, 3:15:17 pm UTC) from IN — Scanned from DE

Summary HTTP 61 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 18 IPs in 2 countries across 12 domains to perform 61 HTTP transactions. The main IP is 174.138.108.232, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is rpsettlement.com.
TLS certificate: Issued by R10 on September 22nd 2024. Valid for: 3 months.

This is the only time rpsettlement.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 21	174.138.108.232 174.138.108.232	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
5	34.197.79.111 34.197.79.111	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
8	2a02:6ea0:c70... 2a02:6ea0:c700::21	60068 (CDN77 _) (CDN77 _)
4	2600:1f14:5db... 2600:1f14:5db:eb22:49ea:db45:21a:1082	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
61	18

21 174.138.108.232 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: cloud02.titletapsites.com

rpsettlement.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.197.79.111 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-79-111.compute-1.amazonaws.com

connect.qualia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6ea0:c700::21 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1f14:5db:eb22:49ea:db45:21a:1082 (Boardman, United States)

ASN16509 (AMAZON-02, US)

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	rpsettlement.com 1 redirects rpsettlement.com	3 MB
12	userway.org cdn.userway.org — Cisco Umbrella Rank: 3272 api.userway.org — Cisco Umbrella Rank: 3171	79 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	79 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30 translate.googleapis.com — Cisco Umbrella Rank: 941 ajax.googleapis.com — Cisco Umbrella Rank: 412	107 KB
5	qualia.com connect.qualia.com — Cisco Umbrella Rank: 153690	11 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34 region1.google-analytics.com — Cisco Umbrella Rank: 3643	22 KB
2	google.com translate.google.com — Cisco Umbrella Rank: 1139	59 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 311	83 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	5 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	97 KB
1	bootstrapcdn.com netdna.bootstrapcdn.com — Cisco Umbrella Rank: 3539	8 KB
0	marinsm.com Failed tag.marinsm.com Failed
61	12

	Domain	Requested by
21	rpsettlement.com	1 redirects rpsettlement.com
8	cdn.userway.org	rpsettlement.com cdn.userway.org
5	connect.qualia.com	rpsettlement.com ajax.googleapis.com connect.qualia.com
4	api.userway.org	cdn.userway.org
4	translate.googleapis.com	translate.googleapis.com
4	www.gstatic.com	rpsettlement.com www.gstatic.com
3	fonts.gstatic.com	fonts.googleapis.com rpsettlement.com
2	www.google-analytics.com	rpsettlement.com www.google-analytics.com
2	translate.google.com	rpsettlement.com
2	cdn.jsdelivr.net	rpsettlement.com cdn.jsdelivr.net
1	cdnjs.cloudflare.com	ajax.googleapis.com
1	ajax.googleapis.com	connect.qualia.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.google-analytics.com
1	fonts.googleapis.com	rpsettlement.com
1	netdna.bootstrapcdn.com	rpsettlement.com
0	tag.marinsm.com Failed	rpsettlement.com
61	17

This site contains links to these domains. Also see Links.

Domain
goo.gl
www.facebook.com
www.instagram.com
www.linkedin.com
www.redfin.com
connect.qualia.com
translate.google.com
www.wltic.com
www.twitter.com
https
titletap.com

Subject Issuer	Validity	Valid
www.primetitlemi.com R10	`2024-09-22` - `2024-12-21`	3 months	crt.sh
bootstrapcdn.com WE1	`2024-09-20` - `2024-12-19`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
*.google.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
connect.qualia.com Go Daddy Secure Certificate Authority - G2	`2024-05-17` - `2025-06-18`	a year	crt.sh
*.google-analytics.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.gstatic.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
1667503734.rsc.cdn77.org E6	`2024-09-25` - `2024-12-24`	3 months	crt.sh
api.userway.org Amazon RSA 2048 M02	`2024-08-02` - `2025-08-31`	a year	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://rpsettlement.com/
Frame ID: 8328AB29D0DEEFA19A939ACFE7685AD0
Requests: 58 HTTP requests in this frame

Frame: data://truncated
Frame ID: A6BD8DF0D26CCCE4BE18747F192C4B2D
Requests: 1 HTTP requests in this frame

Frame: https://connect.qualia.com/quote-widget/ui/activator
Frame ID: 71B42611EA9450178B35162D6D928A9C
Requests: 1 HTTP requests in this frame

Frame: https://connect.qualia.com/quote-widget/ui/stage
Frame ID: A1DD6BBECF5EF9290AF55A638B636885
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Title Company - Lutherville, Bel Air, Columbia, Eldersburg MD | R & P Settlement Group, LLC

Page URL History Show full URLs

http://rpsettlement.com/ HTTP 307
https://rpsettlement.com/ HTTP 307
http://rpsettlement.com/ HTTP 301
https://rpsettlement.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

61
Requests

98 %
HTTPS

88 %
IPv6

12
Domains

17
Subdomains

18
IPs

2
Countries

3471 kB
Transfer

6370 kB
Size

4
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://goo.gl/maps/tSjL2MVRAU7797Bj7
Title: 1407 York Road, Suite 300 Lutherville-Timonium MD 21093

Search URL Search Domain Scan URL

URL: https://www.facebook.com/R-P-Settlement-Group-LLC-257049508396606/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/rpsettlementgroup/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/r-p-settlement-group-llc/

Search URL Search Domain Scan URL

URL: https://www.redfin.com/openbook/title-company/washington-dc-randp-settlement-group-llc-sp935997

Search URL Search Domain Scan URL

URL: https://connect.qualia.com/?invitationHost=cstupGTAo5JNjGqcd
Title: Get Quote

Search URL Search Domain Scan URL

URL: https://translate.google.com/
Title: Google Übersetzer

Search URL Search Domain Scan URL

URL: http://www.wltic.com/

Search URL Search Domain Scan URL

URL: https://goo.gl/maps/yw2W64YwAuAQHh6L6
Title: 1407 York Road Suite 300 Lutherville-Timonium MD 21093

Search URL Search Domain Scan URL

URL: https://www.facebook.com/

Search URL Search Domain Scan URL

URL: https://www.twitter.com/

Search URL Search Domain Scan URL

URL: https://https/linkedin.com

Search URL Search Domain Scan URL

URL: http://titletap.com/
Title: TitleTap - Website Design for Attorneys & Title Companies

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://rpsettlement.com/ HTTP 307
https://rpsettlement.com/ HTTP 307
http://rpsettlement.com/ HTTP 301
https://rpsettlement.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

61 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
rpsettlement.com/
Redirect Chain

http://rpsettlement.com/
https://rpsettlement.com/
http://rpsettlement.com/
https://rpsettlement.com/

115 KB
24 KB

2270ms
2269ms

Document
text/html

174.138.108.232
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://rpsettlement.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 174.138.108.232 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: cloud02.titletapsites.com
Software: nginx /
Resource Hash: 4eb6d66270d62979ec29043ed5e6ee89c78bc22617b917c419fc7ce5d0ac0fb8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0
content-encoding: gzip
content-length: 24416
content-type: text/html; charset=UTF-8
date: Tue, 15 Oct 2024 15:15:01 GMT
expires: Tue, 15 Oct 2024 15:14:59 GMT
link: <https://rpsettlement.com/wp-json/>; rel="https://api.w.org/", <https://rpsettlement.com/wp-json/wp/v2/pages/242>; rel="alternate"; type="application/json"
server: nginx
vary: Accept-Encoding,Cookie

Redirect headers

Connection: keep-alive
Content-Length: 408
Content-Type: text/html; charset=iso-8859-1
Date: Tue, 15 Oct 2024 15:14:59 GMT
Location: https://rpsettlement.com/
Server: nginx

GET
H2 200 font-awesome.min.css
rpsettlement.com/wp-content/plugins/titletap-plugin/inc/font-awesome/css/ 30 KB
7 KB 100ms
95ms Stylesheet
text/css 174.138.108.232
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://rpsettlement.com/wp-content/plugins/titletap-plugin/inc/font-awesome/css/font-awesome.min.css
Requested by: Host: rpsettlement.com
URL: https://rpsettlement.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 174.138.108.232 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: cloud02.titletapsites.com
Software: nginx /
Resource Hash: 820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rpsettlement.com/

Response headers

cache-control: max-age=32400000, public
content-encoding: gzip
expires: Sat, 25 Oct 2025 15:15:01 GMT
accept-ranges: bytes
content-length: 7057
date: Tue, 15 Oct 2024 15:15:01 GMT
content-type: text/css; charset=utf-8
last-modified: Fri, 21 Oct 2022 03:21:11 GMT
server: nginx
vary: Accept-Encoding

GET
H3 200 font-awesome.min.css
netdna.bootstrapcdn.com/font-awesome/latest/css/ 30 KB
8 KB 88ms
43ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/latest/css/font-awesome.min.css

Requested by

Host: rpsettlement.com
URL: https://rpsettlement.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rpsettlement.com/

Response headers

cdn-status: 200
content-encoding: br
cf-cache-status: HIT
etag: W/"269550530cc127b6aa5a35925a7de6ce"
age: 8417319
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 15 Oct 2024 15:15:01 GMT
last-modified: Mon, 25 Jan 2021 22:04:56 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-cache: HIT
cdn-cachedat: 03/18/2024 13:10:29
cdn-requestpullcode: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 694faec1516b0beef83111f2d67a5f50
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.04
cf-ray: 8d30c31f9ad72c73-FRA
access-control-allow-origin: *
cdn-edgestorageid: 874
server: cloudflare
cdn-requestcountrycode: DE

GET
H2 200 css
fonts.googleapis.com/ 50 KB
3 KB 70ms
31ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lora%3Aregular%2Citalic%2C700%2C700italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=latin%2Clatin-ext&display=swap

Requested by

Host: rpsettlement.com
URL: https://rpsettlement.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3ef1897c2064645edeaab173c164b5df8d1738f48be65cf7aef40b8eded11ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rpsettlement.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 15 Oct 2024 15:15:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 15:15:01 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 15 Oct 2024 15:15:01 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 font-awesome.min.css
cdn.jsdelivr.net/fontawesome/4.7.0/css/ 30 KB
7 KB 47ms
8ms Stylesheet
text/css 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/fontawesome/4.7.0/css/font-awesome.min.css

Requested by

Host: rpsettlement.com
URL: https://rpsettlement.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rpsettlement.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"7918-USx9eQM+MCipvmG1QM8aaHDIlvg"
age: 2951374
x-content-type-options: nosniff
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Tue, 15 Oct 2024 15:15:01 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-eddf8230101-FRA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7114

GET
H2 200 header-16317f4a-1696951749.min.css
rpsettlement.com/wp-content/uploads/sites/60/fvm/out/ 1024 KB
145 KB 277ms
273ms Stylesheet
text/css 174.138.108.232
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://rpsettlement.com/wp-content/uploads/sites/60/fvm/out/header-16317f4a-1696951749.min.css
Requested by: Host: rpsettlement.com
URL: https://rpsettlement.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 174.138.108.232 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: cloud02.titletapsites.com
Software: nginx /
Resource Hash: 41b9a0fdbc7203cf98c5a919e3862c7e15d928cc2b6270f37eab74f065153406

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rpsettlement.com/

Response headers

cache-control: max-age=32400000, public
content-encoding: gzip
expires: Sat, 25 Oct 2025 15:15:01 GMT
accept-ranges: bytes
date: Tue, 15 Oct 2024 15:15:01 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 10 Oct 2023 15:31:09 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 header-da8f3283-1696951749.min.js Show response
rpsettlement.com/wp-content/uploads/sites/60/fvm/out/ 355 KB
109 KB 181ms
177ms Script
application/javascript 174.138.108.232
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://rpsettlement.com/wp-content/uploads/sites/60/fvm/out/header-da8f3283-1696951749.min.js
Requested by: Host: rpsettlement.com
URL: https://rpsettlement.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 174.138.108.232 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: cloud02.titletapsites.com
Software: nginx /
Resource Hash: a286bf54a4f71f111dfdbafa5216b1e3aafd4c2654a8bccd1abba52de2ffb75a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rpsettlement.com/

Response headers

cache-control: max-age=32400000, public
content-encoding: gzip
expires: Sat, 25 Oct 2025 15:15:01 GMT
accept-ranges: bytes
date: Tue, 15 Oct 2024 15:15:01 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 10 Oct 2023 15:31:09 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 85 KB
30 KB 97ms
27ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2

Requested by

Host: rpsettlement.com
URL: https://rpsettlement.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dbcd67148c83d6605339d06593a605ee50615d52d40be8b160d6ee66375e9d84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rpsettlement.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 15:15:01 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server: ESF
x-frame-options: SAMEORIGIN

GET
H/1.1 200
OK init Show response
connect.qualia.com/quote-widget/scripts/ 4 KB
5 KB 783ms
121ms Script
text/javascript 34.197.79.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.qualia.com/quote-widget/scripts/init

Requested by

Host: rpsettlement.com
URL: https://rpsettlement.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.197.79.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-79-111.compute-1.amazonaws.com

Software

nginx /

Resource Hash

d46cb21c88f101b1d86b26fe45a3b6348b732ad994176cb42e37ffd3e14eb0e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rpsettlement.com/

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Robots-Tag: noindex
Connection: keep-alive
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Access-Control-Allow-Origin: *
Content-Length: 4279
Date: Tue, 15 Oct 2024 15:15:02 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript
Server: nginx

GET
H2 200 admin-ajax.php
rpsettlement.com/wp-admin/ 11 KB
3 KB 2799ms
2796ms Stylesheet
text/css 174.138.108.232
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://rpsettlement.com/wp-admin/admin-ajax.php?action=dynamic_css&skin=15

Requested by

Host: rpsettlement.com
URL: https://rpsettlement.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

174.138.108.232 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

cloud02.titletapsites.com

Software

nginx /

Resource Hash

b6014e472c3fa5aa36faa43a48b8cd2c501c6ea7b41a36f7cd697a53f8677342

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rpsettlement.com/

Response headers

x-robots-tag: noindex
cache-control: no-cache, must-revalidate, max-age=0
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 11 Jan 1984 05:00:00 GMT
content-length: 2777
date: Tue, 15 Oct 2024 15:15:04 GMT
content-type: text/css; charset: UTF-8;charset=UTF-8
vary: Accept-Encoding
server: nginx
x-frame-options: SAMEORIGIN

GET
H2 200 zoccam-new.png
rpsettlement.com/wp-content/uploads/sites/60/2022/01/ 1 KB
2 KB 103ms
100ms Image
image/png 174.138.108.232
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rpsettlement.com/wp-content/uploads/sites/60/2022/01/zoccam-new.png
Requested by: Host: rpsettlement.com
URL: https://rpsettlement.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 174.138.108.232 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: cloud02.titletapsites.com
Software: nginx /
Resource Hash: ef52f0f72aa1d25b35a4e2d17273fb0e7693a5c1af994bbfe8066a82cb35f4ca

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rpsettlement.com/

Response headers

cache-control: max-age=32400000, public
expires: Sat, 25 Oct 2025 15:15:01 GMT
accept-ranges: bytes
content-length: 1386
date: Tue, 15 Oct 2024 15:15:01 GMT
content-type: image/png
last-modified: Fri, 21 Oct 2022 03:24:28 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 redfin.png
rpsettlement.com/wp-content/uploads/sites/60/2020/12/ 2 KB
2 KB 108ms
106ms Image
image/png 174.138.108.232
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rpsettlement.com/wp-content/uploads/sites/60/2020/12/redfin.png
Requested by: Host: rpsettlement.com
URL: https://rpsettlement.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 174.138.108.232 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: cloud02.titletapsites.com
Software: nginx /
Resource Hash: 7dbeb39ebc5970961b2e00f6b8e0e8fe45a465f500270b883d7952e8d6d5b7b8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rpsettlement.com/

Response headers

cache-control: max-age=32400000, public
expires: Sat, 25 Oct 2025 15:15:01 GMT
accept-ranges: bytes
content-length: 2230
date: Tue, 15 Oct 2024 15:15:01 GMT
content-type: image/png
last-modified: Fri, 21 Oct 2022 03:27:30 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 r_p_settlement_group_LOGO.jpg
rpsettlement.com/wp-content/uploads/sites/60/2023/12/ 73 KB
73 KB 263ms
263ms Image
image/jpeg 174.138.108.232
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rpsettlement.com/wp-content/uploads/sites/60/2023/12/r_p_settlement_group_LOGO.jpg
Requested by: Host: rpsettlement.com
URL: https://rpsettlement.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 174.138.108.232 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: cloud02.titletapsites.com
Software: nginx /
Resource Hash: 4fc1b0dc4fbbabd9e148ac4412d8dd3ec99721ed7aa867a5330320e23ee55439

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rpsettlement.com/

Response headers

cache-control: max-age=32400000, public
expires: Sat, 25 Oct 2025 15:15:01 GMT
accept-ranges: bytes
content-length: 74769
date: Tue, 15 Oct 2024 15:15:01 GMT
content-type: image/jpeg
last-modified: Fri, 15 Dec 2023 03:47:44 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 Westcor-Logo-200.png
rpsettlement.com/wp-content/uploads/sites/60/2020/11/ 72 KB
73 KB 258ms
258ms Image
image/png 174.138.108.232
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rpsettlement.com/wp-content/uploads/sites/60/2020/11/Westcor-Logo-200.png
Requested by: Host: rpsettlement.com
URL: https://rpsettlement.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 174.138.108.232 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: cloud02.titletapsites.com
Software: nginx /
Resource Hash: 298f7eff0c6540b445fd871d56dd45005af30e3adaf021ee8cd2fc648be68152

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rpsettlement.com/

Response headers

cache-control: max-age=32400000, public
expires: Sat, 25 Oct 2025 15:15:01 GMT
accept-ranges: bytes
content-length: 74105
date: Tue, 15 Oct 2024 15:15:01 GMT
content-type: image/png
last-modified: Fri, 21 Oct 2022 03:27:30 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 icon-facebook.png
rpsettlement.com/wp-content/plugins/titletap-plugin/inc/icons/social/ 2 KB
2 KB 116ms
112ms Image
image/png 174.138.108.232
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rpsettlement.com/wp-content/plugins/titletap-plugin/inc/icons/social/icon-facebook.png
Requested by: Host: rpsettlement.com
URL: https://rpsettlement.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 174.138.108.232 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: cloud02.titletapsites.com
Software: nginx /
Resource Hash: f25cd2e290985e4d21b5e5e4bc84c7be01e03811877255444f8d0aa7574c9632

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rpsettlement.com/

Response headers

cache-control: max-age=32400000, public
expires: Sat, 25 Oct 2025 15:15:02 GMT
accept-ranges: bytes
content-length: 1864
date: Tue, 15 Oct 2024 15:15:02 GMT
content-type: image/png
last-modified: Fri, 21 Oct 2022 03:21:11 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 icon-twitter.png
rpsettlement.com/wp-content/plugins/titletap-plugin/inc/icons/social/ 2 KB
3 KB 115ms
112ms Image
image/png 174.138.108.232
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rpsettlement.com/wp-content/plugins/titletap-plugin/inc/icons/social/icon-twitter.png
Requested by: Host: rpsettlement.com
URL: https://rpsettlement.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 174.138.108.232 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: cloud02.titletapsites.com
Software: nginx /
Resource Hash: f0e7e7476e659318100cf6588c918b3a2fc673d1be23a6cd8570a0998532a412

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rpsettlement.com/

Response headers

cache-control: max-age=32400000, public
expires: Sat, 25 Oct 2025 15:15:02 GMT
accept-ranges: bytes
content-length: 2533
date: Tue, 15 Oct 2024 15:15:02 GMT
content-type: image/png
last-modified: Fri, 21 Oct 2022 03:21:11 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 icon-linkedin.png
rpsettlement.com/wp-content/plugins/titletap-plugin/inc/icons/social/ 2 KB
2 KB 117ms
114ms Image
image/png 174.138.108.232
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rpsettlement.com/wp-content/plugins/titletap-plugin/inc/icons/social/icon-linkedin.png
Requested by: Host: rpsettlement.com
URL: https://rpsettlement.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 174.138.108.232 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: cloud02.titletapsites.com
Software: nginx /
Resource Hash: 9b373f8e9ec8e5ea69ece281723fcf1c37e77aa227f627572808ac7263232e6c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rpsettlement.com/

Response headers

cache-control: max-age=32400000, public
expires: Sat, 25 Oct 2025 15:15:02 GMT
accept-ranges: bytes
content-length: 2168
date: Tue, 15 Oct 2024 15:15:02 GMT
content-type: image/png
last-modified: Fri, 21 Oct 2022 03:21:11 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 footer-1257c08e-1696951749.min.js Show response
rpsettlement.com/wp-content/uploads/sites/60/fvm/out/ 678 KB
188 KB 287ms
286ms Script
application/javascript 174.138.108.232
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://rpsettlement.com/wp-content/uploads/sites/60/fvm/out/footer-1257c08e-1696951749.min.js
Requested by: Host: rpsettlement.com
URL: https://rpsettlement.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 174.138.108.232 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: cloud02.titletapsites.com
Software: nginx /
Resource Hash: 69b1c73fa5cbec486e3c9923e6b5e2653b1187668b9f7694e24841d6b303ab02

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rpsettlement.com/

Response headers

cache-control: max-age=32400000, public
content-encoding: gzip
expires: Sat, 25 Oct 2025 15:15:02 GMT
accept-ranges: bytes
date: Tue, 15 Oct 2024 15:15:02 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 10 Oct 2023 15:31:10 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 122ms
10ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: rpsettlement.com
URL: https://rpsettlement.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rpsettlement.com/

Response headers

content-encoding: gzip
age: 6293
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Tue, 15 Oct 2024 15:30:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 13:30:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H3 200 m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=DAY/d=0/rs=AN8SPfrCcgxoBri2FVMQptvuOBiOsolgBw/ 22 KB
4 KB 97ms
8ms Stylesheet
text/css 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=DAY/d=0/rs=AN8SPfrCcgxoBri2FVMQptvuOBiOsolgBw/m=el_main_css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.i85gvgt36Y8.O/am=DAY/d=1/rs=AN8SPfrN0JslutK2Cf8cInUln2fIkzOxmg/m=el_conf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rpsettlement.com/

Response headers

content-encoding: gzip
age: 31666
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
x-content-type-options: nosniff
expires: Wed, 15 Oct 2025 06:27:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 06:27:16 GMT
last-modified: Thu, 04 Apr 2024 07:26:25 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="rosetta"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4144
x-xss-protection: 0
server: sffe

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.i85gvgt36Y8.O/am=ACA/d=1/exm=el_conf/ed=1/rs=AN8SPfqwsXmGtbQyeo2_ORlxMMA6U1_XVg/ 215 KB
74 KB 258ms
6ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.i85gvgt36Y8.O/am=ACA/d=1/exm=el_conf/ed=1/rs=AN8SPfqwsXmGtbQyeo2_ORlxMMA6U1_XVg/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.i85gvgt36Y8.O/am=DAY/d=1/rs=AN8SPfrN0JslutK2Cf8cInUln2fIkzOxmg/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fe66031707a34713adda5c550286327dd1da979094c59ffb1423867e3165d4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rpsettlement.com/

Response headers

content-encoding: gzip
age: 31666
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
x-content-type-options: nosniff
expires: Wed, 15 Oct 2025 06:27:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 06:27:16 GMT
last-modified: Sat, 12 Oct 2024 11:09:33 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="rosetta"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
accept-ranges: bytes
access-control-allow-origin: *
content-length: 75584
x-xss-protection: 0
server: sffe

GET 5ba148b2c0fa8e88f80000c7.js
tag.marinsm.com/serve/ 0
0

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 411ms
39ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora%3Aregular%2Citalic%2C700%2C700italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=latin%2Clatin-ext&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://rpsettlement.com
Referer: https://fonts.googleapis.com/

Response headers

age: 24352
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 15 Oct 2025 08:29:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 08:29:10 GMT
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33092
x-xss-protection: 0
server: sffe

GET
H2 200 fontawesome-webfont.woff2
cdn.jsdelivr.net/fontawesome/4.7.0/fonts/ 75 KB
76 KB 371ms
55ms Font
font/woff2 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/fontawesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/fontawesome/4.7.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://rpsettlement.com
Referer: https://cdn.jsdelivr.net/fontawesome/4.7.0/css/font-awesome.min.css

Response headers

access-control-expose-headers: *
etag: W/"12d68-1vSMun0Hb7by/Wupk6dbncHsvww"
age: 1826854
x-content-type-options: nosniff
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Tue, 15 Oct 2024 15:15:02 GMT
content-type: font/woff2
x-served-by: cache-fra-eddf8230095-FRA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 77160

GET
H3 200 0QIvMX1D_JOuMwr7Iw.woff2
fonts.gstatic.com/s/lora/v35/ 37 KB
37 KB 410ms
39ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v35/0QIvMX1D_JOuMwr7Iw.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16a2619b4d831694734838f42d825eb871ee5160d241900b780ad523404b1c50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://rpsettlement.com
Referer: https://fonts.googleapis.com/

Response headers

age: 56942
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 14 Oct 2025 23:26:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 14 Oct 2024 23:26:00 GMT
last-modified: Wed, 31 Jan 2024 23:11:20 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 37764
x-xss-protection: 0
server: sffe

GET
H2 200 modules.ttf
rpsettlement.com/wp-content/themes/Divi457/core/admin/fonts/ 90 KB
37 KB 121ms
120ms Font
font/ttf 174.138.108.232
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://rpsettlement.com/wp-content/themes/Divi457/core/admin/fonts/modules.ttf
Requested by: Host: rpsettlement.com
URL: https://rpsettlement.com/wp-content/uploads/sites/60/fvm/out/header-16317f4a-1696951749.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 174.138.108.232 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: cloud02.titletapsites.com
Software: nginx /
Resource Hash: d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://rpsettlement.com
Referer: https://rpsettlement.com/wp-content/uploads/sites/60/fvm/out/header-16317f4a-1696951749.min.css

Response headers

cache-control: max-age=32400000, public
content-encoding: gzip
expires: Sat, 25 Oct 2025 15:15:02 GMT
accept-ranges: bytes
content-length: 37445
date: Tue, 15 Oct 2024 15:15:02 GMT
content-type: font/ttf
last-modified: Fri, 21 Oct 2022 03:21:26 GMT
server: nginx
vary: Accept-Encoding

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
434 B 17ms
14ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1767672526&t=pageview&_s=1&dl=https%3A%2F%2Frpsettlement.com%2F&ul=de-de&de=UTF-8&dt=Title%20Company%20-%20Lutherville%2C%20Bel%20Air%2C%20Columbia%2C%20Eldersburg%20MD%20%7C%20R%20%26%20P%20Settlement%20Group%2C%20LLC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1844944549&gjid=339129121&cid=1377084428.1729005302&tid=UA-98316234-1&_gid=1543754848.1729005302&_r=1&_slc=1&z=1167483069

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2d50ad5b492660b7c9166dd4f038834d1e3b99fc9f0fc53f5d75436c843896fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://rpsettlement.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 15:15:02 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://rpsettlement.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 15
server: Golfe2

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 276 KB
97 KB 166ms
32ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WMQZXZE0WP&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

09405a066c77ceccb4cd3eb9308dd100fb2751b2b69bdcf3a859a9bae1a8ea8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rpsettlement.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 15 Oct 2024 15:15:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 15:15:02 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 98223
x-xss-protection: 0
server: Google Tag Manager

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 374ms
16ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-WMQZXZE0WP&gtm=45je4a90v9116840585za200&_p=1729005302794&gcd=13l3l3l2l2l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=101533422~101686685&ul=de-de&sr=1600x1200&cid=1377084428.1729005302&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Frpsettlement.com%2F&dt=Title%20Company%20-%20Lutherville%2C%20Bel%20Air%2C%20Columbia%2C%20Eldersburg%20MD%20%7C%20R%20%26%20P%20Settlement%20Group%2C%20LLC&sid=1729005303&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=6969
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WMQZXZE0WP&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rpsettlement.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://rpsettlement.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 15:15:03 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 85 KB
29 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2

Requested by

Host: rpsettlement.com
URL: https://rpsettlement.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dbcd67148c83d6605339d06593a605ee50615d52d40be8b160d6ee66375e9d84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rpsettlement.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 15:15:04 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server: ESF
x-frame-options: SAMEORIGIN

GET
H3 200 m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=DAY/d=0/rs=AN8SPfrCcgxoBri2FVMQptvuOBiOsolgBw/ 22 KB
0 8ms
7ms Stylesheet
text/css 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=DAY/d=0/rs=AN8SPfrCcgxoBri2FVMQptvuOBiOsolgBw/m=el_main_css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.i85gvgt36Y8.O/am=DAY/d=1/rs=AN8SPfrN0JslutK2Cf8cInUln2fIkzOxmg/m=el_conf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rpsettlement.com/

Response headers

content-encoding: gzip
age: 31666
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
x-content-type-options: nosniff
expires: Wed, 15 Oct 2025 06:27:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 06:27:16 GMT
last-modified: Thu, 04 Apr 2024 07:26:25 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="rosetta"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4144
x-xss-protection: 0
server: sffe

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.i85gvgt36Y8.O/am=ACA/d=1/exm=el_conf/ed=1/rs=AN8SPfqwsXmGtbQyeo2_ORlxMMA6U1_XVg/ 215 KB
0 8ms
8ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.i85gvgt36Y8.O/am=ACA/d=1/exm=el_conf/ed=1/rs=AN8SPfqwsXmGtbQyeo2_ORlxMMA6U1_XVg/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.i85gvgt36Y8.O/am=DAY/d=1/rs=AN8SPfrN0JslutK2Cf8cInUln2fIkzOxmg/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fe66031707a34713adda5c550286327dd1da979094c59ffb1423867e3165d4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rpsettlement.com/

Response headers

content-encoding: gzip
age: 31666
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
x-content-type-options: nosniff
expires: Wed, 15 Oct 2025 06:27:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 06:27:16 GMT
last-modified: Sat, 12 Oct 2024 11:09:33 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="rosetta"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
accept-ranges: bytes
access-control-allow-origin: *
content-length: 75584
x-xss-protection: 0
server: sffe

GET
H2 200 widget.js Show response
cdn.userway.org/ 2 KB
2 KB 307ms
37ms Script
application/javascript 2a02:6ea0:c700::21
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widget.js
Requested by: Host: rpsettlement.com
URL: https://rpsettlement.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 19aae78d7beaecfaffbb36932e908f578d5a72432ba663accc95815a9f2cd21f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rpsettlement.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"59cd386971c343740f4693f3c7ca2f77"
age: 367
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: Z3fkJTIl8t4Xx_sW19GwCXeEANXbISvB2TypcTS59uNhNFWQGtsxbQ==
date: Tue, 15 Oct 2024 15:15:04 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2024 15:31:48 GMT
vary: Accept-Encoding
x-77-nzt-ray: 1cb09c0ed8309f8df8860e6735fe8033
x-77-nzt: EgwB1GY4sQH36gUAAAwBisclxAG3LAAAAA
cache-control: max-age=3600, public
via: 1.1 965181b6d91907befd5a0165af38daf0.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 1514
x-amz-cf-pop: FRA56-P10
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 Depositphotos_7589448_xl-2015-1-scaled.jpg
rpsettlement.com/wp-content/uploads/sites/60/2021/01/ 1 MB
1 MB 128ms
118ms Image
image/jpeg 174.138.108.232
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rpsettlement.com/wp-content/uploads/sites/60/2021/01/Depositphotos_7589448_xl-2015-1-scaled.jpg
Requested by: Host: rpsettlement.com
URL: https://rpsettlement.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 174.138.108.232 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: cloud02.titletapsites.com
Software: nginx /
Resource Hash: 058155f5160b47fa78f3142d70cb2fc54d20f6ae2c40fc446d66f080889cd58d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rpsettlement.com/

Response headers

cache-control: max-age=32400000, public
expires: Sat, 25 Oct 2025 15:15:04 GMT
accept-ranges: bytes
content-length: 1214629
date: Tue, 15 Oct 2024 15:15:04 GMT
content-type: image/jpeg
last-modified: Fri, 21 Oct 2022 03:24:28 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 Depositphotos_77321232_xl-2015-scaled.jpg
rpsettlement.com/wp-content/uploads/sites/60/2021/01/ 1 MB
1 MB 769ms
743ms Image
image/jpeg 174.138.108.232
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rpsettlement.com/wp-content/uploads/sites/60/2021/01/Depositphotos_77321232_xl-2015-scaled.jpg
Requested by: Host: rpsettlement.com
URL: https://rpsettlement.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 174.138.108.232 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: cloud02.titletapsites.com
Software: nginx /
Resource Hash: ca5c7a63bae3ebf57595161cf3f262a5fbf7dbd41b229f76aab8b6c1e9143cb5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rpsettlement.com/

Response headers

cache-control: max-age=32400000, public
expires: Sat, 25 Oct 2025 15:15:04 GMT
accept-ranges: bytes
content-length: 1078193
date: Tue, 15 Oct 2024 15:15:04 GMT
content-type: image/jpeg
last-modified: Fri, 21 Oct 2022 03:24:28 GMT
server: nginx
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 223 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e85cb1fd8bf5724f32fddbf209fd6a9a701feebbde32722e03166f6e3c6b833

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 refill Show response
rpsettlement.com/wp-json/contact-form-7/v1/contact-forms/5247/ 86 B
506 B 1215ms
1182ms XHR
application/json 174.138.108.232
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://rpsettlement.com/wp-json/contact-form-7/v1/contact-forms/5247/refill

Requested by

Host: rpsettlement.com
URL: https://rpsettlement.com/wp-content/uploads/sites/60/fvm/out/header-da8f3283-1696951749.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

174.138.108.232 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

cloud02.titletapsites.com

Software

nginx /

Resource Hash

5e59f584a4d7aa6b1c8ffdf54063a2d761ca70affd3024d48d222e581ff0afd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rpsettlement.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01

Response headers

x-robots-tag: noindex
link: <https://rpsettlement.com/wp-json/>; rel="https://api.w.org/"
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
cache-control: max-age=0
content-encoding: gzip
x-content-type-options: nosniff
allow: GET
expires: Tue, 15 Oct 2024 15:15:04 GMT
content-length: 102
date: Tue, 15 Oct 2024 15:15:05 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding,Cookie,Origin
server: nginx
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type

GET
H2 200 ajax-loader.gif
rpsettlement.com/wp-content/plugins/contact-form-7/images/ 847 B
1 KB 1123ms
1090ms Image
image/gif 174.138.108.232
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rpsettlement.com/wp-content/plugins/contact-form-7/images/ajax-loader.gif
Requested by: Host: rpsettlement.com
URL: https://rpsettlement.com/wp-content/uploads/sites/60/fvm/out/header-16317f4a-1696951749.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 174.138.108.232 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: cloud02.titletapsites.com
Software: nginx /
Resource Hash: 65b72e15d975f67fbd1cb126d57772c06c21fa016e5651b6ce213b26ce0e6877

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rpsettlement.com/wp-content/uploads/sites/60/fvm/out/header-16317f4a-1696951749.min.css

Response headers

cache-control: max-age=32400000, public
expires: Sat, 25 Oct 2025 15:15:04 GMT
accept-ranges: bytes
content-length: 847
date: Tue, 15 Oct 2024 15:15:04 GMT
content-type: image/gif
last-modified: Fri, 21 Oct 2022 03:21:12 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 r_p_settlement_group_LOGO.jpg
rpsettlement.com/wp-content/uploads/sites/60/2023/12/ 73 KB
0 17ms
17ms Image
image/jpeg 174.138.108.232
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rpsettlement.com/wp-content/uploads/sites/60/2023/12/r_p_settlement_group_LOGO.jpg
Requested by: Host: rpsettlement.com
URL: https://rpsettlement.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 174.138.108.232 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: cloud02.titletapsites.com
Software: nginx /
Resource Hash: 4fc1b0dc4fbbabd9e148ac4412d8dd3ec99721ed7aa867a5330320e23ee55439

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rpsettlement.com/

Response headers

cache-control: max-age=32400000, public
expires: Sat, 25 Oct 2025 15:15:01 GMT
accept-ranges: bytes
content-length: 74769
date: Tue, 15 Oct 2024 15:15:01 GMT
content-type: image/jpeg
last-modified: Fri, 15 Dec 2023 03:47:44 GMT
server: nginx
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame A6BD 0
0 Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Content-Type: text/html;charset=UTF-8

GET
H3 200 24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v14/ 6 KB
3 KB 60ms
26ms Image
image/svg+xml 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg

Requested by

Host: rpsettlement.com
URL: https://rpsettlement.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rpsettlement.com/

Response headers

content-encoding: gzip
age: 156409
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Mon, 13 Oct 2025 19:48:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 13 Oct 2024 19:48:15 GMT
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3340
x-xss-protection: 0
server: sffe

GET
H3 200 googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 910 B
934 B 60ms
43ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

Requested by

Host: rpsettlement.com
URL: https://rpsettlement.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rpsettlement.com/

Response headers

age: 71491
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options: nosniff
expires: Tue, 14 Oct 2025 19:23:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 14 Oct 2024 19:23:33 GMT
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
content-type: image/png
vary: Origin
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
content-length: 910
x-xss-protection: 0
server: sffe

GET
H3 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 52ms
30ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=DAY/d=0/rs=AN8SPfrCcgxoBri2FVMQptvuOBiOsolgBw/m=el_main_css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=DAY/d=0/rs=AN8SPfrCcgxoBri2FVMQptvuOBiOsolgBw/m=el_main_css

Response headers

age: 1162
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options: nosniff
expires: Wed, 15 Oct 2025 14:55:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 14:55:42 GMT
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
vary: Origin
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
content-length: 1842
x-xss-protection: 0
server: sffe

GET
H2 200 widget_app_base_1728401297040.js Show response
cdn.userway.org/widgetapp/2024-10-08-15-28-17/ 126 KB
39 KB 65ms
19ms Script
application/javascript 2a02:6ea0:c700::21
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-10-08-15-28-17/widget_app_base_1728401297040.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: fcbd22fcf355f8ca1b4eee520ca2541bb02fa8c77ccfe2d2795570b89a7fd134

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://rpsettlement.com
Referer: https://rpsettlement.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"5afeaac7e2e18a97518efd0a8a1bb1fe"
age: 365
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: jVOK3EiOc-WiyUsqeFC0a8a5swcWhm8SDO0G6sj1Hfd5YcRftBdh8w==
date: Tue, 15 Oct 2024 15:15:05 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2024 15:31:35 GMT
vary: Accept-Encoding
x-77-nzt-ray: 1cb09c0e9a2e9f9af9860e6712220c03
x-77-nzt: EgwB1GY4sQH3lzQJAAwBw7WvAgG3LAAAAA
cache-control: max-age=25920000, public
via: 1.1 3adffce7dd03a16d055927ad5fa7671a.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 603287
x-amz-cf-pop: FRA56-P10
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

POST
H2 200 Uw6HGmhR4l Show response
api.userway.org/api/tunings/ 432 B
818 B 553ms
195ms XHR
application/json 2600:1f14:5db:eb22:49ea:db45:21a:1082
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/Uw6HGmhR4l
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-10-08-15-28-17/widget_app_base_1728401297040.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb22:49ea:db45:21a:1082 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 89fad32df5720ad79c6c5d9edf6572967198406345cebf355a108a4c222106bf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://rpsettlement.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
x-service-request-id: usra7593b1597ea4a6
etag: W/"1b0-8AyNyyzRHU/o0ncFwmk4hgMWOik"
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
content-length: 432
date: Tue, 15 Oct 2024 15:15:05 GMT
content-type: application/json; charset=utf-8
x-service-version: uw-pr
access-control-allow-headers: *

GET
H2 200 en-US.json Show response
cdn.userway.org/widgetapp/2024-10-08-15-28-17/locales/ 607 B
943 B 20ms
18ms XHR
application/json 2a02:6ea0:c700::21
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-10-08-15-28-17/locales/en-US.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-10-08-15-28-17/widget_app_base_1728401297040.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c46936850cfa993988f2c32b0b04a5c4b0f94c30d36aca502626befbd2b802de

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rpsettlement.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"971644f50e2020e1ff22e37edcad46f6"
age: 364
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: S5_g_-MDxeZQ9Lrfl5ztywk56rfsaQgfF9fUdAQ8CdGk8dtoTDyQlw==
date: Tue, 15 Oct 2024 15:15:05 GMT
content-type: application/json
last-modified: Tue, 08 Oct 2024 15:31:34 GMT
x-77-nzt-ray: 1cb09c0e9a2e9f9af9860e675548ee2a
vary: Accept-Encoding
x-77-nzt: EgwB1GY4sQH3kDQJAAwBJRPCLgG3MgAAAA
cache-control: max-age=25920000, public
via: 1.1 577d8c1d3279d6a0f53cebe01ead8c6e.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 603280
x-amz-cf-pop: FRA56-P10
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 363ms
12ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: connect.qualia.com
URL: https://connect.qualia.com/quote-widget/scripts/init

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rpsettlement.com/

Response headers

content-encoding: gzip
age: 447578
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Fri, 10 Oct 2025 10:55:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 10 Oct 2024 10:55:28 GMT
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30399
x-xss-protection: 0
server: sffe

GET
H2 200 remediation-tool-free.js Show response
cdn.userway.org/remediation/2024-10-08-15-28-17/free/ 31 KB
13 KB 16ms
15ms Script
application/javascript 2a02:6ea0:c700::21
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediation/2024-10-08-15-28-17/free/remediation-tool-free.js?ts=1728401297040
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-10-08-15-28-17/widget_app_base_1728401297040.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 73719024df5daf498a6b4335a9a885844077b7a8573028941b0e10232917eeca

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://rpsettlement.com
Referer: https://rpsettlement.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"3cf689b1ad56b2512461ec432fed6e86"
age: 364
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: qBsNHiND3cwUc8_l9faudb2YjCvQa3igWDxkINdvxQxjWvHrpcnQaA==
date: Tue, 15 Oct 2024 15:15:06 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2024 15:31:45 GMT
vary: Accept-Encoding
x-77-nzt-ray: 1cb09c0e9a2e9f9afa860e67c6529b0d
x-77-nzt: EgwB1GY4sQH3ljQJAAwBnJIhJwG3LQAAAA
cache-control: max-age=25920000, public
via: 1.1 59d552fe007f8133d3f016164f2c79aa.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 603286
x-amz-cf-pop: FRA56-P10
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 widget_base.css
cdn.userway.org/styles/2024-10-08-15-28-17/ 30 KB
5 KB 37ms
36ms Stylesheet
text/css 2a02:6ea0:c700::21
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/styles/2024-10-08-15-28-17/widget_base.css?v=1728401297040
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-10-08-15-28-17/widget_app_base_1728401297040.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 92a186a4d39702090ae3d539a1cf7cc0187b99203ed928fb4514fa3fdabf566d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rpsettlement.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"fa9ef3811ff36e9e81b054c454f9365f"
age: 364
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: RD41J0ueEv-fBw1_fvZtXaxavwOrtglNL_kd-kQIn1aNHGDH6by_kg==
date: Tue, 15 Oct 2024 15:15:06 GMT
content-type: text/css
last-modified: Tue, 08 Oct 2024 15:30:57 GMT
vary: Accept-Encoding
x-77-nzt-ray: 1cb09c0ed8309f8dfa860e6746c39b0d
x-77-nzt: EgwB1GY4sQH3ljQJAAwB1GY4EQG3LQAAAA
cache-control: max-age=864000, public
via: 1.1 e161fd49d3d858d9f9d1d337fc91ce8e.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 603286
x-amz-cf-pop: FRA56-P10
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 body_wh.svg
cdn.userway.org/widgetapp/images/ 4 KB
3 KB 16ms
15ms Image
image/svg+xml 2a02:6ea0:c700::21
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/body_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rpsettlement.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"1d8b1582fe82bd329041cc1982ad42e4"
age: 42
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: aNeLgRWnFT4E1bCgcXxMq5C_IcRb2sYFmpYWg7sp6G-YqkWavje49Q==
date: Tue, 15 Oct 2024 15:15:06 GMT
content-type: image/svg+xml
last-modified: Tue, 08 Oct 2024 15:31:36 GMT
vary: Accept-Encoding
x-77-nzt-ray: 1cb09c0ed8309f8dfa860e673556e412
x-77-nzt: EgwB1GY4sQH3mTQJAAwBJRPCNAG3LAAAAA
cache-control: max-age=25920000, public
via: 1.1 2a1069adbc6a1208306ee3de10fe9952.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 603289
x-amz-cf-pop: FRA56-P10
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 spin_wh.svg
cdn.userway.org/widgetapp/images/ 2 KB
1 KB 22ms
21ms Image
image/svg+xml 2a02:6ea0:c700::21
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rpsettlement.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
age: 42
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: OzRz9soIPkQrhmd8xq-4nI5t5JbdDzOoq9SxsFLQn-NgtUTchZbbWg==
date: Tue, 15 Oct 2024 15:15:06 GMT
content-type: image/svg+xml
last-modified: Tue, 08 Oct 2024 15:31:37 GMT
vary: Accept-Encoding
x-77-nzt-ray: 1cb09c0ed8309f8dfa860e671420e812
x-77-nzt: EgwB1GY4sQH3mTQJAAwB1GY4EQG3LAAAAA
cache-control: max-age=25920000, public
via: 1.1 ecc31e9f7b98bdd8a55967baa6e36ad8.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 603289
x-amz-cf-pop: FRA56-P10
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 R-P-Title-Settlements-Fav.png
rpsettlement.com/wp-content/uploads/sites/60/2020/11/ 8 KB
8 KB 323ms
307ms Other
image/png 174.138.108.232
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://rpsettlement.com/wp-content/uploads/sites/60/2020/11/R-P-Title-Settlements-Fav.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 174.138.108.232 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: cloud02.titletapsites.com
Software: nginx /
Resource Hash: c323a2cf6ecf1d05ce278a145509e6ec57adcb76b19ae9b6fca9a78a4905120d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rpsettlement.com/

Response headers

cache-control: max-age=32400000, public
expires: Sat, 25 Oct 2025 15:15:06 GMT
accept-ranges: bytes
content-length: 8348
date: Tue, 15 Oct 2024 15:15:06 GMT
content-type: image/png
last-modified: Fri, 21 Oct 2022 03:27:30 GMT
server: nginx
vary: Accept-Encoding

GET
H/1.1 200
OK XeyMicY3S6XuZrJrw Show response
connect.qualia.com/quote-widget/settings/ 320 B
824 B 476ms
108ms XHR
application/json 34.197.79.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.qualia.com/quote-widget/settings/XeyMicY3S6XuZrJrw

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.197.79.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-79-111.compute-1.amazonaws.com

Software

nginx /

Resource Hash

9d9d2c027546f6eb0f68111de38939e443cd2eb6c9ce9214814a097d69fc9015

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: */*
Referer: https://rpsettlement.com/

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Robots-Tag: noindex
Connection: keep-alive
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Access-Control-Allow-Origin: *
Content-Length: 320
Date: Tue, 15 Oct 2024 15:15:06 GMT
X-XSS-Protection: 1; mode=block
Content-Type: application/json
Server: nginx

GET
H/1.1 200
OK window-messenger Show response
connect.qualia.com/quote-widget/scripts/ 5 KB
5 KB 138ms
132ms Script
text/javascript 34.197.79.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.qualia.com/quote-widget/scripts/window-messenger?_=1729005306493

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.197.79.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-79-111.compute-1.amazonaws.com

Software

nginx /

Resource Hash

81530f225e3641b85bcac35c7201a51b25101822f74b1860e41a3a96a187048a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rpsettlement.com/

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Robots-Tag: noindex
Connection: keep-alive
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Access-Control-Allow-Origin: *
Content-Length: 4764
Date: Tue, 15 Oct 2024 15:15:07 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript
Server: nginx

GET
H3 200 iframeResizer.min.js Show response
cdnjs.cloudflare.com/ajax/libs/iframe-resizer/3.6.0/ 13 KB
5 KB 293ms
51ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/iframe-resizer/3.6.0/iframeResizer.min.js?_=1729005306494

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c45687c5602a758f0b7a774a3f6e378439933081cc6f4018090dd979fa2212fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rpsettlement.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03e9f-3343"
age: 2756320
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F8bL7jTSWORcmPJ7IbOxaKpYd3HCvzVhjnkag3hPq8a2SA%2FDlx4Tr%2FD5CfKcX42DyazRb8HEps3AYKmj14pRHbQ402hmaD1VHCIbAvYtPqMAbvnL%2FuK0S%2BpzubV1LfgMar9V5K7saFgEJMOu%2BPu6nNmg"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 05 Oct 2025 15:15:07 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 15 Oct 2024 15:15:07 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:11:11 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d30c3423ea9dccd-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4564
server: cloudflare

GET
H/1.1 200
OK activator
connect.qualia.com/quote-widget/ui/ Frame 71B4 0
0 288ms
101ms Document
text/html 34.197.79.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.qualia.com/quote-widget/ui/activator

Requested by

Host: connect.qualia.com
URL: https://connect.qualia.com/quote-widget/scripts/init

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.197.79.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-79-111.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rpsettlement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 9747
Content-Type: text/html
Date: Tue, 15 Oct 2024 15:15:07 GMT
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK stage
connect.qualia.com/quote-widget/ui/ Frame A1DD 0
0 292ms
101ms Document
text/html 34.197.79.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.qualia.com/quote-widget/ui/stage

Requested by

Host: connect.qualia.com
URL: https://connect.qualia.com/quote-widget/scripts/init

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.197.79.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-79-111.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rpsettlement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 6608
Content-Type: text/html
Date: Tue, 15 Oct 2024 15:15:07 GMT
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
X-XSS-Protection: 1; mode=block

GET
H2 200 status Show response
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Frpsettlement.com%2F/DESKTOP/WIDGET_OFF/ 77 B
454 B 165ms
165ms Fetch
application/json 2600:1f14:5db:eb22:49ea:db45:21a:1082
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Frpsettlement.com%2F/DESKTOP/WIDGET_OFF/status
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-10-08-15-28-17/widget_app_base_1728401297040.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb22:49ea:db45:21a:1082 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 55bdb1700149e5204204c06b154ee3d44990039e1227e75da7193378d160de01

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rpsettlement.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
etag: W/"4d-LFMdxGwYZe/xj6Qk5mJ4pvoM+ew"
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
content-length: 77
date: Tue, 15 Oct 2024 15:15:11 GMT
content-type: application/json; charset=utf-8
x-service-version: seo-w-bf1cccec
vary: Accept-Encoding
access-control-allow-headers: *

GET
H2 200 scan_1728401297040.js Show response
cdn.userway.org/widgetapp/2024-10-08-15-28-17/scan/ 53 KB
14 KB 21ms
20ms Script
application/javascript 2a02:6ea0:c700::21
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-10-08-15-28-17/scan/scan_1728401297040.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-10-08-15-28-17/widget_app_base_1728401297040.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: f1e24250e119793be1a0642d204a3e1dff9ca8b6650532297df5ecce5e17d3e2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://rpsettlement.com
Referer: https://rpsettlement.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"12363ee5379336f410d063524560ab7a"
age: 375
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: mApfJ4MdJobUBmI2eO5DS3P1nZzkz0ZwsMOyUEl3rZj2ZwB1XVEuzA==
date: Tue, 15 Oct 2024 15:15:11 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2024 15:31:35 GMT
vary: Accept-Encoding
x-77-nzt-ray: 1cb09c0e9a2e9f9aff860e6745b19d1d
x-77-nzt: EgwB1GY4sQH3SzQJAAwBw7WvAgG3bAAAAA
cache-control: max-age=25920000, public
via: 1.1 bb6970675ac5572387ab59ecc9abd23e.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 603211
x-amz-cf-pop: FRA56-P10
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

PUT
H2 200 contrib Show response
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Frpsettlement.com%2F/DESKTOP/ 77 B
454 B 197ms
195ms XHR
application/json 2600:1f14:5db:eb22:49ea:db45:21a:1082
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Frpsettlement.com%2F/DESKTOP/contrib
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-10-08-15-28-17/widget_app_base_1728401297040.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb22:49ea:db45:21a:1082 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://rpsettlement.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
etag: W/"4d-wYLRLrbWidRwnfhEvoB+Y2U04NY"
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
content-length: 77
date: Tue, 15 Oct 2024 15:15:11 GMT
content-type: application/json; charset=utf-8
x-service-version: seo-w-bf1cccec
vary: Accept-Encoding
access-control-allow-headers: *

OPTIONS
H2 200 contrib
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Frpsettlement.com%2F/DESKTOP/ Frame 0
0 169ms
156ms Preflight 2600:1f14:5db:eb22:49ea:db45:21a:1082
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Frpsettlement.com%2F/DESKTOP/contrib
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb22:49ea:db45:21a:1082 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: PUT
Origin: https://rpsettlement.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
cache-control: max-age=604800
date: Tue, 15 Oct 2024 15:15:11 GMT
x-service-version: seo-w-bf1cccec

POST
H3 200 log Show response
translate.googleapis.com/element/ 131 B
152 B 42ms
41ms Fetch
text/plain 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.i85gvgt36Y8.O/am=ACA/d=1/exm=el_conf/ed=1/rs=AN8SPfqwsXmGtbQyeo2_ORlxMMA6U1_XVg/m=el_main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://rpsettlement.com/
Content-Encoding: gzip
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/binary
X-Goog-AuthUser: 0

Response headers

x-frame-options: SAMEORIGIN
cache-control: private
content-encoding: gzip
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://rpsettlement.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131
date: Tue, 15 Oct 2024 15:15:15 GMT
x-xss-protection: 0
content-type: text/plain; charset=UTF-8
server: Playlog
access-control-allow-headers: X-Playlog-Web

OPTIONS
H3 200 log
translate.googleapis.com/element/ Frame 0
0 54ms
39ms Preflight
text/plain 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-encoding,content-type,x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://rpsettlement.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,content-encoding,content-type,x-goog-authuser,origin
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://rpsettlement.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 15 Oct 2024 15:15:14 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tag.marinsm.com
URL: https://tag.marinsm.com/serve/5ba148b2c0fa8e88f80000c7.js

Verdicts & Comments Add Verdict or Comment

231 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rpsettlement.com/	1970-01-21 09:52:45	Name: _ga Value: GA1.2.1377084428.1729005302
.rpsettlement.com/	1970-01-21 00:18:11	Name: _gid Value: GA1.2.1543754848.1729005302
.rpsettlement.com/	1970-01-21 00:16:45	Name: _gat Value: 1
.rpsettlement.com/	1970-01-21 09:52:45	Name: _ga_WMQZXZE0WP Value: GS1.2.1729005303.1.0.1729005303.0.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.userway.org
cdn.jsdelivr.net
cdn.userway.org
cdnjs.cloudflare.com
connect.qualia.com
fonts.googleapis.com
fonts.gstatic.com
netdna.bootstrapcdn.com
region1.google-analytics.com
rpsettlement.com
tag.marinsm.com
translate.google.com
translate.googleapis.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
tag.marinsm.com
174.138.108.232
2001:4860:4802:34::36
2600:1f14:5db:eb22:49ea:db45:21a:1082
2606:4700::6811:190e
2606:4700::6812:acf
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2003
2a00:1450:4001:810::200a
2a00:1450:4001:811::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:830::200e
2a02:6ea0:c700::21
2a04:4e42:400::485
34.197.79.111
058155f5160b47fa78f3142d70cb2fc54d20f6ae2c40fc446d66f080889cd58d
09405a066c77ceccb4cd3eb9308dd100fb2751b2b69bdcf3a859a9bae1a8ea8f
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16a2619b4d831694734838f42d825eb871ee5160d241900b780ad523404b1c50
19aae78d7beaecfaffbb36932e908f578d5a72432ba663accc95815a9f2cd21f
21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710
298f7eff0c6540b445fd871d56dd45005af30e3adaf021ee8cd2fc648be68152
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d50ad5b492660b7c9166dd4f038834d1e3b99fc9f0fc53f5d75436c843896fb
41b9a0fdbc7203cf98c5a919e3862c7e15d928cc2b6270f37eab74f065153406
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4e85cb1fd8bf5724f32fddbf209fd6a9a701feebbde32722e03166f6e3c6b833
4eb6d66270d62979ec29043ed5e6ee89c78bc22617b917c419fc7ce5d0ac0fb8
4fc1b0dc4fbbabd9e148ac4412d8dd3ec99721ed7aa867a5330320e23ee55439
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
55bdb1700149e5204204c06b154ee3d44990039e1227e75da7193378d160de01
5e59f584a4d7aa6b1c8ffdf54063a2d761ca70affd3024d48d222e581ff0afd0
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
65b72e15d975f67fbd1cb126d57772c06c21fa016e5651b6ce213b26ce0e6877
69b1c73fa5cbec486e3c9923e6b5e2653b1187668b9f7694e24841d6b303ab02
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
73719024df5daf498a6b4335a9a885844077b7a8573028941b0e10232917eeca
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7dbeb39ebc5970961b2e00f6b8e0e8fe45a465f500270b883d7952e8d6d5b7b8
7fe66031707a34713adda5c550286327dd1da979094c59ffb1423867e3165d4a
81530f225e3641b85bcac35c7201a51b25101822f74b1860e41a3a96a187048a
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c
89fad32df5720ad79c6c5d9edf6572967198406345cebf355a108a4c222106bf
92a186a4d39702090ae3d539a1cf7cc0187b99203ed928fb4514fa3fdabf566d
9b373f8e9ec8e5ea69ece281723fcf1c37e77aa227f627572808ac7263232e6c
9d9d2c027546f6eb0f68111de38939e443cd2eb6c9ce9214814a097d69fc9015
a286bf54a4f71f111dfdbafa5216b1e3aafd4c2654a8bccd1abba52de2ffb75a
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
b6014e472c3fa5aa36faa43a48b8cd2c501c6ea7b41a36f7cd697a53f8677342
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c323a2cf6ecf1d05ce278a145509e6ec57adcb76b19ae9b6fca9a78a4905120d
c45687c5602a758f0b7a774a3f6e378439933081cc6f4018090dd979fa2212fa
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c46936850cfa993988f2c32b0b04a5c4b0f94c30d36aca502626befbd2b802de
ca5c7a63bae3ebf57595161cf3f262a5fbf7dbd41b229f76aab8b6c1e9143cb5
d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09
d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c
d3ef1897c2064645edeaab173c164b5df8d1738f48be65cf7aef40b8eded11ed
d46cb21c88f101b1d86b26fe45a3b6348b732ad994176cb42e37ffd3e14eb0e9
dbcd67148c83d6605339d06593a605ee50615d52d40be8b160d6ee66375e9d84
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
ef52f0f72aa1d25b35a4e2d17273fb0e7693a5c1af994bbfe8066a82cb35f4ca
f0e7e7476e659318100cf6588c918b3a2fc673d1be23a6cd8570a0998532a412
f1e24250e119793be1a0642d204a3e1dff9ca8b6650532297df5ecce5e17d3e2
f25cd2e290985e4d21b5e5e4bc84c7be01e03811877255444f8d0aa7574c9632
fcbd22fcf355f8ca1b4eee520ca2541bb02fa8c77ccfe2d2795570b89a7fd134

rpsettlement.com Open in urlscan Pro 174.138.108.232 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

61 Requests

98 %HTTPS

88 %IPv6

12 Domains

17 Subdomains

18 IPs

2 Countries

3471 kBTransfer

6370 kBSize

4 Cookies

13 Outgoing links

Page URL History

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

rpsettlement.com Open in urlscan Pro
174.138.108.232 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

98 %
HTTPS

88 %
IPv6

12
Domains

17
Subdomains

18
IPs

2
Countries

3471 kB
Transfer

6370 kB
Size

4
Cookies

61 HTTP transactions
2 data transactions