urlscan.io logo urlscan.io
SecurityTrails logo

unitedsettlement.com Open in urlscan Pro
2606:4700:3108::ac42:286b  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://hwujgdchkxkp.blob.core.windows.net/fii/monz.html#qs=r-abacafbegcghacafdbehababacadgadfhaccaffiackkdacceikfacb
Effective URL: https://unitedsettlement.com/apply-for-debt-relief-now/?utm_source=203930&utm_campaign=42036_1_11&utm_term=cfdfd6e8a57326862b...
Submission: On April 01 via manual from PH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 8 countries across 22 domains to perform 55 HTTP transactions. The main IP is 2606:4700:3108::ac42:286b, located in United States and belongs to CLOUDFLARENET, US. The main domain is unitedsettlement.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 14th 2021. Valid for: a year.
This is the only time unitedsettlement.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 20.60.134.228 8075 (MICROSOFT...)
1 1 92.204.175.18 29066 (VELIANET-...)
2 23.250.1.134 55286 (SERVER-MANIA)
2 2a00:1450:400... 15169 (GOOGLE)
1 143.204.215.55 16509 (AMAZON-02)
2 3.10.25.26 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
15 2606:4700:310... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 192.0.76.3 2635 (AUTOMATTIC)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2600:9000:231... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 84.17.46.53 60068 (CDN77 ^_^)
4 104.104.52.50 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
2 6 2600:9000:215... 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 34.117.190.90 15169 (GOOGLE)
2 151.101.129.44 54113 (FASTLY)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 54.229.135.46 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 141.226.228.48 ()
55 24
1    20.60.134.228 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
hwujgdchkxkp.blob.core.windows.net
1    92.204.175.18 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)
PTR: jeepbug.com
jeepbug.com
2    23.250.1.134 (Buffalo, United States)

ASN55286 (SERVER-MANIA, CA)
bayareaace.com
2    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    143.204.215.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-55.fra53.r.cloudfront.net
static.traversedlp.com
2    3.10.25.26 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-10-25-26.eu-west-2.compute.amazonaws.com
script.anura.io
1    2606:4700::6812:1f97 (United States)

ASN13335 (CLOUDFLARENET, US)
signals.aimtell.com
15    2606:4700:3108::ac42:286b (United States)

ASN13335 (CLOUDFLARENET, US)
unitedsettlement.com
2    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
1    2606:4700:20::ac43:479a (United States)

ASN13335 (CLOUDFLARENET, US)
code.highcharts.com
1    2600:9000:2315:fa00:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.dwin1.com
1    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    84.17.46.53 (Amsterdam, Netherlands)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-46-53.cdn77.com
load.sumo.com
4    104.104.52.50 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-104-52-50.deploy.static.akamaitechnologies.com
analytics.tiktok.com
2    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
6    2600:9000:2156:2400:6:9280:1080:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.adroll.com
2    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    34.117.190.90 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 90.190.117.34.bc.googleusercontent.com
pm.geniusmonkey.com
2    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
1    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    54.229.135.46 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-135-46.eu-west-1.compute.amazonaws.com
d.adroll.com
1    2a00:1450:400c:c02::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    141.226.228.48 (None, )

ASN- ()
trc-events.taboola.com
Apex Domain
Subdomains		 Transfer
15 unitedsettlement.com
unitedsettlement.com
735 KB
7 adroll.com
s.adroll.com — Cisco Umbrella Rank: 2575
d.adroll.com — Cisco Umbrella Rank: 1600
20 KB
4 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 1203
69 KB
3 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1049
trc.taboola.com — Cisco Umbrella Rank: 645
trc-events.taboola.com
19 KB
3 sumo.com
load.sumo.com — Cisco Umbrella Rank: 10870
sumo.com Failed
146 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 136
37 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 39
20 KB
2 wp.com
stats.wp.com — Cisco Umbrella Rank: 2718
pixel.wp.com — Cisco Umbrella Rank: 2543
3 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 45
2 KB
2 anura.io
script.anura.io — Cisco Umbrella Rank: 43469
18 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 70
86 KB
2 bayareaace.com
bayareaace.com — Cisco Umbrella Rank: 507161
7 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 95
442 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 99
297 B
1 geniusmonkey.com
pm.geniusmonkey.com — Cisco Umbrella Rank: 17284
153 B
1 gstatic.com
fonts.gstatic.com
16 KB
1 dwin1.com
www.dwin1.com — Cisco Umbrella Rank: 4576
9 KB
1 highcharts.com
code.highcharts.com — Cisco Umbrella Rank: 10308
102 KB
1 aimtell.com
signals.aimtell.com — Cisco Umbrella Rank: 11497
333 B
1 traversedlp.com
static.traversedlp.com — Cisco Umbrella Rank: 26088
api.traversedlp.com Failed
4 KB
1 jeepbug.com
jeepbug.com
401 B
1 windows.net
hwujgdchkxkp.blob.core.windows.net
553 B
55 22
Domain Requested by
15 unitedsettlement.com bayareaace.com
unitedsettlement.com
hwujgdchkxkp.blob.core.windows.net
6 s.adroll.com 2 redirects www.googletagmanager.com
s.adroll.com
4 analytics.tiktok.com hwujgdchkxkp.blob.core.windows.net
analytics.tiktok.com
3 load.sumo.com hwujgdchkxkp.blob.core.windows.net
load.sumo.com
2 connect.facebook.net hwujgdchkxkp.blob.core.windows.net
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.googleapis.com unitedsettlement.com
2 script.anura.io hwujgdchkxkp.blob.core.windows.net
script.anura.io
2 www.googletagmanager.com bayareaace.com
hwujgdchkxkp.blob.core.windows.net
2 bayareaace.com hwujgdchkxkp.blob.core.windows.net
bayareaace.com
1 trc-events.taboola.com cdn.taboola.com
1 stats.g.doubleclick.net www.google-analytics.com
1 trc.taboola.com cdn.taboola.com
1 d.adroll.com s.adroll.com
1 www.facebook.com
1 cdn.taboola.com hwujgdchkxkp.blob.core.windows.net
1 pm.geniusmonkey.com www.googletagmanager.com
1 pixel.wp.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.dwin1.com unitedsettlement.com
1 code.highcharts.com unitedsettlement.com
1 stats.wp.com unitedsettlement.com
1 signals.aimtell.com
1 static.traversedlp.com www.googletagmanager.com
1 jeepbug.com 1 redirects
1 hwujgdchkxkp.blob.core.windows.net
0 sumo.com Failed load.sumo.com
0 api.traversedlp.com Failed static.traversedlp.com
55 28

This site contains no links.

Subject Issuer Validity Valid
*.blob.core.windows.net
Microsoft RSA TLS CA 01		 2022-03-12 -
2023-03-12		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.traversedlp.com
Amazon		 2022-01-27 -
2023-02-25		 a year crt.sh
script.anura.io
Amazon		 2021-08-11 -
2022-09-09		 a year crt.sh
aimtell.com
Cloudflare Inc ECC CA-3		 2021-06-07 -
2022-06-06		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-14 -
2022-06-13		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
highcharts.com
Cloudflare Inc ECC CA-3		 2021-06-01 -
2022-05-31		 a year crt.sh
*.dwin1.com
Amazon		 2021-11-19 -
2022-12-17		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.sumo.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-04 -
2022-05-04		 a year crt.sh
*.tiktok.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-13 -
2023-01-13		 a year crt.sh
s.adroll.com
Amazon		 2021-08-02 -
2022-08-31		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-01-08 -
2022-04-08		 3 months crt.sh
*.geniusmonkey.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-14 -
2022-06-14		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
adroll.mgr.consensu.org
Amazon		 2021-09-09 -
2022-10-08		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://unitedsettlement.com/apply-for-debt-relief-now/?utm_source=203930&utm_campaign=42036_1_11&utm_term=cfdfd6e8a57326862bce39d9b7a2d5f1&estimated_debt=AMOUT&state=NY&interstitial=1&cchannel=email&ccontent=CONTENT
Frame ID: 418980D9BB90D0459A65F83C4A912E9C
Requests: 55 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Do You Qualify For Debt Relief?

Page URL History Show full URLs

  1. https://hwujgdchkxkp.blob.core.windows.net/fii/monz.html Page URL
  2. http://jeepbug.com/qs=r-abacafbegcghacafdbehababacadgadfhaccaffiackkdacceikfacb HTTP 302
    http://bayareaace.com/af3da420d1f3d379237a6f193722b09ba/?sid1=42036_1_11&sid2=0_1_0_0_1_4035156_25... Page URL
  3. https://unitedsettlement.com/apply-for-debt-relief-now/?utm_source=203930&utm_campaign=42036_1_11&utm_ter... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • highcharts.*\.js
Overall confidence: 100%
Detected patterns
  • dwin1\.com
Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

55
Requests

89 %
HTTPS

50 %
IPv6

22
Domains

28
Subdomains

24
IPs

8
Countries

1294 kB
Transfer

3677 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://hwujgdchkxkp.blob.core.windows.net/fii/monz.html Page URL
  2. http://jeepbug.com/qs=r-abacafbegcghacafdbehababacadgadfhaccaffiackkdacceikfacb HTTP 302
    http://bayareaace.com/af3da420d1f3d379237a6f193722b09ba/?sid1=42036_1_11&sid2=0_1_0_0_1_4035156_25_1992_113794_1_10_447&sid3=25 Page URL
  3. https://unitedsettlement.com/apply-for-debt-relief-now/?utm_source=203930&utm_campaign=42036_1_11&utm_term=cfdfd6e8a57326862bce39d9b7a2d5f1&estimated_debt=AMOUT&state=NY&interstitial=1&cchannel=email&ccontent=CONTENT Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://jeepbug.com/qs=r-abacafbegcghacafdbehababacadgadfhaccaffiackkdacceikfacb HTTP 302
  • http://bayareaace.com/af3da420d1f3d379237a6f193722b09ba/?sid1=42036_1_11&sid2=0_1_0_0_1_4035156_25_1992_113794_1_10_447&sid3=25
Request Chain 38
  • https://s.adroll.com/j/exp/VI4EOFSER5E3PHB66NBUBN/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js
Request Chain 39
  • https://s.adroll.com/j/pre/VI4EOFSER5E3PHB66NBUBN/3QRFSDOW55GBXDGQCC6XA7/fpconsent.js HTTP 302
  • https://s.adroll.com/j/pre/index.js

55 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
monz.html
hwujgdchkxkp.blob.core.windows.net/fii/ 		150 B
553 B 		Document
General
Check archive.org
Download Go to
Full URL
https://hwujgdchkxkp.blob.core.windows.net/fii/monz.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.134.228 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Length
150
Content-MD5
/tEKxmwW4HnM3j0axOospQ==
Content-Type
text/html
Date
Fri, 01 Apr 2022 05:25:11 GMT
ETag
0x8DA0C44F92A1246
Last-Modified
Tue, 22 Mar 2022 20:46:00 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
93027408-c01e-005f-4588-453322000000
x-ms-version
2009-09-19
/
bayareaace.com/af3da420d1f3d379237a6f193722b09ba/
Redirect Chain
  • http://jeepbug.com/qs=r-abacafbegcghacafdbehababacadgadfhaccaffiackkdacceikfacb
  • http://bayareaace.com/af3da420d1f3d379237a6f193722b09ba/?sid1=42036_1_11&sid2=0_1_0_0_1_4035156_25_1992_113794_1_10_447&sid3=25
7 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://bayareaace.com/af3da420d1f3d379237a6f193722b09ba/?sid1=42036_1_11&sid2=0_1_0_0_1_4035156_25_1992_113794_1_10_447&sid3=25
Requested by
Host: hwujgdchkxkp.blob.core.windows.net
URL: https://hwujgdchkxkp.blob.core.windows.net/fii/monz.html
Protocol
HTTP/1.1
Server
23.250.1.134 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software
nginx / PHP/7.3.33
Resource Hash
742756d883b41e5dd0608a25ef1f9d28c0b9d50546fa261701ada6cfc8c8b7e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hwujgdchkxkp.blob.core.windows.net/fii/monz.html#qs=r-abacafbegcghacafdbehababacadgadfhaccaffiackkdacceikfacb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Fri, 01 Apr 2022 05:34:23 GMT
Server
nginx
Transfer-Encoding
chunked
X-Powered-By
PHP/7.3.33

Redirect headers

Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Fri, 01 Apr 2022 05:25:12 GMT
Keep-Alive
timeout=5, max=100
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
X-Powered-By
PHP/5.4.16
location
http://bayareaace.com/af3da420d1f3d379237a6f193722b09ba/?sid1=42036_1_11&sid2=0_1_0_0_1_4035156_25_1992_113794_1_10_447&sid3=25
gtm.js
www.googletagmanager.com/ 		85 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MB79N3N
Requested by
Host: bayareaace.com
URL: http://bayareaace.com/af3da420d1f3d379237a6f193722b09ba/?sid1=42036_1_11&sid2=0_1_0_0_1_4035156_25_1992_113794_1_10_447&sid3=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c61a78462823e5889b874de8e16ae2210d2eeaf1072a99ea393dd8cddf863923
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bayareaace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:25:13 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33863
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Apr 2022 05:25:13 GMT
fp.php
bayareaace.com/ 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://bayareaace.com/fp.php
Requested by
Host: bayareaace.com
URL: http://bayareaace.com/af3da420d1f3d379237a6f193722b09ba/?sid1=42036_1_11&sid2=0_1_0_0_1_4035156_25_1992_113794_1_10_447&sid3=25
Protocol
HTTP/1.1
Server
23.250.1.134 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software
nginx / PHP/7.3.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://bayareaace.com/af3da420d1f3d379237a6f193722b09ba/?sid1=42036_1_11&sid2=0_1_0_0_1_4035156_25_1992_113794_1_10_447&sid3=25
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 01 Apr 2022 05:34:24 GMT
Server
nginx
Connection
keep-alive
X-Powered-By
PHP/7.3.33
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
retargeting.js
static.traversedlp.com/v1/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.traversedlp.com/v1/retargeting.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MB79N3N
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-55.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b83391733cf98c12ed0a1d153a4a74d17c79005222f950b94929c968907dab0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bayareaace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
IDXdfbC_iDV93ckMOU1xZAAC.UTIbRsT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Thu, 10 Mar 2022 23:52:06 GMT
Server
AmazonS3
Age
2891
ETag
W/"bf2935d14420fd3a1bb071e5790b0eec"
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
Connection
keep-alive
Date
Fri, 01 Apr 2022 04:39:43 GMT
X-Amz-Cf-Pop
FRA53-C1
X-Amz-Cf-Id
jx-8iuJhqu57uHidXNaTqAN3HuNv3sprbacrLRievZCxIgifoyiNog==
request.js
script.anura.io/ 		48 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.anura.io/request.js?instance=56309078&source=203930&campaign=25034&exid=cfdfd6e8a57326862bce39d9b7a2d5f1&572494824659
Requested by
Host: hwujgdchkxkp.blob.core.windows.net
URL: https://hwujgdchkxkp.blob.core.windows.net/fii/monz.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.10.25.26 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-10-25-26.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8c2d976e782c380213ea198c2b372a49f650aeb372fa049dad849d3f81026c57
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bayareaace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 05:25:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires
Sun, 28 Dec 1980 18:57:00 EST
matches
signals.aimtell.com/ 		43 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://signals.aimtell.com/matches?token=f5d7c95ea0af0ed4512d414529c2dffa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bayareaace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:25:13 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
6f4ee7261c489a35-FRA
access-control-allow-headers
Content-Type, *
content-length
43
cookie
api.traversedlp.com/retargeting/v1/ 		0
0
response.json
script.anura.io/ 		43 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.anura.io/response.json
Requested by
Host: script.anura.io
URL: https://script.anura.io/request.js?instance=56309078&source=203930&campaign=25034&exid=cfdfd6e8a57326862bce39d9b7a2d5f1&572494824659
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.10.25.26 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-10-25-26.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://bayareaace.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 05:25:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires
Sun, 28 Dec 1980 18:57:00 EST
Primary Request /
unitedsettlement.com/apply-for-debt-relief-now/ 		98 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://unitedsettlement.com/apply-for-debt-relief-now/?utm_source=203930&utm_campaign=42036_1_11&utm_term=cfdfd6e8a57326862bce39d9b7a2d5f1&estimated_debt=AMOUT&state=NY&interstitial=1&cchannel=email&ccontent=CONTENT
Requested by
Host: bayareaace.com
URL: http://bayareaace.com/af3da420d1f3d379237a6f193722b09ba/?sid1=42036_1_11&sid2=0_1_0_0_1_4035156_25_1992_113794_1_10_447&sid3=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:286b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
c1dd914d554116c5d53f43a4887a85b66ccdb06fcdc74dda2fb43acd2538a79a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bayareaace.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
6f4ee72a4b7e9a2f-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 01 Apr 2022 05:25:14 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link
<https://unitedsettlement.com/wp-json/>; rel="https://api.w.org/" <https://unitedsettlement.com/wp-json/wp/v2/pages/17400>; rel="alternate"; type="application/json" <https://wp.me/P8HDvg-4wE>; rel=shortlink
server
cloudflare
vary
Accept-Encoding
x-pass-why
custom-path
x-powered-by
WP Engine
autoptimize_0b37bee20204da4fffe25791c2c2c271.css
unitedsettlement.com/wp-content/cache/autoptimize/css/ 		968 KB
132 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unitedsettlement.com/wp-content/cache/autoptimize/css/autoptimize_0b37bee20204da4fffe25791c2c2c271.css
Requested by
Host: unitedsettlement.com
URL: https://unitedsettlement.com/apply-for-debt-relief-now/?utm_source=203930&utm_campaign=42036_1_11&utm_term=cfdfd6e8a57326862bce39d9b7a2d5f1&estimated_debt=AMOUT&state=NY&interstitial=1&cchannel=email&ccontent=CONTENT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:286b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0afd229ac668fdfda2e72574ae146e4230ce5d1d648c2dcec6d661464f611d87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unitedsettlement.com/apply-for-debt-relief-now/?utm_source=203930&utm_campaign=42036_1_11&utm_term=cfdfd6e8a57326862bce39d9b7a2d5f1&estimated_debt=AMOUT&state=NY&interstitial=1&cchannel=email&ccontent=CONTENT
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:25:14 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 23 Mar 2022 13:00:34 GMT
server
cloudflare
age
30772
etag
W/"623b19f2-f254d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-polished
origSize=992589
cf-ray
6f4ee72f0a809a2f-FRA
cf-bgj
minify
dashicons.min.css
unitedsettlement.com/wp-includes/css/ 		58 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unitedsettlement.com/wp-includes/css/dashicons.min.css
Requested by
Host: unitedsettlement.com
URL: https://unitedsettlement.com/apply-for-debt-relief-now/?utm_source=203930&utm_campaign=42036_1_11&utm_term=cfdfd6e8a57326862bce39d9b7a2d5f1&estimated_debt=AMOUT&state=NY&interstitial=1&cchannel=email&ccontent=CONTENT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:286b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unitedsettlement.com/apply-for-debt-relief-now/?utm_source=203930&utm_campaign=42036_1_11&utm_term=cfdfd6e8a57326862bce39d9b7a2d5f1&estimated_debt=AMOUT&state=NY&interstitial=1&cchannel=email&ccontent=CONTENT
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:25:14 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 03 Mar 2021 21:16:22 GMT
server
cloudflare
age
487840
etag
W/"603ffca6-e688"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6f4ee72f0a819a2f-FRA
css
fonts.googleapis.com/ 		7 KB
585 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Dosis%3A200%2C300%2C400%2C500%2C600%2C700%2C800&ver=5.9.2
Requested by
Host: unitedsettlement.com
URL: https://unitedsettlement.com/apply-for-debt-relief-now/?utm_source=203930&utm_campaign=42036_1_11&utm_term=cfdfd6e8a57326862bce39d9b7a2d5f1&estimated_debt=AMOUT&state=NY&interstitial=1&cchannel=email&ccontent=CONTENT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfca1ecf2ae4eccf28e92e1d3f6c89cf79f8412b06bcd611572d3398960b065
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unitedsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 05:08:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 01 Apr 2022 05:25:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Apr 2022 05:25:14 GMT
css
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,600
Requested by
Host: unitedsettlement.com
URL: https://unitedsettlement.com/apply-for-debt-relief-now/?utm_source=203930&utm_campaign=42036_1_11&utm_term=cfdfd6e8a57326862bce39d9b7a2d5f1&estimated_debt=AMOUT&state=NY&interstitial=1&cchannel=email&ccontent=CONTENT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unitedsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 03:34:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 01 Apr 2022 05:25:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Apr 2022 05:25:14 GMT
/
unitedsettlement.com/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unitedsettlement.com/?custom-css=8b62e2b3fa
Requested by
Host: unitedsettlement.com
URL: https://unitedsettlement.com/apply-for-debt-relief-now/?utm_source=203930&utm_campaign=42036_1_11&utm_term=cfdfd6e8a57326862bce39d9b7a2d5f1&estimated_debt=AMOUT&state=NY&interstitial=1&cchannel=email&ccontent=CONTENT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:286b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
b8266fe403c6d0edc5aef2dc8c08ad6f0c86296a1e45b3c1a14a2dc6280e3b37

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unitedsettlement.com/apply-for-debt-relief-now/?utm_source=203930&utm_campaign=42036_1_11&utm_term=cfdfd6e8a57326862bce39d9b7a2d5f1&estimated_debt=AMOUT&state=NY&interstitial=1&cchannel=email&ccontent=CONTENT
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:25:15 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
x-cacheable
YES:31536000.000
server
cloudflare
x-powered-by
WP Engine
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
x-cache
HIT: 12664
content-type
text/css;charset=UTF-8
expires
Thu, 23 Mar 2023 13:03:56 GMT
cache-control
max-age=31536000, must-revalidate
cf-ray
6f4ee72f0a839a2f-FRA
x-cache-group
normal
logo-2.png
unitedsettlement.com/wp-content/uploads/2017/08/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unitedsettlement.com/wp-content/uploads/2017/08/logo-2.png
Requested by
Host: unitedsettlement.com
URL: https://unitedsettlement.com/apply-for-debt-relief-now/?utm_source=203930&utm_campaign=42036_1_11&utm_term=cfdfd6e8a57326862bce39d9b7a2d5f1&estimated_debt=AMOUT&state=NY&interstitial=1&cchannel=email&ccontent=CONTENT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:286b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f8f6d41eb72a177cc04b25bc82bcacb750c5b609e2a0c63b3c19b5e3600e045

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unitedsettlement.com/apply-for-debt-relief-now/?utm_source=203930&utm_campaign=42036_1_11&utm_term=cfdfd6e8a57326862bce39d9b7a2d5f1&estimated_debt=AMOUT&state=NY&interstitial=1&cchannel=email&ccontent=CONTENT
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:25:14 GMT
cf-cache-status
HIT
age
30772
cf-polished
origFmt=png, origSize=4243
content-disposition
inline; filename="logo-2.webp"
content-length
3588
last-modified
Sat, 08 May 2021 02:02:21 GMT
server
cloudflare
etag
"6095f12d-1093"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6f4ee72f0a849a2f-FRA
cf-bgj
imgq:85,h2pri
h-phone-icon.png
unitedsettlement.com/wp-content/uploads/2017/12/ 		518 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unitedsettlement.com/wp-content/uploads/2017/12/h-phone-icon.png
Requested by
Host: unitedsettlement.com
URL: https://unitedsettlement.com/apply-for-debt-relief-now/?utm_source=203930&utm_campaign=42036_1_11&utm_term=cfdfd6e8a57326862bce39d9b7a2d5f1&estimated_debt=AMOUT&state=NY&interstitial=1&cchannel=email&ccontent=CONTENT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:286b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be266894c244ae887dd83eb5c0a7b4b8b336661fe1412aa118a3942faebb4f03

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unitedsettlement.com/apply-for-debt-relief-now/?utm_source=203930&utm_campaign=42036_1_11&utm_term=cfdfd6e8a57326862bce39d9b7a2d5f1&estimated_debt=AMOUT&state=NY&interstitial=1&cchannel=email&ccontent=CONTENT
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:25:14 GMT
cf-cache-status
HIT
age
30772
cf-polished
origFmt=png, origSize=635
content-disposition
inline; filename="h-phone-icon.webp"
content-length
518
last-modified
Sat, 08 May 2021 01:33:51 GMT
server
cloudflare
etag
"6095ea7f-27b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6f4ee72f0a869a2f-FRA
cf-bgj
imgq:85,h2pri
rocket-loader.min.js
unitedsettlement.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unitedsettlement.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: unitedsettlement.com
URL: https://unitedsettlement.com/apply-for-debt-relief-now/?utm_source=203930&utm_campaign=42036_1_11&utm_term=cfdfd6e8a57326862bce39d9b7a2d5f1&estimated_debt=AMOUT&state=NY&interstitial=1&cchannel=email&ccontent=CONTENT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:286b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unitedsettlement.com/apply-for-debt-relief-now/?utm_source=203930&utm_campaign=42036_1_11&utm_term=cfdfd6e8a57326862bce39d9b7a2d5f1&estimated_debt=AMOUT&state=NY&interstitial=1&cchannel=email&ccontent=CONTENT
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:25:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 24 Mar 2022 11:29:35 GMT
server
cloudflare
etag
W/"623c561f-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
6f4ee72f0a879a2f-FRA
vary
Accept-Encoding
expires
Sun, 03 Apr 2022 05:25:14 GMT
autoptimize_033e7355472c6afc2074fc73344d6557.js
unitedsettlement.com/wp-content/cache/autoptimize/js/ 		449 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unitedsettlement.com/wp-content/cache/autoptimize/js/autoptimize_033e7355472c6afc2074fc73344d6557.js
Requested by
Host: unitedsettlement.com
URL: https://unitedsettlement.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:286b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91f71d23ef5512f49d804f6f7b0311cba86408b7d3baa593844620ce1b6641dd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unitedsettlement.com/apply-for-debt-relief-now/?utm_source=203930&utm_campaign=42036_1_11&utm_term=cfdfd6e8a57326862bce39d9b7a2d5f1&estimated_debt=AMOUT&state=NY&interstitial=1&cchannel=email&ccontent=CONTENT
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:25:14 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 23 Mar 2022 13:00:34 GMT
server
cloudflare
age
30772
etag
W/"623b19f2-702e3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-polished
origSize=459491
cf-ray
6f4ee72f2ac19a2f-FRA
cf-bgj
minify
e-202213.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202213.js
Requested by
Host: unitedsettlement.com
URL: https://unitedsettlement.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unitedsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc
HIT hhn
date
Fri, 01 Apr 2022 05:25:14 GMT
content-encoding
br
server
nginx
etag
W/"6197c5cf-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 20 Mar 2023 07:02:07 GMT
highcharts.js
code.highcharts.com/ 		295 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.highcharts.com/highcharts.js
Requested by
Host: unitedsettlement.com
URL: https://unitedsettlement.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:479a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
687f04135e37909b615677a490d7315d268d3599fd744ba4c0c840e7d8a67480

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unitedsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:25:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
164218
x-amz-request-id
PNBDP90CXQ00V456
x-amz-id-2
XDwMZDE4J19bGuuP8lGbpLwvxcjoNpFVchfGU7UDi4+dzPN0qDeREA2mgIIXc6OwhFIsGkAT7f0=
last-modified
Mon, 07 Mar 2022 13:03:14 GMT
server
cloudflare
etag
W/"d0e42c63497d73dbae4b6d3cfbd6b211"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aJAIRyeLrI%2FD9m271iWypG9et3LJz8tp4eudpIMj3mpdLGIrwBekgZ6QTt2OO9GdNUcvX%2BOsMvxv3pZD7KA%2BGQNpYU3Cipf9To%2Bd89Df1ys8UD%2BYUjTTJoLVJziU4marexbC18L8KCXZO8b9nDCnVRI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public, max-age=86400
cf-ray
6f4ee72f6f7d91f6-FRA
expires
Tue, 08 Mar 2022 13:02:51 GMT
19038.js
www.dwin1.com/ 		32 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dwin1.com/19038.js
Requested by
Host: unitedsettlement.com
URL: https://unitedsettlement.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:fa00:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f723e5ed8ee243becd26139a98c72a79a4c62f59d53fe666925233ea9a4de84f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unitedsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
L9VzxTCZ746ikFtz_JBXsKGxBy0PgxzU
content-encoding
gzip
etag
W/"0b320810cbfc8a03b3e6cb4f9966dd96"
age
220
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Thu, 24 Feb 2022 12:58:31 GMT
server
AmazonS3
date
Fri, 01 Apr 2022 05:21:34 GMT
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=utf-8
via
1.1 68ce2f06efd4c9639aadce9f9d7fb096.cloudfront.net (CloudFront)
cache-control
max-age=600, s-maxage=600
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
Bxm8M6KUbWTZzjn842VPros-FtQnt5MNIxtdHyO5BsIIyIA5VJ279A==
jquery.min.js
unitedsettlement.com/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unitedsettlement.com/wp-includes/js/jquery/jquery.min.js
Requested by
Host: unitedsettlement.com
URL: https://unitedsettlement.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:286b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unitedsettlement.com/apply-for-debt-relief-now/?utm_source=203930&utm_campaign=42036_1_11&utm_term=cfdfd6e8a57326862bce39d9b7a2d5f1&estimated_debt=AMOUT&state=NY&interstitial=1&cchannel=email&ccontent=CONTENT
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:25:14 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 10 Mar 2021 15:07:24 GMT
server
cloudflare
age
487840
etag
W/"6048e0ac-15db1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6f4ee72f2ac29a2f-FRA
wp-emoji-release.min.js
unitedsettlement.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unitedsettlement.com/wp-includes/js/wp-emoji-release.min.js
Requested by
Host: hwujgdchkxkp.blob.core.windows.net
URL: https://hwujgdchkxkp.blob.core.windows.net/fii/monz.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:286b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unitedsettlement.com/apply-for-debt-relief-now/?utm_source=203930&utm_campaign=42036_1_11&utm_term=cfdfd6e8a57326862bce39d9b7a2d5f1&estimated_debt=AMOUT&state=NY&interstitial=1&cchannel=email&ccontent=CONTENT
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:25:15 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 08 Jun 2021 22:15:12 GMT
server
cloudflare
age
487841
etag
W/"60bfebf0-4705"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6f4ee73399279a2f-FRA
list-icon-3.jpg
unitedsettlement.com/wp-content/uploads/2018/12/ 		526 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unitedsettlement.com/wp-content/uploads/2018/12/list-icon-3.jpg
Requested by
Host: unitedsettlement.com
URL: https://unitedsettlement.com/?custom-css=8b62e2b3fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:286b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1da535b66b5e9f7c9627527eec5c13de05ec49b4312a2052fb7cbce7c44ffef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unitedsettlement.com/?custom-css=8b62e2b3fa
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:25:15 GMT
cf-cache-status
HIT
age
30773
cf-polished
qual=85, origFmt=jpeg, origSize=1118
content-disposition
inline; filename="list-icon-3.webp"
content-length
526
last-modified
Sat, 08 May 2021 00:43:34 GMT
server
cloudflare
etag
"6095deb6-45e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6f4ee733992c9a2f-FRA
cf-bgj
imgq:85,h2pri
helveticaneue-light.ttf
unitedsettlement.com/wp-content/themes/unitedsettlement/fonts/ 		264 KB
265 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://unitedsettlement.com/wp-content/themes/unitedsettlement/fonts/helveticaneue-light.ttf
Requested by
Host: unitedsettlement.com
URL: https://unitedsettlement.com/wp-content/cache/autoptimize/css/autoptimize_0b37bee20204da4fffe25791c2c2c271.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:286b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c44821cb5e209d971a8b98ef041f60b4f692eab1b110bfa8b7339801efa24289

Request headers

Referer
https://unitedsettlement.com/wp-content/cache/autoptimize/css/autoptimize_0b37bee20204da4fffe25791c2c2c271.css
Origin
https://unitedsettlement.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:25:15 GMT
cf-cache-status
HIT
last-modified
Wed, 12 Dec 2018 13:21:00 GMT
server
cloudflare
age
487841
etag
"5c110b3c-420bf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6f4ee73399349a2f-FRA
content-length
270527
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://unitedsettlement.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 01:46:21 GMT
x-content-type-options
nosniff
age
13134
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 01 Apr 2023 01:46:21 GMT
fontawesome-webfont.woff2
unitedsettlement.com/wp-content/plugins/minervakb/assets/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://unitedsettlement.com/wp-content/plugins/minervakb/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: unitedsettlement.com
URL: https://unitedsettlement.com/wp-content/cache/autoptimize/css/autoptimize_0b37bee20204da4fffe25791c2c2c271.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:286b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://unitedsettlement.com/wp-content/cache/autoptimize/css/autoptimize_0b37bee20204da4fffe25791c2c2c271.css
Origin
https://unitedsettlement.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:25:15 GMT
cf-cache-status
DYNAMIC
last-modified
Sat, 26 May 2018 02:51:31 GMT
server
cloudflare
etag
"5b08cbb3-12d68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6f4ee73399369a2f-FRA
content-length
77160
grass.png
unitedsettlement.com/wp-content/uploads/2018/12/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unitedsettlement.com/wp-content/uploads/2018/12/grass.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:286b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5b541110ddd678eb8983a20f3b964c10cf9f3e6eb8d08bed4e1435bfb8dee5a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unitedsettlement.com/apply-for-debt-relief-now/?utm_source=203930&utm_campaign=42036_1_11&utm_term=cfdfd6e8a57326862bce39d9b7a2d5f1&estimated_debt=AMOUT&state=NY&interstitial=1&cchannel=email&ccontent=CONTENT
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:25:15 GMT
cf-cache-status
MISS
last-modified
Sat, 08 May 2021 00:43:52 GMT
server
cloudflare
etag
"6095dec8-4d25"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6f4ee733c97d9a2f-FRA
content-length
19749
/
load.sumo.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://load.sumo.com/
Requested by
Host: hwujgdchkxkp.blob.core.windows.net
URL: https://hwujgdchkxkp.blob.core.windows.net/fii/monz.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-46-53.cdn77.com
Software
BunnyCDN-AMS1-879 /
Resource Hash
75cde5cd327239276b3bafb85d50f38fbd3b77bd15984deb9f6c02dd01b8ff86

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unitedsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:25:15 GMT
content-encoding
br
cdn-edgestorageid
459
x-amz-request-id
PQSRTTQ06CTQZP39
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
12/12/2021 23:20:37
cdn-pullzone
53731
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2
fBU45te4W3k9MXFfi0m08C5arhKZm2JFT8skCHdcq3CXAgWuFwgFzTZLevwuVTEH3rnoMFleNsc=
server
BunnyCDN-AMS1-879
access-control-allow-origin
*
last-modified
Tue, 30 Nov 2021 18:00:01 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"415c9608bc47ee8a16b3a2f2c0aee7b0"
vary
Accept-Encoding
content-type
text/javascript
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control
max-age=600
cdn-requestid
8aaf2280c5aa5187608f85f96de54657
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
events.js
analytics.tiktok.com/i18n/pixel/ 		123 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BVUCQI9TSPKIAGJC4850&lib=ttq
Requested by
Host: hwujgdchkxkp.blob.core.windows.net
URL: https://hwujgdchkxkp.blob.core.windows.net/fii/monz.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.50 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-50.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2bba4f6297c4d6cfeb1a9e8f2511fc1c24f93863728b216bfb213faf0fd7f669

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unitedsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-akamai-request-id
a7b4442.cc659fa
date
Fri, 01 Apr 2022 05:25:15 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a96-6-42-173.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3.1-40349883) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-104-52-46.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3.1-40349883) (-)
x-parent-response-time
98,104.104.52.46
server-timing
cdn-cache; desc=MISS, edge; dur=91, origin; dur=7, inner; dur=4
pragma
no-cache
server
nginx
x-tt-logid
20220401052515010113135143261E6FAC
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
7,96.6.42.173
x-tt-trace-host
0175e780687430e89cac6f6204f7c08cba62f41d7482ab36fae7b506a458fd38556b7289872213e08958c8f593fa63493fadcecadb8de04a884ad55ad8d5e438707409f3ef75f9ec29f91de8d9ad20fe37954c991b04bd4746e14287ed782d63cf48d08468a2a0615b08646511b3ccbf9c
expires
Fri, 01 Apr 2022 05:25:15 GMT
hit
unitedsettlement.com/wp-json/wp-statistics/v2/ 		123 B
514 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://unitedsettlement.com/wp-json/wp-statistics/v2/hit?_=1648790714&_wpnonce=08976e2007&wp_statistics_hit_rest=yes&browser=Chrome&platform=Windows&version=10.0&referred=http%3A%2F%2Fbayareaace.com%2F&ip=2a03:1b20:6:f011::7e&exclusion_match=no&exclusion_reason&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F100.0.4896.60+Safari%2F537.36&track_all=1&timestamp=1648776314&current_page_type=page&current_page_id=17400&search_query&page_uri=/apply-for-debt-relief-now/?utm_source=203930&utm_campaign=42036_1_11&utm_term=cfdfd6e8a57326862bce39d9b7a2d5f1&estimated_debt=AMOUT&state=NY&interstitial=1&cchannel=email&ccontent=CONTENT&user_id=0
Requested by
Host: hwujgdchkxkp.blob.core.windows.net
URL: https://hwujgdchkxkp.blob.core.windows.net/fii/monz.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:286b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
1c155babdb21ce9fca1721e3904d61ade13d538315b325368136f944c09105a8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://unitedsettlement.com/apply-for-debt-relief-now/?utm_source=203930&utm_campaign=42036_1_11&utm_term=cfdfd6e8a57326862bce39d9b7a2d5f1&estimated_debt=AMOUT&state=NY&interstitial=1&cchannel=email&ccontent=CONTENT
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Fri, 01 Apr 2022 05:25:15 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-cacheable
NO:400
x-powered-by
WP Engine
x-cache
MISS
content-length
123
x-cache-group
normal
link
<https://unitedsettlement.com/wp-json/>; rel="https://api.w.org/"
allow
GET
x-robots-tag
noindex
server
cloudflare
x-wp-nonce
08976e2007
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
application/json; charset=UTF-8
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
max-age=0, must-revalidate, private
cf-ray
6f4ee733d9969a2f-FRA
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
gtm.js
www.googletagmanager.com/ 		144 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WB2VNZJ
Requested by
Host: hwujgdchkxkp.blob.core.windows.net
URL: https://hwujgdchkxkp.blob.core.windows.net/fii/monz.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
be64d26b66b8886ca52303dc6fb9b3f50a94a990f49c9aa2b0cf4933dd74a99f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unitedsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:25:15 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53729
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Apr 2022 05:25:15 GMT
g.gif
pixel.wp.com/ 		50 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A10.7&blog=128610646&post=17400&tz=-4&srv=unitedsettlement.com&host=unitedsettlement.com&ref=http%3A%2F%2Fbayareaace.com%2F&fcp=0&rand=0.6706376370184832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unitedsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 01 Apr 2022 05:25:15 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WB2VNZJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unitedsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6625
date
Fri, 01 Apr 2022 03:34:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 01 Apr 2022 05:34:50 GMT
roundtrip.js
s.adroll.com/j/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WB2VNZJ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8b8f211f529fa23998711ac7904c55dd8051b9668bee9842cf68668bd45c202c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unitedsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

X-Amz-Version-Id
C.srB6sumeioDKD3YdEkoslgSZQh._Rn
Content-Encoding
gzip
Etag
W/"ca6e5708aed890ae61f4cb7cfd81e111"
Age
970
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Vary
Accept-Encoding
Via
1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
Last-Modified
Thu, 31 Mar 2022 22:57:32 GMT
Server
AmazonS3
Date
Fri, 01 Apr 2022 05:10:03 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA50-C1
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
_kNqvNzT5PWoanTxOMpB5jCcA37XsnrWXBqCK6paW6MGw2gzZuIdhg==
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: hwujgdchkxkp.blob.core.windows.net
URL: https://hwujgdchkxkp.blob.core.windows.net/fii/monz.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c8d70946c3b971f61a3a24a011463ea1fd30a1490a34eed4a58b8685441172f4
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unitedsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26313
x-xss-protection
0
pragma
public
x-fb-debug
vwq5B64wgZz8RR/HmDxz4KShjGoJKSsalBAj4bFR9TEYiMJIZf2lAZQrm9952OMltAU33dWSPIG4KHkRGxdA/Q==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Fri, 01 Apr 2022 05:25:15 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
gm.js
pm.geniusmonkey.com/ 		0
153 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pm.geniusmonkey.com/gm.js?id=1028350991&z=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WB2VNZJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.190.90 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
90.190.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unitedsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:25:15 GMT
via
1.1 google
vary
Origin
content-type
text/javascript;charset=ISO-8859-1
access-control-expose-headers
X-Token
access-control-allow-credentials
true
alt-svc
clear
content-length
0
tfa.js
cdn.taboola.com/libtrc/unip/1392638/ 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1392638/tfa.js
Requested by
Host: hwujgdchkxkp.blob.core.windows.net
URL: https://hwujgdchkxkp.blob.core.windows.net/fii/monz.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1b653aec116b005299a2301810241d6024f345ec239475ba3809fbf99d0d0e2d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unitedsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
iwsld3QQq9FgjX8Fxnb9mGI1xdnUocTp
content-encoding
gzip
etag
"a200fed674e1f572a3881a9ce155f4d6"
age
0
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
17374
x-amz-id-2
rXVdqMj0ZyKU2vlb6GLXwQwK9k25m5de9di4gVeMHw9a1Owk+rFbQm/x0avNwlVKPhCtjA1bQx0=
x-served-by
cache-hhn4026-HHN
last-modified
Sun, 27 Mar 2022 11:13:07 GMT
server
AmazonS3
x-timer
S1648790716.637609,VS0,VE100
date
Fri, 01 Apr 2022 05:25:15 GMT
vary
Accept-Encoding
x-amz-request-id
GSST9CDDBRPM0J4X
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
35
x-cache-hits
1
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/VI4EOFSER5E3PHB66NBUBN/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
761 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/exp/index.js
Protocol
HTTP/1.1
Server
2600:9000:2156:2400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unitedsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

X-Amz-Version-Id
Yo1foR6FJ6WFFBWqTYM2cazsDqVdFv1D
Via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
Etag
"5816cced8568d223aa09d889f300692b"
Age
6038
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
28
Last-Modified
Thu, 03 Mar 2022 22:40:46 GMT
Server
AmazonS3
Date
Fri, 01 Apr 2022 03:45:23 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
I_1OSt_iSygCDZV2Le8kFow4OVULPNn7ggc85LYZdOY-gAooIjd2Qg==

Redirect headers

Date
Thu, 31 Mar 2022 22:35:24 GMT
Via
1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
Age
24591
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Server
AmazonS3
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA50-C1
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
P4QtqIAnS1I4R8i1iJelSo_JE5H9R0e3cX6yqnFRm72O5na1xEyB_g==
index.js
s.adroll.com/j/pre/
Redirect Chain
  • https://s.adroll.com/j/pre/VI4EOFSER5E3PHB66NBUBN/3QRFSDOW55GBXDGQCC6XA7/fpconsent.js
  • https://s.adroll.com/j/pre/index.js
0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/index.js
Protocol
HTTP/1.1
Server
2600:9000:2156:2400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unitedsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

X-Amz-Version-Id
nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Via
1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
Etag
"d41d8cd98f00b204e9800998ecf8427e"
Age
15363
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Last-Modified
Wed, 15 Jan 2020 23:54:18 GMT
Server
AmazonS3
Date
Fri, 01 Apr 2022 01:09:12 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
7lj7ic_SkN15zJILjwgbDaA7N_rn_GtxDtc0NkuzMpPYUiXeg4n9Tw==

Redirect headers

Date
Thu, 31 Mar 2022 22:35:24 GMT
Via
1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
Age
24591
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Server
AmazonS3
Location
https://s.adroll.com/j/pre/index.js
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA50-C1
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
HbBQg6TChPOoHaJisbZ_y7FebzD_wHeo_hFwbal0L0yXoA9vyRLUJg==
index.js
s.adroll.com/j/pre/VI4EOFSER5E3PHB66NBUBN/3QRFSDOW55GBXDGQCC6XA7/ 		0
786 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/VI4EOFSER5E3PHB66NBUBN/3QRFSDOW55GBXDGQCC6XA7/index.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unitedsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

X-Amz-Version-Id
y9.IOyQUOWdcBiq.nVHh5jyD8GNlTGEo
Via
1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
Etag
"d41d8cd98f00b204e9800998ecf8427e"
Age
2581
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Last-Modified
Tue, 29 Mar 2022 18:20:49 GMT
Server
AmazonS3
Date
Fri, 01 Apr 2022 05:25:15 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
Fn3fs0Is0-BT3MnElB56zg2QhiHfw7hlYeHbaw7T58SF2L1tAOBQ4Q==
1671496386316798
connect.facebook.net/signals/config/ 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1671496386316798?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
35b79dd441a85839a168117c3e764d73aa9df9f5251a5d1bb1926e8778ff255b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unitedsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
gfy1sZ8ESNZdJWijRgd1cXB0JT/MK+e+ofGUHSqHPg7PXZODP0CFhBQ1iupn+8Zh/nLzWsNAxdwY+amhmuRnsQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 01 Apr 2022 05:25:15 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
72.0a035390359aab65eb82.js
load.sumo.com/ 		131 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://load.sumo.com/72.0a035390359aab65eb82.js
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-46-53.cdn77.com
Software
BunnyCDN-AMS1-879 /
Resource Hash
73c748a03b271d7a4d7c1ed120f668653c1d7ed4632748920048ddcde2e6d759

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unitedsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:25:15 GMT
content-encoding
br
cdn-edgestorageid
549
x-amz-request-id
0XPNF8DMEJ6W2XCT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
02/08/2022 16:56:04
cdn-pullzone
53731
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2
fRyRZPznrdNCv6h7ET6s4hxYavl5uQTCIw4k+SNx+rjjWJ+d+NyHOuNYYlwtWDhVTfTilutE/G8=
server
BunnyCDN-AMS1-879
access-control-allow-origin
*
last-modified
Mon, 10 Jan 2022 18:22:32 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"a1c4ecc2ca5bc12d61068cd427f9729f"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control
max-age=31536000
cdn-requestid
9ea18432687b03ab3cfcfc5b0a7fad45
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
73.0a035390359aab65eb82.js
load.sumo.com/ 		289 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://load.sumo.com/73.0a035390359aab65eb82.js
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-46-53.cdn77.com
Software
BunnyCDN-AMS1-879 /
Resource Hash
f452c0a329f17acfb74497d9ddef4a0d5af4166d43da2a3824387fc71205cd4f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unitedsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:25:15 GMT
content-encoding
br
cdn-edgestorageid
883
x-amz-request-id
9N84X4YRM21X08T5
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
03/10/2022 13:34:18
cdn-pullzone
53731
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2
oBS1PkrTXAnH8s3caBjTTV5L90IZsuK5pg1OeS7uUquH6t3b+uNjsnqRi1r23MOIUSMtIk0jATI=
server
BunnyCDN-AMS1-879
access-control-allow-origin
*
last-modified
Mon, 10 Jan 2022 18:22:33 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"ad6f2454f01de902ffd473d51c1207bf"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control
max-age=31536000
cdn-requestid
cd56fc866b6372bc3296c652a464ce44
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1671496386316798&ev=PageView&dl=https%3A%2F%2Funitedsettlement.com%2Fapply-for-debt-relief-now%2F%3Futm_source%3D203930%26utm_campaign%3D42036_1_11%26utm_term%3Dcfdfd6e8a57326862bce39d9b7a2d5f1%26estimated_debt%3DAMOUT%26state%3DNY%26interstitial%3D1%26cchannel%3Demail%26ccontent%3DCONTENT&rl=http%3A%2F%2Fbayareaace.com%2F&if=false&ts=1648790715716&sw=1600&sh=1200&v=2.9.57&r=stable&a=tmgoogletagmanager&ec=0&o=28&fbp=fb.1.1648790715715.1002149704&it=1648790715658&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unitedsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:25:15 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Fri, 01 Apr 2022 05:25:15 GMT
/
sumo.com/api/load/ 		0
0
VI4EOFSER5E3PHB66NBUBN
d.adroll.com/consent/check/ 		449 B
542 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/VI4EOFSER5E3PHB66NBUBN?arrfrr=https%3A%2F%2Funitedsettlement.com%2Fapply-for-debt-relief-now%2F%3Futm_source%3D203930%26utm_campaign%3D42036_1_11%26utm_term%3Dcfdfd6e8a57326862bce39d9b7a2d5f1%26estimated_debt%3DAMOUT%26state%3DNY%26interstitial%3D1%26cchannel%3Demail%26ccontent%3DCONTENT&_s=17210f44d8fad4fe7a050a9af5e2edd3&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.135.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-135-46.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
733b2e0e12228d06ab73cace84652d27749991fe71492ec9803181d25f92aa45

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unitedsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:25:15 GMT
server
nginx/1.20.0
content-length
449
content-type
application/javascript
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=494260528&t=pageview&_s=1&dl=https%3A%2F%2Funitedsettlement.com%2Fapply-for-debt-relief-now%2F%3Futm_source%3D203930%26utm_campaign%3D42036_1_11%26utm_term%3Dcfdfd6e8a57326862bce39d9b7a2d5f1%26estimated_debt%3DAMOUT%26state%3DNY%26interstitial%3D1%26cchannel%3Demail%26ccontent%3DCONTENT&dr=http%3A%2F%2Fbayareaace.com%2F&ul=en-us&de=UTF-8&dt=Do%20You%20Qualify%20For%20Debt%20Relief%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=230136850&gjid=673048177&cid=347743583.1648790716&tid=UA-51488700-2&_gid=298651365.1648790716&_r=1&gtm=2wg3u0WB2VNZJ&z=206255960
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://unitedsettlement.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 05:25:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://unitedsettlement.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
trc.taboola.com/1392638/trc/3/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1392638/trc/3/json?tim=1648790715792&data=%7B%22id%22%3A984%2C%22ii%22%3A%22%2Fapply-for-debt-relief-now%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1648790715787%2C%22cv%22%3A%2220220327-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Funitedsettlement.com%2Fapply-for-debt-relief-now%2F%22%2C%22e%22%3A%22http%3A%2F%2Fbayareaace.com%2F%22%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Futm_source%3D203930%26utm_campaign%3D42036_1_11%26utm_term%3Dcfdfd6e8a57326862bce39d9b7a2d5f1%26estimated_debt%3DAMOUT%26state%3DNY%26interstitial%3D1%26cchannel%3Demail%26ccontent%3DCONTENT%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-mbluvsteingmailcom%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1648790715791%2C%22ref%22%3A%22http%3A%2F%2Fbayareaace.com%2F%22%2C%22item-url%22%3A%22https%3A%2F%2Funitedsettlement.com%2Fapply-for-debt-relief-now%2F%3Futm_source%3D203930%26utm_campaign%3D42036_1_11%26utm_term%3Dcfdfd6e8a57326862bce39d9b7a2d5f1%26estimated_debt%3DAMOUT%26state%3DNY%26interstitial%3D1%26cchannel%3Demail%26ccontent%3DCONTENT%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A88%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1392638/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3b3233ee8bbdb6209fcac78d44a6d530b9cd5f56bf5d4e91978ddefc8f44dede

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unitedsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms
18
date
Fri, 01 Apr 2022 05:25:15 GMT
content-encoding
gzip
server
nginx
x-timer
S1648790716.802051,VS0,VE18
x-served-by
cache-hhn4026-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
identify.js
analytics.tiktok.com/i18n/pixel/ 		114 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BVUCQI9TSPKIAGJC4850&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.50 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-50.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unitedsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-akamai-request-id
18bf9155.cc65ace
date
Fri, 01 Apr 2022 05:25:15 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-220-106-211.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3.1-40349883) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-104-52-46.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3.1-40349883) (-)
x-parent-response-time
100,104.104.52.46
server-timing
cdn-cache; desc=MISS, edge; dur=97, origin; dur=5, inner; dur=3
pragma
no-cache
server
nginx
x-tt-logid
202204010525150101131352091CF1D8F9
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
5,23.220.106.211
x-tt-trace-host
0175e780687430e89cac6f6204f7c08cba62f41d7482ab36fae7b506a458fd3855fda32befb96b2875764f81b927915b5814ce4a68572daa67ce17073ad16a331954e69857820b9f0f4dc6790b02350d6a9df73d27d8ddcb2def3019a42dc7ece9fbd3bec2222cdbadcc36ee6ab2d09843
expires
Fri, 01 Apr 2022 05:25:15 GMT
config.js
analytics.tiktok.com/i18n/pixel/ 		876 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=BVUCQI9TSPKIAGJC4850&hostname=unitedsettlement.com
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BVUCQI9TSPKIAGJC4850&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.50 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-50.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f417452a00cafb1fe37815b78c81335825ec73125d8f63750430f988836c4893

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unitedsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-akamai-request-id
18bee96e.cc65ae5
date
Fri, 01 Apr 2022 05:25:15 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-220-106-211.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3.1-40349883) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-104-52-46.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3.1-40349883) (-)
x-parent-response-time
95,104.104.52.46
server-timing
cdn-cache; desc=MISS, edge; dur=91, origin; dur=4, inner; dur=2
content-length
346
pragma
no-cache
server
nginx
x-tt-logid
202204010525150101130061601547D7B0
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
4,23.220.106.211
x-tt-trace-host
0175e780687430e89cac6f6204f7c08cba62f41d7482ab36fae7b506a458fd3855fda32befb96b2875764f81b927915b5814ce4a68572daa67ce17073ad16a33197a2faef67ff5cd567bda1013fbfe68b84f501c0adc4b7e62bd499125a58a32490fd1c517d1cfe2f02154d9942491bd28
expires
Fri, 01 Apr 2022 05:25:15 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-51488700-2&cid=347743583.1648790716&jid=230136850&gjid=673048177&_gid=298651365.1648790716&_u=YEBAAEAAAAAAAC~&z=1496752377
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://unitedsettlement.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 01 Apr 2022 05:25:15 GMT
content-type
text/plain
access-control-allow-origin
https://unitedsettlement.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
715 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BVUCQI9TSPKIAGJC4850&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.50 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-50.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://unitedsettlement.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
17f412c2.cc65b6d
date
Fri, 01 Apr 2022 05:25:16 GMT
x-cache-remote
TCP_MISS from a23-220-106-203.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3.1-40349883) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-104-52-46.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3.1-40349883) (-)
x-parent-response-time
105,104.104.52.46
server-timing
cdn-cache; desc=MISS, edge; dur=90, origin; dur=15, inner; dur=12
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202204010525160101130061040FEC50A0
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
15,23.220.106.203
x-tt-trace-host
0175e780687430e89cac6f6204f7c08cba62f41d7482ab36fae7b506a458fd3855ee21603ab21f5bbd1757cf6a4c3f7aa3693b53bc9ff7b1d133d6460cc2ef1fa6c35a1623b990033e27971dd230baf7845d7be9440e5ea3ab12cd8026417481e2594923db7c0282ea128f2d9c2c115fa8
expires
Fri, 01 Apr 2022 05:25:16 GMT
unip
trc-events.taboola.com/1392638/log/3/ 		0
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1392638/log/3/unip?en=pre_d_eng_tb&tos=1552&scd=88&ssd=1&est=1648790715789&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1648790717342&vi=1648790715787&ri=15f28b11bd758833bfbfa8affefccd71&ref=http%3A%2F%2Fbayareaace.com%2F&cv=20220327-2-RELEASE&item-url=https%3A%2F%2Funitedsettlement.com%2Fapply-for-debt-relief-now%2F%3Futm_source%3D203930%26utm_campaign%3D42036_1_11%26utm_term%3Dcfdfd6e8a57326862bce39d9b7a2d5f1%26estimated_debt%3DAMOUT%26state%3DNY%26interstitial%3D1%26cchannel%3Demail%26ccontent%3DCONTENT
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1392638/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unitedsettlement.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
https://unitedsettlement.com
pragma
no-cache
date
Fri, 01 Apr 2022 05:25:17 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.traversedlp.com
URL
https://api.traversedlp.com/retargeting/v1/cookie
Domain
sumo.com
URL
https://sumo.com/api/load/

Verdicts & Comments Add Verdict or Comment

139 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| __cfQR object| _wpemojiSettings undefined| $ function| jQuery object| LS_Meta string| TiktokAnalyticsObject object| ttq object| WP_Statistics_http object| dataLayer function| do_change object| wpcf7 object| wpcf7r object| MinervaKB object| Highcharts object| _stq boolean| __cfRLUnblockHandlers object| AWIN object| shrslImgs object| twemoji object| wp function| st_go function| linktracker_init object| wpcom function| _initLayerSlider undefined| LS_oldGS undefined| LS_oldGSQueue undefined| LS_oldGSDefine object| LS_GSAP object| _gsScope object| runtime object| wpcf7_redirect function| myFunction function| myFunction2 object| $document function| getUrlParameter string| selector object| $element string| textContent function| valueOutput number| currentTab function| showTab function| nextPrev function| validateForm function| fixStepIndicator undefined| GreenSockGlobals undefined| _gsQueue undefined| _gsDefine object| _layerSlider object| _layerSliders object| layerSliderTransitions object| regeneratorRuntime function| setImmediate function| clearImmediate function| SmoothScroll boolean| current_nav_item object| arr1 number| lengthArray1 object| addComment function| vc_js function| vc_plugin_flexslider function| vc_googleplus function| vc_pinterest function| vc_progress_bar function| vc_waypoints function| vc_toggleBehaviour function| vc_tabsBehaviour function| vc_accordionBehaviour function| vc_teaserGrid function| vc_carouselBehaviour function| vc_slidersBehaviour function| vc_prettyPhoto function| vc_google_fonts boolean| vcParallaxSkroll function| vc_rowBehaviour function| vc_gridBehaviour function| getColumnsCount function| wpb_prepare_tab_content function| vc_ttaActivation function| vc_accordionActivate function| initVideoBackgrounds function| vc_initVideoBackgrounds function| insertYoutubeVideoAsBackground function| vcResizeVideoBackground function| vcExtractYoutubeId function| vc_googleMapsPointer function| vc_setHoverBoxPerspective function| vc_setHoverBoxHeight function| vc_prepareHoverBox object| hcEvents object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga string| adroll_adv_id string| adroll_pix_id boolean| __adroll_loaded function| fbq function| _fbq object| _tfa string| adroll_sid object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks function| adroll_tpc_callback object| sumome object| webpackJsonpsumome object| adroll_exp_list object| sumo boolean| __smLoaded object| jQuery1102037393997271490464 object| __adroll_consent_data object| gaplugins object| gaGlobal object| gaData function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge boolean| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country

6 Cookies

Domain/Path Name / Value
unitedsettlement.com/apply-for-debt-relief-now Name: __smVID
Value: 12ef0674af8305c53670ef16ca6e22a7d576e252a913d56c8612b1f4ed340984
bayareaace.com/ Name: clkcheck25034
Value: cfdfd6e8a57326862bce39d9b7a2d5f1_203930
.unitedsettlement.com/ Name: _fbp
Value: fb.1.1648790715715.1002149704
.unitedsettlement.com/ Name: _ga
Value: GA1.2.347743583.1648790716
.unitedsettlement.com/ Name: _gid
Value: GA1.2.298651365.1648790716
.unitedsettlement.com/ Name: _gat_UA-51488700-2
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://unitedsettlement.com/wp-json/wp-statistics/v2/hit?_=1648790714&_wpnonce=08976e2007&wp_statistics_hit_rest=yes&browser=Chrome&platform=Windows&version=10.0&referred=http%3A%2F%2Fbayareaace.com%2F&ip=2a03:1b20:6:f011::7e&exclusion_match=no&exclusion_reason&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F100.0.4896.60+Safari%2F537.36&track_all=1&timestamp=1648776314&current_page_type=page&current_page_id=17400&search_query&page_uri=/apply-for-debt-relief-now/?utm_source=203930&utm_campaign=42036_1_11&utm_term=cfdfd6e8a57326862bce39d9b7a2d5f1&estimated_debt=AMOUT&state=NY&interstitial=1&cchannel=email&ccontent=CONTENT&user_id=0
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
api.traversedlp.com
bayareaace.com
cdn.taboola.com
code.highcharts.com
connect.facebook.net
d.adroll.com
fonts.googleapis.com
fonts.gstatic.com
hwujgdchkxkp.blob.core.windows.net
jeepbug.com
load.sumo.com
pixel.wp.com
pm.geniusmonkey.com
s.adroll.com
script.anura.io
signals.aimtell.com
static.traversedlp.com
stats.g.doubleclick.net
stats.wp.com
sumo.com
trc-events.taboola.com
trc.taboola.com
unitedsettlement.com
www.dwin1.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
api.traversedlp.com
sumo.com
104.104.52.50
141.226.228.48
143.204.215.55
151.101.129.44
192.0.76.3
20.60.134.228
23.250.1.134
2600:9000:2156:2400:6:9280:1080:93a1
2600:9000:2315:fa00:f:8ce2:fb80:93a1
2606:4700:20::ac43:479a
2606:4700:3108::ac42:286b
2606:4700::6812:1f97
2a00:1450:4001:803::2003
2a00:1450:4001:811::2008
2a00:1450:4001:811::200e
2a00:1450:4001:82b::200a
2a00:1450:400c:c02::9a
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.10.25.26
34.117.190.90
54.229.135.46
84.17.46.53
92.204.175.18
0afd229ac668fdfda2e72574ae146e4230ce5d1d648c2dcec6d661464f611d87
0f8f6d41eb72a177cc04b25bc82bcacb750c5b609e2a0c63b3c19b5e3600e045
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1b653aec116b005299a2301810241d6024f345ec239475ba3809fbf99d0d0e2d
1c155babdb21ce9fca1721e3904d61ade13d538315b325368136f944c09105a8
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bba4f6297c4d6cfeb1a9e8f2511fc1c24f93863728b216bfb213faf0fd7f669
2dfca1ecf2ae4eccf28e92e1d3f6c89cf79f8412b06bcd611572d3398960b065
35b79dd441a85839a168117c3e764d73aa9df9f5251a5d1bb1926e8778ff255b
3b3233ee8bbdb6209fcac78d44a6d530b9cd5f56bf5d4e91978ddefc8f44dede
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
687f04135e37909b615677a490d7315d268d3599fd744ba4c0c840e7d8a67480
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
733b2e0e12228d06ab73cace84652d27749991fe71492ec9803181d25f92aa45
73c748a03b271d7a4d7c1ed120f668653c1d7ed4632748920048ddcde2e6d759
742756d883b41e5dd0608a25ef1f9d28c0b9d50546fa261701ada6cfc8c8b7e7
75cde5cd327239276b3bafb85d50f38fbd3b77bd15984deb9f6c02dd01b8ff86
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
8b8f211f529fa23998711ac7904c55dd8051b9668bee9842cf68668bd45c202c
8c2d976e782c380213ea198c2b372a49f650aeb372fa049dad849d3f81026c57
91f71d23ef5512f49d804f6f7b0311cba86408b7d3baa593844620ce1b6641dd
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b8266fe403c6d0edc5aef2dc8c08ad6f0c86296a1e45b3c1a14a2dc6280e3b37
b83391733cf98c12ed0a1d153a4a74d17c79005222f950b94929c968907dab0e
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
be266894c244ae887dd83eb5c0a7b4b8b336661fe1412aa118a3942faebb4f03
be64d26b66b8886ca52303dc6fb9b3f50a94a990f49c9aa2b0cf4933dd74a99f
c1dd914d554116c5d53f43a4887a85b66ccdb06fcdc74dda2fb43acd2538a79a
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c44821cb5e209d971a8b98ef041f60b4f692eab1b110bfa8b7339801efa24289
c61a78462823e5889b874de8e16ae2210d2eeaf1072a99ea393dd8cddf863923
c8d70946c3b971f61a3a24a011463ea1fd30a1490a34eed4a58b8685441172f4
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e1da535b66b5e9f7c9627527eec5c13de05ec49b4312a2052fb7cbce7c44ffef
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f417452a00cafb1fe37815b78c81335825ec73125d8f63750430f988836c4893
f452c0a329f17acfb74497d9ddef4a0d5af4166d43da2a3824387fc71205cd4f
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f5b541110ddd678eb8983a20f3b964c10cf9f3e6eb8d08bed4e1435bfb8dee5a
f723e5ed8ee243becd26139a98c72a79a4c62f59d53fe666925233ea9a4de84f