secure.equifaxbreachsettlement.com Open in urlscan Pro
52.254.63.132 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://email.equifaxbreachsettlement.com/c/eJx9jsGKgzAYhJ_GHCUmGpNDDqW17B5aChZ29yS_yQQt1lpNYfftN_sCC8McPj6GgS2UqgQXXFbMW0JBpNloExEF55qXvO...
Effective URL:
https://secure.equifaxbreachsettlement.com/en/PaymentSelection?c=
Submission Tags: falconsandbox
Submission: On October 10 via api (October 10th 2022, 12:42:21 pm UTC) from US — Scanned from DE

Summary HTTP 69 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 16 domains to perform 69 HTTP transactions. The main IP is 52.254.63.132, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is secure.equifaxbreachsettlement.com.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on May 20th 2022. Valid for: a year.

This is the only time secure.equifaxbreachsettlement.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.127.83.42 34.127.83.42	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	52.254.63.132 52.254.63.132	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
23	2600:9000:223... 2600:9000:223c:bc00:1a:d12b:10c0:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
2	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	199.232.188.157 199.232.188.157	54113 (FASTLY) (FASTLY)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c09::9b	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:46::44 2620:1ec:46::44	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	20.75.32.255 20.75.32.255	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
69	21

1 34.127.83.42 (The Dalles, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 42.83.127.34.bc.googleusercontent.com

email.equifaxbreachsettlement.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.254.63.132 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

secure.equifaxbreachsettlement.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2600:9000:223c:bc00:1a:d12b:10c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.equifaxbreachsettlement.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 152.199.19.160 (United States)

ASN15133 (EDGECAST, US)

ajax.aspnetcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.188.157 (Munich, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.75.32.255 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

b.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	equifaxbreachsettlement.com 2 redirects email.equifaxbreachsettlement.com secure.equifaxbreachsettlement.com www.equifaxbreachsettlement.com	598 KB
14	gstatic.com www.gstatic.com fonts.gstatic.com	601 KB
7	google.com www.google.com — Cisco Umbrella Rank: 19	76 KB
5	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 804 c.clarity.ms — Cisco Umbrella Rank: 1219 b.clarity.ms — Cisco Umbrella Rank: 6551	26 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 665 c.bing.com — Cisco Umbrella Rank: 426	13 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 115	222 B
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 stats.g.doubleclick.net — Cisco Umbrella Rank: 171	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	20 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 203	112 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 129	88 KB
2	aspnetcdn.com ajax.aspnetcdn.com — Cisco Umbrella Rank: 2902	9 KB
1	google.de www.google.de — Cisco Umbrella Rank: 3460	548 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 859	396 B
1	t.co t.co — Cisco Umbrella Rank: 550	377 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 154	15 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 967	15 KB
69	16

	Domain	Requested by
23	www.equifaxbreachsettlement.com	secure.equifaxbreachsettlement.com www.equifaxbreachsettlement.com
9	www.gstatic.com	www.google.com www.gstatic.com
7	www.google.com	secure.equifaxbreachsettlement.com www.gstatic.com www.google.com
5	fonts.gstatic.com	www.google.com
3	bat.bing.com	secure.equifaxbreachsettlement.com bat.bing.com
2	c.clarity.ms	1 redirects
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	www.facebook.com	secure.equifaxbreachsettlement.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	secure.equifaxbreachsettlement.com connect.facebook.net
2	www.googletagmanager.com	secure.equifaxbreachsettlement.com
2	ajax.aspnetcdn.com	secure.equifaxbreachsettlement.com
2	secure.equifaxbreachsettlement.com	1 redirects
1	b.clarity.ms	www.clarity.ms
1	c.bing.com	1 redirects
1	www.google.de	secure.equifaxbreachsettlement.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	analytics.twitter.com	secure.equifaxbreachsettlement.com
1	t.co	secure.equifaxbreachsettlement.com
1	www.googleadservices.com	www.googletagmanager.com
1	static.ads-twitter.com	secure.equifaxbreachsettlement.com
1	email.equifaxbreachsettlement.com	1 redirects
69	23

This site contains links to these domains. Also see Links.

Domain
www.equifaxbreachsettlement.com
www.jndla.com

Subject Issuer	Validity	Valid
equifaxbreachsettlement.com Starfield Secure Certificate Authority - G2	`2022-05-20` - `2023-06-21`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2022-07-11` - `2023-07-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-19` - `2022-10-17`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-09-03` - `2023-03-03`	6 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
www.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://secure.equifaxbreachsettlement.com/en/PaymentSelection?c=
Frame ID: 8B29A9D9C6B09013B1C767384E912471
Requests: 51 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld62GYUAAAAAKpsTUbp12OKqDlW4BIzN2-2zfFq&co=aHR0cHM6Ly9zZWN1cmUuZXF1aWZheGJyZWFjaHNldHRsZW1lbnQuY29tOjQ0Mw..&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=uade8ldsh84e
Frame ID: 2538788C5DB0487AD7CD7AE70ABDC046
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&k=6Ld62GYUAAAAAKpsTUbp12OKqDlW4BIzN2-2zfFq
Frame ID: 283321C3AE3405CA026639C3D0901A5A
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Payment Selection

Page URL History Show full URLs

https://email.equifaxbreachsettlement.com/c/eJx9jsGKgzAYhJ_GHCUmGpNDDqW17B5aChZ29yS_yQQt1lpNYfftN_sCC8McPj6GgS2UqgQXXF... HTTP 302
https://secure.equifaxbreachsettlement.com/en/PaymentSelection HTTP 302
https://secure.equifaxbreachsettlement.com/en/PaymentSelection?c= Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

69
Requests

99 %
HTTPS

59 %
IPv6

16
Domains

23
Subdomains

21
IPs

4
Countries

1575 kB
Transfer

2982 kB
Size

21
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.equifaxbreachsettlement.com/
Title: Home

Search URL Search Domain Scan URL

URL: https://www.equifaxbreachsettlement.com/dates
Title: Key Dates

Search URL Search Domain Scan URL

URL: https://www.equifaxbreachsettlement.com/documents
Title: Important Documents

Search URL Search Domain Scan URL

URL: https://www.equifaxbreachsettlement.com/faq
Title: FAQs

Search URL Search Domain Scan URL

URL: https://www.equifaxbreachsettlement.com/en/eligibility-check
Title: See If My Information Was Impacted by the 2017 Data Breach

Search URL Search Domain Scan URL

URL: https://www.equifaxbreachsettlement.com/en/deficiency
Title: Cure My Incomplete Claim

Search URL Search Domain Scan URL

URL: https://www.equifaxbreachsettlement.com/file-a-claim
Title: File an Extended Claims Period Claim Form

Search URL Search Domain Scan URL

URL: https://www.equifaxbreachsettlement.com/en/supporting-documents-form
Title: Upload Documentation for my Claim

Search URL Search Domain Scan URL

URL: https://www.equifaxbreachsettlement.com/en/check-status-form
Title: Check my Claim Status

Search URL Search Domain Scan URL

URL: https://www.equifaxbreachsettlement.com/en/contact-us-form
Title: Contact the Settlement Administrator

Search URL Search Domain Scan URL

URL: https://www.jndla.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://email.equifaxbreachsettlement.com/c/eJx9jsGKgzAYhJ_GHCUmGpNDDqW17B5aChZ29yS_yQQt1lpNYfftN_sCC8McPj6GgS2UqgQXXFbMW0JBpNloExEF55qXvOYqV04rJaWpQYRgeFZyPF9joO9-BblhQ4wT7phj7h53Nljlgg4kDXwfBKiveqlDWavKG-M9lWyyQ4zLlsldJo4pG9xrRf7PapIwp7rQzx9qMcHF8TGz1d4iLQum9MphcfmMyKJtjp_dZfd1as7Xrv14v-7furY5H34BOA1OGQ HTTP 302
https://secure.equifaxbreachsettlement.com/en/PaymentSelection HTTP 302
https://secure.equifaxbreachsettlement.com/en/PaymentSelection?c= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=1CE14652EEBF48A096E27221564D6ED3&RedC=c.clarity.ms&MXFR=2FAC52010A3D66043F4940380E3D6835 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=1CE14652EEBF48A096E27221564D6ED3&MUID=2C94D73AD38B67B61582C503D2E066E5

69 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request PaymentSelection Show response
secure.equifaxbreachsettlement.com/en/
Redirect Chain

https://email.equifaxbreachsettlement.com/c/eJx9jsGKgzAYhJ_GHCUmGpNDDqW17B5aChZ29yS_yQQt1lpNYfftN_sCC8McPj6GgS2UqgQXXFbMW0JBpNloExEF55qXvOYqV04rJaWpQYRgeFZyPF9joO9-BblhQ4wT7phj7h53Nljlgg4kDXwfBKive...
https://secure.equifaxbreachsettlement.com/en/PaymentSelection
https://secure.equifaxbreachsettlement.com/en/PaymentSelection?c=

38 KB
10 KB

117ms
116ms

Document
text/html

52.254.63.132
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.equifaxbreachsettlement.com/en/PaymentSelection?c=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.254.63.132 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

6ab645e9df97cf97a46616599cb07ee0c35b5a968a07228855fa45983a9b2a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 10 Oct 2022 12:42:16 GMT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding,Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET

Redirect headers

Cache-Control: no-store
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain
Date: Mon, 10 Oct 2022 12:42:15 GMT
Location: /en/PaymentSelection?c=
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET

GET
H2 200 bootstrap.min.css
www.equifaxbreachsettlement.com/ocf/ 119 KB
119 KB 97ms
22ms Stylesheet
text/css 2600:9000:223c:bc00:1a:d12b:10c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.equifaxbreachsettlement.com/ocf/bootstrap.min.css

Requested by

Host: secure.equifaxbreachsettlement.com
URL: https://secure.equifaxbreachsettlement.com/en/PaymentSelection?c=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:bc00:1a:d12b:10c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.equifaxbreachsettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: null
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
date: Mon, 10 Oct 2022 12:26:46 GMT
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 967
x-cache: Hit from cloudfront
content-length: 121457
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 03 Aug 2019 02:30:05 GMT
server: AmazonS3
etag: "7f89537eaf606bff49f5cc1a7c24dbca"
x-frame-options: DENY
content-type: text/css
cache-control: no-store
accept-ranges: bytes
x-amz-cf-id: 1V4nkSZq1g5yLd3o5bKt2Ehw4Qy-enOJ-irMQnKX-Ruk4HMaVZQ2Ig==

GET
H2 200 layout.css
www.equifaxbreachsettlement.com/ocf/ 26 KB
27 KB 99ms
24ms Stylesheet
text/css 2600:9000:223c:bc00:1a:d12b:10c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.equifaxbreachsettlement.com/ocf/layout.css

Requested by

Host: secure.equifaxbreachsettlement.com
URL: https://secure.equifaxbreachsettlement.com/en/PaymentSelection?c=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:bc00:1a:d12b:10c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2fed6c7c6b27cb18ff31e13422b2e0e34ea476e00ab1eef58a527f06fa441061

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.equifaxbreachsettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: null
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
date: Mon, 10 Oct 2022 12:33:01 GMT
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 663
x-cache: Hit from cloudfront
content-length: 26853
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sun, 21 Jul 2019 22:38:37 GMT
server: AmazonS3
etag: "c11cb2d923fdeaf0fcd809b80de3bfc8"
x-frame-options: DENY
content-type: text/css
cache-control: no-store
accept-ranges: bytes
x-amz-cf-id: iV5Yq0PRlN9zLas6spnt8gFKBRWKItnOoxAkbvntC_nsA9vHdawVjA==

GET
H2 200 all.min.css
www.equifaxbreachsettlement.com/common/css/ 52 KB
52 KB 98ms
23ms Stylesheet
text/css 2600:9000:223c:bc00:1a:d12b:10c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.equifaxbreachsettlement.com/common/css/all.min.css

Requested by

Host: secure.equifaxbreachsettlement.com
URL: https://secure.equifaxbreachsettlement.com/en/PaymentSelection?c=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:bc00:1a:d12b:10c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

771d26cf6f8f0a9cac9945ae9aebb1b154ff01e51c2bb29beb7504cd53677d6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.equifaxbreachsettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: QPfrbMOnq2K6cRWwKXSr7XP2_CrgUSL8
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
date: Mon, 10 Oct 2022 12:26:46 GMT
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1002
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 53014
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 04 Aug 2022 17:35:38 GMT
server: AmazonS3
etag: "58ce5e6b917a6cf4dfe75e717f361ee2"
x-frame-options: DENY
content-type: text/css
cache-control: no-store
accept-ranges: bytes
x-amz-cf-id: 0DMiEBQSmM6eJ9EmzGRbKg1QU1SRgEAyWXSb7cdDP0hWMp8OB0JsyQ==

GET
H2 200 layout.min.css
www.equifaxbreachsettlement.com/themes/theme4/css/ 17 KB
18 KB 97ms
22ms Stylesheet
text/css 2600:9000:223c:bc00:1a:d12b:10c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.equifaxbreachsettlement.com/themes/theme4/css/layout.min.css

Requested by

Host: secure.equifaxbreachsettlement.com
URL: https://secure.equifaxbreachsettlement.com/en/PaymentSelection?c=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:bc00:1a:d12b:10c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f4a96abe7a8c57cac3543e9cb531594d2f7b5a2ffa34860d3abd90e644479c4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.equifaxbreachsettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: h_q4cJSp637tKeVA5sybj8VFmLk7rN0d
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
date: Mon, 10 Oct 2022 12:26:46 GMT
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1002
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 17612
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 04 Aug 2022 17:35:38 GMT
server: AmazonS3
etag: "aa79f7919e345c5afbda47e87cf802c0"
x-frame-options: DENY
content-type: text/css
cache-control: no-store
accept-ranges: bytes
x-amz-cf-id: gndJ2HCUb1-fBpWU36dGSWecO-FnZExa9SnGuHOpNwCR-HRJkBZ9BA==

GET
H2 200 theme4.min.css
www.equifaxbreachsettlement.com/themes/theme4/css/ 7 KB
7 KB 98ms
23ms Stylesheet
text/css 2600:9000:223c:bc00:1a:d12b:10c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.equifaxbreachsettlement.com/themes/theme4/css/theme4.min.css

Requested by

Host: secure.equifaxbreachsettlement.com
URL: https://secure.equifaxbreachsettlement.com/en/PaymentSelection?c=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:bc00:1a:d12b:10c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

620b554edbed5e37a471beef564e2935ce7c03655704c980531e07cd9d912135

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.equifaxbreachsettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: FhcxzSdHYrzL2pxk_mouKBHojr6U.oRj
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
date: Mon, 10 Oct 2022 12:26:46 GMT
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1002
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 7067
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 04 Aug 2022 17:35:39 GMT
server: AmazonS3
etag: "b9924a53560127dc7bc4c11487e4c322"
x-frame-options: DENY
content-type: text/css
cache-control: no-store
accept-ranges: bytes
x-amz-cf-id: PbsAFuAndSldE62zyQJQAXVZP5FpxXCmi9nlt2T4u1UJzUZi04iY2A==

GET
H2 200 basic.css
www.equifaxbreachsettlement.com/ocf/ 3 KB
4 KB 99ms
25ms Stylesheet
text/css 2600:9000:223c:bc00:1a:d12b:10c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.equifaxbreachsettlement.com/ocf/basic.css

Requested by

Host: secure.equifaxbreachsettlement.com
URL: https://secure.equifaxbreachsettlement.com/en/PaymentSelection?c=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:bc00:1a:d12b:10c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1ee4ab837eedb5618c6e01508f8ac0c84d95d2177a989ae0971a75677f8bb7cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.equifaxbreachsettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: null
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
date: Mon, 10 Oct 2022 12:33:01 GMT
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 663
x-cache: Hit from cloudfront
content-length: 3275
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sun, 21 Jul 2019 22:41:03 GMT
server: AmazonS3
etag: "fa35122d20f00fa9ddab996b2ce1bf1a"
x-frame-options: DENY
content-type: text/css
cache-control: no-store
accept-ranges: bytes
x-amz-cf-id: tjfv_-FtBFFgljBYVmmEB9uIjGgBIP7lArM5eq18eKoTPmXxonFCsw==

GET
H2 200 efx.min.css
www.equifaxbreachsettlement.com/efx/ 2 KB
2 KB 98ms
24ms Stylesheet
text/css 2600:9000:223c:bc00:1a:d12b:10c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.equifaxbreachsettlement.com/efx/efx.min.css

Requested by

Host: secure.equifaxbreachsettlement.com
URL: https://secure.equifaxbreachsettlement.com/en/PaymentSelection?c=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:bc00:1a:d12b:10c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e3ce4e8f46e446e5a905fa1d8710fd7491ec95a3717779a5dfffb981042f1e0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.equifaxbreachsettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: null
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
date: Mon, 10 Oct 2022 12:33:01 GMT
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 663
x-cache: Hit from cloudfront
content-length: 1938
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 24 Jul 2019 00:50:25 GMT
server: AmazonS3
etag: "f4c8de91a3830838035dc8413b0542fa"
x-frame-options: DENY
content-type: text/css
cache-control: no-store
accept-ranges: bytes
x-amz-cf-id: r2pLPUF32iyOCFGbWvOFI_K_AN2G2xf-TnEV80bWlpD0BVYVKtcbIg==

GET
H2 200 efx-ocf.css
www.equifaxbreachsettlement.com/ocf/ 11 KB
12 KB 98ms
24ms Stylesheet
text/css 2600:9000:223c:bc00:1a:d12b:10c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.equifaxbreachsettlement.com/ocf/efx-ocf.css

Requested by

Host: secure.equifaxbreachsettlement.com
URL: https://secure.equifaxbreachsettlement.com/en/PaymentSelection?c=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:bc00:1a:d12b:10c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4fbfb715a0deb3ff9c3fb344123804ad52f6d015fa60461ec36dda77650c058b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.equifaxbreachsettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: InLn6.zEhiJzzXqgH7.CgbquIMBXfRMR
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
date: Mon, 10 Oct 2022 12:33:01 GMT
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 663
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 11367
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 02 Mar 2022 21:09:48 GMT
server: AmazonS3
etag: "336b1bea3f4ab2e3f9d0612da82ba0ae"
x-frame-options: DENY
content-type: text/css
cache-control: no-store
accept-ranges: bytes
x-amz-cf-id: 0ivK0cTWdtOrI_NMN3SrN4G4LD4UExD0fDvraIt3CKR8HEvVlqycPQ==

GET
H2 200 jquery-3.5.1.min.js Show response
www.equifaxbreachsettlement.com/common/js/ 87 KB
88 KB 139ms
66ms Script
application/x-javascript 2600:9000:223c:bc00:1a:d12b:10c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.equifaxbreachsettlement.com/common/js/jquery-3.5.1.min.js

Requested by

Host: secure.equifaxbreachsettlement.com
URL: https://secure.equifaxbreachsettlement.com/en/PaymentSelection?c=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:bc00:1a:d12b:10c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.equifaxbreachsettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: 4lQyKOHRUPMEVUDmUBABcKCWiPAC_Qf_
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
date: Mon, 10 Oct 2022 12:26:46 GMT
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 967
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 89476
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 04 Aug 2022 17:35:39 GMT
server: AmazonS3
etag: "dc5e7f18c8d36ac1d3d4753a87c98d0a"
x-frame-options: DENY
content-type: application/x-javascript
cache-control: no-store
accept-ranges: bytes
x-amz-cf-id: DRP29sjQD1tpT5ca76B-5Zl_yzyiK4qzPoOJTJCxir5xCj_wyd_g3A==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
968 B 68ms
24ms Script
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: secure.equifaxbreachsettlement.com
URL: https://secure.equifaxbreachsettlement.com/en/PaymentSelection?c=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b52b34cf452e92654dd04036ab4a81c81e0b9a6958539752b050f0433f4b1ddd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.equifaxbreachsettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 12:42:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 555
x-xss-protection: 1; mode=block
expires: Mon, 10 Oct 2022 12:42:16 GMT

GET
H2 200 jnd-logo.png
www.equifaxbreachsettlement.com/common/images/ 3 KB
3 KB 23ms
21ms Image
image/png 2600:9000:223c:bc00:1a:d12b:10c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.equifaxbreachsettlement.com/common/images/jnd-logo.png

Requested by

Host: secure.equifaxbreachsettlement.com
URL: https://secure.equifaxbreachsettlement.com/en/PaymentSelection?c=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:bc00:1a:d12b:10c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8c552029caccc9ba705fca4a6d362242805d2f557a4c51f60173527980b814e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.equifaxbreachsettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: null
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
date: Mon, 10 Oct 2022 12:26:49 GMT
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1001
x-cache: Hit from cloudfront
content-length: 2588
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 20 Jul 2019 00:17:31 GMT
server: AmazonS3
etag: "39c0f69d0a0fb68a2974e3c61246cea1"
x-frame-options: DENY
content-type: image/png
cache-control: no-store
accept-ranges: bytes
x-amz-cf-id: KTtIa9x504LlkxOdG3ftoh50wM2wzv69OEpb1bGBQNZBkmz2_glTrw==

GET
H2 200 bootstrap.min.js Show response
www.equifaxbreachsettlement.com/ocf/ 39 KB
39 KB 19ms
18ms Script
application/javascript 2600:9000:223c:bc00:1a:d12b:10c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.equifaxbreachsettlement.com/ocf/bootstrap.min.js

Requested by

Host: secure.equifaxbreachsettlement.com
URL: https://secure.equifaxbreachsettlement.com/en/PaymentSelection?c=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:bc00:1a:d12b:10c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.equifaxbreachsettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: null
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
date: Mon, 10 Oct 2022 12:33:03 GMT
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 663
x-cache: Hit from cloudfront
content-length: 39680
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 03 Aug 2019 02:30:06 GMT
server: AmazonS3
etag: "2f34b630ffe30ba2ff2b91e3f3c322a1"
x-frame-options: DENY
content-type: application/javascript
cache-control: no-store
accept-ranges: bytes
x-amz-cf-id: mshQqv09AjIRU8-IOF0OgD0A_b6lfc0a9KMxE-xuZFCdU6jOATID5A==

GET
H2 200 site.min.js Show response
www.equifaxbreachsettlement.com/ocf/ 948 B
1 KB 16ms
16ms Script
application/javascript 2600:9000:223c:bc00:1a:d12b:10c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.equifaxbreachsettlement.com/ocf/site.min.js

Requested by

Host: secure.equifaxbreachsettlement.com
URL: https://secure.equifaxbreachsettlement.com/en/PaymentSelection?c=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:bc00:1a:d12b:10c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e856386a8ee58d75219d554dc94387a9ce71e92c530ec6ec6f7f788568a35f64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.equifaxbreachsettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: null
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
date: Mon, 10 Oct 2022 12:33:03 GMT
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 663
x-cache: Hit from cloudfront
content-length: 948
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 20 Jul 2019 00:08:58 GMT
server: AmazonS3
etag: "045b86c3d1fa78cbb61584d07df6f506"
x-frame-options: DENY
content-type: application/javascript
cache-control: no-store
accept-ranges: bytes
x-amz-cf-id: q8ebS0s-15-Wy-sQte5fGUuvlm-vKgrwUqbo5vtr-y-saFSWdIVZ8Q==

GET
H2 200 jquery.mask.min.js Show response
www.equifaxbreachsettlement.com/ocf/ 8 KB
8 KB 19ms
16ms Script
application/javascript 2600:9000:223c:bc00:1a:d12b:10c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.equifaxbreachsettlement.com/ocf/jquery.mask.min.js

Requested by

Host: secure.equifaxbreachsettlement.com
URL: https://secure.equifaxbreachsettlement.com/en/PaymentSelection?c=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:bc00:1a:d12b:10c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

543af9920001b9c6128d392b395ceac342d89b858b68c2b11396789daf42af95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.equifaxbreachsettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: null
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
date: Mon, 10 Oct 2022 12:33:03 GMT
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 663
x-cache: Hit from cloudfront
content-length: 8009
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 20 Jul 2019 00:08:58 GMT
server: AmazonS3
etag: "88078c9a57abdb61ca1ed239e73b1a00"
x-frame-options: DENY
content-type: application/javascript
cache-control: no-store
accept-ranges: bytes
x-amz-cf-id: QRO-KhobXLfqeJ6JMuCAm3psOfflHpypCnth20UnKpQ7x4rd5MAZ2Q==

GET
H2 200 main.js Show response
www.equifaxbreachsettlement.com/ocf/ 3 KB
3 KB 23ms
20ms Script
application/javascript 2600:9000:223c:bc00:1a:d12b:10c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.equifaxbreachsettlement.com/ocf/main.js

Requested by

Host: secure.equifaxbreachsettlement.com
URL: https://secure.equifaxbreachsettlement.com/en/PaymentSelection?c=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:bc00:1a:d12b:10c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f0fb23519e0860228b4e9e675f21641a4d3fd05913b019d22cc798098a635d40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.equifaxbreachsettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: null
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
date: Mon, 10 Oct 2022 12:33:03 GMT
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 663
x-cache: Hit from cloudfront
content-length: 2872
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 14 Feb 2020 01:11:06 GMT
server: AmazonS3
etag: "e107cfc9feb0e3c575afb0ff0006ed6c"
x-frame-options: DENY
content-type: application/javascript
cache-control: no-store
accept-ranges: bytes
x-amz-cf-id: Hy1AzQzB3xrJGdyZ-H90mkJqMPEFknkVPE-roYAuq4_dpOodkd37uQ==

GET
H2 200 purify.min.js Show response
www.equifaxbreachsettlement.com/ocf/ 21 KB
21 KB 25ms
22ms Script
application/javascript 2600:9000:223c:bc00:1a:d12b:10c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.equifaxbreachsettlement.com/ocf/purify.min.js

Requested by

Host: secure.equifaxbreachsettlement.com
URL: https://secure.equifaxbreachsettlement.com/en/PaymentSelection?c=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:bc00:1a:d12b:10c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5a329d0f47ee21a9ef480ff5ff198fe297382c3510141fc2f7f5b9f2c48ad00a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.equifaxbreachsettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: 9aIlqRq..9QceBL7twX8ca8.VVc.ciue
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
date: Mon, 10 Oct 2022 12:33:03 GMT
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 663
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 21209
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 07 Jul 2022 00:58:52 GMT
server: AmazonS3
etag: "5a16830d619d7d9452d01efa68e321a2"
x-frame-options: DENY
content-type: application/javascript
cache-control: no-store
accept-ranges: bytes
x-amz-cf-id: B0i09r-k1h6ibeINQmwyQc-AA3wOIDhacrNp81N2apnHQQZYDNIRAw==

GET
H2 200 efx-ps-def.js Show response
www.equifaxbreachsettlement.com/ocf/ 4 KB
5 KB 23ms
20ms Script
application/javascript 2600:9000:223c:bc00:1a:d12b:10c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.equifaxbreachsettlement.com/ocf/efx-ps-def.js

Requested by

Host: secure.equifaxbreachsettlement.com
URL: https://secure.equifaxbreachsettlement.com/en/PaymentSelection?c=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:bc00:1a:d12b:10c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

76b79161083e0be785c296d6761d4d03e34f3650a65a4614d39c180d8d50e6e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.equifaxbreachsettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: C0PcM53SzqY.63Chz8nvProajlCDOZha
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
date: Mon, 10 Oct 2022 11:52:20 GMT
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 2997
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 4244
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 07 Oct 2022 00:27:58 GMT
server: AmazonS3
etag: "3a1f4af3f51c76aac248ac98dfe2ac76"
x-frame-options: DENY
content-type: application/javascript
cache-control: no-store
accept-ranges: bytes
x-amz-cf-id: USX0V11kYwzes8QsPCz_Vrdf9ZH1aEFHVOSl0ahPx6mSZM48ih1aVQ==

GET
H2 200 efx-ps-def-validations.js Show response
www.equifaxbreachsettlement.com/ocf/ 626 B
1 KB 23ms
21ms Script
application/javascript 2600:9000:223c:bc00:1a:d12b:10c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.equifaxbreachsettlement.com/ocf/efx-ps-def-validations.js

Requested by

Host: secure.equifaxbreachsettlement.com
URL: https://secure.equifaxbreachsettlement.com/en/PaymentSelection?c=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:bc00:1a:d12b:10c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a5b85988413c37f3e6cb5b41d127d85ce888f84adc026612570060742c6c5316

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.equifaxbreachsettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: UnqoFcIoBGoZUwHUge3e8nN4RzCCXQwe
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
date: Mon, 10 Oct 2022 11:52:20 GMT
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 2997
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 626
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 26 Sep 2022 17:51:21 GMT
server: AmazonS3
etag: "cdad840126c429ce5fcae1e9c4b45be8"
x-frame-options: DENY
content-type: application/javascript
cache-control: no-store
accept-ranges: bytes
x-amz-cf-id: bxOTjNQmrZDVRvN_S6_gZtQ_kkvrIPFr6Vumt7Fu8n6MH9HCOWr0IA==

GET
H2 200 font-awesome.min.css
www.equifaxbreachsettlement.com/ocf/ 23 KB
24 KB 23ms
20ms Stylesheet
text/css 2600:9000:223c:bc00:1a:d12b:10c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.equifaxbreachsettlement.com/ocf/font-awesome.min.css

Requested by

Host: secure.equifaxbreachsettlement.com
URL: https://secure.equifaxbreachsettlement.com/en/PaymentSelection?c=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:bc00:1a:d12b:10c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.equifaxbreachsettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: null
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
date: Mon, 10 Oct 2022 12:33:03 GMT
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 663
x-cache: Hit from cloudfront
content-length: 23739
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 03 Aug 2019 02:30:05 GMT
server: AmazonS3
etag: "04425bbdc6243fc6e54bf8984fe50330"
x-frame-options: DENY
content-type: text/css
cache-control: no-store
accept-ranges: bytes
x-amz-cf-id: ioVy4aLNj1M8RwjO28iG-H7d1_bB3J2nECMp3gnJwawwdxhlki7YDg==

GET
H2 200 jquery.validate.min.js Show response
ajax.aspnetcdn.com/ajax/jquery.validate/1.14.0/ 21 KB
7 KB 95ms
17ms Script
application/javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jquery.validate/1.14.0/jquery.validate.min.js

Requested by

Host: secure.equifaxbreachsettlement.com
URL: https://secure.equifaxbreachsettlement.com/en/PaymentSelection?c=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CCC) /

Resource Hash

2e3e3b2660cbfaac5febf7a50b31d0494159989626a84102b2c3792cffe27d13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.equifaxbreachsettlement.com/
Origin: https://secure.equifaxbreachsettlement.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 12:42:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2208534
x-cache: HIT
content-length: 6807
x-xss-protection: 1; mode=block
last-modified: Mon, 31 Oct 2016 23:42:30 GMT
server: ECAcc (frc/4CCC)
etag: "0b7a471d033d21:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery.validate.unobtrusive.min.js Show response
ajax.aspnetcdn.com/ajax/jquery.validation.unobtrusive/3.2.6/ 5 KB
3 KB 93ms
16ms Script
application/javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jquery.validation.unobtrusive/3.2.6/jquery.validate.unobtrusive.min.js

Requested by

Host: secure.equifaxbreachsettlement.com
URL: https://secure.equifaxbreachsettlement.com/en/PaymentSelection?c=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CF9) /

Resource Hash

13243171b1f5976e74f79647f612a1d879bfa606816a204f72a833c0e89f269a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.equifaxbreachsettlement.com/
Origin: https://secure.equifaxbreachsettlement.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 12:42:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2208244
x-cache: HIT
content-length: 2475
x-xss-protection: 1; mode=block
last-modified: Mon, 31 Oct 2016 23:43:24 GMT
server: ECAcc (frc/4CF9)
etag: "53b63b92d033d21:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
42 KB 74ms
33ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-143121829-1

Requested by

Host: secure.equifaxbreachsettlement.com
URL: https://secure.equifaxbreachsettlement.com/en/PaymentSelection?c=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b629e4f6c7984937ae24df1e9ef9a3af770d4740ad530f92a9c81785daf406ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.equifaxbreachsettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 12:42:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42400
x-xss-protection: 0
last-modified: Mon, 10 Oct 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Oct 2022 12:42:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 116 KB
46 KB 75ms
33ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-728851818

Requested by

Host: secure.equifaxbreachsettlement.com
URL: https://secure.equifaxbreachsettlement.com/en/PaymentSelection?c=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

64c4d039f2498f7a7c7afbe295ccabf90e8a8e60f408abd698ec1eb0b0d31edb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.equifaxbreachsettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 12:42:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46789
x-xss-protection: 0
last-modified: Mon, 10 Oct 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Oct 2022 12:42:16 GMT

GET
H2 200 base-works.png
www.equifaxbreachsettlement.com/themes/theme4/images/ 1 KB
2 KB 25ms
24ms Image
image/png 2600:9000:223c:bc00:1a:d12b:10c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.equifaxbreachsettlement.com/themes/theme4/images/base-works.png

Requested by

Host: www.equifaxbreachsettlement.com
URL: https://www.equifaxbreachsettlement.com/themes/theme4/css/theme4.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:bc00:1a:d12b:10c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

94016eee07724533ae4f299119fa90be6609ca648dfd65c701cd255fedc29e8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.equifaxbreachsettlement.com/themes/theme4/css/theme4.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: null
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
date: Mon, 10 Oct 2022 12:26:48 GMT
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1001
x-cache: Hit from cloudfront
content-length: 1261
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 22 Jul 2019 06:21:20 GMT
server: AmazonS3
etag: "264f250ffb9ca95a6511564df3051fe0"
x-frame-options: DENY
content-type: image/png
cache-control: no-store
accept-ranges: bytes
x-amz-cf-id: OTUdEcC_7U9H9zsntajAyptsJF764ODLP6YHT5PaFcMAS5FNBfgPxw==

GET
H2 200 OpenSans-Regular-webfont.woff
www.equifaxbreachsettlement.com/common/fonts/ 20 KB
21 KB 62ms
20ms Font
application/font-woff 2600:9000:223c:bc00:1a:d12b:10c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.equifaxbreachsettlement.com/common/fonts/OpenSans-Regular-webfont.woff

Requested by

Host: secure.equifaxbreachsettlement.com
URL: https://secure.equifaxbreachsettlement.com/en/PaymentSelection?c=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:bc00:1a:d12b:10c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

724ffca6332d70f4cbb540b05753e0e5d59a9b25a0eefd2e46fbf841ad41889b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.equifaxbreachsettlement.com/
Origin: https://secure.equifaxbreachsettlement.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: null
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
date: Mon, 10 Oct 2022 12:13:07 GMT
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1750
x-cache: Hit from cloudfront
content-length: 20696
x-xss-protection: 1; mode=block
last-modified: Sat, 20 Jul 2019 00:13:33 GMT
server: AmazonS3
etag: "c8ffdeb3144d5055756ef01ef98e8486"
x-frame-options: DENY
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: https://secure.equifaxbreachsettlement.com
cache-control: no-store
access-control-allow-credentials: true
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: cIeYDg6Wy0V75U3daRKehcbaGkojFag5VTQCPowBwtv4iwMqIvMtvA==

GET
H2 200 OpenSans-Bold-webfont.woff
www.equifaxbreachsettlement.com/common/fonts/ 20 KB
21 KB 62ms
20ms Font
application/font-woff 2600:9000:223c:bc00:1a:d12b:10c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.equifaxbreachsettlement.com/common/fonts/OpenSans-Bold-webfont.woff

Requested by

Host: secure.equifaxbreachsettlement.com
URL: https://secure.equifaxbreachsettlement.com/en/PaymentSelection?c=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:bc00:1a:d12b:10c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f21a07b8173a59a6cdf3f46d46a4bd1b14e4146d4e1c80a543021a6d69b2fe8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.equifaxbreachsettlement.com/
Origin: https://secure.equifaxbreachsettlement.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: null
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
date: Mon, 10 Oct 2022 12:13:07 GMT
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1750
x-cache: Hit from cloudfront
content-length: 20676
x-xss-protection: 1; mode=block
last-modified: Sat, 20 Jul 2019 00:13:33 GMT
server: AmazonS3
etag: "f9fc9780feed3b7444ba6277f067c7f5"
x-frame-options: DENY
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: https://secure.equifaxbreachsettlement.com
cache-control: no-store
access-control-allow-credentials: true
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: ObDBvGIgSbOpzfJpCHYHSx_FmcahJ_sjaGUXz_9mz3O9bDpEHIO2Eg==

GET
H2 200 OpenSans-Light-webfont.woff
www.equifaxbreachsettlement.com/common/fonts/ 20 KB
21 KB 61ms
20ms Font
application/font-woff 2600:9000:223c:bc00:1a:d12b:10c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.equifaxbreachsettlement.com/common/fonts/OpenSans-Light-webfont.woff

Requested by

Host: secure.equifaxbreachsettlement.com
URL: https://secure.equifaxbreachsettlement.com/en/PaymentSelection?c=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:bc00:1a:d12b:10c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

30afeca2351fdafb936ea552b777937c5ea2ef1b9110a28b87c7604a3d2b28ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.equifaxbreachsettlement.com/
Origin: https://secure.equifaxbreachsettlement.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: null
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
date: Mon, 10 Oct 2022 12:13:07 GMT
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1750
x-cache: Hit from cloudfront
content-length: 20400
x-xss-protection: 1; mode=block
last-modified: Sat, 20 Jul 2019 00:13:33 GMT
server: AmazonS3
etag: "05c88e41fc725cb1974b99534a8f8357"
x-frame-options: DENY
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: https://secure.equifaxbreachsettlement.com
cache-control: no-store
access-control-allow-credentials: true
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: imLdCy86p8jRA3M_Bq5YR_0rY4s5Fk0pG2IHNDuOChE6qrq4r4u35w==

GET
H2 200 jquery-3.5.1.min.js Show response
www.equifaxbreachsettlement.com/common/js/ 87 KB
88 KB 22ms
16ms Script
application/x-javascript 2600:9000:223c:bc00:1a:d12b:10c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.equifaxbreachsettlement.com/common/js/jquery-3.5.1.min.js

Requested by

Host: secure.equifaxbreachsettlement.com
URL: https://secure.equifaxbreachsettlement.com/en/PaymentSelection?c=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:bc00:1a:d12b:10c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.equifaxbreachsettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: 4lQyKOHRUPMEVUDmUBABcKCWiPAC_Qf_
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
date: Mon, 10 Oct 2022 12:26:46 GMT
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 967
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 89476
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 04 Aug 2022 17:35:39 GMT
server: AmazonS3
etag: "dc5e7f18c8d36ac1d3d4753a87c98d0a"
x-frame-options: DENY
content-type: application/x-javascript
cache-control: no-store
accept-ranges: bytes
x-amz-cf-id: EPBLEHS-l5i1id2yP0TNLv9i7RQpuctbpYEuBjnt7QlzDaxcBdy_iw==

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ 396 KB
158 KB 66ms
16ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbf1818d8b1397e676767b2fa0352f57b18f4066eede2460f730308f1303ded7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.equifaxbreachsettlement.com/
Origin: https://secure.equifaxbreachsettlement.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 12:36:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 367
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 161341
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 20:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Oct 2023 12:36:09 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 54ms
16ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: secure.equifaxbreachsettlement.com
URL: https://secure.equifaxbreachsettlement.com/en/PaymentSelection?c=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.equifaxbreachsettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 10 Oct 2022 12:42:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26840
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: JS+WgMNh6CIcUyMwXaKP2jil0yMWi9HmBzeEZZn5MMYvKESCadUxoVeZRkOox6HfZW1KQ58iqlSxCjjKewpJxg==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 73ms
21ms Script
application/javascript 199.232.188.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: secure.equifaxbreachsettlement.com
URL: https://secure.equifaxbreachsettlement.com/en/PaymentSelection?c=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.equifaxbreachsettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 12:42:16 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 15:04:19 GMT
etag: "d4de8398858246712016031c834bb061+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15317
x-served-by: cache-iad-kjyo7100153-IAD, cache-muc13923-MUC

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 99ms
51ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: secure.equifaxbreachsettlement.com
URL: https://secure.equifaxbreachsettlement.com/en/PaymentSelection?c=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.equifaxbreachsettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 10 Oct 2022 12:42:16 GMT
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 633210C822DE44B6A95EDBE6D669D2C5 Ref B: FRAEDGE1413 Ref C: 2022-10-10T12:42:16Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11367

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 60ms
15ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-143121829-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.equifaxbreachsettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 10 Oct 2022 11:01:59 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6017
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 10 Oct 2022 13:01:59 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
15 KB 83ms
38ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-728851818

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.equifaxbreachsettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 12:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15192
x-xss-protection: 0
server: cafe
etag: 699633608045481581
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 10 Oct 2022 12:42:16 GMT

GET
H2 200 2168831883239931 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 70ms
67ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2168831883239931?v=2.9.84&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b30d9413a3addde5aea21a401670b1d62b19ddaa1c2e1022d1af426621710386

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.equifaxbreachsettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 10 Oct 2022 12:42:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: IFi0uEK6duwQBr0pXt62en9hS17hw+EWa5HFSMPzvC7Y+N2DG+rXRCfdTONNgHeeXlSBlfjlc0YmO+7YRZzigg==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
377 B 287ms
125ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=a998b1c2-cc3a-441b-b96f-e60b10f9040b&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=e0cdb85f-4dee-4a66-9a5f-6704b4b58e6c&tw_document_href=https%3A%2F%2Fsecure.equifaxbreachsettlement.com%2Fen%2FPaymentSelection%3Fc%3D&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o26bd&type=javascript&version=2.3.27

Requested by

Host: secure.equifaxbreachsettlement.com
URL: https://secure.equifaxbreachsettlement.com/en/PaymentSelection?c=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.equifaxbreachsettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-response-time: 108
date: Mon, 10 Oct 2022 12:42:15 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: f235e4c207b5ed24
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: c6147d959b27822a307e28209979a8870e6e56684737a712afc26af9bdbb78a8
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
396 B 285ms
122ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=a998b1c2-cc3a-441b-b96f-e60b10f9040b&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=e0cdb85f-4dee-4a66-9a5f-6704b4b58e6c&tw_document_href=https%3A%2F%2Fsecure.equifaxbreachsettlement.com%2Fen%2FPaymentSelection%3Fc%3D&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o26bd&type=javascript&version=2.3.27

Requested by

Host: secure.equifaxbreachsettlement.com
URL: https://secure.equifaxbreachsettlement.com/en/PaymentSelection?c=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.equifaxbreachsettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-response-time: 106
date: Mon, 10 Oct 2022 12:42:15 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 75ce4d4c73fa4b07
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 838f05d9a97d53c5103f9ffe3de4f3bf23fd4a35ccbb615b3b3e5bfbc890e74c
content-length: 43

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 2538 43 KB
22 KB 74ms
38ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld62GYUAAAAAKpsTUbp12OKqDlW4BIzN2-2zfFq&co=aHR0cHM6Ly9zZWN1cmUuZXF1aWZheGJyZWFjaHNldHRsZW1lbnQuY29tOjQ0Mw..&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=uade8ldsh84e

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8a1f7f764b5619545bfdb8999c48da2d01ce5027b4be5e14919e69ad378b8cbf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eQfGKUmtAdViUnVIRnDhKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.equifaxbreachsettlement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22906
content-security-policy: script-src 'report-sample' 'nonce-eQfGKUmtAdViUnVIRnDhKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 10 Oct 2022 12:42:16 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 55ms
22ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=742333089&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.equifaxbreachsettlement.com%2Fen%2FPaymentSelection%3Fc%3D&ul=en-us&de=UTF-8&dt=Payment%20Selection&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1596441328&gjid=2114944025&cid=2099506441.1665405737&tid=UA-143121829-1&_gid=26164857.1665405737&_r=1&gtm=2oua50&z=826356639

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.equifaxbreachsettlement.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 12:42:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.equifaxbreachsettlement.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 26068162.js Show response
bat.bing.com/p/action/ 1 KB
844 B 132ms
131ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/26068162.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4433e436590701cee907bf0a1e467457ef5c730ac4baf755ac04b088eb435056

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.equifaxbreachsettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 10 Oct 2022 12:42:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8AFFEC25F7F346E9BA6CDC338E1DBF94 Ref B: FRAEDGE1413 Ref C: 2022-10-10T12:42:16Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 667

GET
H2 204 0
bat.bing.com/action/ 0
175 B 40ms
40ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=26068162&Ver=2&mid=6e4bc67f-7422-49a3-8a99-e1505deb4bf2&sid=f8eef170489811ed9a699f084968c3c3&vid=f8ef1870489811ed9db099c01bdf4f0c&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Payment%20Selection&p=https%3A%2F%2Fsecure.equifaxbreachsettlement.com%2Fen%2FPaymentSelection%3Fc%3D&r=&lt=1460&evt=pageLoad&sv=1&rn=972208

Requested by

Host: secure.equifaxbreachsettlement.com
URL: https://secure.equifaxbreachsettlement.com/en/PaymentSelection?c=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.equifaxbreachsettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 10 Oct 2022 12:42:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EE2523A2E95543BEA441D7398EDE1BF9 Ref B: FRAEDGE1413 Ref C: 2022-10-10T12:42:16Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/728851818/ 2 KB
2 KB 138ms
62ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/728851818/?random=1665405736702&cv=9&fst=1665405736702&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa50&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.equifaxbreachsettlement.com%2Fen%2FPaymentSelection%3Fc%3D&tiba=Payment%20Selection&auid=498382712.1665405737&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

961df931dd975acd7deaecf7a55baddcb30d7ac0783781d871eba097a98e9504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.equifaxbreachsettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 12:42:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1054
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
204 B 55ms
18ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2168831883239931&ev=PageView&dl=https%3A%2F%2Fsecure.equifaxbreachsettlement.com%2Fen%2FPaymentSelection%3Fc%3D&rl=&if=false&ts=1665405736743&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1665405736742.793700871&it=1665405736602&coo=false&rqm=GET

Requested by

Host: secure.equifaxbreachsettlement.com
URL: https://secure.equifaxbreachsettlement.com/en/PaymentSelection?c=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.equifaxbreachsettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 10 Oct 2022 12:42:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
452 B 81ms
31ms XHR
text/plain 2a00:1450:400c:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-143121829-1&cid=2099506441.1665405737&jid=1596441328&gjid=2114944025&_gid=26164857.1665405737&_u=YEBAAUAAAAAAACAAI~&z=1388881127

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.equifaxbreachsettlement.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 10 Oct 2022 12:42:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.equifaxbreachsettlement.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 26068162 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 164ms
113ms Script
application/x-javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/26068162
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/26068162.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 76df09483468d0539269cedf4bfa3aa61211d758fcf9559901b642b3a858e96c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.equifaxbreachsettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: application/x-javascript
date: Mon, 10 Oct 2022 12:42:16 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 0KBNEYwAAAADCv6YxzVU5QJ1SMnI/GaRLQlJVMzBFREdFMDQwOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H3 200 /
www.google.com/pagead/1p-user-list/728851818/ 42 B
64 B 31ms
31ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/728851818/?random=1665405736702&cv=9&fst=1665403200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa50&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.equifaxbreachsettlement.com%2Fen%2FPaymentSelection%3Fc%3D&tiba=Payment%20Selection&async=1&fmt=3&is_vtc=1&random=4227345381&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: secure.equifaxbreachsettlement.com
URL: https://secure.equifaxbreachsettlement.com/en/PaymentSelection?c=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.equifaxbreachsettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 12:42:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/728851818/ 42 B
548 B 69ms
29ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/728851818/?random=1665405736702&cv=9&fst=1665403200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa50&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.equifaxbreachsettlement.com%2Fen%2FPaymentSelection%3Fc%3D&tiba=Payment%20Selection&async=1&fmt=3&is_vtc=1&random=4227345381&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: secure.equifaxbreachsettlement.com
URL: https://secure.equifaxbreachsettlement.com/en/PaymentSelection?c=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.equifaxbreachsettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 12:42:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame 2538 52 KB
24 KB 49ms
15ms Stylesheet
text/css 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld62GYUAAAAAKpsTUbp12OKqDlW4BIzN2-2zfFq&co=aHR0cHM6Ly9zZWN1cmUuZXF1aWZheGJyZWFjaHNldHRsZW1lbnQuY29tOjQ0Mw..&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=uade8ldsh84e

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 11:39:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3748
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 20:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Oct 2023 11:39:48 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame 2538 396 KB
158 KB 57ms
25ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbf1818d8b1397e676767b2fa0352f57b18f4066eede2460f730308f1303ded7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 12:36:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 367
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 161341
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 20:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Oct 2023 12:36:09 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 2538 2 KB
2 KB 16ms
16ms Image
image/png 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 19:40:09 GMT
x-content-type-options: nosniff
age: 320528
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 13 Oct 2022 19:40:09 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2538 15 KB
16 KB 65ms
17ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 523452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 04 Oct 2023 11:18:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2538 15 KB
15 KB 68ms
20ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 495749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 04 Oct 2023 18:59:48 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 2538 102 B
134 B 30ms
30ms Other
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

deaf5a4d4987d3198c038ffa6ebfb7b3aefc084c71d8f02805e918d25096412a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld62GYUAAAAAKpsTUbp12OKqDlW4BIzN2-2zfFq&co=aHR0cHM6Ly9zZWN1cmUuZXF1aWZheGJyZWFjaHNldHRsZW1lbnQuY29tOjQ0Mw..&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=uade8ldsh84e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 12:42:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 10 Oct 2022 12:42:17 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2/s/0.6.42/ 53 KB
23 KB 155ms
153ms Script
application/javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2/s/0.6.42/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/26068162
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d97ca913935c9897ac4e255d17e14c8a3f0d8513681fe5b6736c4921fc5dd078

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.equifaxbreachsettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 12:42:17 GMT
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
etag: "1d8da7270bdf0d4"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
x-azure-ref: 0KRNEYwAAAAAOqLi2gWw/Q4YJdkRVF7Q+QlJVMzBFREdFMDQwOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
cache-control: public,max-age=86400
accept-ranges: bytes
content-length: 23382
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 2833 7 KB
1 KB 31ms
29ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&k=6Ld62GYUAAAAAKpsTUbp12OKqDlW4BIzN2-2zfFq

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dd42a0d5723542c2320323821f3627e824e50bbd93cbe85b96c8dbd6aff11cdd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-M8R31HvGeDFuVnTLC58WjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.equifaxbreachsettlement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1117
content-security-policy: script-src 'report-sample' 'nonce-M8R31HvGeDFuVnTLC58WjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 10 Oct 2022 12:42:17 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame 2833 52 KB
24 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&k=6Ld62GYUAAAAAKpsTUbp12OKqDlW4BIzN2-2zfFq

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 11:39:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 20:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Oct 2023 11:39:48 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame 2833 396 KB
158 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&k=6Ld62GYUAAAAAKpsTUbp12OKqDlW4BIzN2-2zfFq

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbf1818d8b1397e676767b2fa0352f57b18f4066eede2460f730308f1303ded7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 12:36:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 368
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 161341
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 20:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Oct 2023 12:36:09 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 2833 38 KB
23 KB 62ms
61ms XHR
application/json 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6Ld62GYUAAAAAKpsTUbp12OKqDlW4BIzN2-2zfFq

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8f2e2bdf7ec94c359d063796d92db89325367a87bf59248451f0015c47ed6fbf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&k=6Ld62GYUAAAAAKpsTUbp12OKqDlW4BIzN2-2zfFq
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Mon, 10 Oct 2022 12:42:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23649
x-xss-protection: 1; mode=block
expires: Mon, 10 Oct 2022 12:42:17 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=1CE14652EEBF48A096E27221564D6ED3&RedC=c.clarity.ms&MXFR=2FAC52010A3D66043F4940380E3D6835
https://c.clarity.ms/c.gif?CtsSyncId=1CE14652EEBF48A096E27221564D6ED3&MUID=2C94D73AD38B67B61582C503D2E066E5

42 B
368 B

41ms
40ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=1CE14652EEBF48A096E27221564D6ED3&MUID=2C94D73AD38B67B61582C503D2E066E5
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.equifaxbreachsettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 12:42:17 GMT
last-modified: Tue, 13 Sep 2022 19:54:52 GMT
server: Microsoft-IIS/10.0
etag: "8d3298b0aac7d81:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 10 Oct 2022 12:42:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4094C0244F1148CA913CBBFB5B892CAB Ref B: FRAEDGE1413 Ref C: 2022-10-10T12:42:17Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=1CE14652EEBF48A096E27221564D6ED3&MUID=2C94D73AD38B67B61582C503D2E066E5
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 2833 600 B
624 B 20ms
19ms Image
image/png 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 09:45:36 GMT
x-content-type-options: nosniff
age: 442601
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 12 Oct 2022 09:45:36 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 2833 530 B
554 B 20ms
18ms Image
image/png 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 21:24:07 GMT
x-content-type-options: nosniff
age: 573490
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Mon, 10 Oct 2022 21:24:07 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 2833 665 B
689 B 21ms
19ms Image
image/png 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 18:58:22 GMT
x-content-type-options: nosniff
age: 409435
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 12 Oct 2022 18:58:22 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2833 15 KB
15 KB 50ms
16ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 523452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 04 Oct 2023 11:18:05 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2833 15 KB
15 KB 62ms
28ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 06:37:10 GMT
x-content-type-options: nosniff
age: 281107
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 07 Oct 2023 06:37:10 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2833 15 KB
15 KB 56ms
23ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 495749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 04 Oct 2023 18:59:48 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame 2833 28 KB
28 KB 30ms
29ms Image
image/jpeg 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AIIukzhvr0SSI1dFjCkEdH2P090Ya8JswRWgKa1bdBOhdy0_e-sV5NR4sj4fM6IGD3PRBq_y3dw0EeolAp00l4fXtePYstGhefkFZpzvhwppnVUwP-H338cXTpA3gnkUSkq3QLjQDSKUYTWKjaner6i6DQapl6bnlRYfxcB11C2HYgnQKXDENkslXqrdqKqOs1ETQXOqho4dezNoVilD3EsxzeHafcqLug&k=6Ld62GYUAAAAAKpsTUbp12OKqDlW4BIzN2-2zfFq

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7329940dd4957019676b351a32abafa9268f552740616fa115f49931110d1160

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&k=6Ld62GYUAAAAAKpsTUbp12OKqDlW4BIzN2-2zfFq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 12:42:17 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28960
x-xss-protection: 1; mode=block
expires: Mon, 10 Oct 2022 12:42:17 GMT

POST
H2 204 collect Show response
b.clarity.ms/ 0
171 B 557ms
224ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.42/clarity.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://secure.equifaxbreachsettlement.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin: https://secure.equifaxbreachsettlement.com
date: Mon, 10 Oct 2022 12:42:17 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 37ms
17ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2168831883239931&ev=Microdata&dl=https%3A%2F%2Fsecure.equifaxbreachsettlement.com%2Fen%2FPaymentSelection%3Fc%3D&rl=&if=false&ts=1665405738256&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Payment%20Selection%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.84&r=stable&ec=1&o=30&fbp=fb.1.1665405736742.793700871&it=1665405736602&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.equifaxbreachsettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 10 Oct 2022 12:42:18 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
priority: u=3,i

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 10:55:57	Name: _GRECAPTCHA Value: 09AHtfOcgzgq9x4bUkAVDeEAad1V526tDLLuARi-jTE3lvTAodSzjXsAebj9v8YEgx-vfEJ61n2gCxRn971XhIWgY
secure.equifaxbreachsettlement.com/	1970-01-20 06:36:52	Name: .AspNetCore.Culture Value: c%3Den%7Cuic%3Den
secure.equifaxbreachsettlement.com/	1969-12-31 23:59:59	Name: .AspNetCore.Antiforgery.2DYM5L3vwcY Value: CfDJ8LbNXS7HAdNFhqLNbdqadVEK5niNP00bFNbNhYrxS5OlKrjW6boukKpj9yhV1_N1bKvtclu5d6tGjipsZmLRoeVthGBv5Tzpz6rPOalF5yz0DAKK09a6_kVIif9iv0ZP-Zv8eCRkOjbCwN-u-wPdR9E
.equifaxbreachsettlement.com/	1970-01-20 08:46:21	Name: _gcl_au Value: 1.1.498382712.1665405737
.bing.com/	1970-01-20 15:58:21	Name: MUID Value: 2C94D73AD38B67B61582C503D2E066E5
.equifaxbreachsettlement.com/	1970-01-20 16:12:45	Name: _ga Value: GA1.2.2099506441.1665405737
.equifaxbreachsettlement.com/	1970-01-20 06:38:12	Name: _gid Value: GA1.2.26164857.1665405737
.equifaxbreachsettlement.com/	1970-01-20 06:36:45	Name: _gat_gtag_UA_143121829_1 Value: 1
.equifaxbreachsettlement.com/	1970-01-20 06:38:12	Name: _uetsid Value: f8eef170489811ed9a699f084968c3c3
.equifaxbreachsettlement.com/	1970-01-20 15:58:21	Name: _uetvid Value: f8ef1870489811ed9db099c01bdf4f0c
.equifaxbreachsettlement.com/	1970-01-20 08:46:21	Name: _fbp Value: fb.1.1665405736742.793700871
.doubleclick.net/	1970-01-20 06:36:46	Name: test_cookie Value: CheckForPermission
.twitter.com/	1970-01-20 16:12:45	Name: personalization_id Value: "v1_M+2pkcJvdCqvPLKWHdKshw=="
.t.co/	1970-01-20 16:12:45	Name: muc_ads Value: 7c4130d0-0114-42b5-9e82-41d58b94ef6a
www.clarity.ms/	1970-01-20 15:22:21	Name: CLID Value: d4aafa922eff4136b838d2df67a42594.20221010.20231010
.equifaxbreachsettlement.com/	1970-01-20 15:22:21	Name: _clck Value: 1u2vlx4\|1\|f5l\|0
.c.bing.com/	1970-01-20 15:58:21	Name: SRM_B Value: 2C94D73AD38B67B61582C503D2E066E5
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 15:58:21	Name: MUID Value: 2C94D73AD38B67B61582C503D2E066E5
.c.clarity.ms/	1970-01-20 06:36:46	Name: ANONCHK Value: 0
.equifaxbreachsettlement.com/	1970-01-20 06:38:12	Name: _clsk Value: xhg8ga\|1665405737956\|1\|0\|b.clarity.ms/collect

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
analytics.twitter.com
b.clarity.ms
bat.bing.com
c.bing.com
c.clarity.ms
connect.facebook.net
email.equifaxbreachsettlement.com
fonts.gstatic.com
googleads.g.doubleclick.net
secure.equifaxbreachsettlement.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
www.clarity.ms
www.equifaxbreachsettlement.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
104.244.42.197
104.244.42.67
142.250.184.194
152.199.19.160
199.232.188.157
20.234.93.27
20.75.32.255
2600:9000:223c:bc00:1a:d12b:10c0:93a1
2620:1ec:46::44
2620:1ec:c11::200
2a00:1450:4001:800::2003
2a00:1450:4001:803::2003
2a00:1450:4001:806::2004
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2008
2a00:1450:400c:c09::9b
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.127.83.42
52.254.63.132
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
13243171b1f5976e74f79647f612a1d879bfa606816a204f72a833c0e89f269a
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1ee4ab837eedb5618c6e01508f8ac0c84d95d2177a989ae0971a75677f8bb7cf
2e3e3b2660cbfaac5febf7a50b31d0494159989626a84102b2c3792cffe27d13
2fed6c7c6b27cb18ff31e13422b2e0e34ea476e00ab1eef58a527f06fa441061
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
30afeca2351fdafb936ea552b777937c5ea2ef1b9110a28b87c7604a3d2b28ec
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d
4433e436590701cee907bf0a1e467457ef5c730ac4baf755ac04b088eb435056
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4fbfb715a0deb3ff9c3fb344123804ad52f6d015fa60461ec36dda77650c058b
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
543af9920001b9c6128d392b395ceac342d89b858b68c2b11396789daf42af95
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
5a329d0f47ee21a9ef480ff5ff198fe297382c3510141fc2f7f5b9f2c48ad00a
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
620b554edbed5e37a471beef564e2935ce7c03655704c980531e07cd9d912135
64c4d039f2498f7a7c7afbe295ccabf90e8a8e60f408abd698ec1eb0b0d31edb
6ab645e9df97cf97a46616599cb07ee0c35b5a968a07228855fa45983a9b2a2f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
724ffca6332d70f4cbb540b05753e0e5d59a9b25a0eefd2e46fbf841ad41889b
7329940dd4957019676b351a32abafa9268f552740616fa115f49931110d1160
76b79161083e0be785c296d6761d4d03e34f3650a65a4614d39c180d8d50e6e3
76df09483468d0539269cedf4bfa3aa61211d758fcf9559901b642b3a858e96c
771d26cf6f8f0a9cac9945ae9aebb1b154ff01e51c2bb29beb7504cd53677d6f
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8a1f7f764b5619545bfdb8999c48da2d01ce5027b4be5e14919e69ad378b8cbf
8c552029caccc9ba705fca4a6d362242805d2f557a4c51f60173527980b814e4
8f2e2bdf7ec94c359d063796d92db89325367a87bf59248451f0015c47ed6fbf
94016eee07724533ae4f299119fa90be6609ca648dfd65c701cd255fedc29e8c
961df931dd975acd7deaecf7a55baddcb30d7ac0783781d871eba097a98e9504
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a5b85988413c37f3e6cb5b41d127d85ce888f84adc026612570060742c6c5316
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b30d9413a3addde5aea21a401670b1d62b19ddaa1c2e1022d1af426621710386
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b52b34cf452e92654dd04036ab4a81c81e0b9a6958539752b050f0433f4b1ddd
b629e4f6c7984937ae24df1e9ef9a3af770d4740ad530f92a9c81785daf406ce
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
d97ca913935c9897ac4e255d17e14c8a3f0d8513681fe5b6736c4921fc5dd078
dbf1818d8b1397e676767b2fa0352f57b18f4066eede2460f730308f1303ded7
dd42a0d5723542c2320323821f3627e824e50bbd93cbe85b96c8dbd6aff11cdd
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
deaf5a4d4987d3198c038ffa6ebfb7b3aefc084c71d8f02805e918d25096412a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ce4e8f46e446e5a905fa1d8710fd7491ec95a3717779a5dfffb981042f1e0a
e856386a8ee58d75219d554dc94387a9ce71e92c530ec6ec6f7f788568a35f64
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0fb23519e0860228b4e9e675f21641a4d3fd05913b019d22cc798098a635d40
f21a07b8173a59a6cdf3f46d46a4bd1b14e4146d4e1c80a543021a6d69b2fe8c
f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19
f4a96abe7a8c57cac3543e9cb531594d2f7b5a2ffa34860d3abd90e644479c4c
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

secure.equifaxbreachsettlement.com Open in urlscan Pro 52.254.63.132 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

69 Requests

99 %HTTPS

59 %IPv6

16 Domains

23 Subdomains

21 IPs

4 Countries

1575 kBTransfer

2982 kBSize

21 Cookies

11 Outgoing links

Page URL History

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

secure.equifaxbreachsettlement.com Open in urlscan Pro
52.254.63.132 Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

99 %
HTTPS

59 %
IPv6

16
Domains

23
Subdomains

21
IPs

4
Countries

1575 kB
Transfer

2982 kB
Size

21
Cookies

69 HTTP transactions
0 data transactions