www.pssettlement.com Open in urlscan Pro
18.154.227.129 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.pssettlement.com/
Submission: On January 09 via api (January 9th 2024, 1:22:54 pm UTC) from US — Scanned from US

Summary HTTP 88 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 40 IPs in 2 countries across 36 domains to perform 88 HTTP transactions. The main IP is 18.154.227.129, located in United States and belongs to AMAZON-02, US. The main domain is www.pssettlement.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on December 5th 2023. Valid for: a year.

This is the only time www.pssettlement.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	18.154.227.129 18.154.227.129	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:822::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:208... 2600:9000:208f:f400:1c:a2a8:b080:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2607:f8b0:400... 2607:f8b0:4006:80f::2004	15169 (GOOGLE) (GOOGLE)
2	108.139.33.128 108.139.33.128	16509 (AMAZON-02) (AMAZON-02)
1	52.217.89.44 52.217.89.44	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:400... 2607:f8b0:4006:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:219... 2600:9000:2191:4600:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
1 3	216.48.66.44 216.48.66.44	3561 (CENTURYLI...) (CENTURYLINK-LEGACY-SAVVIS)
1	18.67.76.47 18.67.76.47	16509 (AMAZON-02) (AMAZON-02)
4 7	199.38.167.131 199.38.167.131	54312 (ROCKETFUEL) (ROCKETFUEL)
2	2606:ae80:145... 2606:ae80:1451:21::410	25751 (VALUECLICK) (VALUECLICK)
5	2607:f8b0:400... 2607:f8b0:4006:80e::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
3	2607:f8b0:400... 2607:f8b0:4006:81d::2003	15169 (GOOGLE) (GOOGLE)
1 3	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 5	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	2606:ae80:147... 2606:ae80:1471:1a::1460	25751 (VALUECLICK) (VALUECLICK)
1	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 5	142.251.32.98 142.251.32.98	15169 (GOOGLE) (GOOGLE)
1 1	3.225.218.10 3.225.218.10	14618 (AMAZON-AES) (AMAZON-AES)
4 5	34.200.65.202 34.200.65.202	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:1f18:612... 2600:1f18:612b:4232:8e14:fb12:eab5:43f8	14618 (AMAZON-AES) (AMAZON-AES)
1	208.80.55.239 208.80.55.239	13360 (TRITONDIG...) (TRITONDIGITAL)
4	2607:f8b0:400... 2607:f8b0:4006:816::200e	15169 (GOOGLE) (GOOGLE)
4 4	3.162.125.127 3.162.125.127	16509 (AMAZON-02) (AMAZON-02)
4 4	54.90.95.251 54.90.95.251	14618 (AMAZON-AES) (AMAZON-AES)
2	107.178.254.65 107.178.254.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 3	68.67.160.114 68.67.160.114	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	34.198.252.61 34.198.252.61	14618 (AMAZON-AES) (AMAZON-AES)
1	162.248.18.37 162.248.18.37	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	3.230.62.22 3.230.62.22	14618 (AMAZON-AES) (AMAZON-AES)
1	23.41.168.23 23.41.168.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.219.100.202 3.219.100.202	14618 (AMAZON-AES) (AMAZON-AES)
1 2	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.244.154.8 35.244.154.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.126.112.185 104.126.112.185	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.160.18.51 18.160.18.51	16509 (AMAZON-02) (AMAZON-02)
1	34.197.227.33 34.197.227.33	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
2 2	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
1	104.117.182.169 104.117.182.169	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
88	40

22 18.154.227.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-227-129.iad55.r.cloudfront.net

www.pssettlement.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:208f:f400:1c:a2a8:b080:93a1 (United States)

ASN16509 (AMAZON-02, US)

content.digitaldisbursements.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:80f::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.139.33.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-33-128.jfk50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.89.44 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

angeion-public.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80f::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2191:4600:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.48.66.44 (United States) 1 redirects

ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US)
PTR: ric02-nessy-float2.dotomi.com

login.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.76.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-76-47.iad89.r.cloudfront.net

uae4khqoag.execute-api.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 199.38.167.131 (United States) 4 redirects

ASN54312 (ROCKETFUEL, US)

20851347p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:ae80:1451:21::410 (United States)

ASN25751 (VALUECLICK, US)

login-ds.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yahoo-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:80e::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81d::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.33.220.150 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:ae80:1471:1a::1460 (United States)

ASN25751 (VALUECLICK, US)

match.sync.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.32.98 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.225.218.10 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.200.65.202 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:612b:4232:8e14:fb12:eab5:43f8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.80.55.239 (Canada)

ASN13360 (TRITONDIGITAL, CA)

idsync.live.streamtheworld.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:816::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.162.125.127 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: server-3-162-125-127.iad61.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.90.95.251 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-90-95-251.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.67.160.114 (Jersey City, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.198.252.61 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-252-61.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.230.62.22 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-62-22.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.41.168.23 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-168-23.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.219.100.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-100-202.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.151.101 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.126.112.185 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-126-112-185.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.18.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-18-51.iad12.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.197.227.33 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-227-33.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.117.182.169 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-117-182-169.deploy.static.akamaitechnologies.com

hb.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	pssettlement.com www.pssettlement.com	153 KB
7	rfihub.com 4 redirects 20851347p.rfihub.com p.rfihub.com — Cisco Umbrella Rank: 1485 a.rfihub.com — Cisco Umbrella Rank: 5072	12 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	472 KB
7	adsrvr.org 2 redirects js.adsrvr.org — Cisco Umbrella Rank: 2259 match.adsrvr.org — Cisco Umbrella Rank: 594 insight.adsrvr.org — Cisco Umbrella Rank: 1095	6 KB
6	yahoo.com 5 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 2418 ups.analytics.yahoo.com — Cisco Umbrella Rank: 505	2 KB
6	doubleclick.net 4 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 338 googleads.g.doubleclick.net — Cisco Umbrella Rank: 68	3 KB
6	dotomi.com 1 redirects login.dotomi.com — Cisco Umbrella Rank: 3783 login-ds.dotomi.com — Cisco Umbrella Rank: 7183 match.sync.ad.cpe.dotomi.com — Cisco Umbrella Rank: 2584 yahoo-match.dotomi.com — Cisco Umbrella Rank: 14835	25 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	451 KB
5	google.com www.google.com — Cisco Umbrella Rank: 6	34 KB
4	liadm.com 4 redirects i.liadm.com — Cisco Umbrella Rank: 979	2 KB
4	rezync.com 4 redirects live.rezync.com — Cisco Umbrella Rank: 2302	3 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	410 B
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 356	3 KB
3	openx.net 1 redirects us-u.openx.net — Cisco Umbrella Rank: 930	570 B
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 1396	618 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 590	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1194	1 KB
2	eyeota.net 1 redirects ps.eyeota.net — Cisco Umbrella Rank: 1645	1 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 313	1 KB
2	pippio.com pippio.com — Cisco Umbrella Rank: 1480	979 B
2	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 2179	349 B
2	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 1499 image2.pubmatic.com — Cisco Umbrella Rank: 1555	950 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 240	89 KB
2	amazonaws.com angeion-public.s3.amazonaws.com — Cisco Umbrella Rank: 486646 uae4khqoag.execute-api.us-east-1.amazonaws.com — Cisco Umbrella Rank: 347934	104 KB
1	yahoo.net hb.yahoo.net — Cisco Umbrella Rank: 1385	663 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	185 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 1173	338 B
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 973	534 B
1	addthis.com x.dlx.addthis.com — Cisco Umbrella Rank: 3039	182 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 764	440 B
1	rtactivate.com bpi.rtactivate.com — Cisco Umbrella Rank: 3291	109 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 1093	643 B
1	streamtheworld.com idsync.live.streamtheworld.com — Cisco Umbrella Rank: 5188	416 B
1	rfihub.net c1.rfihub.net — Cisco Umbrella Rank: 8415	6 KB
1	digitaldisbursements.com content.digitaldisbursements.com — Cisco Umbrella Rank: 268584	4 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	2 KB
88	36

	Domain	Requested by
22	www.pssettlement.com	www.pssettlement.com
5	ups.analytics.yahoo.com	4 redirects www.pssettlement.com
5	cm.g.doubleclick.net	4 redirects www.pssettlement.com
5	www.googletagmanager.com	www.pssettlement.com www.googletagmanager.com
5	www.google.com	www.pssettlement.com www.gstatic.com www.google.com
4	i.liadm.com	4 redirects
4	p.rfihub.com	3 redirects www.pssettlement.com
4	live.rezync.com	4 redirects
4	www.google-analytics.com	www.googletagmanager.com
4	match.adsrvr.org	2 redirects js.adsrvr.org
4	www.gstatic.com	www.google.com www.gstatic.com
3	ib.adnxs.com	2 redirects www.pssettlement.com
3	us-u.openx.net	1 redirects www.pssettlement.com
3	fonts.gstatic.com	fonts.googleapis.com www.google.com
3	login.dotomi.com	1 redirects www.pssettlement.com
2	sync-tm.everesttech.net	2 redirects
2	x.bidswitch.net	1 redirects www.pssettlement.com
2	dsum-sec.casalemedia.com	1 redirects www.pssettlement.com
2	ps.eyeota.net	1 redirects www.pssettlement.com
2	dpm.demdex.net	1 redirects www.pssettlement.com
2	a.rfihub.com	1 redirects c1.rfihub.net
2	pippio.com
2	partners.tremorhub.com	www.pssettlement.com
2	connect.facebook.net	www.pssettlement.com connect.facebook.net
2	js.adsrvr.org	www.pssettlement.com insight.adsrvr.org
1	hb.yahoo.net	js.adsrvr.org
1	insight.adsrvr.org	js.adsrvr.org
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	www.facebook.com	www.pssettlement.com
1	beacon.krxd.net	www.pssettlement.com
1	aa.agkn.com	www.pssettlement.com
1	x.dlx.addthis.com	www.pssettlement.com
1	idsync.rlcdn.com	www.pssettlement.com
1	bpi.rtactivate.com	www.pssettlement.com
1	contextual.media.net	www.pssettlement.com
1	image2.pubmatic.com	www.pssettlement.com
1	idsync.live.streamtheworld.com	www.pssettlement.com
1	yahoo-match.dotomi.com	www.pssettlement.com
1	cms.analytics.yahoo.com	1 redirects
1	simage2.pubmatic.com	www.pssettlement.com
1	match.sync.ad.cpe.dotomi.com	www.pssettlement.com
1	login-ds.dotomi.com	login.dotomi.com
1	20851347p.rfihub.com	c1.rfihub.net
1	uae4khqoag.execute-api.us-east-1.amazonaws.com	www.pssettlement.com
1	c1.rfihub.net	www.pssettlement.com
1	angeion-public.s3.amazonaws.com	www.pssettlement.com
1	content.digitaldisbursements.com	www.pssettlement.com
1	fonts.googleapis.com	www.pssettlement.com
88	48

This site contains links to these domains. Also see Links.

Domain
angeion-public.s3.amazonaws.com

Subject Issuer	Validity	Valid
pssettlement.com Amazon RSA 2048 M03	`2023-12-05` - `2025-01-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.digitaldisbursements.com Amazon RSA 2048 M02	`2023-04-07` - `2024-03-30`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.rfihub.net Amazon RSA 2048 M03	`2023-10-31` - `2024-11-28`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.execute-api.us-east-1.amazonaws.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-06`	a year	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-27` - `2024-04-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-18` - `2024-01-16`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.live.streamtheworld.com Go Daddy Secure Certificate Authority - G2	`2023-03-19` - `2024-04-19`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
rtactivate.com Amazon RSA 2048 M01	`2023-03-14` - `2024-04-11`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-11` - `2024-12-11`	a year	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-09-07` - `2024-09-29`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
hb.yahoo.net R3	`2023-12-18` - `2024-03-17`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.pssettlement.com/
Frame ID: BC7BFFCC6C66F39C3260594F057BA429
Requests: 56 HTTP requests in this frame

Frame: https://20851347p.rfihub.com/ca.html?ver=9&rb=46371&ca=20851347&_o=46371&_t=20851347&pe=https%3A%2F%2Fwww.pssettlement.com%2F&pf=&ra=3673950301564979
Frame ID: EF578C3376824AE7F8C1912CD2F0C08E
Requests: 18 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LeVdgEVAAAAAGLdvtrwMCDZcDZzJ300FZHqvmud&co=aHR0cHM6Ly93d3cucHNzZXR0bGVtZW50LmNvbTo0NDM.&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=kq0ep4or5k0a
Frame ID: EAB482091F75006C7CA4E957DB49B306
Requests: 8 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=28m4gcv&ref=https%3A%2F%2Fwww.pssettlement.com%2F&upid=lobn2x0&upv=1.1.0
Frame ID: CF25948CA783A064C46FA9281558A082
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=b6b734f0-e303-4be6-b310-d61768e4f7e2&google_gid=CAESELeebxnoWgJYIin7_9YR9PA&google_cver=1
Frame ID: C83F38900D0F52223582F693116460DA
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=4877711840657632864&ttd_tdid=b6b734f0-e303-4be6-b310-d61768e4f7e2
Frame ID: A15494C1B119402B39504EB23FF26367
Requests: 1 HTTP requests in this frame

Frame: https://hb.yahoo.net/cksync?cs=63&axid_e=eS1NcURhd1lsRTJ1R2MzcFpZODNwZXB6cjhaN1g3WXcyS35B&gdpr=0&ovsid=b6b734f0-e303-4be6-b310-d61768e4f7e2&dpid=55953
Frame ID: C9D486D0102263796E82FB8943FAB8FE
Requests: 1 HTTP requests in this frame

Frame: https://a.rfihub.com/pstats.html?rb=46371&ca=20851347&ri=fb8eb5cb173fb071fbebf1b808efe72a&stats=%7B%2213488%22%3A%221155%2C1%22%2C%2217243%22%3A%22328%2C1%22%2C%2242261%22%3A%22171%2C1%22%2C%2250495%22%3A%22345%2C1%22%2C%2252220%22%3A%22263%2C1%22%2C%2253935%22%3A%22688%2C1%22%2C%2254497%22%3A%22417%2C1%22%2C%2254855%22%3A%22259%2C1%22%2C%2254863%22%3A%2288%2C1%22%2C%2255073%22%3A%22222%2C1%22%2C%2256659%22%3A%22523%2C1%22%2C%2256885%22%3A%22566%2C1%22%2C%2257347%22%3A%22420%2C2%22%2C%2257363%22%3A%22566%2C1%22%2C%2258143%22%3A%22263%2C1%22%2C%2258553%22%3A%221157%2C1%22%2C%2258561%22%3A%22263%2C1%22%7D&ra=6292064556760804
Frame ID: 440B542E1D2240B2F6F5EC1216894534
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - Pine-Sol Settlement

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

88
Requests

85 %
HTTPS

32 %
IPv6

36
Domains

48
Subdomains

40
IPs

2
Countries

1366 kB
Transfer

3843 kB
Size

57
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://angeion-public.s3.amazonaws.com/www.pssettlement.com/docs/Claim+Form.pdf
Title: Paper Claim Form

Search URL Search Domain Scan URL

URL: https://angeion-public.s3.amazonaws.com/docs/Privacy_Policy.pdf
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://us-u.openx.net/w/1.0/sd?id=537072954&val=AQEDsPeWbqVSRgE3Co4CAQA__wE&gdpr_consent= HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072954&val=AQEDsPeWbqVSRgE3Co4CAQA__wE&gdpr_consent=

Request Chain 37

https://match.adsrvr.org/track/cmf/generic?ttd_pid=6szhitj&ttd_tpi=1&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=6szhitj&ttd_tpi=1&gdpr_consent= HTTP 302
https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=13&gdpr=0&userid=b6b734f0-e303-4be6-b310-d61768e4f7e2

Request Chain 39

https://login.dotomi.com/match/bounce/current?networkId=41440&version=1&nuid=AQEDsPeWbqVSRgE3Co4CAQA__wE&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=epsilon-ddp&google_hm=QVFFRHNQZVdicVZTUmdFM0NvNENBUUFfX3dF&expiration=1704892967&nuid=AQEDsPeWbqVSRgE3Co4CAQA__wE&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=epsilon-ddp&google_hm=QVFFRHNQZVdicVZTUmdFM0NvNENBUUFfX3dF&expiration=1704892967&nuid=AQEDsPeWbqVSRgE3Co4CAQA__wE&gdpr_consent=&google_tc=

Request Chain 40

https://cms.analytics.yahoo.com/cms?partner_id=PCLOUD&_hosted_id=AQEDsPeWbqVSRgE3Co4CAQA__wE&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58678/cms?partner_id=PCLOUD&_hosted_id=AQEDsPeWbqVSRgE3Co4CAQA__wE&gdpr_consent= HTTP 302
https://yahoo-match.dotomi.com/match/pixel/current?networkId=67215&version=1&nuid=y-QLgNjyZE2oAzrB110IssEqWfHZlyI248xM5g~A

Request Chain 42

https://ups.analytics.yahoo.com/ups/55853/sync?_origin=1&uid=AQEDsPeWbqVSRgE3Co4CAQA__wE&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/55853/sync?_origin=1&uid=AQEDsPeWbqVSRgE3Co4CAQA__wE&gdpr_consent=&verify=true

Request Chain 52

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=968062845584840463&referrer=https%3A%2F%2Fwww.pssettlement.com%2F&forward= HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=d314decc-f370-4d8d-aa25-935999ba3b67%3A1704806567.8512785&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd314decc-f370-4d8d-aa25-935999ba3b67%253A1704806567.8512785%26pid%3D500040%26it%3D1%26iv%3Dd314decc-f370-4d8d-aa25-935999ba3b67%253A1704806567.8512785%26_%3D1704806567.85363&cb=1704806567.8536632 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=968062845584840463&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd314decc-f370-4d8d-aa25-935999ba3b67%253A1704806567.8512785%26pid%3D500040%26it%3D1%26iv%3Dd314decc-f370-4d8d-aa25-935999ba3b67%253A1704806567.8512785%26_%3D1704806567.85363 HTTP 302
https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=d314decc-f370-4d8d-aa25-935999ba3b67%3A1704806567.8512785&pid=500040&it=1&iv=d314decc-f370-4d8d-aa25-935999ba3b67%3A1704806567.8512785&_=1704806567.85363 HTTP 303
https://i.liadm.com/s/56409?bidder_id=200442&it=1&bidder_uuid=d314decc-f370-4d8d-aa25-935999ba3b67:1704806567.8512785&pid=500040&_li_chk=true&_=1704806567.85363&iv=d314decc-f370-4d8d-aa25-935999ba3b67:1704806567.8512785&previous_uuid=66a2a54891ba40689436cfcc6bb0f2ea HTTP 303
https://pippio.com/api/sync?it=1&pid=500040&_=1704806567.85363&iv=d314decc-f370-4d8d-aa25-935999ba3b67:1704806567.8512785

Request Chain 53

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=OTY4MDYyODQ1NTg0ODQwNDYz&forward= HTTP 302
https://cm.g.doubleclick.net/pixel?in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=OTY4MDYyODQ1NTg0ODQwNDYz&forward=&google_tc= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEP5a3m4GDoVaCi6c0LWdasQ&google_cver=1 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=968062845584840463&referrer={encSite}&forward= HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=d314decc-f370-4d8d-aa25-935999ba3b67%3A1704806567.8512785&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd314decc-f370-4d8d-aa25-935999ba3b67%253A1704806567.8512785%26pid%3D500040%26it%3D1%26iv%3Dd314decc-f370-4d8d-aa25-935999ba3b67%253A1704806567.8512785%26_%3D1704806568.1327918&cb=1704806568.1328337 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=968062845584840463&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd314decc-f370-4d8d-aa25-935999ba3b67%253A1704806567.8512785%26pid%3D500040%26it%3D1%26iv%3Dd314decc-f370-4d8d-aa25-935999ba3b67%253A1704806567.8512785%26_%3D1704806568.1327918 HTTP 302
https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=d314decc-f370-4d8d-aa25-935999ba3b67%3A1704806567.8512785&pid=500040&it=1&iv=d314decc-f370-4d8d-aa25-935999ba3b67%3A1704806567.8512785&_=1704806568.1327918 HTTP 303
https://i.liadm.com/s/56409?bidder_id=200442&it=1&bidder_uuid=d314decc-f370-4d8d-aa25-935999ba3b67:1704806567.8512785&pid=500040&_li_chk=true&_=1704806568.1327918&iv=d314decc-f370-4d8d-aa25-935999ba3b67:1704806567.8512785&previous_uuid=50a6fb4fa0ea4ee49513d16f37135aca HTTP 303
https://pippio.com/api/sync?it=1&pid=500040&_=1704806568.1327918&iv=d314decc-f370-4d8d-aa25-935999ba3b67:1704806567.8512785

Request Chain 54

https://ib.adnxs.com/setuid?entity=18&code=968062845584840463 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D968062845584840463

Request Chain 55

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=968062845584840463&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=968062845584840463&redir=

Request Chain 58

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=968062845584840463&bid=omt9pi0 HTTP 302
https://ps.eyeota.net/match/bounce/?uid=968062845584840463&bid=omt9pi0

Request Chain 61

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=968062845584840463&forward= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=968062845584840463&forward=&C=1

Request Chain 67

https://x.bidswitch.net/sync?dsp_id=119&user_id=968062845584840463&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD} HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=968062845584840463&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}

Request Chain 68

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZZ1IqAANOjq1AgBd HTTP 302
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZZ1IqAANOjq1AgBd&_test=ZZ1IqAANOjq1AgBd

Request Chain 82

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=YjZiNzM0ZjAtZTMwMy00YmU2LWIzMTAtZDYxNzY4ZTRmN2Uy&gdpr=0&gdpr_consent=&ttd_tdid=b6b734f0-e303-4be6-b310-d61768e4f7e2 HTTP 302
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=b6b734f0-e303-4be6-b310-d61768e4f7e2&google_gid=CAESELeebxnoWgJYIin7_9YR9PA&google_cver=1

Request Chain 83

https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=b6b734f0-e303-4be6-b310-d61768e4f7e2 HTTP 302
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=4877711840657632864&ttd_tdid=b6b734f0-e303-4be6-b310-d61768e4f7e2

Request Chain 84

https://ups.analytics.yahoo.com/ups/55953/sync?uid=b6b734f0-e303-4be6-b310-d61768e4f7e2&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=55953&ovsid=b6b734f0-e303-4be6-b310-d61768e4f7e2&gdpr=0&redir=true HTTP 302
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1NcURhd1lsRTJ1R2MzcFpZODNwZXB6cjhaN1g3WXcyS35B&gdpr=0&ovsid=b6b734f0-e303-4be6-b310-d61768e4f7e2&dpid=55953

88 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.pssettlement.com/ 6 KB
2 KB 309ms
154ms Document
text/html 18.154.227.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pssettlement.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-129.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6181e09153adec2bef8738a4b393733491ffd3484b00b546ed8a3d3795db71a6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 413
content-encoding: br
content-type: text/html
date: Tue, 09 Jan 2024 13:15:54 GMT
etag: W/"b41eaa9d6388d8211e1dd51e6df449a0"
last-modified: Thu, 07 Dec 2023 23:52:22 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 cca398e17a6efdfcb7d03d1478e3dd56.cloudfront.net (CloudFront)
x-amz-cf-id: 0MfUAwM9LGf0MDNJchLaVWy8T9NShIMTFbKyVhvZ8yxFR85PFUvH1g==
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
x-amz-version-id: ZsmpeySumvi3C1Pu3KwvSBDFk6bT39cv
x-cache: Error from cloudfront

GET
H2 200 css
fonts.googleapis.com/ 35 KB
2 KB 231ms
82ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald|Open+Sans:400italic,600italic,700italic,400,700,600

Requested by

Host: www.pssettlement.com
URL: https://www.pssettlement.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b496f6097ad7de071de27aa8a5a9c3abeb04c3b7e0ee0c002dd2d195eda358bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.pssettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 09 Jan 2024 13:22:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 09 Jan 2024 13:02:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 Jan 2024 13:22:46 GMT

GET
H2 200 bootstrap.min.css
www.pssettlement.com/assets/css/vendor/ 216 KB
26 KB 129ms
121ms Stylesheet
text/css 18.154.227.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pssettlement.com/assets/css/vendor/bootstrap.min.css
Requested by: Host: www.pssettlement.com
URL: https://www.pssettlement.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-129.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 932ea15108928991bcf0c0a46415fc652de5ffc0158c35205357b90c65eeb386

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.pssettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 05:03:11 GMT
x-amz-version-id: x8BI9xclJDibYLyPZHMmv90b1OJ0xsXR
content-encoding: br
last-modified: Wed, 06 Dec 2023 19:05:08 GMT
server: AmazonS3
via: 1.1 cca398e17a6efdfcb7d03d1478e3dd56.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
etag: W/"5b42276b3039eaf18cc199cb4c8db7b8"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
age: 29976
x-amz-cf-id: -zRUQxF9Hbltm3DcKCPdD9IkS1w5rmzBzhN-d1FV942zCiAKFrWd7g==

GET
H2 200 bootstrap-icons.css
www.pssettlement.com/assets/css/vendor/ 86 KB
11 KB 117ms
110ms Stylesheet
text/css 18.154.227.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pssettlement.com/assets/css/vendor/bootstrap-icons.css
Requested by: Host: www.pssettlement.com
URL: https://www.pssettlement.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-129.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7ffd6a9d3e31124dfb8f045ba8081aa008ea5fa5cfb6605053c087167a5b2b6c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.pssettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: J83JxjN0Vaz_R34VhXwi9Xj4oqZwJUMb
content-encoding: br
via: 1.1 cca398e17a6efdfcb7d03d1478e3dd56.cloudfront.net (CloudFront)
date: Mon, 08 Jan 2024 16:22:55 GMT
last-modified: Wed, 06 Dec 2023 19:05:08 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5
age: 75592
x-amz-server-side-encryption: AES256
etag: W/"32572060fcefeb641d675114592df6d9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: S8k-TZ8GcumbOuJl0mEeaARIwbhTPtLr9Vgu2r_N4BM35a0J53JV9A==

GET
H2 200 pikaday.css
www.pssettlement.com/assets/css/vendor/ 4 KB
2 KB 171ms
164ms Stylesheet
text/css 18.154.227.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pssettlement.com/assets/css/vendor/pikaday.css
Requested by: Host: www.pssettlement.com
URL: https://www.pssettlement.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-129.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3f978a1c2121cf4891c5067159f5d81c856350ca192f541616b2266b32ee6960

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.pssettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:55:54 GMT
x-amz-version-id: e0pqctDSps_TES8nOiKSRHJw3_rr0qG3
content-encoding: br
last-modified: Wed, 06 Dec 2023 19:05:08 GMT
server: AmazonS3
via: 1.1 cca398e17a6efdfcb7d03d1478e3dd56.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
etag: W/"4f55c62a11f28c282aa1a1159752c764"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
age: 77213
x-amz-cf-id: 98ff-vZWSlagiCrudXXehwlygROFEqNNPC6lUSDsXNVQ8ZAfVpNy8w==

GET
H2 200 site.css
www.pssettlement.com/assets/css/ 9 KB
3 KB 62ms
55ms Stylesheet
text/css 18.154.227.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pssettlement.com/assets/css/site.css
Requested by: Host: www.pssettlement.com
URL: https://www.pssettlement.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-129.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8ec01e4e3a48bd7aaa50126e9e79f94f26accd2ddb53f09211bf8cfaeba8f3f4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.pssettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 04:36:56 GMT
x-amz-version-id: ZNZZXXAZgT6hZPD3yAF4a8mNB5dZ89Vp
content-encoding: br
last-modified: Wed, 06 Dec 2023 19:05:08 GMT
server: AmazonS3
via: 1.1 cca398e17a6efdfcb7d03d1478e3dd56.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
etag: W/"324173a98930e29621452f8f0ebde3b4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
age: 31551
x-amz-cf-id: 7LUlPIJHJYNu8_G1JlTePqhGXLLYPMJ1KEvyXyPEdd9ocBaC6a8XhQ==

GET
H2 200 jquery-3.6.3.min.js Show response
www.pssettlement.com/assets/js/vendor/ 88 KB
30 KB 68ms
62ms Script
application/javascript 18.154.227.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pssettlement.com/assets/js/vendor/jquery-3.6.3.min.js
Requested by: Host: www.pssettlement.com
URL: https://www.pssettlement.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-129.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2c7cacf4cb39e1bd7d2739ca79f9194b5960655e2f4cee2874c971c59d8c6572

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.pssettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 04:36:58 GMT
x-amz-version-id: MPzz0KMOQcwGjWmvrC7K0cBIvLyOZeDN
content-encoding: br
last-modified: Wed, 06 Dec 2023 19:05:09 GMT
server: AmazonS3
via: 1.1 cca398e17a6efdfcb7d03d1478e3dd56.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
etag: W/"1f493477e83321e6f7774768db50fc70"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 31548
x-amz-cf-id: YNjt8Ltf-DK-19BZK2r7P6VbUcQ8F8VzqZ40nmZloropwt4WFYEV_w==

GET
H2 200 bootstrap.bundle.min.js Show response
www.pssettlement.com/assets/js/vendor/ 78 KB
22 KB 136ms
130ms Script
application/javascript 18.154.227.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pssettlement.com/assets/js/vendor/bootstrap.bundle.min.js
Requested by: Host: www.pssettlement.com
URL: https://www.pssettlement.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-129.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f2d5bf3dbbd60cb4c41e2c233a0dfb0e0ee0c2796cea8d885b65dbd41dc8f1ac

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.pssettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 05:08:14 GMT
x-amz-version-id: STdL0q4pRPTfbRnnj_CsfT9yn7dVcGjR
content-encoding: br
last-modified: Wed, 06 Dec 2023 19:05:09 GMT
server: AmazonS3
via: 1.1 cca398e17a6efdfcb7d03d1478e3dd56.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
etag: W/"5823d3a82ba16243236570cd3d413b57"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 29673
x-amz-cf-id: w7pLG7qWfQXZfa8GIDTo4w4zILZK-hULvm_coD_3jHQlb1r1QKl08w==

GET
H2 200 axios.standalone.js Show response
www.pssettlement.com/assets/js/vendor/ 8 KB
3 KB 126ms
121ms Script
application/javascript 18.154.227.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pssettlement.com/assets/js/vendor/axios.standalone.js
Requested by: Host: www.pssettlement.com
URL: https://www.pssettlement.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-129.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9f28f93c0ea27c8a93a0f88550ee5866bfceab40a977c997991a43ef08dc1c0d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.pssettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 04:35:26 GMT
x-amz-version-id: w2eKJT9En7ELxsKaUY55wC2nfRyjuO.N
content-encoding: br
last-modified: Wed, 06 Dec 2023 19:05:09 GMT
server: AmazonS3
via: 1.1 cca398e17a6efdfcb7d03d1478e3dd56.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
etag: W/"d7fe3a94c23d25a3ba9adeb907d87054"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 31641
x-amz-cf-id: VD4Mw_Q02AF75YQwC7YyYOQmAzqzyOgBef8-Ky3hy4tYwzvjphKXiw==

GET
H2 200 hmac-sha256.js Show response
www.pssettlement.com/assets/js/vendor/api-gateway/ 5 KB
2 KB 136ms
131ms Script
application/javascript 18.154.227.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pssettlement.com/assets/js/vendor/api-gateway/hmac-sha256.js
Requested by: Host: www.pssettlement.com
URL: https://www.pssettlement.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-129.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0909d30767c34fcfa41c223d0b751bb4baad6405e750bbb8b76338645d2da58

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.pssettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: zrTgKRKXEQLXaby9Si9Ngh790F4xY8Vr
content-encoding: br
via: 1.1 cca398e17a6efdfcb7d03d1478e3dd56.cloudfront.net (CloudFront)
date: Mon, 08 Jan 2024 16:22:57 GMT
last-modified: Wed, 06 Dec 2023 19:05:08 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5
age: 75590
x-amz-server-side-encryption: AES256
etag: W/"40568e96f7c37e7501b150e5309da2d7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: keLn8tIdoJcogJ4_1Vg_LbELN99JD3XtpOTW6uWDtP7rKi27cAOEfA==

GET
H2 200 sha256.js Show response
www.pssettlement.com/assets/js/vendor/api-gateway/ 4 KB
2 KB 164ms
160ms Script
application/javascript 18.154.227.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pssettlement.com/assets/js/vendor/api-gateway/sha256.js
Requested by: Host: www.pssettlement.com
URL: https://www.pssettlement.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-129.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 54c532ae1e79abcad7a529433183ef887f4fb319eb3e2e5f81f005b2587e48f8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.pssettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 04:36:59 GMT
x-amz-version-id: yzY0DlF8EBhYEqgdkUmTDJO4UXfyiiGW
content-encoding: br
last-modified: Wed, 06 Dec 2023 19:05:08 GMT
server: AmazonS3
via: 1.1 cca398e17a6efdfcb7d03d1478e3dd56.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
etag: W/"e8239c40112618b36b34f3170f3b0330"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 31548
x-amz-cf-id: xvFNv9OsPBCb7BtLdPq0SWW24mvyYv3d0dnk94-6h4GZNxqjQSG16w==

GET
H2 200 hmac.js Show response
www.pssettlement.com/assets/js/vendor/api-gateway/ 621 B
1015 B 127ms
122ms Script
application/javascript 18.154.227.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pssettlement.com/assets/js/vendor/api-gateway/hmac.js
Requested by: Host: www.pssettlement.com
URL: https://www.pssettlement.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-129.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: af125616c5e7f8ceb83d3871043fb4b58c100ceb9ac5dad88abaec5a6f3d277a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.pssettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 04:35:26 GMT
x-amz-version-id: X6FyXkyv4CeCJdT4hW7IGAFSqOug1D32
via: 1.1 cca398e17a6efdfcb7d03d1478e3dd56.cloudfront.net (CloudFront)
last-modified: Wed, 06 Dec 2023 19:05:08 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5
age: 31641
etag: "ae4f8ccec3683c3ddf13c8da1e209c6a"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 621
x-amz-cf-id: KlA1cq594nf7Di_4xsj2n5VS9695SuWqjkqTF-QFg39FGFaaNsBeLw==

GET
H2 200 enc-base64.js Show response
www.pssettlement.com/assets/js/vendor/api-gateway/ 724 B
1 KB 171ms
167ms Script
application/javascript 18.154.227.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pssettlement.com/assets/js/vendor/api-gateway/enc-base64.js
Requested by: Host: www.pssettlement.com
URL: https://www.pssettlement.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-129.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f23fd26d8bf990647995a6edf9747569e877f1adcaf169c6e80550bd41ae761b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.pssettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: u3FxMAyc.xaewx9OQk6VBjyBGZzHlprd
date: Mon, 08 Jan 2024 13:29:38 GMT
via: 1.1 cca398e17a6efdfcb7d03d1478e3dd56.cloudfront.net (CloudFront)
last-modified: Wed, 06 Dec 2023 19:05:09 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5
age: 85989
x-amz-server-side-encryption: AES256
etag: "36c4d26ca3a99df88306565bfc4f5eb2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 724
x-amz-cf-id: -Rf5fA20orBlW4Q20_zyOO7kdQohSerdYrE3_MrpcY9mcMObHetADw==

GET
H2 200 url-template.js Show response
www.pssettlement.com/assets/js/vendor/api-gateway/ 4 KB
2 KB 168ms
164ms Script
application/javascript 18.154.227.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pssettlement.com/assets/js/vendor/api-gateway/url-template.js
Requested by: Host: www.pssettlement.com
URL: https://www.pssettlement.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-129.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e97b7169cf759d86fd0047ac443d178767c61d30ec4620e767a71311f41ba68

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.pssettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 03:25:43 GMT
x-amz-version-id: 1G7PqvA1APATvXM_lSI40mi4tmgcXRGP
content-encoding: br
last-modified: Wed, 06 Dec 2023 19:05:09 GMT
server: AmazonS3
via: 1.1 cca398e17a6efdfcb7d03d1478e3dd56.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
etag: W/"cd1519b4da516550e82fe22623d3dc9e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 35824
x-amz-cf-id: ALfJUfU8qljX_D-1J27jpL-EuOrEJZdRkiqbwkBV4ny2Ikz-HZ33FQ==

GET
H2 200 sigV4Client.js Show response
www.pssettlement.com/assets/js/vendor/api-gateway/ 3 KB
1 KB 169ms
165ms Script
application/javascript 18.154.227.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pssettlement.com/assets/js/vendor/api-gateway/sigV4Client.js
Requested by: Host: www.pssettlement.com
URL: https://www.pssettlement.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-129.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 675ba1093c5f79718a3a2d9c36092b37dd2d832907898d7eb5f409cbf8ba0f2a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.pssettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: aaOOfMra3hrl11H.i.bfeQnTRPBGZqoL
content-encoding: br
via: 1.1 cca398e17a6efdfcb7d03d1478e3dd56.cloudfront.net (CloudFront)
date: Mon, 08 Jan 2024 13:29:38 GMT
last-modified: Wed, 06 Dec 2023 19:05:09 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5
age: 85989
x-amz-server-side-encryption: AES256
etag: W/"417f395e647f4b5f69f0671bfaa3fbed"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: DYtV_lbqpW4BTHUkGUA7jPn22teMiSWtArgWYIUJ3p8zXEIR8aZIsw==

GET
H2 200 apiGatewayClient.js Show response
www.pssettlement.com/assets/js/vendor/api-gateway/ 671 B
1 KB 171ms
168ms Script
application/javascript 18.154.227.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pssettlement.com/assets/js/vendor/api-gateway/apiGatewayClient.js
Requested by: Host: www.pssettlement.com
URL: https://www.pssettlement.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-129.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eacd86329137624e1d8db00e4c116b0e5708e4ce126e52cf70ad1b605c2176a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.pssettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:45:23 GMT
x-amz-version-id: 58dZWc4lUt3BXica0ec23YHZbgxj5Zgq
via: 1.1 cca398e17a6efdfcb7d03d1478e3dd56.cloudfront.net (CloudFront)
last-modified: Wed, 06 Dec 2023 19:05:09 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5
age: 70644
etag: "65aba7fd743962bbe67366edf067aa93"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 671
x-amz-cf-id: dasPRooNon8H-lqU7xxkhA8v66VXcBfEMA0tCRSv623v3y1PVfVdsw==

GET
H2 200 simpleHttpClient.js Show response
www.pssettlement.com/assets/js/vendor/api-gateway/ 975 B
1 KB 168ms
164ms Script
application/javascript 18.154.227.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pssettlement.com/assets/js/vendor/api-gateway/simpleHttpClient.js
Requested by: Host: www.pssettlement.com
URL: https://www.pssettlement.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-129.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b7c555781591b69eb6f37b24b0bbeb745aa404a94a21f952a13ff7a6b396c79c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.pssettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:56:56 GMT
x-amz-version-id: S7iTi576FBvgMJw_7VpmtLghKNqvB0MM
via: 1.1 cca398e17a6efdfcb7d03d1478e3dd56.cloudfront.net (CloudFront)
last-modified: Wed, 06 Dec 2023 19:05:09 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5
age: 73550
etag: "e7d08120ccd1cb4721550f3db658c617"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 975
x-amz-cf-id: e2UA0roZzjKVGfqkV7jQTjKvxUN895v9Gw4GgHnzT4-Ppn6c3DbC4w==

GET
H2 200 utils.js Show response
www.pssettlement.com/assets/js/vendor/api-gateway/ 959 B
1 KB 172ms
169ms Script
application/javascript 18.154.227.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pssettlement.com/assets/js/vendor/api-gateway/utils.js
Requested by: Host: www.pssettlement.com
URL: https://www.pssettlement.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-129.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 16d219bf76c6881aaedcc24c5e067541bba132aea77ac42771f1657f6cdb13da

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.pssettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 04:35:27 GMT
x-amz-version-id: RNdWUZQCwoyH54pnGmyS_w.7sHHw25U7
via: 1.1 cca398e17a6efdfcb7d03d1478e3dd56.cloudfront.net (CloudFront)
last-modified: Wed, 06 Dec 2023 19:05:09 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5
age: 31640
etag: "e2257770bd3f654e7a55c47655429cc9"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 959
x-amz-cf-id: ZOTgYoAfQb0Zt9HJY0MqSmWkew4uthoQc9HgGsYSIcVvTYfMqIu3Zw==

GET
H2 200 apigClient.js Show response
www.pssettlement.com/assets/js/vendor/api-gateway/ 32 KB
2 KB 187ms
185ms Script
application/javascript 18.154.227.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pssettlement.com/assets/js/vendor/api-gateway/apigClient.js
Requested by: Host: www.pssettlement.com
URL: https://www.pssettlement.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-129.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3e44a79ea883e4e7c1107ed776282f5a40b324b6b1872a69f37d6ea8d423c278

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.pssettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 04:36:59 GMT
x-amz-version-id: xaGbIadlOwu_xbxCssrXRvJKNVLRsM57
content-encoding: br
last-modified: Wed, 06 Dec 2023 19:05:08 GMT
server: AmazonS3
via: 1.1 cca398e17a6efdfcb7d03d1478e3dd56.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
etag: W/"4a11f3118931c1002806d66fdcb2e946"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 31547
x-amz-cf-id: 95DJsTJFuXXNCNSqNiKhxUUHszfo7H6D2nXsxvLVelmeliwgmUKvGg==

GET
H2 200 pikaday.js Show response
www.pssettlement.com/assets/js/vendor/ 16 KB
6 KB 171ms
169ms Script
application/javascript 18.154.227.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pssettlement.com/assets/js/vendor/pikaday.js
Requested by: Host: www.pssettlement.com
URL: https://www.pssettlement.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-129.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 80ec5d2aaf30c275a06f8195532e752b26eb496f438af59c3268dfcda49990d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.pssettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 04:27:05 GMT
x-amz-version-id: H71O3z4T27lpBVAg0Ys8IEhTGrgtx7fG
content-encoding: br
last-modified: Wed, 06 Dec 2023 19:05:09 GMT
server: AmazonS3
via: 1.1 cca398e17a6efdfcb7d03d1478e3dd56.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
etag: W/"af1883c8f451b131b783843b3a948653"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 32142
x-amz-cf-id: j5oQ4UenxaJAtH-rvcknFIrH65iOAWd_Zwif1fLg53O3By_Xdlpnqw==

GET
H2 200 spark-md5.js Show response
www.pssettlement.com/assets/js/vendor/ 8 KB
3 KB 168ms
166ms Script
application/javascript 18.154.227.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pssettlement.com/assets/js/vendor/spark-md5.js
Requested by: Host: www.pssettlement.com
URL: https://www.pssettlement.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-129.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a1c99ac30e84d81f2268d94f4ab990d50682ccdbffa362c1640adc6734572126

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.pssettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: hk6aeUFATU4tcUJ.v67CHQBbrXZfh1q.
content-encoding: br
via: 1.1 cca398e17a6efdfcb7d03d1478e3dd56.cloudfront.net (CloudFront)
date: Mon, 08 Jan 2024 15:17:33 GMT
last-modified: Wed, 06 Dec 2023 19:05:09 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5
age: 79514
x-amz-server-side-encryption: AES256
etag: W/"d90b944ca44720946eaeeef7d3b505b3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 3G54nUB-pZQeR286IcuoIT_1bkB-YF8_ytblzre5icSady4HM_TuSQ==

GET
H2 200 vanilla-otp.min.js Show response
www.pssettlement.com/assets/js/vendor/ 2 KB
1 KB 185ms
183ms Script
application/javascript 18.154.227.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pssettlement.com/assets/js/vendor/vanilla-otp.min.js
Requested by: Host: www.pssettlement.com
URL: https://www.pssettlement.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-129.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 74761e7a123d13b3f93b44f9f21878996290b97413892e27233b1bb28aab18bd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.pssettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 04:37:00 GMT
x-amz-version-id: GrXrNGdmmHlN0Ah8qaEjR9LNi6KChpCv
content-encoding: br
last-modified: Wed, 06 Dec 2023 19:05:09 GMT
server: AmazonS3
via: 1.1 cca398e17a6efdfcb7d03d1478e3dd56.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
etag: W/"a92254e914b6368666fe932eb0710a0d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 31547
x-amz-cf-id: lNz7Y5DgPIv_GwvkW_mTcUg5LIuwmTKcB3ghB36tzxqPNAK2ztb7Ug==

GET
H2 200 bundle.js Show response
www.pssettlement.com/ 138 KB
28 KB 177ms
175ms Script
application/javascript 18.154.227.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pssettlement.com/bundle.js?id=2ab7f79c53e33df483bf
Requested by: Host: www.pssettlement.com
URL: https://www.pssettlement.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-129.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3976722a30b4bc3b15f276e81d9c612cb7995f616b31a317866e312240495c98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.pssettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 04:37:00 GMT
x-amz-version-id: d_C0_XvvgQ2f_HTg9A5Qlvs.J9hhrpVP
content-encoding: br
last-modified: Thu, 07 Dec 2023 23:52:22 GMT
server: AmazonS3
via: 1.1 cca398e17a6efdfcb7d03d1478e3dd56.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
etag: W/"fe9e905abb98f582a6b077b9c50ba864"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 31547
x-amz-cf-id: nhi35iq8axOntbRqZIHHVwz1dtIkmFzlHEJB6VCIcuYm6GpYsukEdg==

GET
H2 200 host.js Show response
content.digitaldisbursements.com/v1.4.3/assets/ 8 KB
4 KB 259ms
63ms Script
application/javascript 2600:9000:208f:f400:1c:a2a8:b080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.digitaldisbursements.com/v1.4.3/assets/host.js
Requested by: Host: www.pssettlement.com
URL: https://www.pssettlement.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:208f:f400:1c:a2a8:b080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e4cd5d3936b0067a3194e11b0fd5f6ba9de4accd8b48c05a7060a68bf1a36929

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.pssettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 20:59:25 GMT
x-amz-version-id: zLeI6KA14JKUhjKuS8n8g1uNy2VnWxq7
content-encoding: gzip
last-modified: Thu, 04 Jan 2024 20:55:11 GMT
server: AmazonS3
via: 1.1 7c9d2cffb8d1fe464e9f78e42af1b34c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C3
etag: W/"2e484e2776119c125a67b82ca633c52f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 59002
x-amz-cf-id: KV7PwMj4T-tDelZ6j3M5rTmZ9nE60iHmwe7ZUaq5N2g_Oue19jqjzw==

GET
H2 200 enterprise.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 231ms
83ms Script
text/javascript 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6LeVdgEVAAAAAGLdvtrwMCDZcDZzJ300FZHqvmud

Requested by

Host: www.pssettlement.com
URL: https://www.pssettlement.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

39627584c8d228d1ce982c2e3f9133adcef20ca435571fa73edf3ed6522ab280

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.pssettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 13:22:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 09 Jan 2024 13:22:46 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 5 KB
3 KB 214ms
62ms Script
application/x-javascript 108.139.33.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.pssettlement.com
URL: https://www.pssettlement.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.33.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-33-128.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.pssettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 07:23:59 GMT
Content-Encoding: gzip
Via: 1.1 ef24c2f85065aa2c39cf270c915f3398.cloudfront.net (CloudFront)
Last-Modified: Wed, 20 Dec 2023 01:34:49 GMT
Server: AmazonS3
X-Amz-Cf-Pop: JFK50-P2
Age: 21528
ETag: W/"b7474eac210849250426a8f6a39d00f3"
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: GE0iZ0zSDQMZoxuIzapOoADv5ywrTwn70cnivIFTZcixldwjoGTnlg==

GET
H/1.1 200
OK loading.gif
angeion-public.s3.amazonaws.com/img/ 43 KB
43 KB 213ms
83ms Image
image/gif 52.217.89.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://angeion-public.s3.amazonaws.com/img/loading.gif
Requested by: Host: www.pssettlement.com
URL: https://www.pssettlement.com/assets/css/site.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5efd90918cf06e52b0d529317f067ac0fc658356ca338d95c5a54ef9690ff77a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.pssettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 13:22:47 GMT
x-amz-version-id: null
Last-Modified: Thu, 11 Jul 2019 15:30:37 GMT
Server: AmazonS3
x-amz-request-id: JK08VEQ6JMESA2A5
ETag: "f7ccc9e1852de0225d0800fc38406020"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 43906
x-amz-id-2: aixDgrxYOft8kzatImb5iHG/VYkHQbsjZ0BH9LpPuSIX5nZ9nBI1lTLvDg8QtLXfAc0ortnFpFU=

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ 503 KB
202 KB 208ms
66ms Script
text/javascript 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6LeVdgEVAAAAAGLdvtrwMCDZcDZzJ300FZHqvmud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pssettlement.com/
Origin: https://www.pssettlement.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 11:09:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180780
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205927
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 06 Jan 2025 11:09:46 GMT

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 243ms
67ms Script
application/x-javascript 2600:9000:2191:4600:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: www.pssettlement.com
URL: https://www.pssettlement.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2191:4600:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.pssettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 13:09:36 GMT
content-encoding: gzip
via: 1.1 7c4bbd97f5be908e33f403c3794f629a.cloudfront.net (CloudFront)
last-modified: Tue, 09 Jan 2024 13:09:26 GMT
server: Jetty(9.4.51.v20230217)
x-amz-cf-pop: IAD89-C1
age: 790
x-cache: Hit from cloudfront
content-type: application/x-javascript
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: public, max-age=3600
content-length: 6162
x-amz-cf-id: Cx0u0akFWgOygKY2SROLw5UtYBWAjlhqB4EDfqK5a0j09O0_4QDOzg==
expires: Tue, 09 Jan 2024 14:09:36 GMT

GET
H2 200 1_0 Show response
login.dotomi.com/profile/visit/js/ 49 KB
12 KB 244ms
71ms Script
application/javascript 216.48.66.44
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to

Full URL: https://login.dotomi.com/profile/visit/js/1_0?dtm_cid=81662&dtm_cmagic=c239d4&dtm_fid=6134&cachebuster=5132616754
Requested by: Host: www.pssettlement.com
URL: https://www.pssettlement.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.48.66.44 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS: ric02-nessy-float2.dotomi.com
Software: nginx /
Resource Hash: 9edc4197fe815dadb19703a640ac203492551a454554ff575481ebffd43e6f72

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.pssettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 13:22:46 GMT
content-encoding: gzip
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
content-type: application/javascript
cache-control: no-cache, private, max-age=0, no-store
content-length: 11843
expires: 0

GET
H2 200 website Show response
uae4khqoag.execute-api.us-east-1.amazonaws.com/prod/ 60 KB
61 KB 226ms
84ms Fetch
application/json 18.67.76.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uae4khqoag.execute-api.us-east-1.amazonaws.com/prod/website?domain=www.pssettlement.com&active=true
Requested by: Host: www.pssettlement.com
URL: https://www.pssettlement.com/bundle.js?id=2ab7f79c53e33df483bf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.76.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-76-47.iad89.r.cloudfront.net
Software: /
Resource Hash: ff322bb7e19845181c02476f08c702efdbb8efa807bb0bd8cfeb9ccd12d09951

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.pssettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 13:22:46 GMT
via: 1.1 5035c434ac92f0eed9f2b400824fa6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P2
x-amzn-requestid: 6aa67ddd-bdd3-455a-b536-2382d4b68c9c
x-amzn-trace-id: Root=1-659d48a6-3013fef1724d042a2d0e170b
x-custom-header: get angeion website content
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: X-Device-Token
access-control-allow-credentials: true
x-device-token: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJkZXZpY2VJZCI6Imt2NXk0d2F2dG5veG5jNThqd3VqZWplMyIsImlhdCI6MTcwNDgwNjQ2MX0.UqsQ-zLT8aybhhXguu9D4UBCAGSC7VRVD9fTfHIMi8AoYBlSAN_3A7dwVKmYIbv5uZg491_oVW39-KLRcpBkj-v_aYd39JKNHapydRm4dUSN9m29nzC0JlMK7n02IaLRaJ4qXYdUJlnj4LgNj88NoTssaOezSmoNwypUv2dKlQnOuykZBBzey5FoE-An4gy-D40OoTj8Wu_lkdnb7n43VjM6vPFnr0NG-5qfSaGhlyd7THPaUDsFRw3yTFausjC3gz6tpL3pCPT6TsGzLCCgs4jaX02bk-GQ9OafhP6pmnDIAuQCJLIeGMJL8Me68rdoZTb3NUIZ-SUZGI2LEt9Clg
x-amz-apigw-id: RRhKIEjxoAMEG_Q=
content-length: 61641
x-amz-cf-id: rV6pEesc_JTb-BSLu5epJQ4EvmCp2Egn-4Go2H0wGZAuTCRD0dlcjA==

GET
H/1.1 200
OK ca.html Show response
20851347p.rfihub.com/ Frame EF57 5 KB
6 KB 630ms
107ms Document
text/html 199.38.167.131
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20851347p.rfihub.com/ca.html?ver=9&rb=46371&ca=20851347&_o=46371&_t=20851347&pe=https%3A%2F%2Fwww.pssettlement.com%2F&pf=&ra=3673950301564979
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.38.167.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: eee4b790b9f6e1b95ab4eaaef9e5575620f8edbd89e0b2f47e6443601428acc7

Request headers

Referer: https://www.pssettlement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-cache
Content-Length: 4900
Content-Type: text/html;charset=utf-8
Date: Tue, 09 Jan 2024 13:22:47 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H2 200 js Show response
login-ds.dotomi.com/profile/visit/final/ 50 KB
12 KB 241ms
62ms Script
application/javascript 2606:ae80:1451:21::410
VALUECLICK

General

Check archive.org

Show headers Download Go to

Full URL: https://login-ds.dotomi.com/profile/visit/final/js?init_wl_code=1&dtm_user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.129%20Safari%2F537.36&dtm_cookies_enabled=true&dtm_country_code=US&dtm_form_uid=194207389163169457&dtm_token=AQEDsPeWbqVSRgE3Co4CAQA__wE&dtm_state=NY&cachebuster=5132616754&tcflag=true&dtm_zip_code=10025&dtm_use_flash_cookies=false&dtm_fid=6134&dtm_id_assgn_type=0&tp_user_assignment_type=0&wl_domains_key=*&dtm_user_dc=iad&fp_assignment_type=0&dtm_cmagic=c239d4&dtm_consent=true&dtm_cid=81662&dtm_dma_code=501&data_object_type_code=0&canonical_url=https%3A%2F%2Fwww.pssettlement.com%2F&dtmc_ref=&dtmc_loc=https%3A%2F%2Fwww.pssettlement.com%2F&dtm_items=%2522%2522&dtmc_coupons=%2522%2522&dtmc_bypass_channel=%2522%2522
Requested by: Host: login.dotomi.com
URL: https://login.dotomi.com/profile/visit/js/1_0?dtm_cid=81662&dtm_cmagic=c239d4&dtm_fid=6134&cachebuster=5132616754
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:ae80:1451:21::410 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software: nginx /
Resource Hash: 3ba8621e24d2cec020e3b7704e3975e5eba7f32072a908802d253c7fbef5ea39

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.pssettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 13:22:47 GMT
content-encoding: gzip
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
content-type: application/javascript
cache-control: no-cache, private, max-age=0, no-store
content-length: 12051
expires: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 287 KB
94 KB 225ms
82ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LGF2TN8VN9&_=1704806566715

Requested by

Host: www.pssettlement.com
URL: https://www.pssettlement.com/assets/js/vendor/jquery-3.6.3.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

12e03b2c0a205a03bbc2bd782f6deece4d9cab9d2330260c1af481c40530b4ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.pssettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 13:22:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96174
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 Jan 2024 13:22:47 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 206ms
68ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.pssettlement.com
URL: https://www.pssettlement.com/bundle.js?id=2ab7f79c53e33df483bf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b625d5a8adce0e637b3263a627b65445e87da3ec1e62aff4ff86869707ed4fe7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.pssettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 09 Jan 2024 13:22:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54366
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: VRonZCrHWsXenMgCv30ovhdktL8jGxfrJWpBcXYxL2e0ZuX9YF1gWDqznheShz0QeckBZGGRdrdhSDjjUoMnNg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v53/ 12 KB
13 KB 206ms
66ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald|Open+Sans:400italic,600italic,700italic,400,700,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24df88e7e15c4b0b11eccc139235e04384513c803b5221485375b7acee755bac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.pssettlement.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 15:34:01 GMT
x-content-type-options: nosniff
age: 596926
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12276
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:49:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 15:34:01 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame EAB4 41 KB
26 KB 100ms
98ms Document
text/html 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LeVdgEVAAAAAGLdvtrwMCDZcDZzJ300FZHqvmud&co=aHR0cHM6Ly93d3cucHNzZXR0bGVtZW50LmNvbTo0NDM.&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=kq0ep4or5k0a

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c3e1264c13de87d0c4532a78bd612fd18ae4270814b493a4eb8b452ca25d18f6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gvs5dht5vCChmFDkKIAeWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pssettlement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-gvs5dht5vCChmFDkKIAeWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 13:22:47 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://us-u.openx.net/w/1.0/sd?id=537072954&val=AQEDsPeWbqVSRgE3Co4CAQA__wE&gdpr_consent=
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072954&val=AQEDsPeWbqVSRgE3Co4CAQA__wE&gdpr_consent=

43 B
171 B

68ms
67ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072954&val=AQEDsPeWbqVSRgE3Co4CAQA__wE&gdpr_consent=
Requested by: Host: www.pssettlement.com
URL: https://www.pssettlement.com/
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 13:22:47 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072954&val=AQEDsPeWbqVSRgE3Co4CAQA__wE&gdpr_consent=
date: Tue, 09 Jan 2024 13:22:47 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

user.sync
match.sync.ad.cpe.dotomi.com/w/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=6szhitj&ttd_tpi=1&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=6szhitj&ttd_tpi=1&gdpr_consent=
https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=13&gdpr=0&userid=b6b734f0-e303-4be6-b310-d61768e4f7e2

43 B
572 B

931ms
107ms

Image
image/gif

2606:ae80:1471:1a::1460
VALUECLICK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=13&gdpr=0&userid=b6b734f0-e303-4be6-b310-d61768e4f7e2
Requested by: Host: www.pssettlement.com
URL: https://www.pssettlement.com/
Protocol: H2
Server: 2606:ae80:1471:1a::1460 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 13:22:48 GMT
server: nginx
accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
content-type: image/gif
cache-control: no-cache
content-length: 43
expires: 0

Redirect headers

location: https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=13&gdpr=0&userid=b6b734f0-e303-4be6-b310-d61768e4f7e2
date: Tue, 09 Jan 2024 13:22:47 GMT
server: Kestrel
content-length: 247

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ 42 B
527 B 199ms
58ms Image
image/gif 8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xNTc2ODAw&piggybackCookie=AQEDsPeWbqVSRgE3Co4CAQA__wE&gdpr_consent=
Requested by: Host: www.pssettlement.com
URL: https://www.pssettlement.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 09 Jan 2024 02:35:42 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://login.dotomi.com/match/bounce/current?networkId=41440&version=1&nuid=AQEDsPeWbqVSRgE3Co4CAQA__wE&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=epsilon-ddp&google_hm=QVFFRHNQZVdicVZTUmdFM0NvNENBUUFfX3dF&expiration=1704892967&nuid=AQEDsPeWbqVSRgE3Co4CAQA__wE&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=epsilon-ddp&google_hm=QVFFRHNQZVdicVZTUmdFM0NvNENBUUFfX3dF&expiration=1704892967&nuid=AQEDsPeWbqVSRgE3Co4CAQA__wE&gdpr_consent=&google_tc=

170 B
243 B

82ms
81ms

Image
image/png

142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=epsilon-ddp&google_hm=QVFFRHNQZVdicVZTUmdFM0NvNENBUUFfX3dF&expiration=1704892967&nuid=AQEDsPeWbqVSRgE3Co4CAQA__wE&gdpr_consent=&google_tc=

Requested by

Host: www.pssettlement.com
URL: https://www.pssettlement.com/

Protocol

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 13:22:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Jan 2024 13:22:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=epsilon-ddp&google_hm=QVFFRHNQZVdicVZTUmdFM0NvNENBUUFfX3dF&expiration=1704892967&nuid=AQEDsPeWbqVSRgE3Co4CAQA__wE&gdpr_consent=&google_tc=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 401
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

current
yahoo-match.dotomi.com/match/pixel/
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=PCLOUD&_hosted_id=AQEDsPeWbqVSRgE3Co4CAQA__wE&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58678/cms?partner_id=PCLOUD&_hosted_id=AQEDsPeWbqVSRgE3Co4CAQA__wE&gdpr_consent=
https://yahoo-match.dotomi.com/match/pixel/current?networkId=67215&version=1&nuid=y-QLgNjyZE2oAzrB110IssEqWfHZlyI248xM5g~A

43 B
225 B

129ms
59ms

Image
image/gif

2606:ae80:1451:21::410
VALUECLICK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yahoo-match.dotomi.com/match/pixel/current?networkId=67215&version=1&nuid=y-QLgNjyZE2oAzrB110IssEqWfHZlyI248xM5g~A
Requested by: Host: www.pssettlement.com
URL: https://www.pssettlement.com/
Protocol: H2
Server: 2606:ae80:1451:21::410 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 13:22:47 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
content-type: image/gif
cache-control: no-cache, private, max-age=0, no-store
content-length: 43
expires: 0

Redirect headers

location: https://yahoo-match.dotomi.com/match/pixel/current?networkId=67215&version=1&nuid=y-QLgNjyZE2oAzrB110IssEqWfHZlyI248xM5g~A
date: Tue, 09 Jan 2024 13:22:47 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 sync
partners.tremorhub.com/ 43 B
175 B 195ms
59ms Image
image/gif 2600:1f18:612b:4232:8e14:fb12:eab5:43f8
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIDT=AQEDsPeWbqVSRgE3Co4CAQA__wE&gdpr_consent=
Requested by: Host: www.pssettlement.com
URL: https://www.pssettlement.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:8e14:fb12:eab5:43f8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Tue, 09 Jan 2024 13:22:47 GMT
server: nginx
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55853/
Redirect Chain

https://ups.analytics.yahoo.com/ups/55853/sync?_origin=1&uid=AQEDsPeWbqVSRgE3Co4CAQA__wE&gdpr_consent=
https://ups.analytics.yahoo.com/ups/55853/sync?_origin=1&uid=AQEDsPeWbqVSRgE3Co4CAQA__wE&gdpr_consent=&verify=true

0
121 B

94ms
57ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55853/sync?_origin=1&uid=AQEDsPeWbqVSRgE3Co4CAQA__wE&gdpr_consent=&verify=true

Requested by

Host: www.pssettlement.com
URL: https://www.pssettlement.com/

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 13:22:47 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55853/sync?_origin=1&uid=AQEDsPeWbqVSRgE3Co4CAQA__wE&gdpr_consent=&verify=true
date: Tue, 09 Jan 2024 13:22:47 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel.gif
idsync.live.streamtheworld.com/ 43 B
416 B 435ms
95ms Image
image/gif 208.80.55.239
TRITONDIGITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.live.streamtheworld.com/pixel.gif?partner=eps&uid=AQEDsPeWbqVSRgE3Co4CAQA__wE&gdpr_consent=
Requested by: Host: www.pssettlement.com
URL: https://www.pssettlement.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.80.55.239 , Canada, ASN13360 (TRITONDIGITAL, CA),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 13:22:47 GMT
content-length: 43
content-type: image/gif

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame EAB4 55 KB
24 KB 286ms
144ms Stylesheet
text/css 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LeVdgEVAAAAAGLdvtrwMCDZcDZzJ300FZHqvmud&co=aHR0cHM6Ly93d3cucHNzZXR0bGVtZW50LmNvbTo0NDM.&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=kq0ep4or5k0a

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 12:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177133
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 06 Jan 2025 12:10:34 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame EAB4 503 KB
201 KB 298ms
157ms Script
text/javascript 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 11:09:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180781
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205927
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 06 Jan 2025 11:09:46 GMT

GET
H2 200 207331839085632 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 110ms
107ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/207331839085632?v=2.9.139&r=stable&domain=www.pssettlement.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a4a37819809a85af37126905ab22ad9a9cfa2b86086f6979900a11072a9042a8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.pssettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 09 Jan 2024 13:22:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: TRBlW3x7QNBq/IaJsdv99Zlj8x0wqhInK0RgD99QW12BeYlr+XbJXnnyFiDlB5Xy9Xv/b7X3ANkZuKx3q1TlnQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
92 KB 91ms
91ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WKXC7VDFFT&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LGF2TN8VN9&_=1704806566715

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

48af36f9b1d34aa7fd8fd5a5ef23ade35c8c7fd1c925da1280d4a363729c968b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.pssettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 13:22:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93782
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 Jan 2024 13:22:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
92 KB 178ms
178ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H1968M7C5F&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LGF2TN8VN9&_=1704806566715

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

633e863c5f8fe5d714c25bc4fc4e84c4c2fe1cad36c6ed75275aa83487cd1f10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.pssettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 13:22:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93885
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 Jan 2024 13:22:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
92 KB 109ms
109ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-51EQP7R6MF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LGF2TN8VN9&_=1704806566715

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

49094c9d8ba6690c608e4dee413a25df751a535ac0866b385b05df4fc5da7715

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.pssettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 13:22:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93885
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 Jan 2024 13:22:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
81 KB 127ms
127ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10839088199&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LGF2TN8VN9&_=1704806566715

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ae8ca48acfe069d23432d12c2abfbeac0e0dae74a31b7709ae75afb950ed6ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.pssettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 13:22:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82876
x-xss-protection: 0
last-modified: Tue, 09 Jan 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Jan 2024 13:22:47 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
257 B 245ms
79ms Ping
text/plain 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-LGF2TN8VN9&gtm=45je4130v898913921&_p=1704806567442&gcd=11l1l1l1l1&dma=0&cid=2096310392.1704806567&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704806567&sct=1&seg=0&dl=https%3A%2F%2Fwww.pssettlement.com%2F&dt=Home%20-%20Pine-Sol%20Settlement&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1382
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LGF2TN8VN9&_=1704806566715
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.pssettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 13:22:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pssettlement.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
pippio.com/api/ Frame EF57
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=968062845584840463&referrer=https%3A%2F%2Fwww.pssettlement.com%2F&forward=
https://p.rfihub.com/cm?pub=39342&in=0&userid=d314decc-f370-4d8d-aa25-935999ba3b67%3A1704806567.8512785&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd314decc-f370-4d8d...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=968062845584840463&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd314dec...
https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=d314decc-f370-4d8d-aa25-935999ba3b67%3A1704806567.8512785&pid=500040&it=1&iv=d314decc-f370-4d8d-aa25-935999ba3b67%3A1704806567.8512785&_=170...
https://i.liadm.com/s/56409?bidder_id=200442&it=1&bidder_uuid=d314decc-f370-4d8d-aa25-935999ba3b67:1704806567.8512785&pid=500040&_li_chk=true&_=1704806567.85363&iv=d314decc-f370-4d8d-aa25-935999ba3...
https://pippio.com/api/sync?it=1&pid=500040&_=1704806567.85363&iv=d314decc-f370-4d8d-aa25-935999ba3b67:1704806567.8512785

42 B
409 B

172ms
77ms

Image
image/gif

107.178.254.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pippio.com/api/sync?it=1&pid=500040&_=1704806567.85363&iv=d314decc-f370-4d8d-aa25-935999ba3b67:1704806567.8512785
Protocol: H2
Server: 107.178.254.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 65.254.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://20851347p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 13:22:48 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

Location: https://pippio.com/api/sync?it=1&pid=500040&_=1704806567.85363&iv=d314decc-f370-4d8d-aa25-935999ba3b67:1704806567.8512785
Date: Tue, 09 Jan 2024 13:22:48 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 1

GET
H2

200

sync
pippio.com/api/ Frame EF57
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=OTY4MDYyODQ1NTg0ODQwNDYz&forward=
https://cm.g.doubleclick.net/pixel?in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=OTY4MDYyODQ1NTg0ODQwNDYz&forward=&google_tc=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEP5a3m4GDoVaCi6c0LWdasQ&google_cver=1
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=968062845584840463&referrer={encSite}&forward=
https://p.rfihub.com/cm?pub=39342&in=0&userid=d314decc-f370-4d8d-aa25-935999ba3b67%3A1704806567.8512785&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd314decc-f370-4d8d...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=968062845584840463&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd314dec...
https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=d314decc-f370-4d8d-aa25-935999ba3b67%3A1704806567.8512785&pid=500040&it=1&iv=d314decc-f370-4d8d-aa25-935999ba3b67%3A1704806567.8512785&_=170...
https://i.liadm.com/s/56409?bidder_id=200442&it=1&bidder_uuid=d314decc-f370-4d8d-aa25-935999ba3b67:1704806567.8512785&pid=500040&_li_chk=true&_=1704806568.1327918&iv=d314decc-f370-4d8d-aa25-935999b...
https://pippio.com/api/sync?it=1&pid=500040&_=1704806568.1327918&iv=d314decc-f370-4d8d-aa25-935999ba3b67:1704806567.8512785

42 B
570 B

117ms
76ms

Image
image/gif

107.178.254.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pippio.com/api/sync?it=1&pid=500040&_=1704806568.1327918&iv=d314decc-f370-4d8d-aa25-935999ba3b67:1704806567.8512785
Protocol: H2
Server: 107.178.254.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 65.254.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://20851347p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 13:22:48 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

Location: https://pippio.com/api/sync?it=1&pid=500040&_=1704806568.1327918&iv=d314decc-f370-4d8d-aa25-935999ba3b67:1704806567.8512785
Date: Tue, 09 Jan 2024 13:22:48 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 1

GET
H2

200

bounce
ib.adnxs.com/ Frame EF57
Redirect Chain

https://ib.adnxs.com/setuid?entity=18&code=968062845584840463
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D968062845584840463

43 B
1 KB

78ms
78ms

Image
image/gif

68.67.160.114
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D968062845584840463

Requested by

Host: www.pssettlement.com
URL: https://www.pssettlement.com/

Protocol

Server

68.67.160.114 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://20851347p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 13:22:47 GMT
an-x-request-uuid: 89caa9e4-3f27-461d-8b4b-c8eaf612df4e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 38.132.118.72; 38.132.118.72; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Jan 2024 13:22:47 GMT
an-x-request-uuid: e8dbe093-283f-4efb-969f-08fa1c95658f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D968062845584840463
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.72; 38.132.118.72; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame EF57
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=968062845584840463&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=968062845584840463&redir=

42 B
716 B

465ms
464ms

Image
image/gif

34.198.252.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=968062845584840463&redir=

Requested by

Host: www.pssettlement.com
URL: https://www.pssettlement.com/

Protocol

Server

34.198.252.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-198-252-61.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://20851347p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

dcs: dcs-prod-va6-2-v053-0642e92e6.edge-va6.demdex.com 1 ms
pragma: no-cache
date: Tue, 09 Jan 2024 13:22:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: JI1BsbtqTvc=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-va6-2-v053-011557545.edge-va6.demdex.com 0 ms
pragma: no-cache
date: Tue, 09 Jan 2024 13:22:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: wXvi3DK1TKU=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=968062845584840463&redir=
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 Pug
image2.pubmatic.com/AdServer/ Frame EF57 42 B
423 B 216ms
66ms Image
image/gif 162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw==&piggybackCookie=968062845584840463&r=
Requested by: Host: www.pssettlement.com
URL: https://www.pssettlement.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://20851347p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 09 Jan 2024 13:22:47 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 200 sd
us-u.openx.net/w/1.0/ Frame EF57 43 B
61 B 70ms
63ms Image
image/gif 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073062&val=968062845584840463&r=
Requested by: Host: www.pssettlement.com
URL: https://www.pssettlement.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://20851347p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 13:22:47 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

/
ps.eyeota.net/match/bounce/ Frame EF57
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=968062845584840463&bid=omt9pi0
https://ps.eyeota.net/match/bounce/?uid=968062845584840463&bid=omt9pi0

70 B
440 B

61ms
58ms

Image
image/gif

3.230.62.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match/bounce/?uid=968062845584840463&bid=omt9pi0
Requested by: Host: www.pssettlement.com
URL: https://www.pssettlement.com/
Protocol: HTTP/1.1
Server: 3.230.62.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-62-22.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://20851347p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif
Date: Tue, 09 Jan 2024 13:22:48 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: /match/bounce/?uid=968062845584840463&bid=omt9pi0
Date: Tue, 09 Jan 2024 13:22:48 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2 200 cksync.php
contextual.media.net/ Frame EF57 57 B
643 B 250ms
94ms Image
image/gif 23.41.168.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=968062845584840463

Requested by

Host: www.pssettlement.com
URL: https://www.pssettlement.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.41.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-41-168-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://20851347p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 09 Jan 2024 13:22:47 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=93600
content-length: 57
x-mnet-hl2: E
expires: Tue, 09 Jan 2024 13:22:47 GMT

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame EF57 43 B
109 B 218ms
78ms Image
image/gif 3.219.100.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=11017&user_id=968062845584840463
Requested by: Host: www.pssettlement.com
URL: https://www.pssettlement.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.219.100.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-100-202.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://20851347p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 13:22:47 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame EF57
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=968062845584840463&forward=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=968062845584840463&forward=&C=1

43 B
337 B

75ms
75ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=968062845584840463&forward=&C=1
Requested by: Host: www.pssettlement.com
URL: https://www.pssettlement.com/
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://20851347p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 13:22:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dBpWjgpTomshOWJrnW%2FRIbL4zWI7GgyX0V3B1OEH9A%2B3l3VDAmyhlUJxQqM8EQCPJ41WRUXurVMqreidS0uNCn5lG8i66Y0oZboYAF5AdU37BgeCoX86VPGF8jD1ki%2FSTVzpkBCCdWVxwA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 842cfdb8ff80498c-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 09 Jan 2024 13:22:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G2BBwGAHhZZJT9syUkVFrPZaq4VJgReRIvU3r3ozqH5YUi4VdCX1zPMaeM9VCiaFe9dQk9Wa8YB7k3GHlDbAiaemEVpjhnGbZQ7pb2TulZYTFRfvRE13gQdHR1BmiwYisHj8OJsaPm765A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=57&external_user_id=968062845584840463&forward=&C=1
cache-control: no-cache
cf-ray: 842cfdb87ed0498c-MIA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 360947.gif
idsync.rlcdn.com/ Frame EF57 42 B
440 B 178ms
74ms Image
image/gif 35.244.154.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=968062845584840463
Requested by: Host: www.pssettlement.com
URL: https://www.pssettlement.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://20851347p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 13:22:47 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 rocketfuel_sync
x.dlx.addthis.com/e/ Frame EF57 43 B
182 B 338ms
175ms Image
image/gif 104.126.112.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=968062845584840463

Requested by

Host: www.pssettlement.com
URL: https://www.pssettlement.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-126-112-185.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://20851347p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Tue, 09 Jan 2024 13:22:47 GMT
pragma: no-cache
date: Tue, 09 Jan 2024 13:22:47 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

GET
H2 200 sync
partners.tremorhub.com/ Frame EF57 43 B
174 B 66ms
58ms Image
image/gif 2600:1f18:612b:4232:8e14:fb12:eab5:43f8
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=968062845584840463&r=9VMtdtEeDw6Y
Requested by: Host: www.pssettlement.com
URL: https://www.pssettlement.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:8e14:fb12:eab5:43f8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://20851347p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Tue, 09 Jan 2024 13:22:47 GMT
server: nginx
content-type: image/gif

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame EF57 43 B
534 B 230ms
57ms Image
image/gif 18.160.18.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=968062845584840463
Requested by: Host: www.pssettlement.com
URL: https://www.pssettlement.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.18.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-18-51.iad12.r.cloudfront.net
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://20851347p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 13:22:48 GMT
via: 1.1 bf92485080aafccc84ee48a4ab037a64.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: IAD12-P4
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
x-amz-cf-id: DE_at4-KTR85dOmFZpUMfGedFUDhbmcGIVCtzq_TOtDSJwBXqlNEvw==
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame EF57 0
338 B 197ms
60ms Image
text/plain 34.197.227.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=968062845584840463
Requested by: Host: www.pssettlement.com
URL: https://www.pssettlement.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.227.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-227-33.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://20851347p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by: beacon-n036-ash-prod.krxd.net
date: Tue, 09 Jan 2024 13:22:48 GMT
cache-control: private, no-cache, no-store
x-request-time: D=54 t=1704806568
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame EF57
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=119&user_id=968062845584840463&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=968062845584840463&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}

43 B
510 B

73ms
71ms

Image
image/gif

35.211.178.172
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=968062845584840463&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}
Requested by: Host: www.pssettlement.com
URL: https://www.pssettlement.com/
Protocol: HTTP/1.1
Server: 35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://20851347p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 13:22:48 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=968062845584840463&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}
Date: Tue, 09 Jan 2024 13:22:48 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame EF57
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZZ1IqAANOjq1AgBd
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZZ1IqAANOjq1AgBd&_test=ZZ1IqAANOjq1AgBd

42 B
1 KB

80ms
79ms

Image
image/gif

199.38.167.131
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?in=1&pub=21653&userid=ZZ1IqAANOjq1AgBd&_test=ZZ1IqAANOjq1AgBd
Requested by: Host: www.pssettlement.com
URL: https://www.pssettlement.com/
Protocol: HTTP/1.1
Server: 199.38.167.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: en-US,en;q=0.9
Referer: https://20851347p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif
Date: Tue, 09 Jan 2024 13:22:48 GMT
Cache-Control: no-cache
Server: Jetty(9.4.51.v20230217)
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-mia-kmia1760091-MIA
pragma: no-cache
date: Tue, 09 Jan 2024 13:22:48 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1704806568.077202,VS0,VE0
x-cache: HIT
location: https://p.rfihub.com/cm?in=1&pub=21653&userid=ZZ1IqAANOjq1AgBd&_test=ZZ1IqAANOjq1AgBd
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 212ms
70ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=207331839085632&ev=PageView&dl=https%3A%2F%2Fwww.pssettlement.com%2F&rl=&if=false&ts=1704806567665&sw=1600&sh=1200&v=2.9.139&r=stable&ec=0&o=4126&fbp=fb.1.1704806567661.401352420&ler=empty&it=1704806567419&coo=false&rqm=GET

Requested by

Host: www.pssettlement.com
URL: https://www.pssettlement.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.pssettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 09 Jan 2024 13:22:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 81ms
80ms Ping
text/plain 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-WKXC7VDFFT&gtm=45je4130v9104020953&_p=1704806567442&gcd=11l1l1l1l1&dma=0&cid=2096310392.1704806567&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704806567&sct=1&seg=0&dl=https%3A%2F%2Fwww.pssettlement.com%2F&dt=Home%20-%20Pine-Sol%20Settlement&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1612
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WKXC7VDFFT&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.pssettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 13:22:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pssettlement.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
45 B 82ms
81ms Ping
text/plain 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-51EQP7R6MF&gtm=45je4130v9172541991&_p=1704806567442&gcd=11l1l1l1l1&dma=0&cid=2096310392.1704806567&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704806567&sct=1&seg=0&dl=https%3A%2F%2Fwww.pssettlement.com%2F&dt=Home%20-%20Pine-Sol%20Settlement&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1667
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-51EQP7R6MF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.pssettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 13:22:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pssettlement.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10839088199/ 2 KB
2 KB 224ms
84ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10839088199/?random=1704806567794&cv=11&fst=1704806567794&bg=ffffff&guid=ON&async=1&gtm=45be4130v876354284&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.pssettlement.com%2F&hn=www.googleadservices.com&frm=0&tiba=Home%20-%20Pine-Sol%20Settlement&auid=1300910420.1704806568&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10839088199&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d4c2ce15256dd5c8d2f139c7a8c90abc17279b81be551c86f2bb9991d47b601

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.pssettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 13:22:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1266
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 173ms
172ms Ping
text/plain 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-H1968M7C5F&gtm=45je4130v9172561573&_p=1704806567442&gcd=11l1l1l1l1&dma=0&cid=2096310392.1704806567&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704806567&sct=1&seg=0&dl=https%3A%2F%2Fwww.pssettlement.com%2F&dt=Home%20-%20Pine-Sol%20Settlement&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1739
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H1968M7C5F&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.pssettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 13:22:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pssettlement.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Rbyc7s488VWd4IGfuE4gsnBiFwpTphWh5ZwgXcZl-nM.js Show response
www.google.com/js/bg/ Frame EAB4 17 KB
7 KB 67ms
67ms Script
text/javascript 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/Rbyc7s488VWd4IGfuE4gsnBiFwpTphWh5ZwgXcZl-nM.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45bc9ceece3cf1559de0819fb84e20b27062170a53a615a1e59c205dc665fa73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LeVdgEVAAAAAGLdvtrwMCDZcDZzJ300FZHqvmud&co=aHR0cHM6Ly93d3cucHNzZXR0bGVtZW50LmNvbTo0NDM.&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=kq0ep4or5k0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 13:12:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 432629
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6871
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Jan 2025 13:12:18 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame EAB4 2 KB
2 KB 67ms
66ms Image
image/png 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 14:05:00 GMT
x-content-type-options: nosniff
age: 602267
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 09 Jan 2024 14:05:00 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EAB4 15 KB
15 KB 67ms
66ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:09:52 GMT
x-content-type-options: nosniff
age: 537175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jan 2025 08:09:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EAB4 15 KB
15 KB 86ms
86ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 16:24:05 GMT
x-content-type-options: nosniff
age: 593922
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 16:24:05 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame EAB4 102 B
135 B 85ms
84ms Other
text/javascript 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

55052d853a3f144505dc773ef237ac838af312c0180ff293f7cf1a3847345eab

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LeVdgEVAAAAAGLdvtrwMCDZcDZzJ300FZHqvmud&co=aHR0cHM6Ly93d3cucHNzZXR0bGVtZW50LmNvbTo0NDM.&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=kq0ep4or5k0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 13:22:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 09 Jan 2024 13:22:47 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/10839088199/ 42 B
64 B 82ms
81ms Image
image/gif 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10839088199/?random=1704806567794&cv=11&fst=1704805200000&bg=ffffff&guid=ON&async=1&gtm=45be4130v876354284&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.pssettlement.com%2F&frm=0&tiba=Home%20-%20Pine-Sol%20Settlement&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_MypXVhyrP6J3pG76i6ed4l3fQqPGB7rFnznN1mbNXKnA7hqJ&random=174358702&rmt_tld=0&ipr=y

Requested by

Host: www.pssettlement.com
URL: https://www.pssettlement.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.pssettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 13:22:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame CF25 889 B
975 B 64ms
60ms Document
text/html 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=28m4gcv&ref=https%3A%2F%2Fwww.pssettlement.com%2F&upid=lobn2x0&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: d77d55e670913478c9b94e1a669d73ac7f1fc5eb514f6b73582cdad372638d72

Request headers

Referer: https://www.pssettlement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 09 Jan 2024 13:22:48 GMT
server: Kestrel
vary: Accept-Encoding

GET
H/1.1 200
OK universal_pixel.1.1.0.js Show response
js.adsrvr.org/ Frame CF25 488 B
1003 B 73ms
73ms Script
application/x-javascript 108.139.33.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by: Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=28m4gcv&ref=https%3A%2F%2Fwww.pssettlement.com%2F&upid=lobn2x0&upv=1.1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.33.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-33-128.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 484ef4268f1d679c1ae88c06fc2388d39afc441465732617e5e2cdc2e3d418e2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://insight.adsrvr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 17:07:51 GMT
Via: 1.1 ef24c2f85065aa2c39cf270c915f3398.cloudfront.net (CloudFront)
Last-Modified: Wed, 20 Dec 2023 01:34:43 GMT
Server: AmazonS3
X-Amz-Cf-Pop: JFK50-P2
Age: 72898
ETag: "2775054c068b37509e0798448f7fd32c"
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 488
X-Amz-Cf-Id: fQfQQI1OnqLYJLSrmEOubJ63JqPs9q-RaQ5w7Uy5Ejv6EXYbRcFpAw==

GET
H2

200

google Show response
match.adsrvr.org/track/cmf/ Frame C83F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=YjZiNzM0ZjAtZTMwMy00YmU2LWIzMTAtZDYxNzY4ZTRmN2Uy&gdpr=0&gdpr_consent=&ttd_tdid=b6b734f0-e303-4be6-b310-d6176...
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=b6b734f0-e303-4be6-b310-d61768e4f7e2&google_gid=CAESELeebxnoWgJYIin7_9YR9PA&google_cver=1

70 B
500 B

63ms
62ms

Document
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=b6b734f0-e303-4be6-b310-d61768e4f7e2&google_gid=CAESELeebxnoWgJYIin7_9YR9PA&google_cver=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 70
content-type: image/gif
date: Tue, 09 Jan 2024 13:22:48 GMT
server: Kestrel

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 386
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 13:22:48 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=b6b734f0-e303-4be6-b310-d61768e4f7e2&google_gid=CAESELeebxnoWgJYIin7_9YR9PA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2

200

appnexus Show response
match.adsrvr.org/track/cmf/ Frame A154
Redirect Chain

https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=b6b734f0-e303-4be6-b310-d61768e4f7e2
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=4877711840657632864&ttd_tdid=b6b734f0-e303-4be6-b310-d61768e4f7e2

70 B
500 B

60ms
59ms

Document
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=4877711840657632864&ttd_tdid=b6b734f0-e303-4be6-b310-d61768e4f7e2
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 70
content-type: image/gif
date: Tue, 09 Jan 2024 13:22:48 GMT
server: Kestrel

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: e3011328-d501-4fee-98c2-f49d7d4cb419
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Tue, 09 Jan 2024 13:22:48 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=4877711840657632864&ttd_tdid=b6b734f0-e303-4be6-b310-d61768e4f7e2
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.21.3
x-proxy-origin: 38.132.118.72; 38.132.118.72; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection: 0

GET
H2

200

cksync Show response
hb.yahoo.net/ Frame C9D4
Redirect Chain

https://ups.analytics.yahoo.com/ups/55953/sync?uid=b6b734f0-e303-4be6-b310-d61768e4f7e2&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=55953&ovsid=b6b734f0-e303-4be6-b310-d61768e4f7e2&gdpr=0&redir=true
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1NcURhd1lsRTJ1R2MzcFpZODNwZXB6cjhaN1g3WXcyS35B&gdpr=0&ovsid=b6b734f0-e303-4be6-b310-d61768e4f7e2&dpid=55953

57 B
663 B

445ms
92ms

Document
image/gif

104.117.182.169
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.yahoo.net/cksync?cs=63&axid_e=eS1NcURhd1lsRTJ1R2MzcFpZODNwZXB6cjhaN1g3WXcyS35B&gdpr=0&ovsid=b6b734f0-e303-4be6-b310-d61768e4f7e2&dpid=55953

Requested by

Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.117.182.169 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-117-182-169.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains max-age=604800

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-length: 57
content-type: image/gif
date: Tue, 09 Jan 2024 13:22:49 GMT
expires: Tue, 09 Jan 2024 13:22:49 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma: no-cache
server: Apache
strict-transport-security: max-age=86400 ; includeSubDomains max-age=604800
x-mnet-hl2: E

Redirect headers

age: 0
content-length: 0
date: Tue, 09 Jan 2024 13:22:48 GMT
location: https://hb.yahoo.net/cksync?cs=63&axid_e=eS1NcURhd1lsRTJ1R2MzcFpZODNwZXB6cjhaN1g3WXcyS35B&gdpr=0&ovsid=b6b734f0-e303-4be6-b310-d61768e4f7e2&dpid=55953
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.94
strict-transport-security: max-age=31536000

GET
H/1.1 200
OK pstats.html Show response
a.rfihub.com/ Frame 440B 26 B
1020 B 66ms
65ms Document
text/html 199.38.167.131
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://a.rfihub.com/pstats.html?rb=46371&ca=20851347&ri=fb8eb5cb173fb071fbebf1b808efe72a&stats=%7B%2213488%22%3A%221155%2C1%22%2C%2217243%22%3A%22328%2C1%22%2C%2242261%22%3A%22171%2C1%22%2C%2250495%22%3A%22345%2C1%22%2C%2252220%22%3A%22263%2C1%22%2C%2253935%22%3A%22688%2C1%22%2C%2254497%22%3A%22417%2C1%22%2C%2254855%22%3A%22259%2C1%22%2C%2254863%22%3A%2288%2C1%22%2C%2255073%22%3A%22222%2C1%22%2C%2256659%22%3A%22523%2C1%22%2C%2256885%22%3A%22566%2C1%22%2C%2257347%22%3A%22420%2C2%22%2C%2257363%22%3A%22566%2C1%22%2C%2258143%22%3A%22263%2C1%22%2C%2258553%22%3A%221157%2C1%22%2C%2258561%22%3A%22263%2C1%22%7D&ra=6292064556760804
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.38.167.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623

Request headers

Referer: https://www.pssettlement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Content-Length: 26
Content-Type: text/html;charset=iso-8859-1
Date: Tue, 09 Jan 2024 13:22:48 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H2 200 DMCSuccessLogger
login.dotomi.com/ucm/ 43 B
140 B 60ms
60ms Image
image/gif 216.48.66.44
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.dotomi.com/ucm/DMCSuccessLogger?dtmid=194207389227176775&sessionid=1704806567217&comId=81662&dtm_command_op_date=1704806567217&uniqueid=194207389163169457&px_timeout=1500&px_latencies=%5B%7B%22px_id%22%3A%2228069%22%2C%22px_latency%22%3A230%7D%2C%7B%22px_id%22%3A%2228109%22%2C%22px_latency%22%3A1244%7D%2C%7B%22px_id%22%3A%2228149%22%2C%22px_latency%22%3A202%7D%2C%7B%22px_id%22%3A%2228229%22%2C%22px_latency%22%3A552%7D%2C%7B%22px_id%22%3A%2228309%22%2C%22px_latency%22%3A644%7D%2C%7B%22px_id%22%3A%2228589%22%2C%22px_latency%22%3A199%7D%2C%7B%22px_id%22%3A%2231781%22%2C%22px_latency%22%3A1501%7D%2C%7B%22px_id%22%3A%2231822%22%2C%22px_latency%22%3A550%7D%5D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.48.66.44 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS: ric02-nessy-float2.dotomi.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.pssettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 13:22:48 GMT
cache-control: max-age=0, no-store
server: nginx
content-length: 43
content-type: image/gif

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

57 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 18:16:38	Name: _li_ss Value: CgA
www.pssettlement.com/	1970-01-20 18:16:38	Name: _ag_UUID Value: a7d51933c5597d300b0462889322f874
.dotomi.com/	1970-01-21 02:59:21	Name: DotomiUser Value: 194207389227176775$0$906727171$$1
.pssettlement.com/	1970-01-21 03:02:14	Name: dtm_token Value: AQEDsPeWbqVSRgE3Co4CAQA__wE
.dotomi.com/	1970-01-21 02:20:28	Name: DotomiSync Value: 0$19731$19731$41440-0#5010-0#16164-0#69627-0#15900-0#17100-0#67215-0#1103-0#
.dotomi.com/	1969-12-31 23:59:59	Name: DotomiSession_81662 Value: 2_1704806567217$194207389227176775$906727171$1704806567218
.openx.net/	1970-01-21 02:19:02	Name: i Value: ba833dc1-c110-4f51-9588-acfb84920a67\|1704806567
.pssettlement.com/	1970-01-21 03:09:26	Name: _ga_LGF2TN8VN9 Value: GS1.1.1704806567.1.0.1704806567.0.0.0
.pssettlement.com/	1970-01-21 03:09:26	Name: _ga Value: GA1.1.2096310392.1704806567
.adsrvr.org/	1970-01-21 02:20:28	Name: TDID Value: b6b734f0-e303-4be6-b310-d61768e4f7e2
.pubmatic.com/	1970-01-20 19:43:02	Name: KRTBCOOKIE_32 Value: 11175-AQEDsPeWbqVSRgE3Co4CAQA__wE&KRTB&22713-AQEDsPeWbqVSRgE3Co4CAQA__wE&KRTB&22715-AQEDsPeWbqVSRgE3Co4CAQA__wE&KRTB&23519-AQEDsPeWbqVSRgE3Co4CAQA__wE
.yahoo.com/	1970-01-21 02:19:24	Name: A3 Value: d=AQABBKdInWUCENSTpu9f1ZgPRhWZMecCbCkFEgEBAQGanmWnZdxH0iMA_eMAAA&S=AQAAAnJicbUEdlFD7yQS91stJtA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSsjSzMDAzsjAxNbUwsTAxMDEzFuIz1M2Osgg3zg8JcTQOTQcAhh4x5iQAAAA
.rfihub.com/	1970-01-21 02:55:02	Name: rud Value: H4sIAAAAAAAA_-MSsjSzMDAzsjAxNbUwsTAxMDEzFuIz1M2Osgg3zg8JcTQOTQcAhh4x5iQAAAA
.pssettlement.com/	1970-01-20 19:43:02	Name: _fbp Value: fb.1.1704806567661.401352420
.pssettlement.com/	1970-01-21 03:09:26	Name: _ga_WKXC7VDFFT Value: GS1.1.1704806567.1.0.1704806567.0.0.0
.live.streamtheworld.com/	1970-01-20 17:43:31	Name: idsync-eps-uid-s Value: AQEDsPeWbqVSRgE3Co4CAQA__wE
.pssettlement.com/	1970-01-21 03:09:26	Name: _ga_51EQP7R6MF Value: GS1.1.1704806567.1.0.1704806567.0.0.0
.pssettlement.com/	1970-01-20 19:43:02	Name: _gcl_au Value: 1.1.1300910420.1704806568
.casalemedia.com/	1970-01-21 02:19:02	Name: CMID Value: ZZ1Ip8Yid1zhi7pu4zKdmgAA
.casalemedia.com/	1970-01-20 19:43:02	Name: CMPS Value: 2824
.casalemedia.com/	1970-01-20 19:43:02	Name: CMPRO Value: 2824
.rlcdn.com/	1970-01-21 02:19:02	Name: rlas3 Value: 2rVsDKdhoyW3h3V3Y9+pI9d4qdsFDzh9xVQMpjDYBXw=
.rlcdn.com/	1970-01-20 18:59:50	Name: pxrc Value: CAA=
.pssettlement.com/	1970-01-21 03:09:26	Name: _ga_H1968M7C5F Value: GS1.1.1704806567.1.0.1704806567.0.0.0
.demdex.net/	1970-01-20 21:52:38	Name: demdex Value: 26289883252631962220098616015947537378
.pubmatic.com/	1970-01-20 19:43:02	Name: KRTBCOOKIE_18 Value: 22947-968062845584840463
.pubmatic.com/	1970-01-20 18:16:38	Name: PugT Value: 1704806567
.adnxs.com/	1970-01-20 19:43:02	Name: uuid2 Value: 4877711840657632864
.media.net/	1970-01-21 02:19:02	Name: visitor-id Value: 3478081671524001000V10
.media.net/	1970-01-21 02:17:36	Name: data-rk Value: 968062845584840463~~3
.rezync.com/	1970-01-21 02:55:02	Name: zync-uuid Value: d314decc-f370-4d8d-aa25-935999ba3b67:1704806567.8512785
.adnxs.com/	1970-01-20 19:43:02	Name: anj Value: dTM7k!M4/YDYRWSF']wIg2E>?iEwf!!]tbPl1Lte::w?0fS<?Pcx)r>e:6?Ve8=M1e9?Apv<FMTkLd><f=kWg0D(70uRG
.doubleclick.net/	1970-01-21 03:09:26	Name: IDE Value: AHWqTUnePZdepIMEpQxLuCi3LVomN23KP6ztbj-0Oi1nAtVehVO-LuYC71A-GIvR
.everesttech.net/	1970-01-21 02:19:02	Name: everest_g_v2 Value: g_surferid~ZZ1IqAANOjq1AgBd
.krxd.net/	1970-01-20 21:52:38	Name: _kuid_ Value: QBoOgyYK
.bidswitch.net/	1970-01-21 02:19:02	Name: tuuid Value: ea54595e-990b-47bb-8c93-356d5524a6b0
.bidswitch.net/	1970-01-21 02:19:02	Name: c Value: 1704806568
.bidswitch.net/	1970-01-21 02:19:02	Name: tuuid_lu Value: 1704806568
live.rezync.com/	1970-01-21 02:55:02	Name: sd-session-id Value: .eJwNzEEKwyAQQNG7zDoWjTM6eplgdArSxpaYbBpy97r88PgXLF_Zt9SkHRCP_ZQJ8ruO6hAv6PW3yQsiBMfazYxEjIwanYV7gi69109bahmkWINFclZP67XCwkWlNJMKlkIIa7Kr89F4jeNEzj-YzOyZ4P4Do5Iltg.ZZ1IqA.FHlbOenLQbtVlMOYk24rSMbnEx0
.eyeota.net/	1970-01-21 02:20:28	Name: mako_uid Value: 18cee63d09f-1c480000010a52b8
.eyeota.net/	1970-01-20 17:33:27	Name: SERVERID Value: 21176~DM
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA12DTBNNM41cXfJD0t0zjRLNvAJT0ksDlzFKBAVZehZ6Ojo559VaOiY7pTSxGKeYmxokpKanKybZmxuoGuSYpGim5hoZKpraWxqaWmZlGicZGZuZWhuYGJhYGZqZq5nYWpoZG5hCgCjweG_awAAAA
.dpm.demdex.net/	1970-01-20 21:52:38	Name: dpm Value: 26289883252631962220098616015947537378
.dotomi.com/	1970-01-21 02:59:21	Name: UP Value: 194207389227176775$0$906727171$$1
.dotomi.com/	1970-01-21 02:59:21	Name: receive-cookie-deprecation Value: 1
.liadm.com/	1970-01-21 03:09:26	Name: lidid Value: 50a6fb4f-a0ea-4ee4-9513-d16f37135aca
.adnxs.com/	1970-01-21 03:09:26	Name: XANDR_PANID Value: KfYI9b5HkigUodiTp4v9YtBrwY4arluEzzFr9wen2MglNxLgkXhQ1E7Em8iUd_VaGRmXmCJGkkYZpKgIF3t_LiYyEhIxTaIwssPO7vbq9x4.
.pippio.com/	1970-01-21 02:19:02	Name: didts Value: 1704806568
.pippio.com/	1970-01-20 18:59:50	Name: nnls Value:
.pippio.com/	1970-01-20 18:59:50	Name: pxrc Value: CAA=
.pippio.com/	1970-01-21 02:19:02	Name: did Value: pCoJyJ-AjBCDUtSz
.analytics.yahoo.com/	1970-01-21 02:19:02	Name: IDSYNC Value: "199y~2g31:1769~2g31:19e0~2g31"
.adsrvr.org/	1970-01-21 02:20:28	Name: TDCPM Value: CAESFgoHNnN6aGl0ahILCISP-6qDyMg8EAUSFQoGZ29vZ2xlEgsI9pmmt4PIyDwQBRIXCghhcHBuZXh1cxILCJqgjrWDyMg8EAUSGQoKcmlnaHRtZWRpYRILCKS8jrWDyMg8EAUYBSABKAMyCwi23JDimcjIPBAFQg8iDQgBEgkKBXRpZXIzEAFaBzI4bTRnY3ZgAQ..
.rfihub.com/	1970-01-21 02:55:02	Name: eud Value: H4sIAAAAAAAA_13Sv0rDUBgFcBSj0iIIWX2FyP1_v7jFWkSQaisoZLvNVVEQKb6Bj9AxY8aMGTN2dMzYsWMfoZNjc8_441wO34E7uOCjbPw0ftROfqnbm-9nN_owBbt_8e5nOjvjliliRhtiksqDva02sgG34D_wFrwDLw9DV-Aa3IBbfH8Uet03CVFF53nO7xZZNnn4XPDs_drXUW8yV9REYUXXz0mJDXgL3oHL49A1eAXuwGvwBvMTuAf8exq6HYb7VsMwX8bWS678a1Ekb9KyRHnyiXNCJ6nUaZrOnZwbe7UvuSTNhSVdxr0mIXkVWtQxLInhs0D-D1gy9buqAgAA
.hb.yahoo.net/	1970-01-20 21:52:38	Name: visitor-id Value: 3478081691524073000V10
.hb.yahoo.net/	1970-01-20 17:53:36	Name: data-ttd Value: b6b734f0-e303-4be6-b310-d61768e4f7e2~~63

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/207331839085632?v=2.9.139&r=stable&domain=www.pssettlement.com(Line 127) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20851347p.rfihub.com
a.rfihub.com
aa.agkn.com
angeion-public.s3.amazonaws.com
beacon.krxd.net
bpi.rtactivate.com
c1.rfihub.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
content.digitaldisbursements.com
contextual.media.net
dpm.demdex.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hb.yahoo.net
i.liadm.com
ib.adnxs.com
idsync.live.streamtheworld.com
idsync.rlcdn.com
image2.pubmatic.com
insight.adsrvr.org
js.adsrvr.org
live.rezync.com
login-ds.dotomi.com
login.dotomi.com
match.adsrvr.org
match.sync.ad.cpe.dotomi.com
p.rfihub.com
partners.tremorhub.com
pippio.com
ps.eyeota.net
simage2.pubmatic.com
sync-tm.everesttech.net
uae4khqoag.execute-api.us-east-1.amazonaws.com
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.pssettlement.com
x.bidswitch.net
x.dlx.addthis.com
yahoo-match.dotomi.com
104.117.182.169
104.126.112.185
107.178.254.65
108.139.33.128
142.251.32.98
151.101.66.49
162.248.18.37
172.64.151.101
18.154.227.129
18.160.18.51
18.67.76.47
199.38.167.131
208.80.55.239
216.48.66.44
23.41.168.23
2600:1f18:612b:4232:8e14:fb12:eab5:43f8
2600:9000:208f:f400:1c:a2a8:b080:93a1
2600:9000:2191:4600:1:76cf:fe80:93a1
2606:ae80:1451:21::410
2606:ae80:1471:1a::1460
2607:f8b0:4006:80e::2008
2607:f8b0:4006:80f::2003
2607:f8b0:4006:80f::2004
2607:f8b0:4006:816::200e
2607:f8b0:4006:81d::2003
2607:f8b0:4006:822::200a
2607:f8b0:4006:824::2002
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
3.162.125.127
3.219.100.202
3.225.218.10
3.230.62.22
3.33.220.150
34.197.227.33
34.198.252.61
34.200.65.202
35.211.178.172
35.244.154.8
35.244.159.8
52.217.89.44
54.90.95.251
68.67.160.114
8.28.7.83
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
12e03b2c0a205a03bbc2bd782f6deece4d9cab9d2330260c1af481c40530b4ab
16d219bf76c6881aaedcc24c5e067541bba132aea77ac42771f1657f6cdb13da
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
24df88e7e15c4b0b11eccc139235e04384513c803b5221485375b7acee755bac
2c7cacf4cb39e1bd7d2739ca79f9194b5960655e2f4cee2874c971c59d8c6572
39627584c8d228d1ce982c2e3f9133adcef20ca435571fa73edf3ed6522ab280
3976722a30b4bc3b15f276e81d9c612cb7995f616b31a317866e312240495c98
3ba8621e24d2cec020e3b7704e3975e5eba7f32072a908802d253c7fbef5ea39
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e44a79ea883e4e7c1107ed776282f5a40b324b6b1872a69f37d6ea8d423c278
3f978a1c2121cf4891c5067159f5d81c856350ca192f541616b2266b32ee6960
45bc9ceece3cf1559de0819fb84e20b27062170a53a615a1e59c205dc665fa73
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
484ef4268f1d679c1ae88c06fc2388d39afc441465732617e5e2cdc2e3d418e2
48af36f9b1d34aa7fd8fd5a5ef23ade35c8c7fd1c925da1280d4a363729c968b
49094c9d8ba6690c608e4dee413a25df751a535ac0866b385b05df4fc5da7715
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c532ae1e79abcad7a529433183ef887f4fb319eb3e2e5f81f005b2587e48f8
55052d853a3f144505dc773ef237ac838af312c0180ff293f7cf1a3847345eab
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5e97b7169cf759d86fd0047ac443d178767c61d30ec4620e767a71311f41ba68
5efd90918cf06e52b0d529317f067ac0fc658356ca338d95c5a54ef9690ff77a
6181e09153adec2bef8738a4b393733491ffd3484b00b546ed8a3d3795db71a6
633e863c5f8fe5d714c25bc4fc4e84c4c2fe1cad36c6ed75275aa83487cd1f10
675ba1093c5f79718a3a2d9c36092b37dd2d832907898d7eb5f409cbf8ba0f2a
74761e7a123d13b3f93b44f9f21878996290b97413892e27233b1bb28aab18bd
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
7ffd6a9d3e31124dfb8f045ba8081aa008ea5fa5cfb6605053c087167a5b2b6c
80ec5d2aaf30c275a06f8195532e752b26eb496f438af59c3268dfcda49990d2
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
8d4c2ce15256dd5c8d2f139c7a8c90abc17279b81be551c86f2bb9991d47b601
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec01e4e3a48bd7aaa50126e9e79f94f26accd2ddb53f09211bf8cfaeba8f3f4
932ea15108928991bcf0c0a46415fc652de5ffc0158c35205357b90c65eeb386
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9ae8ca48acfe069d23432d12c2abfbeac0e0dae74a31b7709ae75afb950ed6ba
9edc4197fe815dadb19703a640ac203492551a454554ff575481ebffd43e6f72
9f28f93c0ea27c8a93a0f88550ee5866bfceab40a977c997991a43ef08dc1c0d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1c99ac30e84d81f2268d94f4ab990d50682ccdbffa362c1640adc6734572126
a4a37819809a85af37126905ab22ad9a9cfa2b86086f6979900a11072a9042a8
af125616c5e7f8ceb83d3871043fb4b58c100ceb9ac5dad88abaec5a6f3d277a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b496f6097ad7de071de27aa8a5a9c3abeb04c3b7e0ee0c002dd2d195eda358bf
b625d5a8adce0e637b3263a627b65445e87da3ec1e62aff4ff86869707ed4fe7
b7c555781591b69eb6f37b24b0bbeb745aa404a94a21f952a13ff7a6b396c79c
c3e1264c13de87d0c4532a78bd612fd18ae4270814b493a4eb8b452ca25d18f6
d77d55e670913478c9b94e1a669d73ac7f1fc5eb514f6b73582cdad372638d72
daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4cd5d3936b0067a3194e11b0fd5f6ba9de4accd8b48c05a7060a68bf1a36929
eacd86329137624e1d8db00e4c116b0e5708e4ce126e52cf70ad1b605c2176a4
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
eee4b790b9f6e1b95ab4eaaef9e5575620f8edbd89e0b2f47e6443601428acc7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0909d30767c34fcfa41c223d0b751bb4baad6405e750bbb8b76338645d2da58
f23fd26d8bf990647995a6edf9747569e877f1adcaf169c6e80550bd41ae761b
f2d5bf3dbbd60cb4c41e2c233a0dfb0e0ee0c2796cea8d885b65dbd41dc8f1ac
f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623
ff322bb7e19845181c02476f08c702efdbb8efa807bb0bd8cfeb9ccd12d09951

www.pssettlement.com Open in urlscan Pro 18.154.227.129 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

88 Requests

85 %HTTPS

32 %IPv6

36 Domains

48 Subdomains

40 IPs

2 Countries

1366 kBTransfer

3843 kBSize

57 Cookies

2 Outgoing links

Redirected requests

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.pssettlement.com Open in urlscan Pro
18.154.227.129 Public Scan

Screenshot
Live screenshot

Full Image

88
Requests

85 %
HTTPS

32 %
IPv6

36
Domains

48
Subdomains

40
IPs

2
Countries

1366 kB
Transfer

3843 kB
Size

57
Cookies

88 HTTP transactions
0 data transactions