bidenfirsttimebuyercredit.com Open in urlscan Pro
172.67.164.184 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bidenfirsttimebuyercredit.com/
Submission: On September 20 via automatic, source certstream-suspicious (September 20th 2021, 6:29:29 pm UTC) — Scanned from DE

Summary HTTP 56 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 18 domains to perform 56 HTTP transactions. The main IP is 172.67.164.184, located in United States and belongs to CLOUDFLARENET, US. The main domain is bidenfirsttimebuyercredit.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 27th 2021. Valid for: a year.

This is the only time bidenfirsttimebuyercredit.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	172.67.164.184 172.67.164.184	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.17.185.73 104.17.185.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.210.204 104.17.210.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.217.16.136 172.217.16.136	15169 (GOOGLE) (GOOGLE)
6	104.21.42.232 104.21.42.232	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	172.217.16.131 172.217.16.131	15169 (GOOGLE) (GOOGLE)
2	104.16.86.5 104.16.86.5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.21.191 104.18.21.191	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.112.176 104.17.112.176	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.67.176 104.17.67.176	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.239.204 104.17.239.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1 3	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
3	142.250.185.132 142.250.185.132	15169 (GOOGLE) (GOOGLE)
2	104.19.155.83 104.19.155.83	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.200.204 104.17.200.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	185.60.216.19 185.60.216.19	32934 (FACEBOOK) (FACEBOOK)
2	185.60.216.35 185.60.216.35	32934 (FACEBOOK) (FACEBOOK)
56	18

18 172.67.164.184 (United States)

ASN13335 (CLOUDFLARENET, US)

bidenfirsttimebuyercredit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.185.73 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.210.204 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.21.42.232 (None, )

ASN13335 (CLOUDFLARENET, US)

bidenhomebuyercredit.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.16.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.86.5 (None, )

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.21.191 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.112.176 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.67.176 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.239.204 (None, )

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.162 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.155.83 (None, )

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.200.204 (None, )

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.60.216.19 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frx5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.60.216.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-frx5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	bidenfirsttimebuyercredit.com bidenfirsttimebuyercredit.com	524 KB
6	bidenhomebuyercredit.org bidenhomebuyercredit.org	4 KB
5	gstatic.com fonts.gstatic.com	249 KB
3	facebook.net connect.facebook.net	134 KB
3	google.com www.google.com	697 B
3	doubleclick.net 1 redirects googleads.g.doubleclick.net	3 KB
3	googleadservices.com www.googleadservices.com	29 KB
2	facebook.com www.facebook.com	404 B
2	hubspot.com api.hubspot.com	1 KB
2	hsforms.com forms.hsforms.com	3 KB
2	googletagmanager.com www.googletagmanager.com	79 KB
2	hsforms.net js.hsforms.net	151 KB
1	hubapi.com api.hubapi.com	983 B
1	usemessages.com js.usemessages.com	21 KB
1	hs-analytics.net js.hs-analytics.net	20 KB
1	hsadspixel.net js.hsadspixel.net	3 KB
1	hs-banner.com js.hs-banner.com	16 KB
1	hs-scripts.com js.hs-scripts.com	972 B
56	18

	Domain	Requested by
18	bidenfirsttimebuyercredit.com	bidenfirsttimebuyercredit.com
6	bidenhomebuyercredit.org	bidenfirsttimebuyercredit.com
5	fonts.gstatic.com	bidenfirsttimebuyercredit.com
3	connect.facebook.net	js.hsadspixel.net connect.facebook.net
3	www.google.com	bidenfirsttimebuyercredit.com
3	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
3	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	www.facebook.com
2	api.hubspot.com	js.usemessages.com
2	forms.hsforms.com	js.hsforms.net
2	www.googletagmanager.com	bidenfirsttimebuyercredit.com js.hsadspixel.net
2	js.hsforms.net	bidenfirsttimebuyercredit.com
1	api.hubapi.com	js.hsadspixel.net
1	js.usemessages.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-scripts.com	bidenfirsttimebuyercredit.com
56	18

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-02-27` - `2022-02-26`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2021-06-26` - `2022-06-25`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2021-06-07` - `2022-06-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-09` - `2021-12-08`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://bidenfirsttimebuyercredit.com/
Frame ID: 271BB2093917517C776F39721FCECA0E
Requests: 55 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Biden First Time Buyer Credit

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Page Statistics

56
Requests

100 %
HTTPS

0 %
IPv6

18
Domains

18
Subdomains

18
IPs

3
Countries

1241 kB
Transfer

2764 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/475235330/?random=797669656&cv=9&fst=1632162563576&num=1&value=0&label=HQICCIT6ne4BEIKIzuIB&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9f0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fbidenfirsttimebuyercredit.com%2F&tiba=Biden%20First%20Time%20Buyer%20Credit&auid=554806813.1632162564&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=A9NIYdiAJrn5-gbWoLnABA&sscte=1&crd=&eitems=ChAI8OKgigYQ3NP4q97MuedzEh0A74gLl4kscaYIjq8TPNDTWAd5Ho8vmroItyCOkw HTTP 302
https://www.google.com/pagead/1p-conversion/475235330/?random=797669656&cv=9&fst=1632162563576&num=1&value=0&label=HQICCIT6ne4BEIKIzuIB&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9f0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fbidenfirsttimebuyercredit.com%2F&tiba=Biden%20First%20Time%20Buyer%20Credit&auid=554806813.1632162564&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=A9NIYdiAJrn5-gbWoLnABA&cid=CAQSKQCNIrLM2bCMgt4WYpwmvFJChLBO02Fga8Yotxb9WChwNuKz8g7y7F8F&eitems=ChAI8OKgigYQ3NP4q97MuedzEh0A74gLl20fhZnsTPAWG3RPx03rDwLm9gQoWW6c7A&random=3081141298&resp=GooglemKTybQhCsO

56 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
bidenfirsttimebuyercredit.com/ 23 KB
8 KB 373ms
322ms Document
text/html 172.67.164.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bidenfirsttimebuyercredit.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.164.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / WP Engine
Resource Hash: 9392030e69adf7396de261e1dc4b0f5db10fe5dca29ae0b040c1c1542a18cec3

Request headers

:method: GET
:authority: bidenfirsttimebuyercredit.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 20 Sep 2021 18:29:22 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding,Cookie
wpo-cache-status: cached
last-modified: Mon, 30 Aug 2021 10:51:26 GMT
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 21
x-cache-group: normal
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6OWwwzx%2FRyDY4ZT1NcnQSVIxQDwPwmK06LC%2BzgLoMzwqiTissPCIUOX%2FFDTrIWIWWiXXU9rgY%2BgKUVgDyK8TfvjIt%2F7KaEWCLqNJPND%2BlTISdu%2F3a4w3l3u5Q9FAiwr7xu2Dlzcufj%2F7SX02sVb%2BKA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 691d1e6e194f4107-PRG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 wpo-minify-header-cafa2f6a.min.css
bidenfirsttimebuyercredit.com/wp-content/cache/wpo-minify/1619739434/assets/ 267 KB
41 KB 569ms
567ms Stylesheet
text/css 172.67.164.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bidenfirsttimebuyercredit.com/wp-content/cache/wpo-minify/1619739434/assets/wpo-minify-header-cafa2f6a.min.css
Requested by: Host: bidenfirsttimebuyercredit.com
URL: https://bidenfirsttimebuyercredit.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.164.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a08a85c50b5949782d4f02af67375f1d1a62c4b77375be2a326c944f3e83187a

Request headers

:path: /wp-content/cache/wpo-minify/1619739434/assets/wpo-minify-header-cafa2f6a.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bidenfirsttimebuyercredit.com
referer: https://bidenfirsttimebuyercredit.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 18:29:23 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 18 Aug 2021 03:16:24 GMT
server: cloudflare
etag: W/"611c7b88-42b22"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lt86CKzA%2F5rWRr22GqOPU%2FamG1DQ%2BaaJnmENjxBy2ZuCYuWfnKSW08TqGcz7eODxaqpXh5JOpyb6CBwd6CS8IdI1YzzL8bQqhrXSugkgTCOuFNTqVo1nkFDvBDKnzdBi2QKEQeonQos8AteuV6yaLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 691d1e704c734107-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 wpo-minify-header-84e60a2d.min.js Show response
bidenfirsttimebuyercredit.com/wp-content/cache/wpo-minify/1619739434/assets/ 98 KB
35 KB 545ms
544ms Script
application/javascript 172.67.164.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bidenfirsttimebuyercredit.com/wp-content/cache/wpo-minify/1619739434/assets/wpo-minify-header-84e60a2d.min.js
Requested by: Host: bidenfirsttimebuyercredit.com
URL: https://bidenfirsttimebuyercredit.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.164.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c62a731eb1fd603aab053a50dd4feb8075b40c21a9b19e4bc6c9b6f738132a7

Request headers

:path: /wp-content/cache/wpo-minify/1619739434/assets/wpo-minify-header-84e60a2d.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bidenfirsttimebuyercredit.com
referer: https://bidenfirsttimebuyercredit.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 18:29:23 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 29 Apr 2021 23:37:17 GMT
server: cloudflare
etag: W/"608b432d-18971"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RQI%2B0%2BonBm6%2BtlytTbq00mMm%2BKweNoSvEZb5dEP91R5S8WbTrXOOqJGRwlxc2akfEbe%2BAPe8%2BwvJzIxXuknbbUCJhWiQ4wAYhLjnQNQExwM5PHLRSGn2h9%2BLljDotsDCfyEPn46ipOS1ZSrIkhpogQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 691d1e704c744107-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 logo.png
bidenfirsttimebuyercredit.com/wp-content/themes/homebuyer/images/ 7 KB
8 KB 334ms
333ms Image
image/png 172.67.164.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bidenfirsttimebuyercredit.com/wp-content/themes/homebuyer/images/logo.png
Requested by: Host: bidenfirsttimebuyercredit.com
URL: https://bidenfirsttimebuyercredit.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.164.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 279b7a2ab63b28f8ead2c6ad786a8dfa1fb0b871019ab36dda8f31dfaa88998a

Request headers

:path: /wp-content/themes/homebuyer/images/logo.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bidenfirsttimebuyercredit.com
referer: https://bidenfirsttimebuyercredit.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 18:29:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7296
last-modified: Wed, 17 Mar 2021 14:39:26 GMT
server: cloudflare
etag: "6052149e-1c80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IuxSjZXWSA7LuwpQHDBsCWEFXgGV%2FtF4%2Fww3Hioge18qjoidxtN5TAKRJtm%2B7OOMt%2BCAt6du%2Baz9FhUTuUFLOReW05fjjsZ77VAv0KkUgT1EJSYyvYTVjoV42eFEbDALSTS%2F6sGThEDtYjiC3asdTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 691d1e741e01412c-PRG

GET
H3 200 banner_img.jpg
bidenfirsttimebuyercredit.com/wp-content/themes/homebuyer/images/ 43 KB
43 KB 637ms
636ms Image
image/jpeg 172.67.164.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bidenfirsttimebuyercredit.com/wp-content/themes/homebuyer/images/banner_img.jpg
Requested by: Host: bidenfirsttimebuyercredit.com
URL: https://bidenfirsttimebuyercredit.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.164.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3dd639eb0f72dc70aef2982eac830e2526bd9e62fb0181f26bbf8ad0c610ba5

Request headers

:path: /wp-content/themes/homebuyer/images/banner_img.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bidenfirsttimebuyercredit.com
referer: https://bidenfirsttimebuyercredit.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 18:29:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43906
last-modified: Wed, 17 Mar 2021 14:39:26 GMT
server: cloudflare
etag: "6052149e-ab82"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aOiL0xR5RhtNbO%2Bor3IpSDL%2FcKSa04P2%2Bo%2BB%2F38omY1AR%2FBNJAFByOh7XCMv9FNMJuyMF77OO4f4re5PAepM0%2FGhjJH1kxM81zWNKOx2WeUSILDT3sbMa81SOqctV3J0iBnol0CYEZapiYlYeGvCkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 691d1e741e03412c-PRG

GET
H2 200 v2-legacy.js Show response
js.hsforms.net/forms/ 21 KB
8 KB 47ms
23ms Script
application/javascript 104.17.185.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2-legacy.js

Requested by

Host: bidenfirsttimebuyercredit.com
URL: https://bidenfirsttimebuyercredit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.185.73 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f32502dea46f2d30ba171ef19366fd6a1448d1126accedfbdec06673300dd94d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 18:29:23 GMT
via: 1.1 51391527dd8c879c45b44b119905c873.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 286
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 20 Sep 2021 03:06:45 UTC
server: cloudflare
etag: W/"4122e9e8a9bce4c99d98f1b09cb12034"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MSWughQj7QZoX62jtItjm8gxDDo8I8Yz28hMhJG4YcDrUMhTurmZPe21kVgqvhWF0vXn%2FmZAtnVemSb5YoMnD57p4heCorLpTz0iSpgXCtDmUQaVqGmI%2Bc3PBu%2FTIGaF"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: r_StKyo5HNDpxdQCESt25U9I0c.1Fj3M
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 691d1e73da6cd6b9-FRA
x-amz-cf-id: LSqY7N8GRizz4Jo1j5thGg5XYGZgnKNyNDg_ybFdU-cQy93QzDagHw==
x-hs-target-asset: FormsNext/static-5.375/bundles/legacy.js

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 562 KB
143 KB 23ms
23ms Script
application/javascript 104.17.185.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: bidenfirsttimebuyercredit.com
URL: https://bidenfirsttimebuyercredit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.185.73 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c83ead4df620cfe935b691ddd20665037e1582cae7bb3440a9e439e6f144cd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 18:29:23 GMT
via: 1.1 157ebd6865840045fc8b5ed1cce7e466.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 546
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 20 Sep 2021 03:06:45 UTC
server: cloudflare
etag: W/"630c4058cadb3fc715f112d2cf6b796a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NB2Nq7%2BhJcJBwvAwq2wzCU%2B2iYBZS5UyRk9HC3zBfYSHsQ1kLr7YVz4e6aaaE1vTeISurCZsEzqfRy5QqBW6qxdcKyGoXwr02c1Vs6IeVOxmkxODRdCcV%2FmNLMeXtyij"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: DXYshb3V7aEOuJ9zF5pU.Zf9sZWNVJnH
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 691d1e73da6fd6b9-FRA
x-amz-cf-id: y0oEZFi3YTBeZ6ht8Aq6s_ZxqTKhdkUqnFTE_36Vfyref2PhmD7f-Q==
x-hs-target-asset: FormsNext/static-5.375/bundles/project_with_deps.js

GET
H3 200 metter_img.png
bidenfirsttimebuyercredit.com/wp-content/themes/homebuyer/images/ 319 KB
320 KB 490ms
488ms Image
image/png 172.67.164.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bidenfirsttimebuyercredit.com/wp-content/themes/homebuyer/images/metter_img.png
Requested by: Host: bidenfirsttimebuyercredit.com
URL: https://bidenfirsttimebuyercredit.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.164.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 868be2b085da6b6146690d442bde6e6d40e8214847c54c318e29637685be96f7

Request headers

:path: /wp-content/themes/homebuyer/images/metter_img.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bidenfirsttimebuyercredit.com
referer: https://bidenfirsttimebuyercredit.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 18:29:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 326945
last-modified: Wed, 17 Mar 2021 14:39:26 GMT
server: cloudflare
etag: "6052149e-4fd21"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OzCmeDzZ%2BAs1rPWBe%2BVNYGeHnPXWirrvI6%2FsgGz7UnapgcxoGOivNS3ltK6j%2BvaqmwDWJilJcCwoic5a%2BQ%2FvNwW8poy1nBusYOsRWxw39woyAJbh6dMFDw4v6tx6wjsqbVzyO%2FE%2BjHiEaTYwCPwM9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 691d1e741e04412c-PRG

GET
H3 200 acc_img.svg
bidenfirsttimebuyercredit.com/wp-content/themes/homebuyer/images/ 3 KB
2 KB 346ms
344ms Image
image/svg+xml 172.67.164.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bidenfirsttimebuyercredit.com/wp-content/themes/homebuyer/images/acc_img.svg
Requested by: Host: bidenfirsttimebuyercredit.com
URL: https://bidenfirsttimebuyercredit.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.164.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b31e975dd361ff1fafd8d75ed9151846b127c3b6e923f4c7bc8b1bbb3446fd05

Request headers

:path: /wp-content/themes/homebuyer/images/acc_img.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bidenfirsttimebuyercredit.com
referer: https://bidenfirsttimebuyercredit.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 18:29:23 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 17 Mar 2021 14:39:26 GMT
server: cloudflare
etag: W/"6052149e-ade"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TH6NoC5nDytp6eJz9e3oeA9LCLCa0YkZy0URzJmL2k1xs8pJBFUsX5sGMoC4ivtHujeFOt0sgeXGRjyqGYnMU0G59VNaVXm7EHQpYMwqjS%2F48Bw88bl1mlJv%2BHKfO0gKGkTSGF7WhuviA2b2qbZFFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 691d1e741e06412c-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 acc_img2.svg
bidenfirsttimebuyercredit.com/wp-content/themes/homebuyer/images/ 5 KB
2 KB 346ms
344ms Image
image/svg+xml 172.67.164.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bidenfirsttimebuyercredit.com/wp-content/themes/homebuyer/images/acc_img2.svg
Requested by: Host: bidenfirsttimebuyercredit.com
URL: https://bidenfirsttimebuyercredit.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.164.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f37de5bd91f4e6c8b66ef20df1f7dc8878bb4d810ca86c6b4e47771254940dba

Request headers

:path: /wp-content/themes/homebuyer/images/acc_img2.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bidenfirsttimebuyercredit.com
referer: https://bidenfirsttimebuyercredit.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 18:29:23 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 17 Mar 2021 14:39:26 GMT
server: cloudflare
etag: W/"6052149e-137c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oPUxn7J7ur0vRir%2Bxpf6aMjNVjj%2Ba%2BskJEmv0Dfxlo%2B4GNG7a3Zt8A%2Fv3jKDtLVLrGxxbhyN5%2BZY%2BN33hVqh3FTPf68XvnMHZs4KNPE801DLiE5c1LET5yBc89xHL3NK9gKSLltJS5IQx8H%2BdE8Qdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 691d1e741e07412c-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 acc_img3.svg
bidenfirsttimebuyercredit.com/wp-content/themes/homebuyer/images/ 3 KB
1 KB 333ms
331ms Image
image/svg+xml 172.67.164.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bidenfirsttimebuyercredit.com/wp-content/themes/homebuyer/images/acc_img3.svg
Requested by: Host: bidenfirsttimebuyercredit.com
URL: https://bidenfirsttimebuyercredit.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.164.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbc260d88895b600ea6fb767065fdcb2af74a69aeae7fae7666912e7ef76aca8

Request headers

:path: /wp-content/themes/homebuyer/images/acc_img3.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bidenfirsttimebuyercredit.com
referer: https://bidenfirsttimebuyercredit.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 18:29:23 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 17 Mar 2021 14:39:26 GMT
server: cloudflare
etag: W/"6052149e-ba7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w9W5By0gtWqZRhBkv%2B2if3y1DjKcSpJ6DtHGNWkFQ4foA1mmfL4MtMfHNce4T2JzFAzOwT5p6qojKRAfE3IoFkbo%2BXFo5bvti7JirIjhmqY%2BM6mB28N5qL22nglY%2Bsc4nt8RQCi5ZR60c05gLFGUkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 691d1e741e08412c-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 we-cut-the-middleman.svg
bidenfirsttimebuyercredit.com/wp-content/themes/homebuyer/images/ 3 KB
2 KB 197ms
195ms Image
image/svg+xml 172.67.164.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bidenfirsttimebuyercredit.com/wp-content/themes/homebuyer/images/we-cut-the-middleman.svg
Requested by: Host: bidenfirsttimebuyercredit.com
URL: https://bidenfirsttimebuyercredit.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.164.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c427a7ac334ff009c4190a23d887e9e1c8da52e605cb6a32cd7231a9a8ad182

Request headers

:path: /wp-content/themes/homebuyer/images/we-cut-the-middleman.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bidenfirsttimebuyercredit.com
referer: https://bidenfirsttimebuyercredit.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 18:29:23 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 17 Mar 2021 14:39:26 GMT
server: cloudflare
etag: W/"6052149e-ae6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mXMUItoAZrzaDy8SA3lPUbrvGSE5T9XVsrhuPCzznvDIDt%2B2%2FEyMKsMh9M8wnFeScPTva%2BSKzLfLxTzCFCG%2FD%2FSydmAFrgbYYbXFBEILUOxpRmq1niufPlnh85hLq%2Fqy6TcUWA7EPwF%2BvnF9E9wuMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 691d1e741e0a412c-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 we-dont-earn-commission.svg
bidenfirsttimebuyercredit.com/wp-content/themes/homebuyer/images/ 2 KB
2 KB 198ms
196ms Image
image/svg+xml 172.67.164.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bidenfirsttimebuyercredit.com/wp-content/themes/homebuyer/images/we-dont-earn-commission.svg
Requested by: Host: bidenfirsttimebuyercredit.com
URL: https://bidenfirsttimebuyercredit.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.164.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d19877663ff4f82eef7882b6b5a87b9dd348f68a71e9dca6a8240d0cfde85d42

Request headers

:path: /wp-content/themes/homebuyer/images/we-dont-earn-commission.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bidenfirsttimebuyercredit.com
referer: https://bidenfirsttimebuyercredit.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 18:29:23 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 17 Mar 2021 14:39:26 GMT
server: cloudflare
etag: W/"6052149e-9cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DWCpgl9jnytTdELEd1XHuP2DPVJ%2BlLgwXCQ%2FTPK%2B%2F8U1Y7Mfbd35uX2%2FxKI6gMeBvXLLICFGaVVkphFVKNx7j5tC0c%2F%2FPVXxJjJ4F1m4UH84M0Hu%2Fh5RdM40gRcDDWNHKMbtlWO8aECDpbUIL4eVBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 691d1e741e0c412c-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 we-are-efficient.svg
bidenfirsttimebuyercredit.com/wp-content/themes/homebuyer/images/ 2 KB
1 KB 346ms
344ms Image
image/svg+xml 172.67.164.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bidenfirsttimebuyercredit.com/wp-content/themes/homebuyer/images/we-are-efficient.svg
Requested by: Host: bidenfirsttimebuyercredit.com
URL: https://bidenfirsttimebuyercredit.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.164.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4f4671570f67051834ba251cc8d44f0adfdc4fa2b3b6c5382a5137dfe690911

Request headers

:path: /wp-content/themes/homebuyer/images/we-are-efficient.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bidenfirsttimebuyercredit.com
referer: https://bidenfirsttimebuyercredit.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 18:29:23 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 17 Mar 2021 14:39:26 GMT
server: cloudflare
etag: W/"6052149e-8b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zcCqn7sQD8j6WRcYa57wKg24bFF5YqOZE3%2BA2u9O1nhpETtDHdHdVebkVSOwAWYHB41eveRZnILaOV%2B%2FglajvGEsu3OJTu0oBBuWGyPVHz4ck2tNFTtUSglLG1W%2Fba63haAB73sw4JBHqMRREn88yQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 691d1e741e0f412c-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 instant-mortgage-updates.svg
bidenfirsttimebuyercredit.com/wp-content/themes/homebuyer/images/ 1 KB
1 KB 336ms
334ms Image
image/svg+xml 172.67.164.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bidenfirsttimebuyercredit.com/wp-content/themes/homebuyer/images/instant-mortgage-updates.svg
Requested by: Host: bidenfirsttimebuyercredit.com
URL: https://bidenfirsttimebuyercredit.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.164.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cda0004f06a0d56e23933949f67306a9613d8b24b3da2261d73232709e2df69

Request headers

:path: /wp-content/themes/homebuyer/images/instant-mortgage-updates.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bidenfirsttimebuyercredit.com
referer: https://bidenfirsttimebuyercredit.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 18:29:23 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 17 Mar 2021 14:39:26 GMT
server: cloudflare
etag: W/"6052149e-468"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A3afe5rv8V5%2BHWi07IFqUpWQkwvn1mX8EntuTaThCupR9cwYuildPsemdl4D%2Bi9V%2BS%2FhujPp5D3hpFcfTQzzj%2F0tfsto0w0B9VksRdTwzkcyeMDHNT6n6W9S7tkHKTzNwfNZ1ASskXM4IvAuHy0Bag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 691d1e741e12412c-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 evenings-and-weekends.svg
bidenfirsttimebuyercredit.com/wp-content/themes/homebuyer/images/ 2 KB
1 KB 345ms
343ms Image
image/svg+xml 172.67.164.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bidenfirsttimebuyercredit.com/wp-content/themes/homebuyer/images/evenings-and-weekends.svg
Requested by: Host: bidenfirsttimebuyercredit.com
URL: https://bidenfirsttimebuyercredit.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.164.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75832563c99934cb0f1d37edf45e6b073fbeb137ed105bb4ef6b7ac8c616f7c7

Request headers

:path: /wp-content/themes/homebuyer/images/evenings-and-weekends.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bidenfirsttimebuyercredit.com
referer: https://bidenfirsttimebuyercredit.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 18:29:23 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 17 Mar 2021 14:39:26 GMT
server: cloudflare
etag: W/"6052149e-87e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xhwQ9kq6%2BDvjTBSFhxxnPw4iR6max%2FZdRY3GuOTtgYGx%2Bf%2B109dHEgllSToAWqQblstZwOQVXefRWtHMGoUkXhIuY%2F%2BtHRmiV%2FuYDHJt6oB1f%2ByLXXVlIgxqWVYxPVUzBrDHFzfJW1F%2FVlP7u2dZ6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 691d1e741e13412c-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 text-call-slack.svg
bidenfirsttimebuyercredit.com/wp-content/themes/homebuyer/images/ 1 KB
1 KB 335ms
333ms Image
image/svg+xml 172.67.164.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bidenfirsttimebuyercredit.com/wp-content/themes/homebuyer/images/text-call-slack.svg
Requested by: Host: bidenfirsttimebuyercredit.com
URL: https://bidenfirsttimebuyercredit.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.164.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab7db2907cb894327d579a144372ee227392bb6c750a43f61fa76af22d8ebfde

Request headers

:path: /wp-content/themes/homebuyer/images/text-call-slack.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bidenfirsttimebuyercredit.com
referer: https://bidenfirsttimebuyercredit.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 18:29:23 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 17 Mar 2021 14:39:26 GMT
server: cloudflare
etag: W/"6052149e-46a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Od44n%2B%2FFQxHki3jSlxX7bPzi0j8aFJIDDE79uEGws7POowljG%2F6MBJYp0aBP7BChh64tFcC2F%2BGZ5q1kywE3C3tCxxl8FIA3o1C0J5Bnu0UYyJL4RmcMVniB%2BHlaMQZmHKvLuCMkObSIMHjkHNVcLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 691d1e741e14412c-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 quote-icon.svg
bidenfirsttimebuyercredit.com/wp-content/themes/homebuyer/images/ 2 KB
2 KB 346ms
344ms Image
image/svg+xml 172.67.164.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bidenfirsttimebuyercredit.com/wp-content/themes/homebuyer/images/quote-icon.svg
Requested by: Host: bidenfirsttimebuyercredit.com
URL: https://bidenfirsttimebuyercredit.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.164.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32075063675d71bb637a6cf470f20c99344e6f5abe15df1bbf28e87765c7c235

Request headers

:path: /wp-content/themes/homebuyer/images/quote-icon.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bidenfirsttimebuyercredit.com
referer: https://bidenfirsttimebuyercredit.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 18:29:23 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 17 Mar 2021 14:39:26 GMT
server: cloudflare
etag: W/"6052149e-9a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xEln0fo12fBjUmH%2F2vJjSMadOsHBYBsELs%2BcfPAQSvF7hDylFAcEpUmk%2B6FVfQ9zV4t%2BtPe0We1nsXN9KnETVnNMzSpsQOJ2XX3yVu4HHxT0iHhjg6Yq%2FhEC25L8CG3%2BxaDUcTkE7Yx0BOv%2B7S4Cag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 691d1e741e15412c-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 7604195.js Show response
js.hs-scripts.com/ 2 KB
972 B 153ms
133ms Script
application/javascript 104.17.210.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/7604195.js?integration=WordPress
Requested by: Host: bidenfirsttimebuyercredit.com
URL: https://bidenfirsttimebuyercredit.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.210.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6ec90e5be11fdf406664a0ac17e39d683eb3dfd60d5773f90b5fadeefcd6997

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 18:29:23 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
x-hubspot-correlation-id: 3ea81da4-e289-4f9f-8e1a-4d0dec13e18c
x-trace: 2BA0787B68D81686D27F8F8D391B4D19B199BAE87A000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://bidenfirsttimebuyercredit.com
access-control-max-age: 3600
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 691d1e743fba4357-FRA
expires: Mon, 20 Sep 2021 18:30:23 GMT

GET
H3 200 wpo-minify-footer-b5fe1733.min.js Show response
bidenfirsttimebuyercredit.com/wp-content/cache/wpo-minify/1619739434/assets/ 160 KB
37 KB 557ms
556ms Script
application/javascript 172.67.164.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bidenfirsttimebuyercredit.com/wp-content/cache/wpo-minify/1619739434/assets/wpo-minify-footer-b5fe1733.min.js
Requested by: Host: bidenfirsttimebuyercredit.com
URL: https://bidenfirsttimebuyercredit.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.164.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffc497c3dc40884e926c7d62b354994157e112300de2f1f4932b4417732411e5

Request headers

:path: /wp-content/cache/wpo-minify/1619739434/assets/wpo-minify-footer-b5fe1733.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bidenfirsttimebuyercredit.com
referer: https://bidenfirsttimebuyercredit.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 18:29:23 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 29 Apr 2021 23:37:17 GMT
server: cloudflare
etag: W/"608b432d-27e04"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O1buZ7GDLFdSRQCyuaKAygbfRYhpo87vuHGZI4kG1lOE1%2FezVYZ2SpEXRFSwTT9RzcJ9W4M%2BNHugnSewUloik%2BqtNTLqII71XWUAWEo6ME1eertVIemQuSy4dk2VhAe9ZSTqh86wtPcSMR0s0thrcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 691d1e741dfe412c-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 106 KB
41 KB 283ms
16ms Script
application/javascript 172.217.16.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KCTGB6Z

Requested by

Host: bidenfirsttimebuyercredit.com
URL: https://bidenfirsttimebuyercredit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

016d4c0534a3cef0d78075064da110baae68ae8e0599d0f1dfb3c9f391103b48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 18:29:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41391
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 20 Sep 2021 18:29:23 GMT

GET
H2 200 right-arrow.svg
bidenhomebuyercredit.org/wp-content/themes/homebuyer/images/ 804 B
684 B 145ms
26ms Image
image/svg+xml 104.21.42.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bidenhomebuyercredit.org/wp-content/themes/homebuyer/images/right-arrow.svg
Requested by: Host: bidenfirsttimebuyercredit.com
URL: https://bidenfirsttimebuyercredit.com/wp-content/cache/wpo-minify/1619739434/assets/wpo-minify-header-cafa2f6a.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.42.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a3ee20d97fa3254252e3e5b6cf5eaae60b447a0dee9679b913f87bceed50d70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 18:29:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 265
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 17 Mar 2021 14:39:26 GMT
server: cloudflare
etag: W/"6052149e-324"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cu7pDwcOzWakXrcl3dkeAd85r4rfHi0c08x7A1T29AH0UzLWdHXN2mpmEn8TfxxWValDGiIOZ5dqc%2Bjf7o9%2FXKShebop2CMjeh0fup7Tu%2BvfCkZaeRHUr7%2FVhxhOv0bY1En8GnoPiAMo4nA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 691d1e74dbe0f9e2-PRG

GET
H2 200 iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-4I-1Uw.woff
fonts.gstatic.com/s/rubik/v14/ 50 KB
50 KB 74ms
50ms Font
font/woff 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v14/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-4I-1Uw.woff

Requested by

Host: bidenfirsttimebuyercredit.com
URL: https://bidenfirsttimebuyercredit.com/wp-content/cache/wpo-minify/1619739434/assets/wpo-minify-header-cafa2f6a.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f3.1e100.net

Software

sffe /

Resource Hash

84355054376aed5d8e66330525b353d716a88da6d87eb4cff833927a773df476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bidenfirsttimebuyercredit.com/
Origin: https://bidenfirsttimebuyercredit.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:32:37 GMT
x-content-type-options: nosniff
age: 579406
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51516
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 19:49:09 GMT
server: sffe
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Sep 2022 01:32:37 GMT

GET
H2 200 iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-WYi1Uw.woff
fonts.gstatic.com/s/rubik/v14/ 47 KB
47 KB 91ms
67ms Font
font/woff 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v14/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-WYi1Uw.woff

Requested by

Host: bidenfirsttimebuyercredit.com
URL: https://bidenfirsttimebuyercredit.com/wp-content/cache/wpo-minify/1619739434/assets/wpo-minify-header-cafa2f6a.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f3.1e100.net

Software

sffe /

Resource Hash

a5a38d30a76a6990b61de3fbdb3346a5cc50781683e0edde4411dc453bdb5c32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bidenfirsttimebuyercredit.com/
Origin: https://bidenfirsttimebuyercredit.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 20:11:29 GMT
x-content-type-options: nosniff
age: 598674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47880
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 19:48:54 GMT
server: sffe
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 20:11:29 GMT

GET
H2 200 iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-2Y-1Uw.woff
fonts.gstatic.com/s/rubik/v14/ 50 KB
51 KB 33ms
9ms Font
font/woff 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v14/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-2Y-1Uw.woff

Requested by

Host: bidenfirsttimebuyercredit.com
URL: https://bidenfirsttimebuyercredit.com/wp-content/cache/wpo-minify/1619739434/assets/wpo-minify-header-cafa2f6a.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f3.1e100.net

Software

sffe /

Resource Hash

053fc5d0e880c259834b89e77fcb8a8f0a868531a4c22198376b615a479b833c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bidenfirsttimebuyercredit.com/
Origin: https://bidenfirsttimebuyercredit.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 07:32:36 GMT
x-content-type-options: nosniff
age: 39407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51584
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 19:48:21 GMT
server: sffe
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Sep 2022 07:32:36 GMT

GET
H2 200 75fc4204-e317-4881-aa0b-f5105a68cf96 Show response
forms.hsforms.com/embed/v3/form/7604195/ 6 KB
1 KB 198ms
140ms Script
application/javascript 104.16.86.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/7604195/75fc4204-e317-4881-aa0b-f5105a68cf96?callback=hs_reqwest_0&hutk=

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.86.5 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea8886f000b1e2fdec314669af384b0eda9959082d7f207c15154871dba4d885

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 18:29:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 6d31532e-cdbe-4325-b40d-5665fa1b5a52
cf-ray: 691d1e74c9335b8c-FRA
content-disposition: attachment; filename=no-rfd.txt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
x-trace: 2B598ADFB61B6B78F261DEA3BB64AC7590B75872E1000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 arrow-pointing.svg
bidenhomebuyercredit.org/wp-content/themes/homebuyer/images/ 1 KB
1 KB 72ms
25ms Image
image/svg+xml 104.21.42.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bidenhomebuyercredit.org/wp-content/themes/homebuyer/images/arrow-pointing.svg
Requested by: Host: bidenfirsttimebuyercredit.com
URL: https://bidenfirsttimebuyercredit.com/wp-content/cache/wpo-minify/1619739434/assets/wpo-minify-header-cafa2f6a.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.42.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d802bb3f064f8b50303f2313520ee4d6a57ff0e4bdcc76811c34086f104447bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 18:29:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 265
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 17 Mar 2021 14:39:26 GMT
server: cloudflare
etag: W/"6052149e-59d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2BY7NA1DjIgeZ3R0hTovs5VSVtvaJ%2FYMVpYqIHPYSansXJJg5%2BkOUTG089U8vLdp3g6grvkc7Xmb8D63YUoQ8qnNXLB5hZ%2BEM0iHBW0HHHAsB4qfCbO4ZZ0JUI%2FOGdk3OaQKB6g24Tcbxu4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 691d1e74dbe1f9e2-PRG

GET
H3 200 cta-background.png
bidenfirsttimebuyercredit.com/wp-content/themes/homebuyer/images/ 16 KB
16 KB 476ms
476ms Image
image/png 172.67.164.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bidenfirsttimebuyercredit.com/wp-content/themes/homebuyer/images/cta-background.png
Requested by: Host: bidenfirsttimebuyercredit.com
URL: https://bidenfirsttimebuyercredit.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.164.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b0ec9deec7c66b503b86b4705f75e3f30154524f9ef3e0d185d89f72610def1

Request headers

:path: /wp-content/themes/homebuyer/images/cta-background.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bidenfirsttimebuyercredit.com
referer: https://bidenfirsttimebuyercredit.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 18:29:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15884
last-modified: Wed, 17 Mar 2021 14:39:26 GMT
server: cloudflare
etag: "6052149e-3e0c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tAktoBoLtTdPGbAxFmz64MeitkNDYJguGBpyh1kHyAbjD%2BmcNmZbC6q16dfSqu5g58sW7CVNJBv3xzdwvxe0SMHS%2BUKDPcHwYv1sJxKOiq9sr7SkGyw5ZFM1NPuqNlCQfU44p5IxDq12rqYWRSL6XA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 691d1e749eb4412c-PRG

GET
H2 200 iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4i1Uw.woff
fonts.gstatic.com/s/rubik/v14/ 50 KB
50 KB 308ms
7ms Font
font/woff 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v14/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4i1Uw.woff

Requested by

Host: bidenfirsttimebuyercredit.com
URL: https://bidenfirsttimebuyercredit.com/wp-content/cache/wpo-minify/1619739434/assets/wpo-minify-header-cafa2f6a.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f3.1e100.net

Software

sffe /

Resource Hash

3dce5930d1e18504111dd6f4e3062cbcd1cb3423f1a9be88928fa8e1cd6ac9d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bidenfirsttimebuyercredit.com/
Origin: https://bidenfirsttimebuyercredit.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 15:01:22 GMT
x-content-type-options: nosniff
age: 12481
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51160
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 19:49:13 GMT
server: sffe
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Sep 2022 15:01:22 GMT

GET
H2 200 iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-NYi1Uw.woff
fonts.gstatic.com/s/rubik/v14/ 50 KB
51 KB 310ms
8ms Font
font/woff 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v14/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-NYi1Uw.woff

Requested by

Host: bidenfirsttimebuyercredit.com
URL: https://bidenfirsttimebuyercredit.com/wp-content/cache/wpo-minify/1619739434/assets/wpo-minify-header-cafa2f6a.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f3.1e100.net

Software

sffe /

Resource Hash

5071698eec1477628d9e03c86c0ad15effc6a0df24d240457523e3be01f0f332

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bidenfirsttimebuyercredit.com/
Origin: https://bidenfirsttimebuyercredit.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 08:14:30 GMT
x-content-type-options: nosniff
age: 296093
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51628
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 19:49:25 GMT
server: sffe
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Sep 2022 08:14:30 GMT

GET
H2 200 75fc4204-e317-4881-aa0b-f5105a68cf96 Show response
forms.hsforms.com/embed/v3/form/7604195/ 6 KB
2 KB 157ms
137ms Script
application/javascript 104.16.86.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/7604195/75fc4204-e317-4881-aa0b-f5105a68cf96?callback=hs_reqwest_1&hutk=

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.86.5 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cb4df35020583aad3cc99796eaba70269a987cf3ccae97276b3a5b98aad2815

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 18:29:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 9b2b700d-5cc7-46ba-ac53-1e0485f3b119
cf-ray: 691d1e74d9385b8c-FRA
content-disposition: attachment; filename=no-rfd.txt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
x-trace: 2B4C01E497CBB395255F4C285C1119FC26D031681F000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 7604195.js Show response
js.hs-banner.com/ 62 KB
16 KB 40ms
21ms Script
text/javascript 104.18.21.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/7604195.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7604195.js?integration=WordPress
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.191 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c192369e3c8cc8d3a9a56f9edde70c5a6ab98afa3f1a6ca3e6a430097231e8f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 18:29:23 GMT
content-encoding: br
cf-cache-status: HIT
age: 264
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-request-id: GRC7134PXSNKTHQ1
x-amz-id-2: JxcNzTeFE9+C/u2k0xnM6Uhy4AOno2mSBy2BVEn6nriN2d8L3daU2PGmALPNSOMEi7fz3SHZwlU=
timing-allow-origin: *
last-modified: Fri, 03 Sep 2021 21:08:53 GMT
server: cloudflare
etag: W/"39a1794ca8ce3057373f1d363855307d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: vsgiIUw9xgLogpzWAmnLYZSURyv7Pu3p
access-control-allow-origin: https://25000firsttimehomebuyercredit.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 691d1e752b944e79-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Mon, 20 Sep 2021 18:29:58 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 45ms
23ms Script
application/javascript 104.17.112.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7604195.js?integration=WordPress
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.112.176 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3580f6192b07e6adf20bee13a293fa896d94bfa1a6ae178a1dc2c0cdfdddee10

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 18:29:23 GMT
via: 1.1 c34bd35d24f6df50307d1ac92d0f6110.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 500
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.249/bundles/pixels-release.js&cfRay=691d123e99466977-FRA
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Wed, 15 Sep 2021 03:28:21 UTC
server: cloudflare
etag: W/"017aa1ba42249a33ae8828d1b3419e60"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: Z6tNN4l67.OGsYaj9b4D5V0rrFjuYW3s
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 691d1e7528714a68-FRA
x-amz-cf-id: Ld-dUsR0UitypzKflUnNn4YkUrU6p9ah0SCltOd-zVW84Z3QJGJq1A==
x-hs-target-asset: adsscriptloaderstatic/static-1.249/bundles/pixels-release.js

GET
H2 200 7604195.js Show response
js.hs-analytics.net/analytics/1632162300000/ 62 KB
20 KB 39ms
17ms Script
text/javascript 104.17.67.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1632162300000/7604195.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7604195.js?integration=WordPress
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.67.176 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ade626712fab0b158847457c598bd117fe18d0d2f17ae67574902b761a7ef2b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 18:29:23 GMT
content-encoding: br
cf-cache-status: HIT
age: 258
x-amz-server-side-encryption: AES256
x-amz-request-id: 2Z36NMZP65EG1894
x-amz-id-2: OMNUd0jlCBC5oaCwH5IyDoQZByWiRY0PoMoUgixtEZStzpw9BtYwxAvQvXyY/kTsIey0Lv4ANgY=
last-modified: Mon, 19 Jul 2021 16:02:22 GMT
server: cloudflare
etag: W/"87f025803509295777e77819570a26bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
x-amz-version-id: null
cf-ray: 691d1e752e255b3e-FRA
expires: Mon, 20 Sep 2021 18:30:05 GMT

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 80 KB
21 KB 42ms
21ms Script
application/javascript 104.17.239.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7604195.js?integration=WordPress
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.239.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 832fcb7a625f828fb8cd99e39ef1b9abe50f1bc164a0aeeeed1ef15fa7505deb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 18:29:23 GMT
via: 1.1 51391527dd8c879c45b44b119905c873.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 323
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.9209/bundles/project.js&cfRay=691d1690680d4321-IAD
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Thu, 16 Sep 2021 05:13:43 UTC
server: cloudflare
etag: W/"cecb2964faa8bf5b647ff0431628c01f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: HAX2I11puR0RrwmgvE3LmLBDwNOOTMQz
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 691d1e752f476983-FRA
x-amz-cf-id: DzOzQz-vKu2BxY5KKVVAlL67B9W3lcQQtg_uEOYTjmHjXz1FOgTL9g==
x-hs-target-asset: conversations-embed/static-1.9209/bundles/project.js

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 54ms
26ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KCTGB6Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

a5feea0a78c0027e0565b6f0cb360b65e67d24c4300defb266fa9ff1dc89e4a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 18:29:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14047
x-xss-protection: 0
server: cafe
etag: 13691176309111193505
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 20 Sep 2021 18:29:23 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/475235330/ 2 KB
1 KB 49ms
24ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/475235330/?random=1632162563576&cv=9&fst=1632162563576&num=1&value=0&label=HQICCIT6ne4BEIKIzuIB&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9f0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fbidenfirsttimebuyercredit.com%2F&tiba=Biden%20First%20Time%20Buyer%20Credit&auid=554806813.1632162564&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

8c7ec1b16b0de4a37a764ef65c087e3c802e070dfeb3d58803514ff800ec7dc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Sep 2021 18:29:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1208
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/475235330/ 2 KB
2 KB 45ms
22ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/475235330/?random=1632162563584&cv=9&fst=1632162563584&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9f0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fbidenfirsttimebuyercredit.com%2F&tiba=Biden%20First%20Time%20Buyer%20Credit&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

8f7bb6ebada05f4e00dafe3678e50fcbe191176a5130f26744900e3dd7be0ac2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Sep 2021 18:29:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 989
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/475235330/ 42 B
569 B 41ms
17ms Image
image/gif 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/475235330/?random=1632162563584&cv=9&fst=1632160800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9f0&sendb=1&frm=0&url=https%3A%2F%2Fbidenfirsttimebuyercredit.com%2F&tiba=Biden%20First%20Time%20Buyer%20Credit&async=1&fmt=3&is_vtc=1&random=578084115&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: bidenfirsttimebuyercredit.com
URL: https://bidenfirsttimebuyercredit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Sep 2021 18:29:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.com/pagead/1p-conversion/475235330/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/475235330/?random=797669656&cv=9&fst=1632162563576&num=1&value=0&label=HQICCIT6ne4BEIKIzuIB&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u...
https://www.google.com/pagead/1p-conversion/475235330/?random=797669656&cv=9&fst=1632162563576&num=1&value=0&label=HQICCIT6ne4BEIKIzuIB&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_a...

42 B
64 B

70ms
35ms

Image
image/gif

142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/475235330/?random=797669656&cv=9&fst=1632162563576&num=1&value=0&label=HQICCIT6ne4BEIKIzuIB&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9f0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fbidenfirsttimebuyercredit.com%2F&tiba=Biden%20First%20Time%20Buyer%20Credit&auid=554806813.1632162564&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=A9NIYdiAJrn5-gbWoLnABA&cid=CAQSKQCNIrLM2bCMgt4WYpwmvFJChLBO02Fga8Yotxb9WChwNuKz8g7y7F8F&eitems=ChAI8OKgigYQ3NP4q97MuedzEh0A74gLl20fhZnsTPAWG3RPx03rDwLm9gQoWW6c7A&random=3081141298&resp=GooglemKTybQhCsO

Requested by

Host: bidenfirsttimebuyercredit.com
URL: https://bidenfirsttimebuyercredit.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Sep 2021 18:29:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Sep 2021 18:29:23 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
location: https://www.google.com/pagead/1p-conversion/475235330/?random=797669656&cv=9&fst=1632162563576&num=1&value=0&label=HQICCIT6ne4BEIKIzuIB&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9f0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fbidenfirsttimebuyercredit.com%2F&tiba=Biden%20First%20Time%20Buyer%20Credit&auid=554806813.1632162564&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=A9NIYdiAJrn5-gbWoLnABA&cid=CAQSKQCNIrLM2bCMgt4WYpwmvFJChLBO02Fga8Yotxb9WChwNuKz8g7y7F8F&eitems=ChAI8OKgigYQ3NP4q97MuedzEh0A74gLl20fhZnsTPAWG3RPx03rDwLm9gQoWW6c7A&random=3081141298&resp=GooglemKTybQhCsO
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ 0
0 171ms
148ms Preflight
text/plain 104.19.155.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=7604195&conversations-embed=static-1.9209&mobile=false&messagesUtk=c1c19edbf1b247c0872a67063cad5880&traceId=c1c19edbf1b247c0872a67063cad5880

Protocol

Server

104.19.155.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-hubspot-messages-uri
Origin: https://bidenfirsttimebuyercredit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 20 Sep 2021 18:29:23 GMT
content-type: text/plain; charset=utf-8
content-length: 18
cf-ray: 691d1e77dfdd6943-FRA
access-control-allow-origin: https://bidenfirsttimebuyercredit.com
allow: HEAD,GET,OPTIONS
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hubspot-correlation-id: 3b9f29a8-f66e-41cf-9a5b-db19e08cb8cf
x-trace: 2BF958471BE0F60C84670D8EB3406B34FB4A122FDF000000000000000000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZtSoHcA0Ny7sF%2FFYVWDa7khOT1Wf5w4JW0seOEaQCB7LQaQV%2BxnR3cTDcWwqk7%2FRzzOyvjRONTg6QfzCno0mqw8VGY82rCoGSreN68eJiSu2iPLBfLo9MRF0UrmBkR9zhw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 272 B
1 KB 178ms
168ms XHR
application/json 104.19.155.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.155.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9b0e5a59a24abbf00a8088d1b1415a63cc528642efd77d18e3d10b22a158c48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Referer: https://bidenfirsttimebuyercredit.com/
Accept-Language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://bidenfirsttimebuyercredit.com/

Response headers

date: Mon, 20 Sep 2021 18:29:24 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 6ac74a30-f180-4510-bc87-787b7170d45a
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 216
server: cloudflare
x-trace: 2B0B10EED93EC9190B819F1F21D2A70AEBA461527D000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2BQDsKfxRDSR09Y3vTWbSY43vSkZ91PJ%2BU1KCHq3mZAB0Uc4umQGyU6reI4mNpwxI6EjQnyeX12lgtiTNaJAPbdgXT%2FT43HB7Ca5nihecEgVVCZqs9e7pqpc09e27OsJcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://bidenfirsttimebuyercredit.com
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 691d1e78da4668e6-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H3 200 down-arrow.svg
bidenhomebuyercredit.org/wp-content/themes/homebuyer/images/ 1 KB
1013 B 40ms
19ms Image
image/svg+xml 104.21.42.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bidenhomebuyercredit.org/wp-content/themes/homebuyer/images/down-arrow.svg
Requested by: Host: bidenfirsttimebuyercredit.com
URL: https://bidenfirsttimebuyercredit.com/wp-content/cache/wpo-minify/1619739434/assets/wpo-minify-header-cafa2f6a.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.42.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11304879acf276786be88a632840a98ee3350cf5640a4ddf57ff451c10822779

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 18:29:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 264
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 17 Mar 2021 14:39:26 GMT
server: cloudflare
etag: W/"6052149e-558"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pocnlq9itdhe7MQLQlFvdLR2JcmQc8ITIVonHZOLYs88k53ud1Pcjd7HXFqE%2FHP2RGJCnBFMn6gfBei0c0fRjfhezW7uRLk%2B19vVbV9wE6q9kQSNpl9YHeLyrWxq8DTi9XwrCHhTqs%2FZltk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 691d1e7809f627bc-PRG

GET
H3 404 ajax-loader.gif
bidenhomebuyercredit.org/wp-content/themes/homebuyer/css/ 0
0 31ms
31ms Image
text/html 104.21.42.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bidenhomebuyercredit.org/wp-content/themes/homebuyer/css/ajax-loader.gif
Requested by: Host: bidenfirsttimebuyercredit.com
URL: https://bidenfirsttimebuyercredit.com/wp-content/cache/wpo-minify/1619739434/assets/wpo-minify-header-cafa2f6a.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.42.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 left-arrow2.svg
bidenhomebuyercredit.org/wp-content/themes/homebuyer/images/ 1 KB
938 B 23ms
23ms Image
image/svg+xml 104.21.42.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bidenhomebuyercredit.org/wp-content/themes/homebuyer/images/left-arrow2.svg
Requested by: Host: bidenfirsttimebuyercredit.com
URL: https://bidenfirsttimebuyercredit.com/wp-content/cache/wpo-minify/1619739434/assets/wpo-minify-header-cafa2f6a.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.42.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 510ab5b8ef93b924c39c9557aa2951d72f6f510a7f3c592d1f2cde35cea5c27c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 18:29:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 264
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 17 Mar 2021 14:39:26 GMT
server: cloudflare
etag: W/"6052149e-4f3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=62ufa%2F7g6zWG2xBY2XSHA8bKIflebW2N87O9ezzfsvJkcb77MAfXxV1NYwSWcAMM7s3fUhezwkyJoYw7a5TOOkLNzF0UlsfYmqPs8In8uIzo6Xscwd7uSfiB1JvlbYVI%2BNIk0DHnIEKH5vw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 691d1e784a5627bc-PRG

GET
H3 200 right-arrow1.svg
bidenhomebuyercredit.org/wp-content/themes/homebuyer/images/ 1 KB
887 B 24ms
24ms Image
image/svg+xml 104.21.42.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bidenhomebuyercredit.org/wp-content/themes/homebuyer/images/right-arrow1.svg
Requested by: Host: bidenfirsttimebuyercredit.com
URL: https://bidenfirsttimebuyercredit.com/wp-content/cache/wpo-minify/1619739434/assets/wpo-minify-header-cafa2f6a.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.42.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40a52ef5d9df528a7848172f67de35de3c30e6c49d2800af3945d0f36bc99ce4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 18:29:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 264
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 17 Mar 2021 14:39:26 GMT
server: cloudflare
etag: W/"6052149e-493"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zajm1YSSGLobLtvwdbH16BaHbP%2FI7mJ8REPbB74zxUD9NgQEHWUq37wTPc0yatwmq8WBXDelYs3nJZdOe68XkPWvY148cgJOSY6y3t0AzHfHjbmyuj%2FuJwnP1SgJQgGnAS%2BcnLdDBJ5ROnI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 691d1e784a6027bc-PRG

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 139 B
983 B 145ms
128ms XHR
application/json 104.17.200.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=7604195

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.200.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb1503e38cbacef4bb2693805a627a82a35ffdf5993acae63c8fb1e6347ce0f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 18:29:24 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 73db29e1-6055-4777-9d2e-bf9d8bb88b50
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
x-trace: 2BD91132A83CB2D7872383DD69AE505618F9A73182000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gB7MWpIYKYiLrQToC6UNV09Cb6nY59%2BbNMdq3x84xtqrSv%2BHBX9%2Bh5Xx4xXr8B4fopcEdM1mY%2BOmJFuDmIHW4jZoVPvuGDX4D6mU1Ug3NIJJRzWoBXZZNTkSCuUJLIu7"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://bidenfirsttimebuyercredit.com
access-control-allow-credentials: false
cf-ray: 691d1e794c616957-FRA
access-control-allow-headers: *

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 60ms
31ms Script
application/javascript 172.217.16.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-475235330

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

99f04bfd69efc11af78207065f5caa29acb4682d83d731d2134e69cbbb6598de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 18:29:24 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39151
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 20 Sep 2021 18:29:24 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 25ms
9ms Script
application/x-javascript 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25999
x-xss-protection: 0
pragma: public
x-fb-debug: dJCbnGfMhJVAGOfwpsJYpWbtaO2SmNQn6CGeETylw3ZBDmZ2zMVAXJQ+JG60ntUgAh0a0YYxIhfvJeVYv25ofA==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 20 Sep 2021 18:29:24 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 16ms
8ms Script
application/x-javascript 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.45

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.216.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

56dc4c4ae3fbb32f792c424bad74b95f3ff0b4100778401303ecace1de61de4f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 20787
x-xss-protection: 0
pragma: public
x-fb-debug: HsTxTtkWpdj4qO+tRfLMxxjaWlbON6tsHad4hz46mTSXnS770Xsh0sHzibWvx4Adp7ZnZaVtGiiIEckS4+Gkjg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 20 Sep 2021 18:29:24 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 717511265089849 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 22ms
15ms Script
application/x-javascript 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/717511265089849?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.216.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

7bccab2a0178fae6c6ebeeb2bd1521bf24998658c385a113b50927a222c3bd91

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 89254
x-xss-protection: 0
pragma: public
x-fb-debug: k7QjClU/p5Bt34T2qcc/0a1Yv4uidWHyF71DabJvi2c+6bzuY5ZFukmBHdJWrhiiT5h+eSDBv1Z7YdNiGdoU9Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 20 Sep 2021 18:29:24 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 31ms
31ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-475235330

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

a5feea0a78c0027e0565b6f0cb360b65e67d24c4300defb266fa9ff1dc89e4a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 18:29:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14047
x-xss-protection: 0
server: cafe
etag: 13691176309111193505
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 20 Sep 2021 18:29:24 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
313 B 24ms
8ms Image
image/gif 185.60.216.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=717511265089849&ev=PageView&dl=https%3A%2F%2Fbidenfirsttimebuyercredit.com%2F&rl=&if=false&ts=1632162564268&sw=1600&sh=1200&ud[external_id]=f89059b2fb31803b0ffcd57691fa8778&v=2.9.45&r=stable&a=tmhubspot&ec=0&o=30&fbp=fb.1.1632162564267.1873416716&it=1632162564217&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 18:29:24 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 20 Sep 2021 18:29:24 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/475235330/ 2 KB
1 KB 60ms
60ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/475235330/?random=1632162564294&cv=9&fst=1632162564294&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbidenfirsttimebuyercredit.com%2F&tiba=Biden%20First%20Time%20Buyer%20Credit&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

77fdd04605f3b05e467e857986bf0edbd88bc07f27b4acb2a6df2945004657e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Sep 2021 18:29:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1012
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/475235330/ 42 B
64 B 28ms
27ms Image
image/gif 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/475235330/?random=1632162564294&cv=9&fst=1632160800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbidenfirsttimebuyercredit.com%2F&tiba=Biden%20First%20Time%20Buyer%20Credit&async=1&fmt=3&is_vtc=1&random=191733132&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Sep 2021 18:29:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 16ms
7ms Image
image/gif 185.60.216.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=717511265089849&ev=Microdata&dl=https%3A%2F%2Fbidenfirsttimebuyercredit.com%2F&rl=&if=false&ts=1632162565772&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Biden%20First%20Time%20Buyer%20Credit%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&ud[external_id]=f89059b2fb31803b0ffcd57691fa8778&v=2.9.45&r=stable&a=tmhubspot&ec=1&o=30&fbp=fb.1.1632162564267.1873416716&it=1632162564217&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.216.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bidenfirsttimebuyercredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 18:29:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Mon, 20 Sep 2021 18:29:25 GMT

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bidenfirsttimebuyercredit.com/	1970-01-19 23:32:18	Name: _gcl_au Value: 1.1.554806813.1632162564
.doubleclick.net/	1970-01-20 14:53:54	Name: IDE Value: AHWqTUlBi28RMTr6mCUkbWkyavJ2J3JQlC2AG6yhNXavCwi1H7X_8gRZvdnrehdb
bidenfirsttimebuyercredit.com/	1970-01-20 06:44:18	Name: __hstc Value: 213968776.f89059b2fb31803b0ffcd57691fa8778.1632162564028.1632162564028.1632162564028.1
bidenfirsttimebuyercredit.com/	1970-01-20 06:44:18	Name: hubspotutk Value: f89059b2fb31803b0ffcd57691fa8778
bidenfirsttimebuyercredit.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
bidenfirsttimebuyercredit.com/	1970-01-19 21:22:44	Name: __hssc Value: 213968776.1.1632162564029
.bidenfirsttimebuyercredit.com/	1970-01-19 23:32:18	Name: _fbp Value: fb.1.1632162564267.1873416716

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bidenhomebuyercredit.org/wp-content/themes/homebuyer/css/ajax-loader.gif Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubapi.com
api.hubspot.com
bidenfirsttimebuyercredit.com
bidenhomebuyercredit.org
connect.facebook.net
fonts.gstatic.com
forms.hsforms.com
googleads.g.doubleclick.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hsforms.net
js.usemessages.com
www.facebook.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
104.16.86.5
104.17.112.176
104.17.185.73
104.17.200.204
104.17.210.204
104.17.239.204
104.17.67.176
104.18.21.191
104.19.155.83
104.21.42.232
142.250.185.132
142.250.186.34
172.217.16.131
172.217.16.136
172.67.164.184
185.60.216.19
185.60.216.35
216.58.212.162
016d4c0534a3cef0d78075064da110baae68ae8e0599d0f1dfb3c9f391103b48
053fc5d0e880c259834b89e77fcb8a8f0a868531a4c22198376b615a479b833c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11304879acf276786be88a632840a98ee3350cf5640a4ddf57ff451c10822779
1c427a7ac334ff009c4190a23d887e9e1c8da52e605cb6a32cd7231a9a8ad182
279b7a2ab63b28f8ead2c6ad786a8dfa1fb0b871019ab36dda8f31dfaa88998a
32075063675d71bb637a6cf470f20c99344e6f5abe15df1bbf28e87765c7c235
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
3580f6192b07e6adf20bee13a293fa896d94bfa1a6ae178a1dc2c0cdfdddee10
3b0ec9deec7c66b503b86b4705f75e3f30154524f9ef3e0d185d89f72610def1
3dce5930d1e18504111dd6f4e3062cbcd1cb3423f1a9be88928fa8e1cd6ac9d5
40a52ef5d9df528a7848172f67de35de3c30e6c49d2800af3945d0f36bc99ce4
4ade626712fab0b158847457c598bd117fe18d0d2f17ae67574902b761a7ef2b
5071698eec1477628d9e03c86c0ad15effc6a0df24d240457523e3be01f0f332
510ab5b8ef93b924c39c9557aa2951d72f6f510a7f3c592d1f2cde35cea5c27c
56dc4c4ae3fbb32f792c424bad74b95f3ff0b4100778401303ecace1de61de4f
5a3ee20d97fa3254252e3e5b6cf5eaae60b447a0dee9679b913f87bceed50d70
6cb4df35020583aad3cc99796eaba70269a987cf3ccae97276b3a5b98aad2815
75832563c99934cb0f1d37edf45e6b073fbeb137ed105bb4ef6b7ac8c616f7c7
77fdd04605f3b05e467e857986bf0edbd88bc07f27b4acb2a6df2945004657e9
7bccab2a0178fae6c6ebeeb2bd1521bf24998658c385a113b50927a222c3bd91
7c62a731eb1fd603aab053a50dd4feb8075b40c21a9b19e4bc6c9b6f738132a7
7cda0004f06a0d56e23933949f67306a9613d8b24b3da2261d73232709e2df69
832fcb7a625f828fb8cd99e39ef1b9abe50f1bc164a0aeeeed1ef15fa7505deb
84355054376aed5d8e66330525b353d716a88da6d87eb4cff833927a773df476
868be2b085da6b6146690d442bde6e6d40e8214847c54c318e29637685be96f7
8c7ec1b16b0de4a37a764ef65c087e3c802e070dfeb3d58803514ff800ec7dc2
8c83ead4df620cfe935b691ddd20665037e1582cae7bb3440a9e439e6f144cd9
8f7bb6ebada05f4e00dafe3678e50fcbe191176a5130f26744900e3dd7be0ac2
9392030e69adf7396de261e1dc4b0f5db10fe5dca29ae0b040c1c1542a18cec3
99f04bfd69efc11af78207065f5caa29acb4682d83d731d2134e69cbbb6598de
a08a85c50b5949782d4f02af67375f1d1a62c4b77375be2a326c944f3e83187a
a5a38d30a76a6990b61de3fbdb3346a5cc50781683e0edde4411dc453bdb5c32
a5feea0a78c0027e0565b6f0cb360b65e67d24c4300defb266fa9ff1dc89e4a1
a9b0e5a59a24abbf00a8088d1b1415a63cc528642efd77d18e3d10b22a158c48
ab7db2907cb894327d579a144372ee227392bb6c750a43f61fa76af22d8ebfde
b31e975dd361ff1fafd8d75ed9151846b127c3b6e923f4c7bc8b1bbb3446fd05
b4f4671570f67051834ba251cc8d44f0adfdc4fa2b3b6c5382a5137dfe690911
c192369e3c8cc8d3a9a56f9edde70c5a6ab98afa3f1a6ca3e6a430097231e8f2
c3dd639eb0f72dc70aef2982eac830e2526bd9e62fb0181f26bbf8ad0c610ba5
cb1503e38cbacef4bb2693805a627a82a35ffdf5993acae63c8fb1e6347ce0f3
d19877663ff4f82eef7882b6b5a87b9dd348f68a71e9dca6a8240d0cfde85d42
d802bb3f064f8b50303f2313520ee4d6a57ff0e4bdcc76811c34086f104447bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6ec90e5be11fdf406664a0ac17e39d683eb3dfd60d5773f90b5fadeefcd6997
ea8886f000b1e2fdec314669af384b0eda9959082d7f207c15154871dba4d885
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f32502dea46f2d30ba171ef19366fd6a1448d1126accedfbdec06673300dd94d
f37de5bd91f4e6c8b66ef20df1f7dc8878bb4d810ca86c6b4e47771254940dba
fbc260d88895b600ea6fb767065fdcb2af74a69aeae7fae7666912e7ef76aca8
ffc497c3dc40884e926c7d62b354994157e112300de2f1f4932b4417732411e5

bidenfirsttimebuyercredit.com Open in urlscan Pro 172.67.164.184 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

56 Requests

100 %HTTPS

0 %IPv6

18 Domains

18 Subdomains

18 IPs

3 Countries

1241 kBTransfer

2764 kBSize

7 Cookies

0 Outgoing links

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bidenfirsttimebuyercredit.com Open in urlscan Pro
172.67.164.184 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

100 %
HTTPS

0 %
IPv6

18
Domains

18
Subdomains

18
IPs

3
Countries

1241 kB
Transfer

2764 kB
Size

7
Cookies

56 HTTP transactions
0 data transactions