refinance.lowermybills.com Open in urlscan Pro
104.18.18.159 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://s3.us-east-2.amazonaws.com/njsq314lonh/rtgs218azef.html#qs=r-addghafiiigfhccaekjhiejaiffibchadjhjfabababaheacjdaccakeeacbdb...
Effective URL:
https://refinance.lowermybills.com/?cmpid=80&crtid=6&pkey1=131&pkey2=690319&pkey3=28684_7447016_11&sid=4&sourceid=lmb-53704-112245-131
Submission: On January 27 via api (January 27th 2022, 5:02:58 am UTC) from BE — Scanned from US

Summary HTTP 110 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 30 IPs in 3 countries across 24 domains to perform 110 HTTP transactions. The main IP is 104.18.18.159, located in and belongs to CLOUDFLARENET, US. The main domain is refinance.lowermybills.com. The Cisco Umbrella rank of the primary domain is 897217.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 10th 2021. Valid for: a year.

This is the only time refinance.lowermybills.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	52.219.102.241 52.219.102.241	16509 (AMAZON-02) (AMAZON-02)
1 1	204.27.59.26 204.27.59.26	19969 (JOESDATAC...) (JOESDATACENTER)
1	148.251.167.25 148.251.167.25	24940 (HETZNER-AS) (HETZNER-AS)
1 1	35.82.97.156 35.82.97.156	16509 (AMAZON-02) (AMAZON-02)
1 20	104.18.18.159 104.18.18.159	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.251.32.106 142.251.32.106	15169 (GOOGLE) (GOOGLE)
1	104.16.94.65 104.16.94.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	142.251.40.104 142.251.40.104	15169 (GOOGLE) (GOOGLE)
1	13.249.190.38 13.249.190.38	16509 (AMAZON-02) (AMAZON-02)
1	13.35.77.93 13.35.77.93	16509 (AMAZON-02) (AMAZON-02)
2	142.251.40.131 142.251.40.131	15169 (GOOGLE) (GOOGLE)
5	3.233.149.203 3.233.149.203	14618 (AMAZON-AES) (AMAZON-AES)
1	216.239.34.21 216.239.34.21	15169 (GOOGLE) (GOOGLE)
1	72.251.228.39 72.251.228.39	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
3	204.79.197.200 204.79.197.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1	151.101.248.157 151.101.248.157	54113 (FASTLY) (FASTLY)
4	142.251.32.98 142.251.32.98	15169 (GOOGLE) (GOOGLE)
2	104.19.135.78 104.19.135.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	142.250.65.230 142.250.65.230	15169 (GOOGLE) (GOOGLE)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
4 16	142.250.80.34 142.250.80.34	15169 (GOOGLE) (GOOGLE)
16	142.251.40.196 142.251.40.196	15169 (GOOGLE) (GOOGLE)
1	142.251.40.226 142.251.40.226	15169 (GOOGLE) (GOOGLE)
1	76.13.32.146 76.13.32.146	26101 (YAHOO-BF1) (YAHOO-BF1)
1	74.217.31.247 74.217.31.247	10912 (INTERNAP-BLK) (INTERNAP-BLK)
2	142.251.41.14 142.251.41.14	15169 (GOOGLE) (GOOGLE)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	142.250.111.156 142.250.111.156	15169 (GOOGLE) (GOOGLE)
1	142.250.123.157 142.250.123.157	15169 (GOOGLE) (GOOGLE)
4	141.226.224.48 141.226.224.48	200478 (TABOOLA-AS) (TABOOLA-AS)
110	30

1 52.219.102.241 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3.us-east-2.amazonaws.com

s3.us-east-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.27.59.26 (United States) 1 redirects

ASN19969 (JOESDATACENTER, US)
PTR: tidingspun.com

tidingspun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.167.25 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: srv1744.basenji.life

genteelcananea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.82.97.156 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-82-97-156.us-west-2.compute.amazonaws.com

cdmtrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 104.18.18.159 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.lowermybills.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
refinance.lowermybills.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static-lre.lowermybills.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-refinance.lowermybills.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content.lowermybills.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.lowermybills.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.32.106 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.94.65 (None, )

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.251.40.104 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.249.190.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-190-38.bos50.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.77.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-77-93.bos50.r.cloudfront.net

privacy-policy.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.131 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.233.149.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-149-203.compute-1.amazonaws.com

rum-http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.34.21 (United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2215.1e100.net

sgtm.lowermybills.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.228.39 (Jersey City, United States)

ASN29791 (VOXEL-DOT-NET, US)
PTR: turn011-nyj.tokbox.com

ads.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.248.157 (Ashburn, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.32.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.135.78 (None, )

ASN13335 (CLOUDFLARENET, US)

a.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.65.230 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f6.1e100.net

852807.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.80.34 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.251.40.196 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.13.32.146 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
PTR: spdc.pbp.vip.bf1.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.217.31.247 (Secaucus, United States)

ASN10912 (INTERNAP-BLK, US)

pix.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.41.14 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.111.156 (United States)

ASN15169 (GOOGLE, US)
PTR: gb-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.123.157 (United States)

ASN15169 (GOOGLE, US)
PTR: gh-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	doubleclick.net 8 redirects 852807.fls.doubleclick.net — Cisco Umbrella Rank: 968179 googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 ad.doubleclick.net — Cisco Umbrella Rank: 195 bid.g.doubleclick.net — Cisco Umbrella Rank: 452 stats.g.doubleclick.net — Cisco Umbrella Rank: 96	22 KB
21	lowermybills.com 1 redirects www.lowermybills.com — Cisco Umbrella Rank: 23609 refinance.lowermybills.com — Cisco Umbrella Rank: 897217 static-lre.lowermybills.com — Cisco Umbrella Rank: 956384 cdn-refinance.lowermybills.com content.lowermybills.com — Cisco Umbrella Rank: 917313 sgtm.lowermybills.com — Cisco Umbrella Rank: 994419 cdn.lowermybills.com — Cisco Umbrella Rank: 425008	441 KB
17	google.com www.google.com — Cisco Umbrella Rank: 13 adservice.google.com — Cisco Umbrella Rank: 80	3 KB
16	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	679 KB
9	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 923 trc.taboola.com — Cisco Umbrella Rank: 570 trc-events.taboola.com — Cisco Umbrella Rank: 1857	29 KB
5	datadoghq.com rum-http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 3260	626 B
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 106	35 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 385	11 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
2	mgid.com a.mgid.com — Cisco Umbrella Rank: 17068	16 KB
2	revjet.com ads.revjet.com — Cisco Umbrella Rank: 2426 pix.revjet.com — Cisco Umbrella Rank: 3552	9 KB
2	gstatic.com fonts.gstatic.com	46 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	2 KB
1	t.co t.co — Cisco Umbrella Rank: 487	337 B
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 818	715 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 537	354 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 630	6 KB
1	truste.com privacy-policy.truste.com — Cisco Umbrella Rank: 8489	15 KB
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 3627	37 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1366	5 KB
1	cdmtrk.com 1 redirects cdmtrk.com — Cisco Umbrella Rank: 348063	871 B
1	genteelcananea.com genteelcananea.com	470 B
1	tidingspun.com 1 redirects tidingspun.com	399 B
1	amazonaws.com s3.us-east-2.amazonaws.com	506 B
110	24

	Domain	Requested by
16	www.google.com
16	googleads.g.doubleclick.net	4 redirects www.googleadservices.com
16	www.googletagmanager.com	refinance.lowermybills.com www.googletagmanager.com cdn-refinance.lowermybills.com
9	content.lowermybills.com	refinance.lowermybills.com static-lre.lowermybills.com
5	rum-http-intake.logs.datadoghq.com	www.datadoghq-browser-agent.com
4	trc-events.taboola.com	cdn.taboola.com
4	852807.fls.doubleclick.net	2 redirects refinance.lowermybills.com
4	www.googleadservices.com	cdn-refinance.lowermybills.com www.googletagmanager.com www.googleadservices.com
4	static-lre.lowermybills.com	refinance.lowermybills.com
4	refinance.lowermybills.com	genteelcananea.com www.datadoghq-browser-agent.com
3	cdn.taboola.com	s3.us-east-2.amazonaws.com cdn.taboola.com
3	bat.bing.com	s3.us-east-2.amazonaws.com bat.bing.com
2	www.google-analytics.com	www.googletagmanager.com www.datadoghq-browser-agent.com
2	trc.taboola.com	cdn.taboola.com
2	ad.doubleclick.net	2 redirects
2	a.mgid.com	s3.us-east-2.amazonaws.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	refinance.lowermybills.com
1	stats.g.doubleclick.net	www.datadoghq-browser-agent.com
1	bid.g.doubleclick.net	www.googleadservices.com
1	t.co	refinance.lowermybills.com
1	pix.revjet.com	ads.revjet.com
1	sp.analytics.yahoo.com	refinance.lowermybills.com
1	adservice.google.com	refinance.lowermybills.com
1	analytics.twitter.com	refinance.lowermybills.com
1	static.ads-twitter.com	s3.us-east-2.amazonaws.com
1	ads.revjet.com	s3.us-east-2.amazonaws.com
1	cdn.lowermybills.com	cdn-refinance.lowermybills.com
1	sgtm.lowermybills.com	www.datadoghq-browser-agent.com
1	privacy-policy.truste.com	static-lre.lowermybills.com
1	www.datadoghq-browser-agent.com	refinance.lowermybills.com
1	static.cloudflareinsights.com	refinance.lowermybills.com
1	cdn-refinance.lowermybills.com	refinance.lowermybills.com
1	www.lowermybills.com	1 redirects
1	cdmtrk.com	1 redirects
1	genteelcananea.com	s3.us-east-2.amazonaws.com
1	tidingspun.com	1 redirects
1	s3.us-east-2.amazonaws.com
110	38

This site contains links to these domains. Also see Links.

Domain
lmb.lowermybills.com
www.lowermybills.com
privacyportal-cdn.onetrust.com
www.hud.gov
privacy.truste.com
www.thawte.com
www.bbb.org
mba.org
www.quickenloans.com
sf.freddiemac.com
www.fhfaoig.gov
finance.yahoo.com
loanlookup.freddiemac.com
www.knowyouroptions.com

Subject Issuer	Validity	Valid
*.s3.us-east-2.amazonaws.com Amazon	`2021-03-24` - `2022-03-19`	a year	crt.sh
genteelcananea.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-29` - `2023-01-16`	a year	crt.sh
lowermybills.com Cloudflare Inc ECC CA-3	`2021-12-10` - `2022-12-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.datadoghq-browser-agent.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-17` - `2022-03-17`	a year	crt.sh
*.truste.com Amazon	`2022-01-17` - `2023-02-15`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.logs.datadoghq.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-31` - `2022-05-31`	2 years	crt.sh
sgtm.lowermybills.com GTS CA 1D4	`2021-12-01` - `2022-03-01`	3 months	crt.sh
*.revjet.com Sectigo RSA Domain Validation Secure Server CA	`2020-03-12` - `2022-04-10`	2 years	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-12-22` - `2022-06-22`	6 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-24` - `2022-03-23`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-03-24` - `2022-03-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://refinance.lowermybills.com/?cmpid=80&crtid=6&pkey1=131&pkey2=690319&pkey3=28684_7447016_11&sid=4&sourceid=lmb-53704-112245-131
Frame ID: 037E911A3E38EF843C2DAE60C63CA45D
Requests: 90 HTTP requests in this frame

Frame: https://cdn.lowermybills.com/lending-images/presentations/common/navapi/deviceAtlasLmb.min.js
Frame ID: 3B53BEB4DEDEEBBE95D35CDCBDD4413B
Requests: 19 HTTP requests in this frame

Frame: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: 90C54288003F42FFC0AD105BEDF28123
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Refinance Mortgage, Refinancing Rates, Mortgage Rates - LowerMyBills

Page URL History Show full URLs

https://s3.us-east-2.amazonaws.com/njsq314lonh/rtgs218azef.html Page URL
http://tidingspun.com/qs=r-addghafiiigfhccaekjhiejaiffibchadjhjfabababaheacjdaccakeeacbdbacbejbhacb HTTP 302
https://genteelcananea.com/17639063296a5a50800/28684_7447016_11/2256_477754611_0_0_0_3986738_63_1020_10... Page URL
https://cdmtrk.com/?E=XCigL8lXyiXuOaX1P1xwAQ%3d%3d&s1=690319&s2=1236887640&s3=28684_7447016_11 HTTP 302
https://www.lowermybills.com/lending/home-refinance?sourceid=lmb-53704-112245-131&pkey1=131&pkey2=690319&... HTTP 301
https://refinance.lowermybills.com/?cmpid=80&crtid=6&pkey1=131&pkey2=690319&pkey3=28684_7447016_11&sid=4&source... Page URL

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

110
Requests

93 %
HTTPS

0 %
IPv6

24
Domains

38
Subdomains

30
IPs

3
Countries

1374 kB
Transfer

3441 kB
Size

35
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://lmb.lowermybills.com/reficalculator
Title: Free Refinance Calculator

Search URL Search Domain Scan URL

URL: https://www.lowermybills.com/legal/stateprivacy/
Title: Information that we collect and share about you

Search URL Search Domain Scan URL

URL: https://privacyportal-cdn.onetrust.com/dsarwebform/37cf9a71-5b40-4cf5-a30e-8beabeed8379/c3baaee8-0b37-4f2b-bf4c-76b0e035482e.html
Title: Do not sell my personal information

Search URL Search Domain Scan URL

URL: https://www.hud.gov/

Search URL Search Domain Scan URL

URL: https://privacy.truste.com/privacy-seal/validation?rid=36759420-4093-4a7b-bf8a-2029fcf0dd2d

Search URL Search Domain Scan URL

URL: https://www.thawte.com/ssl/secured-seal/

Search URL Search Domain Scan URL

URL: https://www.bbb.org/us/ca/los-angeles/profile/financial-services/lower-my-bills-1216-13130473

Search URL Search Domain Scan URL

URL: https://mba.org/

Search URL Search Domain Scan URL

URL: https://www.quickenloans.com/mortgage-options/fixed-home-loans
Title: https://www.quickenloans.com/mortgage-options/fixed-home-loans

Search URL Search Domain Scan URL

URL: https://www.hud.gov/program_offices/housing/sfh/lender/origination/mortgage_limits
Title: https://www.hud.gov/program_offices/housing/sfh/lender/origination/mortgage_limits

Search URL Search Domain Scan URL

URL: https://sf.freddiemac.com/articles/news/loan-limits-are-increasing-by-742-in-2021
Title: https://sf.freddiemac.com/articles/news/loan-limits-are-increasing-by-742-in-2021

Search URL Search Domain Scan URL

URL: https://www.fhfaoig.gov/Content/Files/History%20of%20the%20Government%20Sponsored%20Enterprises.pdf
Title: https://www.fhfaoig.gov/Content/Files/History%20of%20the%20Government%20Sponsored%20Enterprises.pdf

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/news/biden-signed-10-billion-mortgage-133000243.html
Title: https://finance.yahoo.com/news/biden-signed-10-billion-mortgage-133000243.html

Search URL Search Domain Scan URL

URL: https://loanlookup.freddiemac.com/
Title: https://loanlookup.freddiemac.com/

Search URL Search Domain Scan URL

URL: https://www.knowyouroptions.com/loanlookup
Title: https://www.knowyouroptions.com/loanlookup

Search URL Search Domain Scan URL

URL: https://www.lowermybills.com/legal/terms.php
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.lowermybills.com/legal/privacy.php
Title: Our Privacy Notice

Search URL Search Domain Scan URL

URL: https://www.lowermybills.com/legal/stateprivacy
Title: State Privacy Notices

Search URL Search Domain Scan URL

URL: https://www.lowermybills.com/legal/licenses.php
Title: Licenses & Disclosures

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://s3.us-east-2.amazonaws.com/njsq314lonh/rtgs218azef.html Page URL
http://tidingspun.com/qs=r-addghafiiigfhccaekjhiejaiffibchadjhjfabababaheacjdaccakeeacbdbacbejbhacb HTTP 302
https://genteelcananea.com/17639063296a5a50800/28684_7447016_11/2256_477754611_0_0_0_3986738_63_1020_103806_7447016_10_933/63 Page URL
https://cdmtrk.com/?E=XCigL8lXyiXuOaX1P1xwAQ%3d%3d&s1=690319&s2=1236887640&s3=28684_7447016_11 HTTP 302
https://www.lowermybills.com/lending/home-refinance?sourceid=lmb-53704-112245-131&pkey1=131&pkey2=690319&pkey3=28684_7447016_11&sid=4&cmpid=80&crtid=6 HTTP 301
https://refinance.lowermybills.com/?cmpid=80&crtid=6&pkey1=131&pkey2=690319&pkey3=28684_7447016_11&sid=4&sourceid=lmb-53704-112245-131 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://tidingspun.com/qs=r-addghafiiigfhccaekjhiejaiffibchadjhjfabababaheacjdaccakeeacbdbacbejbhacb HTTP 302
https://genteelcananea.com/17639063296a5a50800/28684_7447016_11/2256_477754611_0_0_0_3986738_63_1020_103806_7447016_10_933/63

Request Chain 48

https://852807.fls.doubleclick.net/activityi;src=852807;type=lrepa937;cat=lrere295;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord= HTTP 302
https://852807.fls.doubleclick.net/activityi;dc_pre=COSEndeT0fUCFc7thwodHPoA6A;src=852807;type=lrepa937;cat=lrere295;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=

Request Chain 50

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/973523572/?value=0&label=l0DICKT_tQcQ9JSb0AM&guid=ON&script=0 HTTP 302
https://www.google.com/pagead/1p-user-list/973523572/?value=0&label=l0DICKT_tQcQ9JSb0AM&guid=ON&script=0&is_vtc=1&random=1771669659

Request Chain 51

https://852807.fls.doubleclick.net/activityi;src=852807;type=lrepa937;cat=lrere295;ord=9aad073e-1d57-476b-8bcd-e42d7dff4d14 HTTP 302
https://852807.fls.doubleclick.net/activityi;dc_pre=CLOEndeT0fUCFWOIgwgdIqMA6A;src=852807;type=lrepa937;cat=lrere295;ord=9aad073e-1d57-476b-8bcd-e42d7dff4d14

Request Chain 52

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1066568174/?value=1.00&currency_code=USD&label=raBACLrR_VoQ7pPK_AM&guid=ON&script=0 HTTP 302
https://www.google.com/pagead/1p-user-list/1066568174/?value=1.00&currency_code=USD&label=raBACLrR_VoQ7pPK_AM&guid=ON&script=0&is_vtc=1&random=4257760066

Request Chain 53

https://ad.doubleclick.net/ddm/activity/src=4818226;type=invmedia;cat=esvbxzky;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=4818226;dc_pre=CPSdndeT0fUCFYLthwodyogKTA;type=invmedia;cat=esvbxzky;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/p/src=4818226;dc_pre=CPSdndeT0fUCFYLthwodyogKTA;type=invmedia;cat=esvbxzky;ord=1

Request Chain 86

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/735544455/?random=862883869&cv=9&fst=1643259771026&num=1&label=iteKCOibgqIBEIeJ3t4C&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1o0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131&ref=https%3A%2F%2Fgenteelcananea.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&auid=1831242446.1643259771&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=eyfyYbX4A_OSoPMP956HiAs&sscte=1&crd=CNPgGw HTTP 302
https://www.google.com/pagead/1p-conversion/735544455/?random=862883869&cv=9&fst=1643259771026&num=1&label=iteKCOibgqIBEIeJ3t4C&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1o0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131&ref=https%3A%2F%2Fgenteelcananea.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&auid=1831242446.1643259771&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=eyfyYbX4A_OSoPMP956HiAs&cid=CAQSKQCNIrLMKOOf4gSW6DRbf_RycRTynKCSKlcRV13GNaI6S_zDlws2kSL2&random=1529076095&resp=GooglemKTybQhCsO

Request Chain 87

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/849970183/?random=1349099933&cv=9&fst=1643259771006&num=1&label=DKgWCPPcgqEBEIeIppUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1o0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131&ref=https%3A%2F%2Fgenteelcananea.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&auid=1831242446.1643259771&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=eyfyYceFBIzD_gTk_634Bw&sscte=1&crd=CNPgGw HTTP 302
https://www.google.com/pagead/1p-conversion/849970183/?random=1349099933&cv=9&fst=1643259771006&num=1&label=DKgWCPPcgqEBEIeIppUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1o0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131&ref=https%3A%2F%2Fgenteelcananea.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&auid=1831242446.1643259771&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=eyfyYceFBIzD_gTk_634Bw&cid=CAQSKQCNIrLMciC2-ftDkpxn_YIlG91K_oY8eU6Iug-W9Tsm7rivi3EvegQn&random=1937819533&resp=GooglemKTybQhCsO

110 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK rtgs218azef.html Show response
s3.us-east-2.amazonaws.com/njsq314lonh/ 150 B
506 B 109ms
43ms Document
text/html 52.219.102.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.us-east-2.amazonaws.com/njsq314lonh/rtgs218azef.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.102.241 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 424c4355a91b39d045c6dd81ca95398e7f0cb1cefc183e80670f3b7946d3387c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-US,en;q=0.9

Response headers

x-amz-id-2: b1KUvLCYYuwlX4vwDO/6V9bVNwEg1PsoFAUPgOUhXdnVYtmK/oP6AnW78H2EE1wYxnZuXXgXDVU=
x-amz-request-id: 5WG2TQ4G2T23XWMK
Date: Thu, 27 Jan 2022 05:02:46 GMT
Last-Modified: Tue, 25 Jan 2022 22:10:20 GMT
ETag: "26ffe74bedc07139365d980a645c9929"
Accept-Ranges: bytes
Content-Type: text/html
Server: AmazonS3
Content-Length: 150

GET
H/1.1

200
OK

63
genteelcananea.com/17639063296a5a50800/28684_7447016_11/2256_477754611_0_0_0_3986738_63_1020_103806_7447016_10_933/
Redirect Chain

http://tidingspun.com/qs=r-addghafiiigfhccaekjhiejaiffibchadjhjfabababaheacjdaccakeeacbdbacbejbhacb
https://genteelcananea.com/17639063296a5a50800/28684_7447016_11/2256_477754611_0_0_0_3986738_63_1020_103806_7447016_10_933/63

157 B
470 B

1686ms
443ms

Document
text/html

148.251.167.25
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://genteelcananea.com/17639063296a5a50800/28684_7447016_11/2256_477754611_0_0_0_3986738_63_1020_103806_7447016_10_933/63
Requested by: Host: s3.us-east-2.amazonaws.com
URL: https://s3.us-east-2.amazonaws.com/njsq314lonh/rtgs218azef.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.251.167.25 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: srv1744.basenji.life
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://s3.us-east-2.amazonaws.com/njsq314lonh/rtgs218azef.html#qs=r-addghafiiigfhccaekjhiejaiffibchadjhjfabababaheacjdaccakeeacbdbacbejbhacb

Response headers

Date: Thu, 27 Jan 2022 05:02:48 GMT
Server: Apache
Content-Length: 157
Connection: close
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Thu, 27 Jan 2022 05:02:45 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
X-Powered-By: PHP/5.4.16
location: https://genteelcananea.com/17639063296a5a50800/28684_7447016_11/2256_477754611_0_0_0_3986738_63_1020_103806_7447016_10_933/63
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2

200

Primary Request / Show response
refinance.lowermybills.com/
Redirect Chain

https://cdmtrk.com/?E=XCigL8lXyiXuOaX1P1xwAQ%3d%3d&s1=690319&s2=1236887640&s3=28684_7447016_11
https://www.lowermybills.com/lending/home-refinance?sourceid=lmb-53704-112245-131&pkey1=131&pkey2=690319&pkey3=28684_7447016_11&sid=4&cmpid=80&crtid=6
https://refinance.lowermybills.com/?cmpid=80&crtid=6&pkey1=131&pkey2=690319&pkey3=28684_7447016_11&sid=4&sourceid=lmb-53704-112245-131

23 KB
8 KB

697ms
682ms

Document
text/html

104.18.18.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://refinance.lowermybills.com/?cmpid=80&crtid=6&pkey1=131&pkey2=690319&pkey3=28684_7447016_11&sid=4&sourceid=lmb-53704-112245-131

Requested by

Host: genteelcananea.com
URL: https://genteelcananea.com/17639063296a5a50800/28684_7447016_11/2256_477754611_0_0_0_3986738_63_1020_103806_7447016_10_933/63

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.18.159 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

459365c2e9fd23df19ef04a81cabdb8121edb3726bbfa10bd37bc75b5b58d3b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://genteelcananea.com/17639063296a5a50800/28684_7447016_11/2256_477754611_0_0_0_3986738_63_1020_103806_7447016_10_933/63

Response headers

date: Thu, 27 Jan 2022 05:02:49 GMT
content-type: text/html; charset=utf-8
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cache-control: no-store
p3p: CP="NON DSP COR LAW CONi TELi OUR SAM IND CNT"
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d3f6e553ec41764-EWR
content-encoding: gzip

Redirect headers

date: Thu, 27 Jan 2022 05:02:49 GMT
content-length: 0
location: https://refinance.lowermybills.com/?cmpid=80&crtid=6&pkey1=131&pkey2=690319&pkey3=28684_7447016_11&sid=4&sourceid=lmb-53704-112245-131
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d3f6e546ddc1764-EWR

GET
H2 200 main.38ff6e04ebccd63da59f.css
static-lre.lowermybills.com/ 40 KB
9 KB 40ms
25ms Stylesheet
text/css 104.18.18.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static-lre.lowermybills.com/main.38ff6e04ebccd63da59f.css
Requested by: Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?cmpid=80&crtid=6&pkey1=131&pkey2=690319&pkey3=28684_7447016_11&sid=4&sourceid=lmb-53704-112245-131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.159 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf007d554e6dad2b0d664a6cce2111c81606834013d085bfd20431070677d8d7

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:02:49 GMT
via: 1.1 983a291908f1fa8f6ee8dc2761eb6b2c.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 6562
x-cache: Hit from cloudfront
content-type: text/css
x-amz-replication-status: COMPLETED
content-encoding: gzip
last-modified: Tue, 18 Jan 2022 17:51:46 GMT
server: cloudflare
etag: W/"4badd04872d6460acb246d76f9e461a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: caviEBqJ_jMhGtHFL2jJXj58kSR3MwwL
cache-control: public, max-age=14400
x-amz-cf-pop: EWR52-C2
cf-ray: 6d3f6e59ad0a1764-EWR
x-amz-cf-id: xxH8aOe6qVxaVY9JRFjpzJHlRxtnXxfZ6bwMN1GdzMny1Ig9Co3SKQ==
expires: Thu, 27 Jan 2022 09:02:49 GMT

GET
H2 200 pixel-227c74ba235ad6a15a24.js Show response
cdn-refinance.lowermybills.com/ 292 KB
33 KB 35ms
21ms Script
application/javascript 104.18.18.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-refinance.lowermybills.com/pixel-227c74ba235ad6a15a24.js

Requested by

Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?cmpid=80&crtid=6&pkey1=131&pkey2=690319&pkey3=28684_7447016_11&sid=4&sourceid=lmb-53704-112245-131

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.18.159 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14d92f185568e96f14031042c124b502e43a55784a40f1d3bfc6fac9157bd3aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:02:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19922
x-dns-prefetch-control: off
p3p: CP="NON DSP COR LAW CONi TELi OUR SAM IND CNT"
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 21 Jan 2022 23:25:13 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"49094-17e7ef55207"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 6d3f6e59ad091764-EWR
expires: Thu, 27 Jan 2022 09:02:49 GMT

GET
H2 200 deviceatlas-1.6.min.js Show response
content.lowermybills.com/deviceatlas-1.6/ 7 KB
3 KB 36ms
23ms Script
application/javascript 104.18.18.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://content.lowermybills.com/deviceatlas-1.6/deviceatlas-1.6.min.js
Requested by: Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?cmpid=80&crtid=6&pkey1=131&pkey2=690319&pkey3=28684_7447016_11&sid=4&sourceid=lmb-53704-112245-131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.159 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d60aa838e099599b51126886e7fa0334ad2022c7b4f76977c86f45463b55bfe9

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:02:49 GMT
via: 1.1 72e01c53ea1f597217a963cf6671454c.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 6562
x-cache: Hit from cloudfront
content-encoding: gzip
last-modified: Wed, 08 Dec 2021 20:02:44 GMT
server: cloudflare
etag: W/"67510dbcee1857a225b8f76bdc940c26"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
x-amz-cf-pop: EWR52-C2
cf-ray: 6d3f6e59ad081764-EWR
x-amz-cf-id: UdNo6OsrEtfa6mUdktQxuLh7KO8MdGaBr6IGmC1KtBnucyQiATsObQ==
expires: Thu, 27 Jan 2022 09:02:49 GMT

GET
H2 200 css
fonts.googleapis.com/ 822 B
486 B 337ms
20ms Stylesheet
text/css 142.251.32.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Shadows+Into+Light+Two&display=swap

Requested by

Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?cmpid=80&crtid=6&pkey1=131&pkey2=690319&pkey3=28684_7447016_11&sid=4&sourceid=lmb-53704-112245-131

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f10.1e100.net

Software

ESF /

Resource Hash

1cf4becba1194b3931970493f823178403a6ede73368d62c4e6541c95a4733cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 05:02:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 27 Jan 2022 05:02:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Jan 2022 05:02:50 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 336ms
19ms Stylesheet
text/css 142.251.32.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;700&display=swap

Requested by

Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?cmpid=80&crtid=6&pkey1=131&pkey2=690319&pkey3=28684_7447016_11&sid=4&sourceid=lmb-53704-112245-131

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f10.1e100.net

Software

ESF /

Resource Hash

0d435e5fd5634fa368d617dc56bf14941caaa23a71d3522be278497566400b81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 04:21:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 27 Jan 2022 05:02:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Jan 2022 05:02:50 GMT

GET
H2 200 redarrow1.png
content.lowermybills.com/lre/ 3 KB
3 KB 20ms
18ms Image
image/png 104.18.18.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.lowermybills.com/lre/redarrow1.png
Requested by: Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?cmpid=80&crtid=6&pkey1=131&pkey2=690319&pkey3=28684_7447016_11&sid=4&sourceid=lmb-53704-112245-131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.159 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d7015c13fd51bf12eb98c6e4af1822cdfb32610540bf83730fed28917aadd84

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:02:49 GMT
via: 1.1 784a91ee0539c02263f0e03f7760900c.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 6562
x-cache: Hit from cloudfront
content-length: 2687
last-modified: Wed, 08 Dec 2021 20:02:54 GMT
server: cloudflare
etag: "5cb5249e059c8222b7daf71bb9a7acb5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
x-amz-cf-pop: EWR52-C2
accept-ranges: bytes
cf-ray: 6d3f6e59fda01764-EWR
x-amz-cf-id: o5HfKfNcVm2j96laysSeEx22K-ivifsF0piV8Sheh3QScUrGezSwLg==
expires: Thu, 27 Jan 2022 09:02:49 GMT

GET
H2 200 main.38ff6e04ebccd63da59f.js Show response
static-lre.lowermybills.com/ 134 KB
33 KB 20ms
18ms Script
application/javascript 104.18.18.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static-lre.lowermybills.com/main.38ff6e04ebccd63da59f.js
Requested by: Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?cmpid=80&crtid=6&pkey1=131&pkey2=690319&pkey3=28684_7447016_11&sid=4&sourceid=lmb-53704-112245-131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.159 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bc0c2737069d1ada44815c2936d76d02b83cfc54f8e9115257f8fb1a8733d3e

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:02:49 GMT
via: 1.1 833189e24f3e31812a47b595ff310a14.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 6562
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-replication-status: COMPLETED
content-encoding: gzip
last-modified: Tue, 18 Jan 2022 17:51:46 GMT
server: cloudflare
etag: W/"2804a300538cd9e582befa32ce70efe0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: fp.dZoLo1V00AkgfCMvZYMnzuKiEckRO
cache-control: public, max-age=14400
x-amz-cf-pop: EWR52-C2
cf-ray: 6d3f6e59fd9b1764-EWR
x-amz-cf-id: RhbeemaG5nMHK8hAvu_A2--Hxv-Qr0ijwwWGcjenwGRCrmZcDVbQiw==
expires: Thu, 27 Jan 2022 09:02:49 GMT

GET
H2 200 manifest.e0a6f9aee40247fa3590.js Show response
static-lre.lowermybills.com/ 12 KB
5 KB 22ms
21ms Script
application/javascript 104.18.18.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static-lre.lowermybills.com/manifest.e0a6f9aee40247fa3590.js
Requested by: Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?cmpid=80&crtid=6&pkey1=131&pkey2=690319&pkey3=28684_7447016_11&sid=4&sourceid=lmb-53704-112245-131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.159 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b6a782b3f23072b833897dee1f06b37cdecbd4ae503e4f6ca6803a9524de86c

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:02:49 GMT
via: 1.1 983a291908f1fa8f6ee8dc2761eb6b2c.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 6562
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-replication-status: COMPLETED
content-encoding: gzip
last-modified: Tue, 18 Jan 2022 17:51:46 GMT
server: cloudflare
etag: W/"f97be71977853d897ae90b8b4bbe7dad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: a4JAXdLcsFQUAqTI3GeQ..PYhaFhGQfH
cache-control: public, max-age=14400
x-amz-cf-pop: EWR52-C2
cf-ray: 6d3f6e59fd9c1764-EWR
x-amz-cf-id: 6FG9hr44KZ-0w88nBlw_bbpei1czad5-t5oPaE84do34oZJN0pbXhQ==
expires: Thu, 27 Jan 2022 09:02:49 GMT

GET
H2 200 vendor.a0f4e89afe7f91cc8f4d.js Show response
static-lre.lowermybills.com/ 382 KB
121 KB 24ms
22ms Script
application/javascript 104.18.18.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static-lre.lowermybills.com/vendor.a0f4e89afe7f91cc8f4d.js
Requested by: Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?cmpid=80&crtid=6&pkey1=131&pkey2=690319&pkey3=28684_7447016_11&sid=4&sourceid=lmb-53704-112245-131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.159 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7f40dac6d30d1aedf50b58270e0578b4e5f4e6c9700f11f9bd03da5993f1a19

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:02:49 GMT
via: 1.1 6b40574acc577d1185c505c40886acc6.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 6562
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-replication-status: COMPLETED
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 07:36:13 GMT
server: cloudflare
etag: W/"1ef644dd43da35aa388576b65c82beb6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: Bp4jKJmb6d2t4ujJO56PicAqRcC3.QjT
cache-control: public, max-age=14400
x-amz-cf-pop: EWR52-C2
cf-ray: 6d3f6e59fd9f1764-EWR
x-amz-cf-id: XKmgnxMj15ow2FdzpI39J6rliMrucJWHYMX-7wBPg85fZGMZkkVwvA==
expires: Thu, 27 Jan 2022 09:02:49 GMT

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 377ms
41ms Script
text/javascript 104.16.94.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?cmpid=80&crtid=6&pkey1=131&pkey2=690319&pkey3=28684_7447016_11&sid=4&sourceid=lmb-53704-112245-131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.94.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
Origin: https://refinance.lowermybills.com
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:02:50 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6d3f6e5c1f991839-EWR

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 76 KB
30 KB 343ms
23ms Script
application/javascript 142.251.40.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5VHPB6M

Requested by

Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?cmpid=80&crtid=6&pkey1=131&pkey2=690319&pkey3=28684_7447016_11&sid=4&sourceid=lmb-53704-112245-131

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

0b79c5704e394a34c14e43d6a1380670cc9ff1ac7aa850fedeceb4265a26f42a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:02:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30263
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Jan 2022 05:02:50 GMT

GET
H2 200 datadog-rum-v3.js Show response
www.datadoghq-browser-agent.com/ 115 KB
37 KB 50ms
10ms Script
application/javascript 13.249.190.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Requested by: Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?cmpid=80&crtid=6&pkey1=131&pkey2=690319&pkey3=28684_7447016_11&sid=4&sourceid=lmb-53704-112245-131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.190.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-190-38.bos50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4375ebb4771e6dbb66555214b78781f96a3f6fc43f26b6e9acc4a4751551706b

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:02:20 GMT
content-encoding: br
last-modified: Mon, 03 Jan 2022 16:36:14 GMT
server: AmazonS3
age: 55
etag: W/"647fda9a4d3d74344732d76cf1fff47c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6cfc86e6ccd19a4761a27f5f2d9c9a90.cloudfront.net (CloudFront)
cache-control: max-age=14400, s-maxage=60
x-amz-cf-pop: BOS50-C2
x-amz-cf-id: W_cVE0DzL35Y42CY9ILYf-EC2iZR_2xf2HPS3DNJN2I8WO_qIhMu1Q==

GET
H2 200 lend16007_goldscale.png
content.lowermybills.com/lre/ 190 B
408 B 29ms
28ms Image
image/png 104.18.18.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.lowermybills.com/lre/lend16007_goldscale.png
Requested by: Host: static-lre.lowermybills.com
URL: https://static-lre.lowermybills.com/main.38ff6e04ebccd63da59f.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.159 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86f9cb44b12f3d37a72622b500a99d96bf070a07ab81b5577bd3dd723aae0ecf

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://static-lre.lowermybills.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:02:50 GMT
via: 1.1 71994794c0ae42f7776bc799e33a979b.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 6848
x-cache: Hit from cloudfront
content-length: 190
last-modified: Wed, 08 Dec 2021 20:02:54 GMT
server: cloudflare
etag: "70836be8dfb4a77c709d02a054f1a98e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
x-amz-cf-pop: EWR52-C2
accept-ranges: bytes
cf-ray: 6d3f6e5bb8481764-EWR
x-amz-cf-id: pB7eMxC-oq8UmAoPgipY2K_AOPHDsMLzdDhLN1jN25ts0p0AdwEqsg==
expires: Thu, 27 Jan 2022 09:02:50 GMT

GET
H2 200 home-desktop.jpg
content.lowermybills.com/lre/ 199 KB
199 KB 17ms
16ms Image
image/jpeg 104.18.18.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.lowermybills.com/lre/home-desktop.jpg
Requested by: Host: static-lre.lowermybills.com
URL: https://static-lre.lowermybills.com/main.38ff6e04ebccd63da59f.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.159 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 127cae9821853edc1953090239e5ae0297c4626b184280bb894cbfef9f947f30

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://static-lre.lowermybills.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:02:50 GMT
via: 1.1 72e01c53ea1f597217a963cf6671454c.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 6370
x-cache: Hit from cloudfront
last-modified: Wed, 08 Dec 2021 20:02:54 GMT
content-length: 203332
cf-bgj: h2pri
server: cloudflare
etag: "ac3af3174e2b972e0adcd85fb89d7ba1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
x-amz-cf-pop: EWR52-C2
accept-ranges: bytes
cf-ray: 6d3f6e5bb8491764-EWR
x-amz-cf-id: _COt3r1PK2ryuIBrxUma3tRUmOMgbmc0G-linYXhgb_D0A-XU_wJ6A==
expires: Thu, 27 Jan 2022 09:02:50 GMT

GET
H2 200 sprite_lp.png
content.lowermybills.com/lre/ 17 KB
17 KB 26ms
25ms Image
image/png 104.18.18.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.lowermybills.com/lre/sprite_lp.png
Requested by: Host: static-lre.lowermybills.com
URL: https://static-lre.lowermybills.com/main.38ff6e04ebccd63da59f.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.159 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3255db2fb88891ee1add7804275d722bdd4e1eb438c51927d08c0dd67c1c558f

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://static-lre.lowermybills.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:02:50 GMT
via: 1.1 061a00fb73c7b9b18dbae9db08e7a852.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 6168
x-cache: Hit from cloudfront
content-length: 17424
last-modified: Wed, 08 Dec 2021 20:02:54 GMT
server: cloudflare
etag: "c8a52138ef54bb2745413f072f32e23a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
x-amz-cf-pop: EWR52-C2
accept-ranges: bytes
cf-ray: 6d3f6e5bb84e1764-EWR
x-amz-cf-id: xKSBUQK6MXdV7JR_37U9A_arp-ycEi2i15K5DqwG1rDvY4A24caZ1w==
expires: Thu, 27 Jan 2022 09:02:50 GMT

GET
H2 200 hud_logo.gif
content.lowermybills.com/lre/ 738 B
978 B 25ms
24ms Image
image/gif 104.18.18.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.lowermybills.com/lre/hud_logo.gif
Requested by: Host: static-lre.lowermybills.com
URL: https://static-lre.lowermybills.com/main.38ff6e04ebccd63da59f.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.159 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8b1f3575dd2b0024383a4f47725654257a4b4ec1015595ade984a80804a56ce

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://static-lre.lowermybills.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:02:50 GMT
via: 1.1 c855cfdfac580e3b58f1c68c8d67dcf6.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 6781
x-cache: Hit from cloudfront
content-length: 738
last-modified: Wed, 08 Dec 2021 20:02:54 GMT
server: cloudflare
etag: "c9c9a78e117c3c6b24c9ba244ee59280"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
x-amz-cf-pop: EWR52-C2
accept-ranges: bytes
cf-ray: 6d3f6e5bb8521764-EWR
x-amz-cf-id: 0DEwPi91TmSY-L9RRoZYhsPVULG-mdyKkouFkBAr3ich4zY4IZPSSQ==
expires: Thu, 27 Jan 2022 09:02:50 GMT

GET
H/1.1 200
OK seal
privacy-policy.truste.com/privacy-seal/ 14 KB
15 KB 71ms
9ms Image
image/svg+xml 13.35.77.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://privacy-policy.truste.com/privacy-seal/seal?rid=36759420-4093-4a7b-bf8a-2029fcf0dd2d

Requested by

Host: static-lre.lowermybills.com
URL: https://static-lre.lowermybills.com/main.38ff6e04ebccd63da59f.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.35.77.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-77-93.bos50.r.cloudfront.net

Software

TXS /

Resource Hash

4b8271a7147141530b4450016f74d728419e6cea808360acdf2c25ce1ab6cf96

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://static-lre.lowermybills.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 26 Jan 2022 06:21:26 GMT
Via: 1.1 6b1e633ac9cee1a933fb96b8da595b0e.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff, nosniff
Age: 81684
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 14237
X-Xss-Protection: 1; mode=block, 1; mode=block
Server: TXS
ETag: W/"14237-1594834154000"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=0
X-Amz-Cf-Pop: BOS50-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: Aheju5PMwedPtUNJsCnHtECMLlgVzfkIyY8jcVu4Wdfy37L7XV_yMg==

GET
H2 200 misc_thawte.jpg
content.lowermybills.com/lre/ 1 KB
1 KB 26ms
25ms Image
image/jpeg 104.18.18.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.lowermybills.com/lre/misc_thawte.jpg
Requested by: Host: static-lre.lowermybills.com
URL: https://static-lre.lowermybills.com/main.38ff6e04ebccd63da59f.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.159 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9985336660219f2aa5e5c8f21d7f5456aee6c69afb706d3a9c9322ad5d601a76

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://static-lre.lowermybills.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:02:50 GMT
via: 1.1 936397b26a4278a4582b6e1456333afb.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 6370
x-cache: Hit from cloudfront
last-modified: Wed, 08 Dec 2021 20:02:54 GMT
content-length: 1064
cf-bgj: h2pri
server: cloudflare
etag: "fce9074d37a5424c838ef468af0c2392"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
x-amz-cf-pop: EWR52-C2
accept-ranges: bytes
cf-ray: 6d3f6e5bc8531764-EWR
x-amz-cf-id: UTlET8V6bhNKPdYPozT5CFRbAjtOev6nZRgmUJh7j3Vbqv-vpSoFBQ==
expires: Thu, 27 Jan 2022 09:02:50 GMT

GET
H2 200 bbb_ReliabilitySeal4.png
content.lowermybills.com/lre/ 792 B
1 KB 26ms
25ms Image
image/png 104.18.18.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.lowermybills.com/lre/bbb_ReliabilitySeal4.png
Requested by: Host: static-lre.lowermybills.com
URL: https://static-lre.lowermybills.com/main.38ff6e04ebccd63da59f.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.159 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1b5ecbe1f536ff0fef14eabe281e525514e533dc65d179493ee770857893943

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://static-lre.lowermybills.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:02:50 GMT
via: 1.1 fd4983be77ace22659323918c5b30f1f.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 6781
x-cache: Hit from cloudfront
content-length: 792
last-modified: Wed, 08 Dec 2021 20:02:54 GMT
server: cloudflare
etag: "6090dac9efe433facd03c240a291865e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
x-amz-cf-pop: EWR52-C2
accept-ranges: bytes
cf-ray: 6d3f6e5bc8561764-EWR
x-amz-cf-id: CIforlSv8NRjBUDKcOnqHr1MdsoA8SKTAB5A6mtEUOyyiYlxJIYHnA==
expires: Thu, 27 Jan 2022 09:02:50 GMT

GET
H2 200 mortgageBankersAssoc.jpg
content.lowermybills.com/lre/ 792 B
1012 B 28ms
23ms Image
image/jpeg 104.18.18.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.lowermybills.com/lre/mortgageBankersAssoc.jpg
Requested by: Host: static-lre.lowermybills.com
URL: https://static-lre.lowermybills.com/main.38ff6e04ebccd63da59f.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.159 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c0676327f2e8a36f4566392aaec15036da66d48fda332ae8b6c6af30dc3c485

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://static-lre.lowermybills.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:02:50 GMT
via: 1.1 f452d023faa737bf8fd4899df4e76a45.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 6781
x-cache: Hit from cloudfront
last-modified: Wed, 08 Dec 2021 20:02:54 GMT
content-length: 792
cf-bgj: h2pri
server: cloudflare
etag: "fac151fb09dc6ee89e43925ed2c85572"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
x-amz-cf-pop: EWR52-C2
accept-ranges: bytes
cf-ray: 6d3f6e5be8991764-EWR
x-amz-cf-id: 2i2yIJl4aXtvqHPMey9g_fHV51AqlOf_EXbC1hiEmItPRsN8D2Acdw==
expires: Thu, 27 Jan 2022 09:02:50 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v21/ 30 KB
30 KB 325ms
5ms Font
font/woff2 142.251.40.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v21/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f3.1e100.net

Software

sffe /

Resource Hash

c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://refinance.lowermybills.com
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:32:28 GMT
x-content-type-options: nosniff
age: 120622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30876
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 19:19:51 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 25 Jan 2023 19:32:28 GMT

GET
H2 200 4iC86LVlZsRSjQhpWGedwyOoW-0A6_kpsyNmpAzHGQ.woff2
fonts.gstatic.com/s/shadowsintolighttwo/v11/ 15 KB
16 KB 323ms
4ms Font
font/woff2 142.251.40.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/shadowsintolighttwo/v11/4iC86LVlZsRSjQhpWGedwyOoW-0A6_kpsyNmpAzHGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Shadows+Into+Light+Two&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f3.1e100.net

Software

sffe /

Resource Hash

0cada708e119149edd948291e531ccce6385fe040e74e3bb4d482ec74bd3f22d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://refinance.lowermybills.com
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 12:44:22 GMT
x-content-type-options: nosniff
age: 145108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15832
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 19:36:58 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 25 Jan 2023 12:44:22 GMT

POST
H2 200 visitor Show response
refinance.lowermybills.com/ 16 B
560 B 185ms
185ms XHR
application/json 104.18.18.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://refinance.lowermybills.com/visitor

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.18.159 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a732617c38101a63ad0f14116a16ca6d08b8562ccc8c20be9f17291427a2849f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://refinance.lowermybills.com/?cmpid=80&crtid=6&pkey1=131&pkey2=690319&pkey3=28684_7447016_11&sid=4&sourceid=lmb-53704-112245-131
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 27 Jan 2022 05:02:50 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
p3p: CP="NON DSP COR LAW CONi TELi OUR SAM IND CNT"
content-length: 16
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"10-rUyPvz2t/XnLVYpk95e2nnkHtO8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
cache-control: no-store
cf-ray: 6d3f6e5cc9f91764-EWR

GET
BLOB 200
OK aea2e444-0edd-4a5b-ab18-6c8969ce6d93
https://refinance.lowermybills.com/ 26 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://refinance.lowermybills.com/aea2e444-0edd-4a5b-ab18-6c8969ce6d93
Requested by: Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?cmpid=80&crtid=6&pkey1=131&pkey2=690319&pkey3=28684_7447016_11&sid=4&sourceid=lmb-53704-112245-131
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b99c919f168349275b903d0a29253e0de9a945945650d811ee2ee0214b9387be

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://refinance.lowermybills.com/?cmpid=80&crtid=6&pkey1=131&pkey2=690319&pkey3=28684_7447016_11&sid=4&sourceid=lmb-53704-112245-131
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length: 26149

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 165 KB
61 KB 26ms
25ms Script
application/javascript 142.251.40.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WQ7TGZQSWQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VHPB6M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e359e463b9075576fd3d853a4f3345f66cebdb66bf4e2b5b51eaa73f50c6c68e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:02:50 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62300
x-xss-protection: 0
expires: Thu, 27 Jan 2022 05:02:50 GMT

POST
H2 200 pubdff5c93c0a8137997d0bc115c7949e0c
rum-http-intake.logs.datadoghq.com/v1/input/ 2 B
126 B 412ms
62ms Ping
application/json 3.233.149.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pubdff5c93c0a8137997d0bc115c7949e0c?ddsource=browser&ddtags=sdk_version%3A3.11.0%2Cenv%3Aprod%2Cservice%3Alre-lp-webapp%2Cversion%3A1.0.3%20d-ABA2XMSQE&batch_time=1643259770482
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.233.149.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-233-149-203.compute-1.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 27 Jan 2022 05:02:50 GMT
cross-origin-resource-policy: cross-origin
content-length: 2
content-type: application/json

GET
H2 200 collect Show response
sgtm.lowermybills.com/g/ 65 B
543 B 475ms
136ms XHR
text/plain 216.239.34.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sgtm.lowermybills.com/g/collect?v=2&tid=G-WQ7TGZQSWQ&gtm=2oe1o0&_p=373564255&sr=1600x1200&ul=en-us&cid=652110645.1643259771&_fplc=0&_s=1&dl=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131&dr=https%3A%2F%2Fgenteelcananea.com%2F&dt=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&sid=1643259770&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&ep.environment=prod&ep.pageName=LMB_LRE_LANDING_VERTICAL&richsstsse

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.34.21 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

any-in-2215.1e100.net

Software

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:02:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://refinance.lowermybills.com
cache-control: no-cache
access-control-allow-credentials: true
via: 1.1 google

GET
H2 200 deviceAtlasLmb.min.js Show response
cdn.lowermybills.com/lending-images/presentations/common/navapi/ Frame 3B53 8 KB
3 KB 33ms
20ms Script
text/javascript 104.18.18.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lowermybills.com/lending-images/presentations/common/navapi/deviceAtlasLmb.min.js

Requested by

Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-227c74ba235ad6a15a24.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.18.159 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cff5de0a6dddcb01b664acb7cce79cd85b5a941e7e8f74423c8024e60704005

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.lowermybills.com app.optimizely.com analytics.google.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:02:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27949
p3p: CP="NON DSP COR LAW CONi TELi OUR SAM IND CNT"
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Fri, 21 May 2021 02:42:28 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"fed6c65f5b084671-20fc-5c2ce02c32fd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript
cache-control: public, max-age=14400
content-security-policy: frame-ancestors 'self' *.lowermybills.com app.optimizely.com analytics.google.com
cf-ray: 6d3f6e5e1c021764-EWR
expires: Thu, 27 Jan 2022 09:02:50 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 140 KB
53 KB 18ms
18ms Script
application/javascript 142.251.40.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-849970183

Requested by

Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-227c74ba235ad6a15a24.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

33611e392d4210b50efb0b2e2831869b1d1a9abacf11ba2188f51dfe24e0c26c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:02:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53704
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Jan 2022 05:02:50 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 140 KB
52 KB 24ms
24ms Script
application/javascript 142.251.40.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-755089552

Requested by

Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-227c74ba235ad6a15a24.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

fd1a653e54af07ec686e62d48d1673c15b19c2976043e724e56fbc0ce4c60455

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:02:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53578
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Jan 2022 05:02:50 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
35 KB 32ms
32ms Script
application/javascript 142.251.40.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-72055405-1

Requested by

Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-227c74ba235ad6a15a24.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

58ede7fc9b1403dda4daa905f4c431da308c92ed17ea0e053c237a422eb87138

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:02:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35990
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Jan 2022 05:02:50 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 140 KB
52 KB 41ms
41ms Script
application/javascript 142.251.40.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1066568174

Requested by

Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-227c74ba235ad6a15a24.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

3277fc19dcde9e34ef067f165919faf91d87e5f8f80b094d6368405522b718fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:02:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53625
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Jan 2022 05:02:50 GMT

GET
H2 200 analytics Show response
ads.revjet.com/ Frame 3B53 19 KB
8 KB 28ms
3ms Script
application/javascript 72.251.228.39
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/analytics?acu=3370
Requested by: Host: s3.us-east-2.amazonaws.com
URL: https://s3.us-east-2.amazonaws.com/njsq314lonh/rtgs218azef.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 72.251.228.39 Jersey City, United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS: turn011-nyj.tokbox.com
Software: nginx /
Resource Hash: 2d84cdbfaf9b2bc0ba30bc5f67e45d03b265b52c3cfe24353e09175b1fb0fdfb

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:02:50 GMT
content-encoding: gzip
last-modified: Sun, 28 Nov 2021 16:43:05 GMT
server: nginx
etag: W/"61a3b199-4c14"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
expires: Thu, 27 Jan 2022 05:12:50 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 28ms
28ms Script
application/javascript 142.251.40.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-882032010

Requested by

Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-227c74ba235ad6a15a24.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

f36bcae4b351b4a740c7e246bf0b7be451baec89053b2c73fb2a47f855b3afaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:02:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39358
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Jan 2022 05:02:50 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 27ms
27ms Script
application/javascript 142.251.40.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-934858762

Requested by

Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-227c74ba235ad6a15a24.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

0c02351063d75bbc34f4077ec893c41902794860a56a9e3bf219553648c77244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:02:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39362
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Jan 2022 05:02:50 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 28ms
28ms Script
application/javascript 142.251.40.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-950054130

Requested by

Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-227c74ba235ad6a15a24.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

faa325fef31a05acbc4d71864d4c0982ce37d7f4815dc80e69c93c0fd5a6ff59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:02:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39357
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Jan 2022 05:02:50 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 33ms
33ms Script
application/javascript 142.251.40.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-966730890

Requested by

Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-227c74ba235ad6a15a24.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

38ea7ccc5dc1d0df215c3ceb1448a7965c7bbc1121040008c427e323268364aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:02:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39360
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Jan 2022 05:02:50 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 41ms
40ms Script
application/javascript 142.251.40.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-735544455

Requested by

Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-227c74ba235ad6a15a24.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

7af405f32745f06bf15e8eddc2c59e9cbef2a12d6860c8e1e171432f83808877

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:02:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39362
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Jan 2022 05:02:50 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 36 KB
11 KB 339ms
23ms Script
application/javascript 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: s3.us-east-2.amazonaws.com
URL: https://s3.us-east-2.amazonaws.com/njsq314lonh/rtgs218azef.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0001.a-msedge.net
Software: /
Resource Hash: dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:02:50 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 01:53:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5BFE96835DDE49FE8A518E9F4179914F Ref B: EWR311000104019 Ref C: 2022-01-27T05:02:50Z
etag: "0cb09ee8e7d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10468

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 50ms
49ms Script
application/javascript 142.251.40.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-874461485

Requested by

Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-227c74ba235ad6a15a24.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

5456353a4921d41961e6d05a10a94b53278256bb3770a3de04999ac07753101d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:02:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39360
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Jan 2022 05:02:50 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 87 KB
35 KB 35ms
35ms Script
application/javascript 142.251.40.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-852807

Requested by

Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-227c74ba235ad6a15a24.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

b1f63ff948631ffd5e5a568304ceb51675d90990241d6d41784717a4b3d98cc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:02:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35795
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Jan 2022 05:02:50 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1007280/ Frame 3B53 55 KB
17 KB 39ms
0ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1007280/tfa.js
Requested by: Host: s3.us-east-2.amazonaws.com
URL: https://s3.us-east-2.amazonaws.com/njsq314lonh/rtgs218azef.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 88cde089a91626868714eddc5908e44f7637c38c015ab71b62c73dc15b1acdfc

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: epK2aP7avgKndVTVwUXFskwymL61Cios
content-encoding: gzip
etag: "3b20fda85304ac5467201bda19467964"
age: 40
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 17364
x-amz-id-2: TH5aZxEIQOI38RqrpllvnoXV+lR60vPH7ojmYyyaibm3w287L/io0y9SZlNQLlWbNQsEsz7Ps6g=
x-served-by: cache-lga21926-LGA
last-modified: Sun, 23 Jan 2022 11:52:48 GMT
server: AmazonS3
x-timer: S1643259771.615334,VS0,VE1
date: Thu, 27 Jan 2022 05:02:50 GMT
vary: Accept-Encoding
x-amz-request-id: SDRXYQTA7507AZM9
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 65
x-cache-hits: 1

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ Frame 3B53 14 KB
6 KB 61ms
8ms Script
application/javascript 151.101.248.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: s3.us-east-2.amazonaws.com
URL: https://s3.us-east-2.amazonaws.com/njsq314lonh/rtgs218azef.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.248.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:02:50 GMT
content-encoding: gzip
last-modified: Wed, 22 Sep 2021 00:02:22 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kcgs7200103-IAD, cache-bwi5035-BWI

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 42ms
40ms Script
application/javascript 142.251.40.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-968462554

Requested by

Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-227c74ba235ad6a15a24.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c943ecebf29d6eb7134fdbeb06e80ecdd2714103a58001805369f73b3c5faa86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:02:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39364
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Jan 2022 05:02:50 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 45 KB
18 KB 92ms
45ms Script
text/javascript 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-227c74ba235ad6a15a24.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

cafe /

Resource Hash

7706dd45386901420f8ce918f7775dc59a8e96fb88d8ba67bfa6d5607a74ef0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:02:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17574
x-xss-protection: 0
server: cafe
etag: 17704712878824611454
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 27 Jan 2022 05:02:50 GMT

GET
H2 200 mgsensor.js Show response
a.mgid.com/ 42 KB
16 KB 74ms
31ms Script
application/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mgid.com/mgsensor.js?d=1643259770586
Requested by: Host: s3.us-east-2.amazonaws.com
URL: https://s3.us-east-2.amazonaws.com/njsq314lonh/rtgs218azef.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c61e80b922ccd7d2dd90bf548d95bcd85415a36ffae0f761691929a686c2a7a

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 05:02:50 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: b7096692-ed1f-4093-8df3-1807c2853752
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6d3f6e5e79b88c17-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare

GET
H2

200

activityi;dc_pre=COSEndeT0fUCFc7thwodHPoA6A;src=852807;type=lrepa937;cat=lrere295;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D...
852807.fls.doubleclick.net/ Frame 3B53
Redirect Chain

https://852807.fls.doubleclick.net/activityi;src=852807;type=lrepa937;cat=lrere295;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7...
https://852807.fls.doubleclick.net/activityi;dc_pre=COSEndeT0fUCFc7thwodHPoA6A;src=852807;type=lrepa937;cat=lrere295;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;g...

0
0

64ms
61ms

Image
text/html

142.250.65.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://852807.fls.doubleclick.net/activityi;dc_pre=COSEndeT0fUCFc7thwodHPoA6A;src=852807;type=lrepa937;cat=lrere295;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=
Requested by: Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?cmpid=80&crtid=6&pkey1=131&pkey2=690319&pkey3=28684_7447016_11&sid=4&sourceid=lmb-53704-112245-131
Protocol: H2
Server: 142.250.65.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s73-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
date: Thu, 27 Jan 2022 05:02:50 GMT
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
location: https://852807.fls.doubleclick.net/activityi;dc_pre=COSEndeT0fUCFc7thwodHPoA6A;src=852807;type=lrepa937;cat=lrere295;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
analytics.twitter.com/i/ Frame 3B53 43 B
354 B 99ms
34ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=l5ksy&p_id=Twitter

Requested by

Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?cmpid=80&crtid=6&pkey1=131&pkey2=690319&pkey3=28684_7447016_11&sid=4&sourceid=lmb-53704-112245-131

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time: 8
date: Thu, 27 Jan 2022 05:02:50 GMT
server: tsa_b
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: aba6eeada34f6485bca121e38066088719c862a86539e2309778c35c5dd47fd2
content-length: 43

GET
H2

200

/
www.google.com/pagead/1p-user-list/973523572/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/973523572/?value=0&label=l0DICKT_tQcQ9JSb0AM&guid=ON&script=0
https://www.google.com/pagead/1p-user-list/973523572/?value=0&label=l0DICKT_tQcQ9JSb0AM&guid=ON&script=0&is_vtc=1&random=1771669659

42 B
108 B

352ms
28ms

Image
image/gif

142.251.40.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/973523572/?value=0&label=l0DICKT_tQcQ9JSb0AM&guid=ON&script=0&is_vtc=1&random=1771669659

Protocol

Server

142.251.40.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 05:02:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 05:02:50 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
location: https://www.google.com/pagead/1p-user-list/973523572/?value=0&label=l0DICKT_tQcQ9JSb0AM&guid=ON&script=0&is_vtc=1&random=1771669659
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CLOEndeT0fUCFWOIgwgdIqMA6A;src=852807;type=lrepa937;cat=lrere295;ord=9aad073e-1d57-476b-8bcd-e42d7dff4d14
852807.fls.doubleclick.net/ Frame 3B53
Redirect Chain

https://852807.fls.doubleclick.net/activityi;src=852807;type=lrepa937;cat=lrere295;ord=9aad073e-1d57-476b-8bcd-e42d7dff4d14?
https://852807.fls.doubleclick.net/activityi;dc_pre=CLOEndeT0fUCFWOIgwgdIqMA6A;src=852807;type=lrepa937;cat=lrere295;ord=9aad073e-1d57-476b-8bcd-e42d7dff4d14?

0
0

34ms
25ms

Image
text/html

142.250.65.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://852807.fls.doubleclick.net/activityi;dc_pre=CLOEndeT0fUCFWOIgwgdIqMA6A;src=852807;type=lrepa937;cat=lrere295;ord=9aad073e-1d57-476b-8bcd-e42d7dff4d14?
Requested by: Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?cmpid=80&crtid=6&pkey1=131&pkey2=690319&pkey3=28684_7447016_11&sid=4&sourceid=lmb-53704-112245-131
Protocol: H2
Server: 142.250.65.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s73-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
date: Thu, 27 Jan 2022 05:02:50 GMT
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
location: https://852807.fls.doubleclick.net/activityi;dc_pre=CLOEndeT0fUCFWOIgwgdIqMA6A;src=852807;type=lrepa937;cat=lrere295;ord=9aad073e-1d57-476b-8bcd-e42d7dff4d14?
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.com/pagead/1p-user-list/1066568174/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1066568174/?value=1.00&currency_code=USD&label=raBACLrR_VoQ7pPK_AM&guid=ON&script=0
https://www.google.com/pagead/1p-user-list/1066568174/?value=1.00&currency_code=USD&label=raBACLrR_VoQ7pPK_AM&guid=ON&script=0&is_vtc=1&random=4257760066

42 B
548 B

350ms
27ms

Image
image/gif

142.251.40.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1066568174/?value=1.00&currency_code=USD&label=raBACLrR_VoQ7pPK_AM&guid=ON&script=0&is_vtc=1&random=4257760066

Protocol

Server

142.251.40.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 05:02:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 05:02:50 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
location: https://www.google.com/pagead/1p-user-list/1066568174/?value=1.00&currency_code=USD&label=raBACLrR_VoQ7pPK_AM&guid=ON&script=0&is_vtc=1&random=4257760066
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

src=4818226;dc_pre=CPSdndeT0fUCFYLthwodyogKTA;type=invmedia;cat=esvbxzky;ord=1
adservice.google.com/ddm/fls/p/ Frame 3B53
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=4818226;type=invmedia;cat=esvbxzky;ord=1?
https://ad.doubleclick.net/ddm/activity/src=4818226;dc_pre=CPSdndeT0fUCFYLthwodyogKTA;type=invmedia;cat=esvbxzky;ord=1?
https://adservice.google.com/ddm/fls/p/src=4818226;dc_pre=CPSdndeT0fUCFYLthwodyogKTA;type=invmedia;cat=esvbxzky;ord=1

42 B
541 B

341ms
25ms

Image
image/gif

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/p/src=4818226;dc_pre=CPSdndeT0fUCFYLthwodyogKTA;type=invmedia;cat=esvbxzky;ord=1

Requested by

Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?cmpid=80&crtid=6&pkey1=131&pkey2=690319&pkey3=28684_7447016_11&sid=4&sourceid=lmb-53704-112245-131

Protocol

Server

142.251.40.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 27 Jan 2022 05:02:51 GMT
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 27 Jan 2022 05:02:50 GMT
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/p/src=4818226;dc_pre=CPSdndeT0fUCFYLthwodyogKTA;type=invmedia;cat=esvbxzky;ord=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ Frame 3B53 43 B
715 B 58ms
19ms Image
image/gif 76.13.32.146
YAHOO-BF1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10070325&ec=LRELP

Requested by

Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?cmpid=80&crtid=6&pkey1=131&pkey2=690319&pkey3=28684_7447016_11&sid=4&sourceid=lmb-53704-112245-131

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.13.32.146 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

spdc.pbp.vip.bf1.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 05:02:50 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Thu, 27 Jan 2022 05:02:50 GMT

POST
H2 200 track Show response
refinance.lowermybills.com/ 259 B
323 B 187ms
176ms XHR
application/json 104.18.18.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://refinance.lowermybills.com/track

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.18.159 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c58cb6c30a81877ab7a1440dfa3c67d18ffd10c2cf70e177abc9fe21d86f94c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://refinance.lowermybills.com/?cmpid=80&crtid=6&pkey1=131&pkey2=690319&pkey3=28684_7447016_11&sid=4&sourceid=lmb-53704-112245-131
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 27 Jan 2022 05:02:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
p3p: CP="NON DSP COR LAW CONi TELi OUR SAM IND CNT"
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"103-OKb6/pb9yve+n+7o2sl37053p6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
cache-control: no-store
cf-ray: 6d3f6e5e6c621764-EWR

POST
H2 200 rum Show response
refinance.lowermybills.com/cdn-cgi/ 0
204 B 15ms
5ms XHR
text/plain 104.18.18.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://refinance.lowermybills.com/cdn-cgi/rum?

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.18.159 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://refinance.lowermybills.com/?cmpid=80&crtid=6&pkey1=131&pkey2=690319&pkey3=28684_7447016_11&sid=4&sourceid=lmb-53704-112245-131
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
content-type: application/json

Response headers

date: Thu, 27 Jan 2022 05:02:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://refinance.lowermybills.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6d3f6e5e7c681764-EWR
vary: Origin

GET
H2 200 pd2120 Show response
pix.revjet.com/track/ Frame 3B53 46 B
413 B 29ms
4ms Script
text/javascript 74.217.31.247
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to

Full URL: https://pix.revjet.com/track/pd2120?__noscript=false&__cbf=revjet.callbacks.cb1643259770632&location=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131&referrer=https%3A%2F%2Fgenteelcananea.com%2F&creditProfile=&firstMortgageBalance=&firstMortgageInterestRate=&hasFHALoan=&homeValue=&loanToValue=&propertyCity=&propertyDescription=&propertyState=&propertyZipCode=&rateType=&typeOfLoan=&loanRefiPurpose=
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/analytics?acu=3370
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.217.31.247 Secaucus, United States, ASN10912 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: 610fabfe494c9e0079d0c73ea1639cdd56f861956f956b561eeea46f6bb53416

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 27 Jan 2022 05:02:50 GMT
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 46
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/javascript

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 59ms
56ms Script
text/javascript 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-755089552

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

cafe /

Resource Hash

73b783357e1ed270e36ebc7846a8477f3d0d44e457405f46926ee2dc2a7db692

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:02:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14860
x-xss-protection: 0
server: cafe
etag: 9607039154328110559
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 27 Jan 2022 05:02:50 GMT

GET
H2 200 json Show response
trc.taboola.com/1007280/trc/3/ Frame 3B53 2 KB
2 KB 22ms
13ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1007280/trc/3/json?tim=1643259770731&data=%7B%22id%22%3A792%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1643259770723%2C%22cv%22%3A%2220220123-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131%22%2C%22e%22%3A%22https%3A%2F%2Fgenteelcananea.com%2F%22%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dcoredigital-sc%3Aabp%3D1%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1643259770730%2C%22ref%22%3A%22https%3A%2F%2Fgenteelcananea.com%2F%22%2C%22item-url%22%3A%22https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1007280/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2251bd96fc9e86f583b28f3eb29971290c735a3c87f41ba5eb3e9eb9cca6be3a

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms: 11
date: Thu, 27 Jan 2022 05:02:50 GMT
content-encoding: gzip
server: nginx
x-timer: S1643259771.744274,VS0,VE11
x-served-by: cache-lga21926-LGA
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 324ms
3ms Script
text/javascript 142.251.41.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-72055405-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2460
date: Thu, 27 Jan 2022 04:21:51 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 27 Jan 2022 06:21:51 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 140 KB
53 KB 19ms
19ms Script
application/javascript 142.251.40.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-849970183&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VHPB6M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

1149ff7bba5878cf0390f7b8cebb654aeb535079b3fd0b5f172eef52609b6cba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:02:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53697
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Jan 2022 05:02:50 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 24ms
24ms Script
application/javascript 142.251.40.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-735544455&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VHPB6M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

2421f13d5ef06cc9333bf50563e2280d3f898abb664ff9a3d892a16640c80bfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:02:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39376
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Jan 2022 05:02:50 GMT

GET
H2 200 adsct
t.co/i/ Frame 3B53 43 B
337 B 103ms
27ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nyhmx&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&event_id=ce054115-7a6e-47b0-abb7-58424643a48a&tw_document_href=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131

Requested by

Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?cmpid=80&crtid=6&pkey1=131&pkey2=690319&pkey3=28684_7447016_11&sid=4&sourceid=lmb-53704-112245-131

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time: 5
date: Thu, 27 Jan 2022 05:02:50 GMT
server: tsa_b
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: e3994d9a5d39fcec45b1d2d82129e642643ba29bdd4efbbc663b6f28a373d209
content-length: 43

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/950054130/ 2 KB
1 KB 327ms
25ms Script
text/javascript 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/950054130/?random=1643259771001&cv=9&fst=1643259771001&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1o0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131&ref=https%3A%2F%2Fgenteelcananea.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

6ddaad7610f221a85fc8153bf48c67c678a15892ca58de56f366932451d8ca7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 05:02:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1132
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/849970183/ 2 KB
1 KB 66ms
26ms Script
text/javascript 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/849970183/?random=1643259771006&cv=9&fst=1643259771006&num=1&label=DKgWCPPcgqEBEIeIppUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1o0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131&ref=https%3A%2F%2Fgenteelcananea.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&auid=1831242446.1643259771&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

cafe /

Resource Hash

72decc7d215b5ed66b46541c627298614fc8fd8a3fbb05714f1a0bc35629dc47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 05:02:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1276
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/849970183/ 2 KB
1 KB 359ms
29ms Script
text/javascript 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/849970183/?random=1643259771018&cv=9&fst=1643259771018&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1o0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131&ref=https%3A%2F%2Fgenteelcananea.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

3c969be8b14858a77e49fe035611889adaec49584431382bd4aef2a97942d5e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 05:02:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1131
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/966730890/ 2 KB
1 KB 360ms
30ms Script
text/javascript 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/966730890/?random=1643259771019&cv=9&fst=1643259771019&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1o0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131&ref=https%3A%2F%2Fgenteelcananea.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

206b0f9c8e9f4e15a84792c561768eec5b9fdeb88aebbd71515be6a4ad54e72c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 05:02:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1133
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/966730890/ 2 KB
1 KB 354ms
24ms Script
text/javascript 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/966730890/?random=1643259771020&cv=9&fst=1643259771020&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1o0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131&ref=https%3A%2F%2Fgenteelcananea.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

498463634c5d7be300bc3d9c545faf99810e19213cea46ab431f0c220bc8e9ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 05:02:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1133
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/966730890/ 2 KB
1 KB 355ms
26ms Script
text/javascript 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/966730890/?random=1643259771020&cv=9&fst=1643259771020&num=1&value=1&currency_code=USD&label=SuU3CIKMzqoBEIrJ_MwD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1o0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131&ref=https%3A%2F%2Fgenteelcananea.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

ae14ed8c77ed804ca0ccf732dc16efeb4df4ef3a369bbe21911036fff2b40a91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 05:02:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1202
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/874461485/ 2 KB
1 KB 352ms
23ms Script
text/javascript 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/874461485/?random=1643259771022&cv=9&fst=1643259771022&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1o0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131&ref=https%3A%2F%2Fgenteelcananea.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

62ed1ea40f39dfecde6cf72d4067111f6865d3962a0350455e84bf90cefac3dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 05:02:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1132
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1066568174/ 2 KB
1 KB 353ms
25ms Script
text/javascript 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1066568174/?random=1643259771023&cv=9&fst=1643259771023&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1o0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131&ref=https%3A%2F%2Fgenteelcananea.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

18f6db49fe9526d21d9fe8e13a9b6238cdd17682debeeb4325b748e3cecdb7bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 05:02:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1133
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/735544455/ 2 KB
1 KB 39ms
20ms Script
text/javascript 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/735544455/?random=1643259771026&cv=9&fst=1643259771026&num=1&label=iteKCOibgqIBEIeJ3t4C&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1o0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131&ref=https%3A%2F%2Fgenteelcananea.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&auid=1831242446.1643259771&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

cafe /

Resource Hash

e91e00f6db690a5b837e593ecf344525761ff4905c4e6a1ef978e64f1e46c04a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 05:02:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1275
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/735544455/ 2 KB
1 KB 343ms
28ms Script
text/javascript 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/735544455/?random=1643259771036&cv=9&fst=1643259771036&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1o0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131&ref=https%3A%2F%2Fgenteelcananea.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

1dbb2f0d6cd59875195cdab6031b8a46d4c1ccfb7300802e9b4dee16c2083746

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 05:02:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1144
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
bid.g.doubleclick.net/xbbe/ Frame 90C5 0
683 B 102ms
52ms Document
text/html 142.250.111.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/pixel?d=KAE

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.111.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

gb-in-f156.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-US,en;q=0.9

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 27 Jan 2022 05:02:51 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 27 Jan 2022 05:02:51 GMT
cache-control: private

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/755089552/ 2 KB
1 KB 334ms
26ms Script
text/javascript 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/755089552/?random=1643259771044&cv=9&fst=1643259771044&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1o0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131&ref=https%3A%2F%2Fgenteelcananea.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

34c71b5d9d75b93c2bfcd1cfeb350f73c9ae6c5eb7d2d486989efa951e1b53a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 05:02:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1134
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/968462554/ 2 KB
1 KB 330ms
26ms Script
text/javascript 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/968462554/?random=1643259771046&cv=9&fst=1643259771046&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1o0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131&ref=https%3A%2F%2Fgenteelcananea.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

c4d040b3a13083b6a8aa937065968d4338ef4e252e69ff8a4d667d9084e5c04f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 05:02:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1133
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/882032010/ 2 KB
1 KB 334ms
28ms Script
text/javascript 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/882032010/?random=1643259771047&cv=9&fst=1643259771047&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1o0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131&ref=https%3A%2F%2Fgenteelcananea.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

327f54af196faebd36d958f9e6f646042976f2b2903ef743311c4ad42e832567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 05:02:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1132
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/934858762/ 2 KB
1 KB 338ms
34ms Script
text/javascript 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/934858762/?random=1643259771048&cv=9&fst=1643259771048&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1o0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131&ref=https%3A%2F%2Fgenteelcananea.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

a034da455f4f3e7fdc7b94ba5e0437edb88d51a10e8147153beb1628584a6b15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 05:02:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1143
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ Frame 3B53 2 KB
1 KB 16ms
13ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1007280/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding: gzip
etag: "3aa74dbf5cd656dbb65deda2d238ddbd"
age: 2909
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 911
x-amz-id-2: DxhHalyyoAj9wZgdL+sGv4UqKE4G1XDj0mW9YV0th4wEyjE710JdfNCcUUO9GcZzblVZ3GViK44=
x-served-by: cache-lga21926-LGA
last-modified: Wed, 14 Jul 2021 05:06:01 GMT
server: AmazonS3
x-timer: S1643259771.066333,VS0,VE0
date: Thu, 27 Jan 2022 05:02:51 GMT
vary: Accept-Encoding
x-amz-request-id: 590KQ3P07W4QKX9M
via: 1.1 varnish
cache-control: private, max-age=3600
accept-ranges: bytes
content-type: application/javascript
abp: 78
x-cache-hits: 3711

GET
H2 200 eid.js Show response
cdn.taboola.com/scripts/ Frame 3B53 14 KB
5 KB 14ms
13ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/eid.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1007280/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 82f3e86bf88366e93c62eb14a8a7aa06afb75aa135c27988f3ccb946875d2f33

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: Rgk6TX83.a2Xbi9.mRUycMEPnxVzEJhe
content-encoding: gzip
etag: "f7917ed1eb799a729725a7db50d1f828"
age: 12259
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 5258
x-amz-id-2: sGg5RW7vwv5ckz6UjZGTbxCLwxOFBQ7tVKCMTUw1yFv/VvP+8F8x5I17A6c+ffsa1/ce4WbRRZk=
x-served-by: cache-lga21926-LGA
last-modified: Tue, 28 Dec 2021 08:10:40 GMT
server: AmazonS3
x-timer: S1643259771.066457,VS0,VE0
date: Thu, 27 Jan 2022 05:02:51 GMT
vary: Accept-Encoding
x-amz-request-id: Z6BPP58ZENM3MXYR
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 78
x-cache-hits: 16395

GET
H2 200 json Show response
trc.taboola.com/1390358/trc/3/ Frame 3B53 2 KB
2 KB 21ms
20ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1390358/trc/3/json?tim=1643259771050&data=%7B%22id%22%3A406%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3A%22b6d01fd1-9524-448f-bf98-92d48986087e-tuct8ebacfa%22%2C%22vi%22%3A1643259770723%2C%22cv%22%3A%2220220123-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131%22%2C%22e%22%3A%22https%3A%2F%2Fgenteelcananea.com%2F%22%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dcoredigital-sc%3Aabp%3D1%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1643259770733%2C%22ref%22%3A%22https%3A%2F%2Fgenteelcananea.com%2F%22%2C%22item-url%22%3A%22https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131%22%2C%22tos%22%3A4%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1007280/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 42821a483ce8c68aecfb68765aa697f4967453e0175200e60afb023847624ab3

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms: 10
date: Thu, 27 Jan 2022 05:02:51 GMT
content-encoding: gzip
server: nginx
x-timer: S1643259771.066628,VS0,VE10
x-served-by: cache-lga21926-LGA
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

POST
H2 200 pubdff5c93c0a8137997d0bc115c7949e0c
rum-http-intake.logs.datadoghq.com/v1/input/ 2 B
125 B 65ms
64ms Ping
application/json 3.233.149.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pubdff5c93c0a8137997d0bc115c7949e0c?ddsource=browser&ddtags=sdk_version%3A3.11.0%2Cenv%3Aprod%2Cservice%3Alre-lp-webapp%2Cversion%3A1.0.3%20d-ABA2XMSQE&batch_time=1643259771053
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.233.149.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-233-149-203.compute-1.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 27 Jan 2022 05:02:51 GMT
cross-origin-resource-policy: cross-origin
content-length: 2
content-type: application/json

GET
H3 200 1x1.gif
a.mgid.com/ 43 B
397 B 42ms
29ms Image
image/gif 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.mgid.com/1x1.gif?id=608665&type=c&tg=&r=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131&utmc=0&utmt=0&nv=1&utms=&utmcp=&utmm=&clid=&cmgid=0&cmtid=0&cmtuid=0&d=1643259771067
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 05:02:51 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6d3f6e6148d10cb5-EWR
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 5189243.js Show response
bat.bing.com/p/action/ 0
94 B 159ms
159ms Script
text/plain 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/5189243.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0001.a-msedge.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 27 Jan 2022 05:02:50 GMT
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 602448D905D6445A893682632E40038C Ref B: EWR311000104019 Ref C: 2022-01-27T05:02:51Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
151 B 21ms
20ms Image
text/plain 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5189243&Ver=2&mid=3e43e4e5-5abb-4f01-a800-8d3a8a4fba91&sid=60cb86507f2e11ec852bb54bcd27d3ab&vid=60cbecf07f2e11eca7d555fc11278a1b&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Refinance%20Mortgage,%20Refinancing%20Rates,%20Mortgage%20Rates%20-%20LowerMyBills&kw=refinance,%20mortgage,%20mortgages,%20refinancing,%20mortgage%20rates,%20refinance%20mortgage,%20refinance%20rates,%20refinancing%20rates,%20refinancing%20home,%20home%20loan,%20home%20loans,%20equity%20loans,%20home%20equity%20loans,%20home%20equity%20loan,%20second%20mortgage,%20home%20equity%20loan%20rates,%20credit%20card%20consolidation,%20debt%20loans,%20credit%20card%20debt%20consolidation,%20bad%20credit%20loans,%20debt%20free,%20bad%20credit,%20debt%20help,%20debt%20solutions,%20money%20management,%20credit%20card%20debt,%20personal%20loan,%20bad%20credit%20mortgage,%20mortgage%20calculator&p=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131&r=https%3A%2F%2Fgenteelcananea.com%2F&lt=2185&evt=pageLoad&msclkid=N&sv=1&rn=438060
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0001.a-msedge.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 05:02:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 186ED526308D422186CD812B505DCB5A Ref B: EWR311000104019 Ref C: 2022-01-27T05:02:51Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.com/pagead/1p-conversion/735544455/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/735544455/?random=862883869&cv=9&fst=1643259771026&num=1&label=iteKCOibgqIBEIeJ3t4C&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200...
https://www.google.com/pagead/1p-conversion/735544455/?random=862883869&cv=9&fst=1643259771026&num=1&label=iteKCOibgqIBEIeJ3t4C&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...

42 B
108 B

331ms
29ms

Image
image/gif

142.251.40.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/735544455/?random=862883869&cv=9&fst=1643259771026&num=1&label=iteKCOibgqIBEIeJ3t4C&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1o0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131&ref=https%3A%2F%2Fgenteelcananea.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&auid=1831242446.1643259771&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=eyfyYbX4A_OSoPMP956HiAs&cid=CAQSKQCNIrLMKOOf4gSW6DRbf_RycRTynKCSKlcRV13GNaI6S_zDlws2kSL2&random=1529076095&resp=GooglemKTybQhCsO

Protocol

Server

142.251.40.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 05:02:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 05:02:51 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
location: https://www.google.com/pagead/1p-conversion/735544455/?random=862883869&cv=9&fst=1643259771026&num=1&label=iteKCOibgqIBEIeJ3t4C&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1o0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131&ref=https%3A%2F%2Fgenteelcananea.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&auid=1831242446.1643259771&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=eyfyYbX4A_OSoPMP956HiAs&cid=CAQSKQCNIrLMKOOf4gSW6DRbf_RycRTynKCSKlcRV13GNaI6S_zDlws2kSL2&random=1529076095&resp=GooglemKTybQhCsO
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.com/pagead/1p-conversion/849970183/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/849970183/?random=1349099933&cv=9&fst=1643259771006&num=1&label=DKgWCPPcgqEBEIeIppUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=120...
https://www.google.com/pagead/1p-conversion/849970183/?random=1349099933&cv=9&fst=1643259771006&num=1&label=DKgWCPPcgqEBEIeIppUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&...

42 B
108 B

330ms
28ms

Image
image/gif

142.251.40.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/849970183/?random=1349099933&cv=9&fst=1643259771006&num=1&label=DKgWCPPcgqEBEIeIppUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1o0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131&ref=https%3A%2F%2Fgenteelcananea.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&auid=1831242446.1643259771&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=eyfyYceFBIzD_gTk_634Bw&cid=CAQSKQCNIrLMciC2-ftDkpxn_YIlG91K_oY8eU6Iug-W9Tsm7rivi3EvegQn&random=1937819533&resp=GooglemKTybQhCsO

Protocol

Server

142.251.40.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 05:02:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 05:02:51 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
location: https://www.google.com/pagead/1p-conversion/849970183/?random=1349099933&cv=9&fst=1643259771006&num=1&label=DKgWCPPcgqEBEIeIppUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1o0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131&ref=https%3A%2F%2Fgenteelcananea.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&auid=1831242446.1643259771&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=eyfyYceFBIzD_gTk_634Bw&cid=CAQSKQCNIrLMciC2-ftDkpxn_YIlG91K_oY8eU6Iug-W9Tsm7rivi3EvegQn&random=1937819533&resp=GooglemKTybQhCsO
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
215 B 318ms
16ms XHR
text/plain 142.251.41.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=373564255&t=pageview&_s=1&dl=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131&dr=https%3A%2F%2Fgenteelcananea.com%2F&ul=en-us&de=UTF-8&dt=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=205310686&gjid=1314891138&cid=652110645.1643259771&tid=UA-72055405-1&_gid=60235691.1643259771&_r=1&gtm=2ou1o0&z=2024830855

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 05:02:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://refinance.lowermybills.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/950054130/ 42 B
108 B 324ms
22ms Image
image/gif 142.251.40.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/950054130/?random=1643259771001&cv=9&fst=1643259600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131&ref=https%3A%2F%2Fgenteelcananea.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=3011207639&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 05:02:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/874461485/ 42 B
108 B 325ms
23ms Image
image/gif 142.251.40.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/874461485/?random=1643259771022&cv=9&fst=1643259600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131&ref=https%3A%2F%2Fgenteelcananea.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=1609226277&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 05:02:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 pubdff5c93c0a8137997d0bc115c7949e0c
rum-http-intake.logs.datadoghq.com/v1/input/ 2 B
125 B 98ms
91ms Ping
application/json 3.233.149.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pubdff5c93c0a8137997d0bc115c7949e0c?ddsource=browser&ddtags=sdk_version%3A3.11.0%2Cenv%3Aprod%2Cservice%3Alre-lp-webapp%2Cversion%3A1.0.3%20d-ABA2XMSQE&batch_time=1643259771387
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.233.149.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-233-149-203.compute-1.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 27 Jan 2022 05:02:51 GMT
cross-origin-resource-policy: cross-origin
content-length: 2
content-type: application/json

GET
H2 200 /
www.google.com/pagead/1p-user-list/966730890/ 42 B
108 B 330ms
26ms Image
image/gif 142.251.40.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/966730890/?random=1643259771020&cv=9&fst=1643259600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131&ref=https%3A%2F%2Fgenteelcananea.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=1795528451&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 05:02:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1066568174/ 42 B
108 B 327ms
25ms Image
image/gif 142.251.40.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1066568174/?random=1643259771023&cv=9&fst=1643259600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131&ref=https%3A%2F%2Fgenteelcananea.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=487319860&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 05:02:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/966730890/ 42 B
108 B 329ms
26ms Image
image/gif 142.251.40.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/966730890/?random=1643259771020&cv=9&fst=1643259600000&num=1&value=1&currency_code=USD&label=SuU3CIKMzqoBEIrJ_MwD&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1o0&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131&ref=https%3A%2F%2Fgenteelcananea.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=3960074297&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 05:02:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/968462554/ 42 B
108 B 329ms
27ms Image
image/gif 142.251.40.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/968462554/?random=1643259771046&cv=9&fst=1643259600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131&ref=https%3A%2F%2Fgenteelcananea.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=1492142700&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 05:02:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/755089552/ 42 B
108 B 333ms
23ms Image
image/gif 142.251.40.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/755089552/?random=1643259771044&cv=9&fst=1643259600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131&ref=https%3A%2F%2Fgenteelcananea.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=1912799297&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 05:02:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/849970183/ 42 B
108 B 333ms
23ms Image
image/gif 142.251.40.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/849970183/?random=1643259771018&cv=9&fst=1643259600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131&ref=https%3A%2F%2Fgenteelcananea.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=2343544719&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 05:02:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/735544455/ 42 B
108 B 332ms
22ms Image
image/gif 142.251.40.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/735544455/?random=1643259771036&cv=9&fst=1643259600000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131&ref=https%3A%2F%2Fgenteelcananea.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=1026846512&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 05:02:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/966730890/ 42 B
108 B 331ms
22ms Image
image/gif 142.251.40.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/966730890/?random=1643259771019&cv=9&fst=1643259600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131&ref=https%3A%2F%2Fgenteelcananea.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=2365166835&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 05:02:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/882032010/ 42 B
108 B 328ms
21ms Image
image/gif 142.251.40.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/882032010/?random=1643259771047&cv=9&fst=1643259600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131&ref=https%3A%2F%2Fgenteelcananea.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=1722434107&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 05:02:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/934858762/ 42 B
108 B 334ms
17ms Image
image/gif 142.251.40.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/934858762/?random=1643259771048&cv=9&fst=1643259600000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131&ref=https%3A%2F%2Fgenteelcananea.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=1538747040&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 05:02:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
447 B 373ms
32ms XHR
text/plain 142.250.123.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-72055405-1&cid=652110645.1643259771&jid=205310686&gjid=1314891138&_gid=60235691.1643259771&_u=YADAAUAAAAAAAC~&z=1377797152

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.123.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

gh-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 27 Jan 2022 05:02:51 GMT
content-type: text/plain
access-control-allow-origin: https://refinance.lowermybills.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 pubdff5c93c0a8137997d0bc115c7949e0c
rum-http-intake.logs.datadoghq.com/v1/input/ 2 B
125 B 29ms
28ms Ping
application/json 3.233.149.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pubdff5c93c0a8137997d0bc115c7949e0c?ddsource=browser&ddtags=sdk_version%3A3.11.0%2Cenv%3Aprod%2Cservice%3Alre-lp-webapp%2Cversion%3A1.0.3%20d-ABA2XMSQE&batch_time=1643259771679
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.233.149.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-233-149-203.compute-1.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 27 Jan 2022 05:02:51 GMT
cross-origin-resource-policy: cross-origin
content-length: 2
content-type: application/json

POST
H2 200 pubdff5c93c0a8137997d0bc115c7949e0c
rum-http-intake.logs.datadoghq.com/v1/input/ 2 B
125 B 47ms
39ms Ping
application/json 3.233.149.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pubdff5c93c0a8137997d0bc115c7949e0c?ddsource=browser&ddtags=sdk_version%3A3.11.0%2Cenv%3Aprod%2Cservice%3Alre-lp-webapp%2Cversion%3A1.0.3%20d-ABA2XMSQE&batch_time=1643259771744
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.233.149.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-233-149-203.compute-1.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 27 Jan 2022 05:02:51 GMT
cross-origin-resource-policy: cross-origin
content-length: 2
content-type: application/json

GET
H2 204 unip Show response
trc-events.taboola.com/1007280/log/3/ Frame 3B53 0
386 B 45ms
4ms XHR
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1007280/log/3/unip?en=pre_d_eng_tb&tos=1622&scd=0&ssd=1&est=1643259770728&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1643259772351&vi=1643259770723&ri=b5de8631f04c142e28397ae476967ffe&sd=v2_39628df28a9d6bc312bc515ba7c722a4_b6d01fd1-9524-448f-bf98-92d48986087e-tuct8ebacfa_1643259770_1643259770_CJC6qxYQsL09GOPuqM_pLyABKAEw4QE4kaQOQJjyDki0y9kDUIAEWABgAGjbwtakkbOV1QpwAQ&ui=b6d01fd1-9524-448f-bf98-92d48986087e-tuct8ebacfa&ref=https%3A%2F%2Fgenteelcananea.com%2F&cv=20220123-5-RELEASE&item-url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1007280/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://refinance.lowermybills.com
pragma: no-cache
date: Thu, 27 Jan 2022 05:02:52 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1390358/log/3/ Frame 3B53 0
387 B 44ms
3ms XHR
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1390358/log/3/unip?en=pre_d_eng_tb&tos=1623&scd=0&ssd=1&est=1643259770728&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1643259772352&vi=1643259770723&ri=33404c700647bd5f9513ffbc0a4e2f9d&sd=v2_dbaf0681176b353ff0f38fc7bd9c3be0_b6d01fd1-9524-448f-bf98-92d48986087e-tuct8ebacfa_1643259771_1643259771_CJC6qxYQlu5UGOPuqM_pLyABKAMw4QE4kaQOQJjyDki0y9kDUIAEWABgAGjbwtakkbOV1QpwAQ&ui=b6d01fd1-9524-448f-bf98-92d48986087e-tuct8ebacfa&ref=https%3A%2F%2Fgenteelcananea.com%2F&cv=20220123-5-RELEASE&item-url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1007280/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://refinance.lowermybills.com
pragma: no-cache
date: Thu, 27 Jan 2022 05:02:52 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1007280/log/3/ Frame 3B53 0
386 B 7ms
3ms XHR
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1007280/log/3/unip?en=pre_d_eng_tb&tos=4625&scd=0&ssd=1&est=1643259770728&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1643259775353&vi=1643259770723&ri=b5de8631f04c142e28397ae476967ffe&sd=v2_39628df28a9d6bc312bc515ba7c722a4_b6d01fd1-9524-448f-bf98-92d48986087e-tuct8ebacfa_1643259770_1643259770_CJC6qxYQsL09GOPuqM_pLyABKAEw4QE4kaQOQJjyDki0y9kDUIAEWABgAGjbwtakkbOV1QpwAQ&ui=b6d01fd1-9524-448f-bf98-92d48986087e-tuct8ebacfa&ref=https%3A%2F%2Fgenteelcananea.com%2F&cv=20220123-5-RELEASE&item-url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1007280/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://refinance.lowermybills.com
pragma: no-cache
date: Thu, 27 Jan 2022 05:02:55 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1390358/log/3/ Frame 3B53 0
386 B 5ms
4ms XHR
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1390358/log/3/unip?en=pre_d_eng_tb&tos=4626&scd=0&ssd=1&est=1643259770728&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1643259775355&vi=1643259770723&ri=33404c700647bd5f9513ffbc0a4e2f9d&sd=v2_dbaf0681176b353ff0f38fc7bd9c3be0_b6d01fd1-9524-448f-bf98-92d48986087e-tuct8ebacfa_1643259771_1643259771_CJC6qxYQlu5UGOPuqM_pLyABKAMw4QE4kaQOQJjyDki0y9kDUIAEWABgAGjbwtakkbOV1QpwAQ&ui=b6d01fd1-9524-448f-bf98-92d48986087e-tuct8ebacfa&ref=https%3A%2F%2Fgenteelcananea.com%2F&cv=20220123-5-RELEASE&item-url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fcmpid%3D80%26crtid%3D6%26pkey1%3D131%26pkey2%3D690319%26pkey3%3D28684_7447016_11%26sid%3D4%26sourceid%3Dlmb-53704-112245-131
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1007280/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://refinance.lowermybills.com
pragma: no-cache
date: Thu, 27 Jan 2022 05:02:55 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.taboola.com/coredigital-quickenloans-video/	1969-12-31 23:59:59	Name: taboola_session_id Value: v2_dbaf0681176b353ff0f38fc7bd9c3be0_b6d01fd1-9524-448f-bf98-92d48986087e-tuct8ebacfa_1643259771_1643259771_CJC6qxYQlu5UGOPuqM_pLyABKAMw4QE4kaQOQJjyDki0y9kDUIAEWABgAGjbwtakkbOV1QpwAQ
.taboola.com/coredigital-sc/	1969-12-31 23:59:59	Name: taboola_session_id Value: v2_39628df28a9d6bc312bc515ba7c722a4_b6d01fd1-9524-448f-bf98-92d48986087e-tuct8ebacfa_1643259770_1643259770_CJC6qxYQsL09GOPuqM_pLyABKAEw4QE4kaQOQJjyDki0y9kDUIAEWABgAGjbwtakkbOV1QpwAQ
genteelcananea.com/	1970-01-20 01:10:51	Name: uid13109 Value: 1236887640-20220127000248-7b27e99f858bcd12845f184d0b91b4f9-
.cdmtrk.com/	1969-12-31 23:59:59	Name: sid Value: 0Z9s5z0l11wAglUdTKOcsBu0T5Pnj9wRURWOs1FscVLII7g+g4sTsQ==
.cdmtrk.com/	1970-01-20 17:58:22	Name: trk Value: zU+dDwFMbsUAglUdTKOcsBu0T5Pnj9wRURWOs1FscVLII7g+g4sTsQ==
.cdmtrk.com/	1970-01-20 17:58:51	Name: c4 Value: 0Z9s5z0l11yc4nk8p4ejxA4kP4+pN1YDoDVdOy3x+1M=
.lowermybills.com/	1970-01-20 00:27:41	Name: __cf_bm Value: BdFtITyuRO7y.bUATWb75aY4pOk1zD8.65ge.8t.1Bc-1643259769-0-ASjBLvCzDMwKV3cWGr/SGeX0ZEgGjXHS8tVYJ8hZWS/muJb7SZjofJAQrOIAeBX8HL1lyi1Y/SPZQLuJZWxD578=
refinance.lowermybills.com/	1970-01-20 09:13:15	Name: visitorId Value: 9aad073e-1d57-476b-8bcd-e42d7dff4d14
refinance.lowermybills.com/	1970-01-20 00:37:44	Name: sourceId Value: lmb-53704-112245-131
refinance.lowermybills.com/	1970-01-20 00:37:44	Name: connect.sid Value: s%3AwJOs1SxvSUkzd1zkpZjluwbYZeMEpLoG.XsaXoe6x57LAbf5B3I4avCYtTTISLG4B%2FPCmfYuTxUE
refinance.lowermybills.com/	1969-12-31 23:59:59	Name: BIGipServerpl.prod-lrelpwapp-lnd Value: !ENZgZtpzpOXUtihRHhj5eaSY0gTQ+Foi4p3Cbb0uTglgWCQWGnN6Ghw1GLVNJcP9qLk9Al0A5FrVLyk=
refinance.lowermybills.com/	1969-12-31 23:59:59	Name: TS014fdca0 Value: 012d8c2fc3188ad6fba1dd272115e23d284176cc59b5124f1ad56cfe94a1639cbd41ae8a3ea9b786b25034c6d258743d6a1870ff23
refinance.lowermybills.com/	1970-01-20 00:29:06	Name: DAPROPS Value: "sjs.webGlRenderer:Intel Iris OpenGL Engine\|bjs.accessDom:1\|bcookieSupport:1\|bcss.animations:1\|bcss.columns:1\|bcss.transforms:1\|bcss.transitions:1\|sdevicePixelRatio:1\|idisplayColorDepth:24\|bflashCapable:0\|bhtml.audio:1\|bhtml.canvas:1\|bhtml.inlinesvg:1\|bhtml.svg:1\|bhtml.video:1\|bjs.applicationCache:0\|bjs.deviceMotion:1\|bjs.deviceOrientation:0\|bjs.geoLocation:1\|bjs.indexedDB:1\|bjs.json:1\|bjs.localStorage:1\|bjs.modifyCss:1\|bjs.modifyDom:1\|bjs.querySelector:1\|bjs.sessionStorage:1\|bjs.supportBasicJavaScript:1\|bjs.supportConsoleLog:1\|bjs.supportEventListener:1\|bjs.supportEvents:1\|bjs.touchEvents:0\|bjs.webGl:1\|bjs.webSockets:1\|bjs.webSqlDatabase:0\|bjs.webWorkers:1\|bjs.xhr:1\|buserMedia:1\|bjs.battery:0"
refinance.lowermybills.com/	1970-01-20 00:27:40	Name: _dd_s Value: rum=1&id=5a2149b9-67d6-47ea-b667-435e692093a2&created=1643259769992&expire=1643260669992
.lowermybills.com/	1970-01-20 17:58:51	Name: _ga_WQ7TGZQSWQ Value: GS1.1.1643259770.1.0.1643259770.0
.mgid.com/	1970-01-25 20:31:23	Name: muidn Value: m0qOGw6YYS2l
.mgid.com/	1970-01-20 00:27:41	Name: __cf_bm Value: 4c43f5ea8434c506e12b519a1817283b9e0294d6-1643259770-0-AZjNae8bKLjpyBGIVVKHYrGNbMl7iBW9uBZyP8a8CxWkrj3frJm3E1M1uCezwuasmokQyJ/nxZuWISWJwr/meyA=
.lowermybills.com/	1970-01-20 02:37:15	Name: _gcl_au Value: 1.1.1831242446.1643259771
.twitter.com/	1970-01-20 17:58:51	Name: personalization_id Value: "v1_+p9AVvtxG39PeaRYq+mToA=="
.revjet.com/	1970-01-20 17:58:51	Name: trx Value: 4786807462758594385
.yahoo.com/	1970-01-20 09:13:37	Name: A3 Value: d=AQABBHon8mECEDD4IU89i3x67HLTd-UiJ_IFEgEBAQF482H8YQAAAAAA_eMAAA&S=AQAAArtyn5giTEqbnQGJqpfYKvQ
.taboola.com/	1970-01-20 09:13:15	Name: t_gid Value: b6d01fd1-9524-448f-bf98-92d48986087e-tuct8ebacfa
.bing.com/	1970-01-20 09:49:15	Name: MUID Value: 23D5531B665F63422738422267D562D5
.bat.bing.com/	1970-01-20 00:37:44	Name: MR Value: 0
.lowermybills.com/	1970-01-20 00:28:51	Name: FPLC Value: hrhjjA8MoV%2BgcggOjFEuYYWDA33%2FYDtOpjQW0HZjsUVcetsARhjqcHsHqYflSaz6OaHuF2psEXj%2FssQGAauuXU7IOKcbuFk%2BVE5R4kymL%2BkTMOjCXFIoA%2FszVaRckQ%3D%3D
.lowermybills.com/	1970-01-20 17:58:51	Name: FPID Value: FPID2.2.eb5UaVKrWEsfnbt6pQ3AQkPCWJpFE9zuP2bRoZF40zY%3D.1643259771
refinance.lowermybills.com/	1970-01-20 02:37:15	Name: MgidSensorNVis Value: 1
refinance.lowermybills.com/	1970-01-20 02:37:15	Name: MgidSensorHref Value: https://refinance.lowermybills.com/?cmpid=80&crtid=6&pkey1=131&pkey2=690319&pkey3=28684_7447016_11&sid=4&sourceid=lmb-53704-112245-131
.lowermybills.com/	1970-01-20 00:29:06	Name: _uetsid Value: 60cb86507f2e11ec852bb54bcd27d3ab
.t.co/	1970-01-20 17:58:51	Name: muc_ads Value: b632c64b-a59d-4e11-93ca-f46293903f99
.lowermybills.com/	1970-01-20 09:49:15	Name: _uetvid Value: 60cbecf07f2e11eca7d555fc11278a1b
.lowermybills.com/	1970-01-20 17:58:51	Name: _ga Value: GA1.2.652110645.1643259771
.lowermybills.com/	1970-01-20 00:29:06	Name: _gid Value: GA1.2.60235691.1643259771
.lowermybills.com/	1970-01-20 00:27:39	Name: _gat_gtag_UA_72055405_1 Value: 1
.doubleclick.net/	1970-01-20 17:58:51	Name: IDE Value: AHWqTUnzGg0flvCYQCUfioJ-iMferXblHZ0OsIvsYYUfKk2GrC4lpH4TEMWh8Tax

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.googleadservices.com/pagead/conversion_async.js(Line 71) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googleadservices.com/pagead/conversion_async.js(Line 71) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

852807.fls.doubleclick.net
a.mgid.com
ad.doubleclick.net
ads.revjet.com
adservice.google.com
analytics.twitter.com
bat.bing.com
bid.g.doubleclick.net
cdmtrk.com
cdn-refinance.lowermybills.com
cdn.lowermybills.com
cdn.taboola.com
content.lowermybills.com
fonts.googleapis.com
fonts.gstatic.com
genteelcananea.com
googleads.g.doubleclick.net
pix.revjet.com
privacy-policy.truste.com
refinance.lowermybills.com
rum-http-intake.logs.datadoghq.com
s3.us-east-2.amazonaws.com
sgtm.lowermybills.com
sp.analytics.yahoo.com
static-lre.lowermybills.com
static.ads-twitter.com
static.cloudflareinsights.com
stats.g.doubleclick.net
t.co
tidingspun.com
trc-events.taboola.com
trc.taboola.com
www.datadoghq-browser-agent.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.lowermybills.com
104.16.94.65
104.18.18.159
104.19.135.78
104.244.42.195
104.244.42.69
13.249.190.38
13.35.77.93
141.226.224.48
142.250.111.156
142.250.123.157
142.250.65.230
142.250.80.34
142.251.32.106
142.251.32.98
142.251.40.104
142.251.40.131
142.251.40.196
142.251.40.226
142.251.41.14
148.251.167.25
151.101.1.44
151.101.248.157
204.27.59.26
204.79.197.200
216.239.34.21
3.233.149.203
35.82.97.156
52.219.102.241
72.251.228.39
74.217.31.247
76.13.32.146
0b6a782b3f23072b833897dee1f06b37cdecbd4ae503e4f6ca6803a9524de86c
0b79c5704e394a34c14e43d6a1380670cc9ff1ac7aa850fedeceb4265a26f42a
0c02351063d75bbc34f4077ec893c41902794860a56a9e3bf219553648c77244
0cada708e119149edd948291e531ccce6385fe040e74e3bb4d482ec74bd3f22d
0cff5de0a6dddcb01b664acb7cce79cd85b5a941e7e8f74423c8024e60704005
0d435e5fd5634fa368d617dc56bf14941caaa23a71d3522be278497566400b81
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
1149ff7bba5878cf0390f7b8cebb654aeb535079b3fd0b5f172eef52609b6cba
127cae9821853edc1953090239e5ae0297c4626b184280bb894cbfef9f947f30
14d92f185568e96f14031042c124b502e43a55784a40f1d3bfc6fac9157bd3aa
18f6db49fe9526d21d9fe8e13a9b6238cdd17682debeeb4325b748e3cecdb7bf
1c0676327f2e8a36f4566392aaec15036da66d48fda332ae8b6c6af30dc3c485
1cf4becba1194b3931970493f823178403a6ede73368d62c4e6541c95a4733cc
1d7015c13fd51bf12eb98c6e4af1822cdfb32610540bf83730fed28917aadd84
1dbb2f0d6cd59875195cdab6031b8a46d4c1ccfb7300802e9b4dee16c2083746
206b0f9c8e9f4e15a84792c561768eec5b9fdeb88aebbd71515be6a4ad54e72c
2251bd96fc9e86f583b28f3eb29971290c735a3c87f41ba5eb3e9eb9cca6be3a
2421f13d5ef06cc9333bf50563e2280d3f898abb664ff9a3d892a16640c80bfa
2d84cdbfaf9b2bc0ba30bc5f67e45d03b265b52c3cfe24353e09175b1fb0fdfb
3255db2fb88891ee1add7804275d722bdd4e1eb438c51927d08c0dd67c1c558f
3277fc19dcde9e34ef067f165919faf91d87e5f8f80b094d6368405522b718fc
327f54af196faebd36d958f9e6f646042976f2b2903ef743311c4ad42e832567
33611e392d4210b50efb0b2e2831869b1d1a9abacf11ba2188f51dfe24e0c26c
34c71b5d9d75b93c2bfcd1cfeb350f73c9ae6c5eb7d2d486989efa951e1b53a5
38ea7ccc5dc1d0df215c3ceb1448a7965c7bbc1121040008c427e323268364aa
3c61e80b922ccd7d2dd90bf548d95bcd85415a36ffae0f761691929a686c2a7a
3c969be8b14858a77e49fe035611889adaec49584431382bd4aef2a97942d5e5
424c4355a91b39d045c6dd81ca95398e7f0cb1cefc183e80670f3b7946d3387c
42821a483ce8c68aecfb68765aa697f4967453e0175200e60afb023847624ab3
4375ebb4771e6dbb66555214b78781f96a3f6fc43f26b6e9acc4a4751551706b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
459365c2e9fd23df19ef04a81cabdb8121edb3726bbfa10bd37bc75b5b58d3b1
498463634c5d7be300bc3d9c545faf99810e19213cea46ab431f0c220bc8e9ff
4b8271a7147141530b4450016f74d728419e6cea808360acdf2c25ce1ab6cf96
4bc0c2737069d1ada44815c2936d76d02b83cfc54f8e9115257f8fb1a8733d3e
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
5456353a4921d41961e6d05a10a94b53278256bb3770a3de04999ac07753101d
58ede7fc9b1403dda4daa905f4c431da308c92ed17ea0e053c237a422eb87138
5c58cb6c30a81877ab7a1440dfa3c67d18ffd10c2cf70e177abc9fe21d86f94c
610fabfe494c9e0079d0c73ea1639cdd56f861956f956b561eeea46f6bb53416
62ed1ea40f39dfecde6cf72d4067111f6865d3962a0350455e84bf90cefac3dd
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ddaad7610f221a85fc8153bf48c67c678a15892ca58de56f366932451d8ca7c
72decc7d215b5ed66b46541c627298614fc8fd8a3fbb05714f1a0bc35629dc47
73b783357e1ed270e36ebc7846a8477f3d0d44e457405f46926ee2dc2a7db692
7706dd45386901420f8ce918f7775dc59a8e96fb88d8ba67bfa6d5607a74ef0b
7af405f32745f06bf15e8eddc2c59e9cbef2a12d6860c8e1e171432f83808877
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3
82f3e86bf88366e93c62eb14a8a7aa06afb75aa135c27988f3ccb946875d2f33
86f9cb44b12f3d37a72622b500a99d96bf070a07ab81b5577bd3dd723aae0ecf
88cde089a91626868714eddc5908e44f7637c38c015ab71b62c73dc15b1acdfc
9985336660219f2aa5e5c8f21d7f5456aee6c69afb706d3a9c9322ad5d601a76
a034da455f4f3e7fdc7b94ba5e0437edb88d51a10e8147153beb1628584a6b15
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a732617c38101a63ad0f14116a16ca6d08b8562ccc8c20be9f17291427a2849f
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae14ed8c77ed804ca0ccf732dc16efeb4df4ef3a369bbe21911036fff2b40a91
b1f63ff948631ffd5e5a568304ceb51675d90990241d6d41784717a4b3d98cc3
b99c919f168349275b903d0a29253e0de9a945945650d811ee2ee0214b9387be
c4d040b3a13083b6a8aa937065968d4338ef4e252e69ff8a4d667d9084e5c04f
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
c943ecebf29d6eb7134fdbeb06e80ecdd2714103a58001805369f73b3c5faa86
cf007d554e6dad2b0d664a6cce2111c81606834013d085bfd20431070677d8d7
d60aa838e099599b51126886e7fa0334ad2022c7b4f76977c86f45463b55bfe9
d7f40dac6d30d1aedf50b58270e0578b4e5f4e6c9700f11f9bd03da5993f1a19
d8b1f3575dd2b0024383a4f47725654257a4b4ec1015595ade984a80804a56ce
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
e1b5ecbe1f536ff0fef14eabe281e525514e533dc65d179493ee770857893943
e359e463b9075576fd3d853a4f3345f66cebdb66bf4e2b5b51eaa73f50c6c68e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e91e00f6db690a5b837e593ecf344525761ff4905c4e6a1ef978e64f1e46c04a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f36bcae4b351b4a740c7e246bf0b7be451baec89053b2c73fb2a47f855b3afaf
faa325fef31a05acbc4d71864d4c0982ce37d7f4815dc80e69c93c0fd5a6ff59
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fd1a653e54af07ec686e62d48d1673c15b19c2976043e724e56fbc0ce4c60455

refinance.lowermybills.com Open in urlscan Pro 104.18.18.159 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

110 Requests

93 %HTTPS

0 %IPv6

24 Domains

38 Subdomains

30 IPs

3 Countries

1374 kBTransfer

3441 kBSize

35 Cookies

19 Outgoing links

Page URL History

Redirected requests

110 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

refinance.lowermybills.com Open in urlscan Pro
104.18.18.159 Public Scan

Screenshot
Live screenshot

Full Image

110
Requests

93 %
HTTPS

0 %
IPv6

24
Domains

38
Subdomains

30
IPs

3
Countries

1374 kB
Transfer

3441 kB
Size

35
Cookies

110 HTTP transactions
0 data transactions