www.refirateguide.com Open in urlscan Pro
2606:4700:3037::6815:5e66 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://signsgenie.com/1950094aM3624521OP180216043vR2299sE38SJr113678EE
Effective URL:
https://www.refirateguide.com/iconic.fhtml?mp_value1=&mp_value2=&mp_value3=&formFlowConfigId=2114&irgwc=1&viewType=FULL&clicki...
Submission: On June 29 via manual (June 29th 2021, 3:04:41 pm UTC) from ES

Summary HTTP 89 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 31 IPs in 4 countries across 26 domains to perform 89 HTTP transactions. The main IP is 2606:4700:3037::6815:5e66, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.refirateguide.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 17th 2021. Valid for: a year.

This is the only time www.refirateguide.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	85.234.143.24 85.234.143.24	29550 (SIMPLYTRA...) (SIMPLYTRANSIT)
1	65.98.108.70 65.98.108.70	25653 (FORTRESSITX) (FORTRESSITX)
1 1	34.235.224.253 34.235.224.253	14618 (AMAZON-AES) (AMAZON-AES)
1 5	2606:4700:303... 2606:4700:3037::6815:5e66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	13.226.156.31 13.226.156.31	16509 (AMAZON-02) (AMAZON-02)
6	54.219.139.9 54.219.139.9	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1 1	52.222.161.64 52.222.161.64	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c0a::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
3	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	54.219.55.143 54.219.55.143	16509 (AMAZON-02) (AMAZON-02)
17	3.217.106.215 3.217.106.215	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	65.9.84.218 65.9.84.218	16509 (AMAZON-02) (AMAZON-02)
7	23.23.10.24 23.23.10.24	14618 (AMAZON-AES) (AMAZON-AES)
13	23.23.176.159 23.23.176.159	14618 (AMAZON-AES) (AMAZON-AES)
1	65.9.84.166 65.9.84.166	16509 (AMAZON-02) (AMAZON-02)
1	35.175.13.165 35.175.13.165	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.13.27 151.101.13.27	54113 (FASTLY) (FASTLY)
2	162.247.243.147 162.247.243.147	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
89	31

1 85.234.143.24 (United Kingdom) 1 redirects

ASN29550 (SIMPLYTRANSIT, GB)
PTR: signsgenie.com

signsgenie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.98.108.70 (United States)

ASN25653 (FORTRESSITX, US)

strenghtenergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.235.224.253 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

r.3000trk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3037::6815:5e66 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.refirateguide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.226.156.31 (United States) 3 redirects

ASN16509 (AMAZON-02, US)

d2qcrzwi3hrnuy.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.219.139.9 (San Jose, United States)

ASN16509 (AMAZON-02, US)

static.terramatrixmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.161.64 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

d1tkl1e3k37gw7.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:80:800::7001 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.219.55.143 (San Jose, United States)

ASN16509 (AMAZON-02, US)

www.dataverify123.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 3.217.106.215 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

widgets.icanbuy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.84.218 (United States)

ASN16509 (AMAZON-02, US)

d1tprjo2w7krrh.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.23.10.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 23.23.176.159 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

www.icanbuy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mortgagerates.icanbuy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.84.166 (United States)

ASN16509 (AMAZON-02, US)

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.175.13.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

deviceid.trueleadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.27 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.147 (United States)

ASN23467 (NEWRELIC-AS-1, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	icanbuy.com widgets.icanbuy.com www.icanbuy.com mortgagerates.icanbuy.com	363 KB
7	leadid.com create.leadid.com	2 KB
6	terramatrixmedia.com static.terramatrixmedia.com	647 KB
6	cloudfront.net 4 redirects d2qcrzwi3hrnuy.cloudfront.net d1tkl1e3k37gw7.cloudfront.net d1tprjo2w7krrh.cloudfront.net d2m2wsoho8qq12.cloudfront.net	128 KB
5	googleapis.com fonts.googleapis.com ajax.googleapis.com	125 KB
5	refirateguide.com 1 redirects www.refirateguide.com	35 KB
4	google-analytics.com www.google-analytics.com	36 KB
4	cloudflare.com cdnjs.cloudflare.com	18 KB
3	bing.com bat.bing.com	9 KB
3	yimg.com s.yimg.com	7 KB
2	nr-data.net bam-cell.nr-data.net	1 KB
2	facebook.com www.facebook.com	294 B
2	dataverify123.com www.dataverify123.com	3 KB
2	facebook.net connect.facebook.net	98 KB
2	google.de www.google.de	171 B
2	google.com www.google.com	127 B
2	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	1 KB
1	newrelic.com js-agent.newrelic.com	12 KB
1	trueleadid.com deviceid.trueleadid.com	2 KB
1	googleadservices.com www.googleadservices.com	14 KB
1	googletagmanager.com www.googletagmanager.com	61 KB
1	gstatic.com fonts.gstatic.com	46 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	7 KB
1	3000trk.com 1 redirects r.3000trk.com	799 B
1	strenghtenergy.com strenghtenergy.com	491 B
1	signsgenie.com 1 redirects signsgenie.com	305 B
89	26

	Domain	Requested by
17	widgets.icanbuy.com	d2qcrzwi3hrnuy.cloudfront.net widgets.icanbuy.com ajax.googleapis.com
12	mortgagerates.icanbuy.com	widgets.icanbuy.com
7	create.leadid.com	www.refirateguide.com deviceid.trueleadid.com
6	static.terramatrixmedia.com	www.refirateguide.com static.terramatrixmedia.com
5	www.refirateguide.com	1 redirects strenghtenergy.com www.refirateguide.com
4	www.google-analytics.com	www.refirateguide.com widgets.icanbuy.com
4	cdnjs.cloudflare.com	www.refirateguide.com widgets.icanbuy.com
3	bat.bing.com	strenghtenergy.com bat.bing.com www.refirateguide.com
3	s.yimg.com	strenghtenergy.com www.refirateguide.com
3	ajax.googleapis.com	www.refirateguide.com widgets.icanbuy.com
3	d2qcrzwi3hrnuy.cloudfront.net	3 redirects
2	bam-cell.nr-data.net	js-agent.newrelic.com www.refirateguide.com
2	www.facebook.com	www.refirateguide.com
2	www.dataverify123.com	strenghtenergy.com
2	connect.facebook.net	strenghtenergy.com connect.facebook.net
2	www.google.de	www.refirateguide.com
2	www.google.com	www.refirateguide.com
2	fonts.googleapis.com	www.refirateguide.com widgets.icanbuy.com
1	js-agent.newrelic.com	www.refirateguide.com
1	deviceid.trueleadid.com	d2m2wsoho8qq12.cloudfront.net
1	d2m2wsoho8qq12.cloudfront.net	d1tprjo2w7krrh.cloudfront.net
1	www.icanbuy.com	ajax.googleapis.com
1	d1tprjo2w7krrh.cloudfront.net	www.dataverify123.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	stats.g.doubleclick.net	www.refirateguide.com
1	www.googletagmanager.com	www.refirateguide.com
1	fonts.gstatic.com	fonts.googleapis.com
1	maxcdn.bootstrapcdn.com	www.refirateguide.com
1	d1tkl1e3k37gw7.cloudfront.net	1 redirects
1	r.3000trk.com	1 redirects
1	strenghtenergy.com
1	signsgenie.com	1 redirects
89	33

This site contains links to these domains. Also see Links.

Domain
www.optout-vxwx.net
www.securerights.org
nmlsconsumeraccess.org

Subject Issuer	Validity	Valid
strenghtenergy.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-21` - `2021-09-21`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-02-17` - `2022-02-16`	a year	crt.sh
static.terramatrixmedia.com Amazon	`2021-05-28` - `2022-06-26`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-06-23` - `2021-08-04`	a month	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-04-12` - `2021-10-12`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.dataverify123.com Amazon	`2021-04-20` - `2022-05-19`	a year	crt.sh
*.icanbuy.com Amazon	`2021-04-21` - `2022-05-20`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
create.leadid.com Amazon	`2021-04-24` - `2022-05-23`	a year	crt.sh
deviceid.trueleadid.com Amazon	`2021-02-06` - `2022-03-07`	a year	crt.sh
*.newrelic.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-05` - `2022-06-06`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh

This page contains 4 frames:

Primary Page: https://www.refirateguide.com/iconic.fhtml?mp_value1=&mp_value2=&mp_value3=&formFlowConfigId=2114&irgwc=1&viewType=FULL&clickid=whwTDYVrLxyLUFj3Y9UJ-yaMUkB31z3fCz0axQ0&irc=9285&estprg=1
Frame ID: C00A8D92ACB4A6C8F484B75BC64EDDCE
Requests: 52 HTTP requests in this frame

Frame: https://widgets.icanbuy.com/c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1
Frame ID: D0039B42BF05AE3FCCC6EC89E75F00B7
Requests: 34 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=71BB279B-25BC-F62A-2C8B-C7112D623F63&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.7&lck=D40B3CEF-3C1F-401B-86FA-CCAB4A93CB80&lac=8BEAE6FA-9692-852F-AE73-DDD9BAA92D70
Frame ID: EB1777AC3103C6B56835BADD930265AD
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=71BB279B-25BC-F62A-2C8B-C7112D623F63&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.7&lck=D40B3CEF-3C1F-401B-86FA-CCAB4A93CB80&lac=8BEAE6FA-9692-852F-AE73-DDD9BAA92D70
Frame ID: 944549641F36D39B125A0B9ED8D56B88
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://signsgenie.com/1950094aM3624521OP180216043vR2299sE38SJr113678EE HTTP 302
https://strenghtenergy.com/1762f9692f198368800/6b-1950094-3624521-113678-2299-/180216043 Page URL
https://r.3000trk.com/c/328113/555840/9285?sharedid=690251&Subid1=6b-1950094-3624521-113678-2299-&... HTTP 301
https://www.refirateguide.com/irdirect?irurl=https%3A%2F%2Fwww.refirateguide.com%2Ficonic.fhtml%3Fclickid%... HTTP 302
https://www.refirateguide.com/iconic.fhtml?mp_value1=&mp_value2=&mp_value3=&formFlowConfigId=2114&irgwc=1&... Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

89
Requests

100 %
HTTPS

54 %
IPv6

26
Domains

33
Subdomains

31
IPs

4
Countries

1614 kB
Transfer

3844 kB
Size

3
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://www.optout-vxwx.net/o-vxwx-z79-b9ac94a49e51a27d898e9dbf42cc68e1
Title: Unsubscribe

Search URL Search Domain Scan URL

URL: https://www.securerights.org/networkmembers.html
Title: Lenders

Search URL Search Domain Scan URL

URL: https://www.securerights.org/licenses.html
Title: Licenses

Search URL Search Domain Scan URL

URL: http://nmlsconsumeraccess.org/EntityDetails.aspx/COMPANY/3175/
Title: NMLS License Access Page

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://signsgenie.com/1950094aM3624521OP180216043vR2299sE38SJr113678EE HTTP 302
https://strenghtenergy.com/1762f9692f198368800/6b-1950094-3624521-113678-2299-/180216043 Page URL
https://r.3000trk.com/c/328113/555840/9285?sharedid=690251&Subid1=6b-1950094-3624521-113678-2299-&Subid2=1165496237 HTTP 301
https://www.refirateguide.com/irdirect?irurl=https%3A%2F%2Fwww.refirateguide.com%2Ficonic.fhtml%3Fclickid%3DwhwTDYVrLxyLUFj3Y9UJ-yaMUkB31z3fCz0axQ0%26irgwc%3D1%26irc%3D9285&irclickid=whwTDYVrLxyLUFj3Y9UJ-yaMUkB31z3fCz0axQ0&iradid=555840&ircid=9285&irmpid=328113&iradname=Online%20Tracking%20Link&iradtype=ONLINE_TRACKING_LINK&iradsize=&irmpname=Iconic%20Media%20Group%20LLC&irmptype=mediapartner&irsharedid=690251&mp_value1=&mp_value2=&mp_value3= HTTP 302
https://www.refirateguide.com/iconic.fhtml?mp_value1=&mp_value2=&mp_value3=&formFlowConfigId=2114&irgwc=1&viewType=FULL&clickid=whwTDYVrLxyLUFj3Y9UJ-yaMUkB31z3fCz0axQ0&irc=9285&estprg=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://signsgenie.com/1950094aM3624521OP180216043vR2299sE38SJr113678EE HTTP 302
https://strenghtenergy.com/1762f9692f198368800/6b-1950094-3624521-113678-2299-/180216043

Request Chain 1

https://d2qcrzwi3hrnuy.cloudfront.net/LTI-966/css/all.min__vmaster_462.css HTTP 301
https://static.terramatrixmedia.com/LTI-966/css/all.min__vmaster_462.css

Request Chain 4

https://d2qcrzwi3hrnuy.cloudfront.net/LTI-966/sprites/icon-sprites-MINT-v2__vmaster_462.png HTTP 301
https://static.terramatrixmedia.com/LTI-966/sprites/icon-sprites-MINT-v2__vmaster_462.png

Request Chain 7

https://d1tkl1e3k37gw7.cloudfront.net/fs3/img/logo-RefiRateGuide-white__vmaster_462.png HTTP 301
https://static.terramatrixmedia.com/fs3/img/logo-RefiRateGuide-white__vmaster_462.png

Request Chain 8

https://d2qcrzwi3hrnuy.cloudfront.net/LTI-1415/js/all.min__vmaster_462.js HTTP 301
https://static.terramatrixmedia.com/LTI-1415/js/all.min__vmaster_462.js

89 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Cookie set 180216043
strenghtenergy.com/1762f9692f198368800/6b-1950094-3624521-113678-2299-/
Redirect Chain

http://signsgenie.com/1950094aM3624521OP180216043vR2299sE38SJr113678EE
https://strenghtenergy.com/1762f9692f198368800/6b-1950094-3624521-113678-2299-/180216043

178 B
491 B

842ms
267ms

Document
text/html

65.98.108.70
FORTRESSITX

General

Check archive.org

Show headers Download Go to

Full URL: https://strenghtenergy.com/1762f9692f198368800/6b-1950094-3624521-113678-2299-/180216043
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 65.98.108.70 , United States, ASN25653 (FORTRESSITX, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Host: strenghtenergy.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Jun 2021 15:04:13 GMT
Server: Apache
Set-Cookie: uid13733=1165496237-20210629110413-6f43add4e79d0effdfd2d5618f1a5bf8-; domain=; expires=Thu, 29-Jul-2021 15:04:13 GMT; path=/; SameSite=None; Secure
Content-Length: 178
Connection: close
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Tue, 29 Jun 2021 15:04:12 GMT
Server: Apache/2.4.6 (CentOS)
location: https://strenghtenergy.com/1762f9692f198368800/6b-1950094-3624521-113678-2299-/180216043
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H3-29

200

Primary Request iconic.fhtml Show response
www.refirateguide.com/
Redirect Chain

https://r.3000trk.com/c/328113/555840/9285?sharedid=690251&Subid1=6b-1950094-3624521-113678-2299-&Subid2=1165496237
https://www.refirateguide.com/irdirect?irurl=https%3A%2F%2Fwww.refirateguide.com%2Ficonic.fhtml%3Fclickid%3DwhwTDYVrLxyLUFj3Y9UJ-yaMUkB31z3fCz0axQ0%26irgwc%3D1%26irc%3D9285&irclickid=whwTDYVrLxyLUF...
https://www.refirateguide.com/iconic.fhtml?mp_value1=&mp_value2=&mp_value3=&formFlowConfigId=2114&irgwc=1&viewType=FULL&clickid=whwTDYVrLxyLUFj3Y9UJ-yaMUkB31z3fCz0axQ0&irc=9285&estprg=1

118 KB
26 KB

263ms
241ms

Document
text/html

2606:4700:3037::6815:5e66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.refirateguide.com/iconic.fhtml?mp_value1=&mp_value2=&mp_value3=&formFlowConfigId=2114&irgwc=1&viewType=FULL&clickid=whwTDYVrLxyLUFj3Y9UJ-yaMUkB31z3fCz0axQ0&irc=9285&estprg=1
Requested by: Host: strenghtenergy.com
URL: https://strenghtenergy.com/1762f9692f198368800/6b-1950094-3624521-113678-2299-/180216043
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5e66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6049eeaa37d3c4056783de8d23efe64732256b599fd415d66fb23a97871a493

Request headers

:method: GET
:authority: www.refirateguide.com
:scheme: https
:path: /iconic.fhtml?mp_value1=&mp_value2=&mp_value3=&formFlowConfigId=2114&irgwc=1&viewType=FULL&clickid=whwTDYVrLxyLUFj3Y9UJ-yaMUkB31z3fCz0axQ0&irc=9285&estprg=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://strenghtenergy.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: viewType=FULL; JSESSIONID=8A05035B46041AFE7C83F692F44A5337; ESTN=1; tt_web_user=wu-2130706433-1624979054156-1645016347556035260
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://strenghtenergy.com/1762f9692f198368800/6b-1950094-3624521-113678-2299-/180216043

Response headers

date: Tue, 29 Jun 2021 15:04:14 GMT
content-type: text/html;charset=UTF-8
p3p: CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" CP="NOI DSP COR LAW CUR CONi TELi OUR DELi SAMi BUS UNI"
set-cookie: viewType=FULL; Domain=refirateguide.com; Path=/ ESTN=1; Max-Age=157680000; Expires=Sun, 28-Jun-2026 15:04:14 GMT; Domain=refirateguide.com; Path=/
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 29 Jun 2021 15:04:14 GMT
content-language: en-US
via: 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 0af9e5b6c100002b71f8084000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2TArNSe%2F5%2FweYBFYx5vFKQIC9foBne2R4sqs%2BbqRNj9CPgF0OKipjHDZl1wDSh0bgSSk5v5vbfcbU62QKG6ydddNx%2Fj1%2BfrRoEH6Xg0WspRc53qFGvibnpDNFtGRHo%2BLAc5uNEZ0zDQMpytQWVSz"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 66700bd139102b71-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date: Tue, 29 Jun 2021 15:04:14 GMT
content-length: 0
p3p: CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
set-cookie: viewType=FULL; Domain=refirateguide.com; Path=/ JSESSIONID=8A05035B46041AFE7C83F692F44A5337; Path=/; HttpOnly ESTN=1; Max-Age=157680000; Expires=Sun, 28-Jun-2026 15:04:14 GMT; Domain=refirateguide.com; Path=/ tt_web_user=wu-2130706433-1624979054156-1645016347556035260; Max-Age=157680000; Expires=Sun, 28-Jun-2026 15:04:14 GMT; Domain=www.refirateguide.com; Path=/
location: https://www.refirateguide.com/iconic.fhtml?mp_value1=&mp_value2=&mp_value3=&formFlowConfigId=2114&irgwc=1&viewType=FULL&clickid=whwTDYVrLxyLUFj3Y9UJ-yaMUkB31z3fCz0axQ0&irc=9285&estprg=1
via: 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 0af9e5b5bd00001f35bfbe2000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=80TUH8liSCGmKle97sD550DHo%2FbhtRZaDDxVLVKrI%2FxCElkjnlJlwDJ27DcS2EFOZaPpRbV23cJczMJKqEOSX5nimO5iUXMucXBnjformS67%2Bve9eaW9Uvhx6c%2BuHPlWlJlyjAweitOaK%2BmL5fp1"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 66700bcf9b631f35-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2

200

all.min__vmaster_462.css
static.terramatrixmedia.com/LTI-966/css/
Redirect Chain

https://d2qcrzwi3hrnuy.cloudfront.net/LTI-966/css/all.min__vmaster_462.css
https://static.terramatrixmedia.com/LTI-966/css/all.min__vmaster_462.css

22 KB
6 KB

530ms
173ms

Stylesheet
text/css

54.219.139.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.terramatrixmedia.com/LTI-966/css/all.min__vmaster_462.css
Requested by: Host: www.refirateguide.com
URL: https://www.refirateguide.com/iconic.fhtml?mp_value1=&mp_value2=&mp_value3=&formFlowConfigId=2114&irgwc=1&viewType=FULL&clickid=whwTDYVrLxyLUFj3Y9UJ-yaMUkB31z3fCz0axQ0&irc=9285&estprg=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.219.139.9 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4b507f1059f6c869c774e52a7a4e520afdb17db8584fe7aa9c8ede53802b6f92

Request headers

Referer: https://www.refirateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:04:15 GMT
content-encoding: gzip
last-modified: Thu, 24 Jun 2021 02:56:06 GMT
etag: W/"22527-1624503366000"
p3p: CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: max-age=315360000
accept-ranges: bytes
content-type: text/css
content-length: 5070
expires: Fri, 27 Jun 2031 15:04:15 GMT

Redirect headers

Date: Tue, 29 Jun 2021 11:38:58 GMT
Via: 1.1 129372028f60828d8c084fb619a69bc0.cloudfront.net (CloudFront)
Server: awselb/2.0
Age: 12316
X-Cache: Hit from cloudfront
Content-Type: text/html
Location: https://static.terramatrixmedia.com:443/LTI-966/css/all.min__vmaster_462.css
Connection: keep-alive
X-Amz-Cf-Pop: DUS51-C1
Content-Length: 134
X-Amz-Cf-Id: d7a65fOrmZCa2F1uGj4FUe0Nz-jTS5o5DM8vcnPgDF5poCXqBVGNuw==

GET
H2 200 jquery-ui.min.css
cdnjs.cloudflare.com/ajax/libs/jqueryui/1.11.4/ 29 KB
7 KB 12ms
11ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.11.4/jquery-ui.min.css

Requested by

Host: www.refirateguide.com
URL: https://www.refirateguide.com/iconic.fhtml?mp_value1=&mp_value2=&mp_value3=&formFlowConfigId=2114&irgwc=1&viewType=FULL&clickid=whwTDYVrLxyLUFj3Y9UJ-yaMUkB31z3fCz0axQ0&irc=9285&estprg=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

550ceb9559bb4237527909ff21e719804f6b9df337f741f756821c0c9963392b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.refirateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:04:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3513984
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6421
cf-request-id: 0af9e5b7df00002c563d223000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-75d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ULYtjSg84jz6aqH95jAgpodPVCC7uZfjRWCKVuWwHXMbbwgvAlEMQ7a6K%2BiTiy7Jg2J%2FtO7jcWTD94Cvv2wY5bWndpaKFAIIB2ZMFLdK8qdtLbIJUEkyBsYWGBeS7ack6wACoby1ieoK13h8Ew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 66700bd2fb782c56-FRA
expires: Sun, 19 Jun 2022 15:04:14 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
668 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:300,400,600

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0b061d883fdd93ccb59569ff3fa3614c36af5e71537ab328440602624e52ffcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.refirateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 13:54:43 GMT
server: ESF
date: Tue, 29 Jun 2021 15:04:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 29 Jun 2021 15:04:14 GMT

GET
H2

200

icon-sprites-MINT-v2__vmaster_462.png
static.terramatrixmedia.com/LTI-966/sprites/
Redirect Chain

https://d2qcrzwi3hrnuy.cloudfront.net/LTI-966/sprites/icon-sprites-MINT-v2__vmaster_462.png
https://static.terramatrixmedia.com/LTI-966/sprites/icon-sprites-MINT-v2__vmaster_462.png

125 KB
121 KB

312ms
311ms

Image
image/png

54.219.139.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.terramatrixmedia.com/LTI-966/sprites/icon-sprites-MINT-v2__vmaster_462.png
Requested by: Host: www.refirateguide.com
URL: https://www.refirateguide.com/iconic.fhtml?mp_value1=&mp_value2=&mp_value3=&formFlowConfigId=2114&irgwc=1&viewType=FULL&clickid=whwTDYVrLxyLUFj3Y9UJ-yaMUkB31z3fCz0axQ0&irc=9285&estprg=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.219.139.9 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7368f124fb247deb6e0bd874d14c51ca626552a153cfc5e68ffd543dd9b925cf

Request headers

Referer: https://www.refirateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:04:15 GMT
content-encoding: gzip
last-modified: Thu, 24 Jun 2021 02:56:06 GMT
etag: W/"127806-1624503366000"
p3p: CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: max-age=315360000
accept-ranges: bytes
content-type: image/png
expires: Fri, 27 Jun 2031 15:04:15 GMT

Redirect headers

Date: Tue, 29 Jun 2021 11:38:59 GMT
Via: 1.1 129372028f60828d8c084fb619a69bc0.cloudfront.net (CloudFront)
Server: awselb/2.0
Age: 12316
X-Cache: Hit from cloudfront
Content-Type: text/html
Location: https://static.terramatrixmedia.com:443/LTI-966/sprites/icon-sprites-MINT-v2__vmaster_462.png
Connection: keep-alive
X-Amz-Cf-Pop: DUS51-C1
Content-Length: 134
X-Amz-Cf-Id: DKKkDpWLq2L4IPpvrY4-jQfY99xCl_3uTlquSst_wviDa6oUngj2Aw==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ 90 KB
32 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.refirateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 14:55:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 547
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33018
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jun 2022 14:55:07 GMT

GET
H3-29 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/ 223 KB
59 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/jquery-ui.min.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9671f8be70ad94a5362e60f4656d5d53ba214d32ab70a3f9d1603d7dadf9d1c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.refirateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 26 Jun 2021 14:42:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 260516
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60529
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 Jun 2022 14:42:18 GMT

GET
H2

200

logo-RefiRateGuide-white__vmaster_462.png
static.terramatrixmedia.com/fs3/img/
Redirect Chain

https://d1tkl1e3k37gw7.cloudfront.net/fs3/img/logo-RefiRateGuide-white__vmaster_462.png
https://static.terramatrixmedia.com/fs3/img/logo-RefiRateGuide-white__vmaster_462.png

6 KB
6 KB

294ms
293ms

Image
image/png

54.219.139.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.terramatrixmedia.com/fs3/img/logo-RefiRateGuide-white__vmaster_462.png
Requested by: Host: www.refirateguide.com
URL: https://www.refirateguide.com/iconic.fhtml?mp_value1=&mp_value2=&mp_value3=&formFlowConfigId=2114&irgwc=1&viewType=FULL&clickid=whwTDYVrLxyLUFj3Y9UJ-yaMUkB31z3fCz0axQ0&irc=9285&estprg=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.219.139.9 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 594f30259553323d9e3e1726f53b2997256b8a15a3b9a689fa605873edefb9a7

Request headers

Referer: https://www.refirateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:04:15 GMT
content-encoding: gzip
last-modified: Thu, 24 Jun 2021 02:56:06 GMT
etag: W/"5992-1624503366000"
access-control-max-age: 1728000
access-control-allow-methods: POST, GET
p3p: CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-type: image/png
access-control-allow-headers: X-Auth-Token, X-PINGOTHER, origin, X-Requested-With, Content-Type, Accept
content-length: 4455
expires: Fri, 27 Jun 2031 15:04:15 GMT

Redirect headers

Date: Mon, 28 Jun 2021 16:21:08 GMT
Via: 1.1 cf82d48fdf484813132bbd9c90904672.cloudfront.net (CloudFront)
Server: awselb/2.0
Age: 81787
X-Cache: Hit from cloudfront
Content-Type: text/html
Location: https://static.terramatrixmedia.com:443/fs3/img/logo-RefiRateGuide-white__vmaster_462.png
Connection: keep-alive
X-Amz-Cf-Pop: CDG52-P2
Content-Length: 134
X-Amz-Cf-Id: 6fDIJQD3uzfng6T1aNCoiXnUBFRHtyHmvcXAN2GwkpI5NlJsGrtICQ==

GET
H2

200

all.min__vmaster_462.js Show response
static.terramatrixmedia.com/LTI-1415/js/
Redirect Chain

https://d2qcrzwi3hrnuy.cloudfront.net/LTI-1415/js/all.min__vmaster_462.js
https://static.terramatrixmedia.com/LTI-1415/js/all.min__vmaster_462.js

2 MB
374 KB

584ms
323ms

Script
application/javascript

54.219.139.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.terramatrixmedia.com/LTI-1415/js/all.min__vmaster_462.js
Requested by: Host: www.refirateguide.com
URL: https://www.refirateguide.com/iconic.fhtml?mp_value1=&mp_value2=&mp_value3=&formFlowConfigId=2114&irgwc=1&viewType=FULL&clickid=whwTDYVrLxyLUFj3Y9UJ-yaMUkB31z3fCz0axQ0&irc=9285&estprg=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.219.139.9 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 9daff8dd097b18fc0ed9121245517e54c222626a7edcd2b461abf3cea87ed765

Request headers

Referer: https://www.refirateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:04:15 GMT
content-encoding: gzip
last-modified: Thu, 24 Jun 2021 02:56:04 GMT
etag: W/"1588009-1624503364000"
p3p: CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: max-age=315360000
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 27 Jun 2031 15:04:15 GMT

Redirect headers

Date: Tue, 29 Jun 2021 11:38:59 GMT
Via: 1.1 129372028f60828d8c084fb619a69bc0.cloudfront.net (CloudFront)
Server: awselb/2.0
Age: 12315
X-Cache: Hit from cloudfront
Content-Type: text/html
Location: https://static.terramatrixmedia.com:443/LTI-1415/js/all.min__vmaster_462.js
Connection: keep-alive
X-Amz-Cf-Pop: DUS51-C1
Content-Length: 134
X-Amz-Cf-Id: 0w1Xnt-USTocTdFJ-YryTbHNgS0jXZ_H0oOKwVrMqc-qflLOw0X1eQ==

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 54ms
32ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.refirateguide.com
Referer: https://www.refirateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:04:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617, 617
age: 638681
cdn-cachedat: 2021-06-08 21:27:15
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af9e5ba64000005f94e83e000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 62aaafe901e193978bec07632bd4b441
cf-ray: 66700bd70d4605f9-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H3-29 200 all-listing-lti-652.min.js Show response
www.refirateguide.com/fs3/js/ 22 KB
6 KB 232ms
231ms Script
application/javascript 2606:4700:3037::6815:5e66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.refirateguide.com/fs3/js/all-listing-lti-652.min.js
Requested by: Host: www.refirateguide.com
URL: https://www.refirateguide.com/iconic.fhtml?mp_value1=&mp_value2=&mp_value3=&formFlowConfigId=2114&irgwc=1&viewType=FULL&clickid=whwTDYVrLxyLUFj3Y9UJ-yaMUkB31z3fCz0axQ0&irc=9285&estprg=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5e66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7383b877c99d3d35b0298d1ae84de9a32e758d156d6cf754e45abb2bcb2789f

Request headers

:path: /fs3/js/all-listing-lti-652.min.js
pragma: no-cache
cookie: viewType=FULL; ESTN=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.refirateguide.com
referer: https://www.refirateguide.com/iconic.fhtml?mp_value1=&mp_value2=&mp_value3=&formFlowConfigId=2114&irgwc=1&viewType=FULL&clickid=whwTDYVrLxyLUFj3Y9UJ-yaMUkB31z3fCz0axQ0&irc=9285&estprg=1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.refirateguide.com/iconic.fhtml?mp_value1=&mp_value2=&mp_value3=&formFlowConfigId=2114&irgwc=1&viewType=FULL&clickid=whwTDYVrLxyLUFj3Y9UJ-yaMUkB31z3fCz0axQ0&irc=9285&estprg=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:04:15 GMT
via: 1.1 google
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
p3p: CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-max-age: 1728000
access-control-allow-methods: POST, GET
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af9e5ba5200002b71208dd000000001
last-modified: Thu, 24 Jun 2021 02:56:06 GMT
server: cloudflare
etag: W/"22401-1624503366000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9uPQcyDxq1V5OACWgC5ydZ9TCL%2FlgteKDLZ5tnbB5BR5CCqjCXkZI2TIaMlp3YqkWQWJ5ITO0qdZcmdKyADWClTAIxRpPDJ0jnZ95P7v5kPyhaaUyH3I%2FT82Na73J3PGqon7z4%2BwToV0URpzBPDs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
set-cookie: JSESSIONID=00FBF34985EE9B772DC4DF9AA0B00804; Path=/; HttpOnly ESTN=1; Max-Age=157680000; Expires=Sun, 28-Jun-2026 15:04:15 GMT; Domain=refirateguide.com; Path=/
cf-ray: 66700bd6efab2b71-FRA
access-control-allow-headers: X-Auth-Token, X-PINGOTHER, origin, X-Requested-With, Content-Type, Accept
expires: Fri, 27 Jun 2031 15:04:15 GMT

GET
H2 200 footer-icons-v2.png
static.terramatrixmedia.com/LTI-774/img/ 19 KB
20 KB 247ms
246ms Image
image/png 54.219.139.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.terramatrixmedia.com/LTI-774/img/footer-icons-v2.png
Requested by: Host: static.terramatrixmedia.com
URL: https://static.terramatrixmedia.com/LTI-966/css/all.min__vmaster_462.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.219.139.9 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 158af7b21bd63bd34985512c1ab4b7952c4a5891a908fb6a7063bd14ca3f3fa8

Request headers

Referer: https://static.terramatrixmedia.com/LTI-966/css/all.min__vmaster_462.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:04:15 GMT
content-encoding: gzip
last-modified: Thu, 24 Jun 2021 02:56:06 GMT
etag: W/"19432-1624503366000"
p3p: CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: max-age=315360000
accept-ranges: bytes
content-type: image/png
expires: Fri, 27 Jun 2031 15:04:15 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v19/ 46 KB
46 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v19/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:300,400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1824e38c8fe9b23fb54ed5deafd63f31fcceed673d89111bebc8f05d1aa7b126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.refirateguide.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 05:11:10 GMT
x-content-type-options: nosniff
age: 553985
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47272
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 22:37:32 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 05:11:10 GMT

GET
H2 200 icon-sprites-MINT-v2.png
static.terramatrixmedia.com/LTI-966/sprites/ 125 KB
121 KB 185ms
184ms Image
image/png 54.219.139.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.terramatrixmedia.com/LTI-966/sprites/icon-sprites-MINT-v2.png
Requested by: Host: static.terramatrixmedia.com
URL: https://static.terramatrixmedia.com/LTI-966/css/all.min__vmaster_462.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.219.139.9 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7368f124fb247deb6e0bd874d14c51ca626552a153cfc5e68ffd543dd9b925cf

Request headers

Referer: https://static.terramatrixmedia.com/LTI-966/css/all.min__vmaster_462.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:04:16 GMT
content-encoding: gzip
last-modified: Thu, 24 Jun 2021 02:56:06 GMT
etag: W/"127806-1624503366000"
p3p: CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: max-age=315360000
accept-ranges: bytes
content-type: image/png
expires: Fri, 27 Jun 2031 15:04:16 GMT

POST
H3-29 200 iconic.fhtml Show response
www.refirateguide.com/ 63 B
1 KB 218ms
218ms XHR
application/json 2606:4700:3037::6815:5e66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.refirateguide.com/iconic.fhtml?formFlowConfigId=2114&estprg=1&viewType=FULL
Requested by: Host: www.refirateguide.com
URL: https://www.refirateguide.com/iconic.fhtml?mp_value1=&mp_value2=&mp_value3=&formFlowConfigId=2114&irgwc=1&viewType=FULL&clickid=whwTDYVrLxyLUFj3Y9UJ-yaMUkB31z3fCz0axQ0&irc=9285&estprg=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5e66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25e38dca8f39f5dd8b605c93d08f6aeb1fe2f14fd374754e5284c8eb06f814f2

Request headers

sec-fetch-mode: cors
origin: https://www.refirateguide.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: viewType=FULL; ESTN=1; JSESSIONID=00FBF34985EE9B772DC4DF9AA0B00804
content-length: 115
:path: /iconic.fhtml?formFlowConfigId=2114&estprg=1&viewType=FULL
pragma: no-cache
x-newrelic-id: VQcCUlRRDBAEUVdQBQQEUlE=
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: */*
cache-control: no-cache
:authority: www.refirateguide.com
referer: https://www.refirateguide.com/iconic.fhtml?mp_value1=&mp_value2=&mp_value3=&formFlowConfigId=2114&irgwc=1&viewType=FULL&clickid=whwTDYVrLxyLUFj3Y9UJ-yaMUkB31z3fCz0axQ0&irc=9285&estprg=1
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: */*
X-NewRelic-ID: VQcCUlRRDBAEUVdQBQQEUlE=
X-Requested-With: XMLHttpRequest
Referer: https://www.refirateguide.com/iconic.fhtml?mp_value1=&mp_value2=&mp_value3=&formFlowConfigId=2114&irgwc=1&viewType=FULL&clickid=whwTDYVrLxyLUFj3Y9UJ-yaMUkB31z3fCz0axQ0&irc=9285&estprg=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 29 Jun 2021 15:04:16 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
p3p: CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json;charset=UTF-8
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af9e5be6900002b71e231b000000001
x-newrelic-app-data: PxQGUFNQCgEER1VXAQMFU1cFAxFORDQHUjZKA1ZLVVFHDFYPbU5gBxZAWwQSPxdHVRYTA1pQQxQNSRtVDRQOEVUQTgdKGhgCHVUVUR9RAFFUBwZTV1AUAgFRTUBTBAEFBQNSVgMFVQZTBgxTGhRSU18WXDw=
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9XgybjlZXynCkBvWyiPxbxRXiVp7knk7g34MpcgBAEJtb1fRTH9UkgRdqAw%2Bz%2FPDwXRu8ubxeiOem6a3MunUt%2BGomOkuXUSReG1DNqysaXjWiNw%2BXNG6IZLoszpHZe6PtQWW48%2FAqOvjvR4yw0s7"}],"group":"cf-nel","max_age":604800}
content-language: en-US
set-cookie: viewType=FULL; Domain=refirateguide.com; Path=/ ESTN=1; Max-Age=157680000; Expires=Sun, 28-Jun-2026 15:04:16 GMT; Domain=refirateguide.com; Path=/ tt_web_user=wu-2130706433-1624979056356-2841322678503815057; Max-Age=157680000; Expires=Sun, 28-Jun-2026 15:04:16 GMT; Domain=www.refirateguide.com; Path=/
cf-ray: 66700bdd7f582b71-FRA

POST
H3-29 200 iconic.fhtml Show response
www.refirateguide.com/ 13 B
1 KB 219ms
218ms XHR
application/json 2606:4700:3037::6815:5e66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.refirateguide.com/iconic.fhtml?mp_value1=&mp_value2=&mp_value3=&formFlowConfigId=2114&irgwc=1&viewType=FULL&clickid=whwTDYVrLxyLUFj3Y9UJ-yaMUkB31z3fCz0axQ0&irc=9285&estprg=1
Requested by: Host: www.refirateguide.com
URL: https://www.refirateguide.com/iconic.fhtml?mp_value1=&mp_value2=&mp_value3=&formFlowConfigId=2114&irgwc=1&viewType=FULL&clickid=whwTDYVrLxyLUFj3Y9UJ-yaMUkB31z3fCz0axQ0&irc=9285&estprg=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5e66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c9d64ce7719748bf26cd81580ea58245e2a130baf32cd5fc92e08602626c26c

Request headers

sec-fetch-mode: cors
origin: https://www.refirateguide.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: viewType=FULL; ESTN=1; JSESSIONID=00FBF34985EE9B772DC4DF9AA0B00804; slideManagerCurrentSlideNumer-2114=0
content-length: 60
:path: /iconic.fhtml?mp_value1=&mp_value2=&mp_value3=&formFlowConfigId=2114&irgwc=1&viewType=FULL&clickid=whwTDYVrLxyLUFj3Y9UJ-yaMUkB31z3fCz0axQ0&irc=9285&estprg=1
pragma: no-cache
x-newrelic-id: VQcCUlRRDBAEUVdQBQQEUlE=
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: */*
cache-control: no-cache
:authority: www.refirateguide.com
referer: https://www.refirateguide.com/iconic.fhtml?mp_value1=&mp_value2=&mp_value3=&formFlowConfigId=2114&irgwc=1&viewType=FULL&clickid=whwTDYVrLxyLUFj3Y9UJ-yaMUkB31z3fCz0axQ0&irc=9285&estprg=1
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: */*
X-NewRelic-ID: VQcCUlRRDBAEUVdQBQQEUlE=
X-Requested-With: XMLHttpRequest
Referer: https://www.refirateguide.com/iconic.fhtml?mp_value1=&mp_value2=&mp_value3=&formFlowConfigId=2114&irgwc=1&viewType=FULL&clickid=whwTDYVrLxyLUFj3Y9UJ-yaMUkB31z3fCz0axQ0&irc=9285&estprg=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 29 Jun 2021 15:04:16 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
p3p: CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json;charset=UTF-8
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af9e5be8d00002b710c057000000001
x-newrelic-app-data: PxQGUFNQCgEER1VXAQMFU1cFAxFORDQHUjZKA1ZLVVFHDFYPbU5gBxZAWwQSPxdHVRYTA1pQQxQNSRtVDRQOEVUQTgdKGhgCHVUVUR9RAVRUBgJQUFsUBQBIQwMGCQFeBlQPCgNTBwdWBF1AFF5VXkAAZA==
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ZuuN%2BoBzHp0oqe37guqoM5ke7N0JRToMHP1ZqesKiEwoOQqFZTjxIIrqgTYcQ5mXtuBmSuM26w3paj7KD2sr0943Dr61IwzKHrCO293ajw8%2BFyMKVENF3FiT3rM4MXuJUgwxdGowIJgdIgwE78ty"}],"group":"cf-nel","max_age":604800}
content-language: en-US
set-cookie: viewType=FULL; Domain=refirateguide.com; Path=/ ESTN=1; Max-Age=157680000; Expires=Sun, 28-Jun-2026 15:04:16 GMT; Domain=refirateguide.com; Path=/ tt_web_user=wu-2130706433-1624979056393-1673317486951194773; Max-Age=157680000; Expires=Sun, 28-Jun-2026 15:04:16 GMT; Domain=www.refirateguide.com; Path=/
cf-ray: 66700bddafe22b71-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.refirateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 5048
date: Tue, 29 Jun 2021 13:40:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Tue, 29 Jun 2021 15:40:08 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 215 KB
61 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WQZQGX

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8abb8fa01ec207f372088118a0b7d7ccc10c7366cc56b638795cddf4351b11f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.refirateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:04:16 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62298
x-xss-protection: 0
expires: Tue, 29 Jun 2021 15:04:16 GMT

GET
H3-29 200 iframeResizer.min.js Show response
cdnjs.cloudflare.com/ajax/libs/iframe-resizer/3.5.5/ 12 KB
5 KB 71ms
40ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/iframe-resizer/3.5.5/iframeResizer.min.js

Requested by

Host: www.refirateguide.com
URL: https://www.refirateguide.com/fs3/js/all-listing-lti-652.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

971c47f1144e3bcaaafbd8ca281cc33a757b858524598ffded485107104575be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.refirateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:04:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5994826
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4242
cf-request-id: 0af9e5bef30000dffb3f9f7000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e9f-2e85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=leRjA%2F3iLyL4R0zdMisrnS6MPVlMyOr2KqalX95DEyJ8pOceRJQTkMTsKLNQxsPP1FFU4soNDK55ykqRme%2Bpe2Rw65wIldg5SNZyvJbf438f%2BYBxqJk5FmgllKBOFNIqHvSDb9%2BS7PmTmqVCFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 66700bde4e20dffb-FRA
expires: Sun, 19 Jun 2022 15:04:16 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
92 B 18ms
17ms XHR
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-338775-5&cid=793727337.1624979056&jid=468501867&gjid=511725402&_gid=178757990.1624979056&_u=YGBAgAABAAAAAE~&z=1476705210

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.refirateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 29 Jun 2021 15:04:16 GMT
content-type: text/plain
access-control-allow-origin: https://www.refirateguide.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 17ms
13ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=678169883&t=pageview&_s=1&dl=https%3A%2F%2Fwww.refirateguide.com%2Ficonic.fhtml%3Fmp_value1%3D%26mp_value2%3D%26mp_value3%3D%26formFlowConfigId%3D2114%26irgwc%3D1%26viewType%3DFULL%26clickid%3DwhwTDYVrLxyLUFj3Y9UJ-yaMUkB31z3fCz0axQ0%26irc%3D9285%26estprg%3D1&dr=https%3A%2F%2Fstrenghtenergy.com%2F&dp=%3Fmp_value1%3D%26mp_value2%3D%26mp_value3%3D%26formFlowConfigId%3D2114%26irgwc%3D1%26viewType%3DFULL%26clickid%3DwhwTDYVrLxyLUFj3Y9UJ-yaMUkB31z3fCz0axQ0%26irc%3D9285%26estprg%3D1%26p%3D%26slide%3D0%26slide_name%3DPRODUCT%26ffsid%3Dffs-017a-584c9f42-3937&ul=en-us&de=UTF-8&dt=Mortgage%20News%20and%20Rates%20-%20Refi%20Rate%20Guide&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=468501867&gjid=511725402&cid=793727337.1624979056&tid=UA-338775-5&_gid=178757990.1624979056&cd1=690251&cd2=FULL&cd3=FORM&cd4=2114&cd5=328113&z=1984448353

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.refirateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Jun 2021 19:36:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 70037
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 17ms
14ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=678169883&t=pageview&_s=2&dl=https%3A%2F%2Fwww.refirateguide.com%2Ficonic.fhtml%3Fmp_value1%3D%26mp_value2%3D%26mp_value3%3D%26formFlowConfigId%3D2114%26irgwc%3D1%26viewType%3DFULL%26clickid%3DwhwTDYVrLxyLUFj3Y9UJ-yaMUkB31z3fCz0axQ0%26irc%3D9285%26estprg%3D1&dr=https%3A%2F%2Fstrenghtenergy.com%2F&dp=%2Ficonic.fhtml%3FformFlowConfigId%3D2114%26estprg%3D1%26viewType%3DFULL%26gclid%3D&ul=en-us&de=UTF-8&dt=Mortgage%20News%20and%20Rates%20-%20Refi%20Rate%20Guide&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAABAAAAAE~&jid=&gjid=&cid=793727337.1624979056&tid=UA-338775-5&_gid=178757990.1624979056&cd1=690251&cd2=FULL&cd3=FORM&cd4=2114&cd5=328113&z=2006859342

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.refirateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Jun 2021 19:36:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 70037
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 42ms
41ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-338775-5&cid=793727337.1624979056&jid=468501867&_u=YGBAgAABAAAAAE~&z=1532420155

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.refirateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:04:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 33ms
32ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-338775-5&cid=793727337.1624979056&jid=468501867&_u=YGBAgAABAAAAAE~&z=1532420155

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.refirateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:04:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 iframeResizer.contentWindow.min.js Show response
cdnjs.cloudflare.com/ajax/libs/iframe-resizer/3.5.5/ 14 KB
5 KB 22ms
22ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/iframe-resizer/3.5.5/iframeResizer.contentWindow.min.js

Requested by

Host: www.refirateguide.com
URL: https://www.refirateguide.com/fs3/js/all-listing-lti-652.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63b5085014a66af8d0d56afb98bb13f69a4c4f21c3c0e2cc63b30fe8c75a49d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.refirateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:04:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4038971
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4548
cf-request-id: 0af9e5bf840000dffbb38c6000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e9f-3654"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=EHPBzh07Rn%2BFfqL7XNkDbGTw6cJ1NS15hVtko9%2B11TBhDqt4U8dYSbea%2BPxevU1fElFaSJIHgIS3VES3jllmXhRQrujcKso9IZ24%2ByQy5ur4MEa%2B8UHjvLdtYFlK%2F94Rgvo0rErxTHUP%2FQjJWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 66700bdf3845dffb-FRA
expires: Sun, 19 Jun 2022 15:04:16 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 126ms
45ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQZQGX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

92bd24374fb205c765a133d522acb2772693d2ccd486b7855e2447918de296a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.refirateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14011
x-xss-protection: 0
server: cafe
etag: 1690124483490796579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 29 Jun 2021 15:04:16 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 31ms
13ms Script
application/javascript 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: strenghtenergy.com
URL: https://strenghtenergy.com/1762f9692f198368800/6b-1950094-3624521-113678-2299-/180216043

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

b9e6c38b3493790e6525ba6715ad839211cab5db3ddc80c7f70f20f92679fee6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.refirateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Tue, 29 Jun 2021 14:58:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 330
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 5639
x-amz-id-2: 42t5j01Mjmrk5lzUYwpIH/jlfkEY1nylvRoFrRzrQe2rRNKbKqVjwGg0+iuI6iw07yKCXB2jD20=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sat, 02 Jul 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Thu, 27 May 2021 13:00:20 GMT
server: ATS
etag: "6de43f1c725d89777edaa2bc5d679ecb-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: SARRFJZAPSJB33V7
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: Bv0RNzsjZsSn6kGrZjdvdggYqc20u__d
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 bat.js Show response
bat.bing.com/ 30 KB
9 KB 70ms
34ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: strenghtenergy.com
URL: https://strenghtenergy.com/1762f9692f198368800/6b-1950094-3624521-113678-2299-/180216043
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 73e2e5173ed0d5a77b02914fa0ef1f67bb53143da75f0348f558f95565220ca1

Request headers

Referer: https://www.refirateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:04:15 GMT
content-encoding: gzip
last-modified: Fri, 28 May 2021 20:25:24 GMT
x-msedge-ref: Ref A: D28BEE15F2054FBDA94CAB99FA1A88A9 Ref B: FRAEDGE1311 Ref C: 2021-06-29T15:04:16Z
etag: "0d2a696ff53d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9008

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 95 KB
24 KB 11ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: strenghtenergy.com
URL: https://strenghtenergy.com/1762f9692f198368800/6b-1950094-3624521-113678-2299-/180216043

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

31a54a93488f9711927aeb875ff1dd63a8c41359847f10f9cea7488dc65179b7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.refirateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24675
x-xss-protection: 0
pragma: public
x-fb-debug: FJRlzHzzjtCoosJXh/9/NBWiYmlfw3UBY0CoFkn2J83qDwNlVkkpUH8v1++pEev2vpa/n84X0FAEwIEzHJzUhw==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
date: Tue, 29 Jun 2021 15:04:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 leadid_code.ilp Show response
www.dataverify123.com/ 374 B
1 KB 513ms
171ms Script
text/javascript 54.219.55.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dataverify123.com/leadid_code.ilp?a=33711
Requested by: Host: strenghtenergy.com
URL: https://strenghtenergy.com/1762f9692f198368800/6b-1950094-3624521-113678-2299-/180216043
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.219.55.143 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b812c28e8434cd7648cae9bc37458c25306d994989a7090fd429727e253ef7fd

Request headers

Referer: https://www.refirateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:04:16 GMT
cache-control: max-age=900000
p3p: CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", CP="NOI DSP COR LAW CUR CONi TELi OUR DELi SAMi BUS UNI"
content-type: text/javascript;charset=ISO-8859-1
content-length: 374
content-language: en-US
expires: Tue, 29 Jun 2021 15:19:16 GMT

GET
H2 200 Mortgage.aspx Show response
widgets.icanbuy.com/c/standard/us/en/mortgage/tables/ Frame D003 259 KB
259 KB 417ms
190ms Document
text/html 3.217.106.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.icanbuy.com/c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1

Requested by

Host: d2qcrzwi3hrnuy.cloudfront.net
URL: https://d2qcrzwi3hrnuy.cloudfront.net/LTI-1415/js/all.min__vmaster_462.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.217.106.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

668e0ea0bbaa717f578636c2bd62d89a86f97fd7e40e9046dad9b8acdc27529b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: widgets.icanbuy.com
:scheme: https
:path: /c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.refirateguide.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.refirateguide.com/

Response headers

date: Tue, 29 Jun 2021 15:04:16 GMT
content-type: text/html; charset=utf-8
content-length: 264718
cache-control: private
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
strict-transport-security: max-age=31536000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,POST,GET

GET
H3-29 200 620872564766010 Show response
connect.facebook.net/signals/config/ 260 KB
74 KB 17ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/620872564766010?v=2.9.42&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9dbd8320d6a4cfa63b093a28e6656b9243c10a35e872631cee3203984163ed44

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.refirateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 75545
x-xss-protection: 0
pragma: public
x-fb-debug: Jz/uqEB0nEfaYwCPDrpLMIbvBmCMgdDXEJRQUySk85CKMD7kDORq9Dx3n8s/7gkZM6SIBRJnhXZqB4hHoGCJDw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 29 Jun 2021 15:04:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 422383.json Show response
s.yimg.com/wi/config/ 2 B
458 B 35ms
12ms XHR
application/json 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/422383.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.refirateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:02:31 GMT
x-content-type-options: nosniff
age: 105
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: C9V7QHMHC8HY7R68
x-amz-id-2: o3CFRtBhDPAg1/NoV8HLP6jfW7Z4Ogr5ytGWYV053zIIIvFIPEusXWk0nEONwmoNZX96Q0bsDys=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 2

GET
H2 200 10032102.json Show response
s.yimg.com/wi/config/ 2 B
151 B 36ms
13ms XHR
application/json 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10032102.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.refirateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:02:30 GMT
x-content-type-options: nosniff
age: 106
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: C9V56VMX3BSHDDG4
x-amz-id-2: cjwa7DR0C9kbLyB53h12CKO0qjRZxAp2LNlgBOonhScxU4yCd19OZRVblBOKr5yDoouiEKmEiTs=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 2

GET
H2 204 5663198.js Show response
bat.bing.com/p/action/ 0
127 B 153ms
148ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/5663198.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.refirateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 29 Jun 2021 15:04:15 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: 360D93DD0F704778BC62818F1F03FF77 Ref B: FRAEDGE1311 Ref C: 2021-06-29T15:04:16Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
150 B 38ms
37ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5663198&Ver=2&mid=7c18a202-eb68-4a1a-841e-8b074bf4ba71&sid=45e30100d8eb11eb9cb133a03848016b&vid=45e40940d8eb11eba30a574ea1d95e49&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Mortgage%20News%20and%20Rates%20-%20Refi%20Rate%20Guide&kw=refinance,%20mortgage%20calculator&p=https%3A%2F%2Fwww.refirateguide.com%2Ficonic.fhtml%3Fmp_value1%3D%26mp_value2%3D%26mp_value3%3D%26formFlowConfigId%3D2114%26irgwc%3D1%26viewType%3DFULL%26clickid%3DwhwTDYVrLxyLUFj3Y9UJ-yaMUkB31z3fCz0axQ0%26irc%3D9285%26estprg%3D1%230&r=https%3A%2F%2Fstrenghtenergy.com%2F&lt=2722&evt=pageLoad&msclkid=N&sv=1&rn=111795
Requested by: Host: www.refirateguide.com
URL: https://www.refirateguide.com/iconic.fhtml?mp_value1=&mp_value2=&mp_value3=&formFlowConfigId=2114&irgwc=1&viewType=FULL&clickid=whwTDYVrLxyLUFj3Y9UJ-yaMUkB31z3fCz0axQ0&irc=9285&estprg=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.refirateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 29 Jun 2021 15:04:15 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: C374EABEE0C3445D9DA113C35DCFDBDE Ref B: FRAEDGE1311 Ref C: 2021-06-29T15:04:16Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 10ms
9ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=620872564766010&ev=PageView&dl=https%3A%2F%2Fwww.refirateguide.com%2Ficonic.fhtml%3Fmp_value1%3D%26mp_value2%3D%26mp_value3%3D%26formFlowConfigId%3D2114%26irgwc%3D1%26viewType%3DFULL%26clickid%3DwhwTDYVrLxyLUFj3Y9UJ-yaMUkB31z3fCz0axQ0%26irc%3D9285%26estprg%3D1%230&rl=https%3A%2F%2Fstrenghtenergy.com%2F&if=false&ts=1624979056717&sw=1600&sh=1200&v=2.9.42&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1624979056704.1580294764&it=1624979056584&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.refirateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:04:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 29 Jun 2021 15:04:16 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/872149984/ 3 KB
1 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/872149984/?random=1624979056747&cv=9&fst=1624979056747&num=1&label=PJgkCIHCuXMQ4OfvnwM&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6n0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.refirateguide.com%2Ficonic.fhtml%3Fmp_value1%3D%26mp_value2%3D%26mp_value3%3D%26formFlowConfigId%3D2114%26irgwc%3D1%26viewType%3DFULL%26clickid%3DwhwTDYVrLxyLUFj3Y9UJ-yaMUkB31z3fCz0axQ0%26irc%3D9285%26estprg%3D1&ref=https%3A%2F%2Fstrenghtenergy.com%2F&tiba=Mortgage%20News%20and%20Rates%20-%20Refi%20Rate%20Guide&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f1b7dec278f1b2ed5df12065ddcb47b38d3fd9b3a50177c216ca1a3d1b631cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.refirateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1220
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/872149984/ 42 B
64 B 24ms
23ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/872149984/?random=1624979056747&cv=9&fst=1624978800000&num=1&label=PJgkCIHCuXMQ4OfvnwM&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6n0&sendb=1&frm=0&url=https%3A%2F%2Fwww.refirateguide.com%2Ficonic.fhtml%3Fmp_value1%3D%26mp_value2%3D%26mp_value3%3D%26formFlowConfigId%3D2114%26irgwc%3D1%26viewType%3DFULL%26clickid%3DwhwTDYVrLxyLUFj3Y9UJ-yaMUkB31z3fCz0axQ0%26irc%3D9285%26estprg%3D1&ref=https%3A%2F%2Fstrenghtenergy.com%2F&tiba=Mortgage%20News%20and%20Rates%20-%20Refi%20Rate%20Guide&async=1&fmt=3&is_vtc=1&random=3071104128&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.refirateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:04:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/872149984/ 42 B
64 B 32ms
22ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/872149984/?random=1624979056747&cv=9&fst=1624978800000&num=1&label=PJgkCIHCuXMQ4OfvnwM&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6n0&sendb=1&frm=0&url=https%3A%2F%2Fwww.refirateguide.com%2Ficonic.fhtml%3Fmp_value1%3D%26mp_value2%3D%26mp_value3%3D%26formFlowConfigId%3D2114%26irgwc%3D1%26viewType%3DFULL%26clickid%3DwhwTDYVrLxyLUFj3Y9UJ-yaMUkB31z3fCz0axQ0%26irc%3D9285%26estprg%3D1&ref=https%3A%2F%2Fstrenghtenergy.com%2F&tiba=Mortgage%20News%20and%20Rates%20-%20Refi%20Rate%20Guide&async=1&fmt=3&is_vtc=1&random=3071104128&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.refirateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:04:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK d40b3cef-3c1f-401b-86fa-ccab4a93cb80.js Show response
d1tprjo2w7krrh.cloudfront.net/campaign/ 123 KB
124 KB 160ms
29ms Script
text/javascript 65.9.84.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1tprjo2w7krrh.cloudfront.net/campaign/d40b3cef-3c1f-401b-86fa-ccab4a93cb80.js
Requested by: Host: www.dataverify123.com
URL: https://www.dataverify123.com/leadid_code.ilp?a=33711
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e1cf5888714bf7da4af98574002731ad9daec84d7d57e8c7d9bd0b876f0d559c

Request headers

Referer: https://www.refirateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: bK.0DmMZSvNtHesLaj06pwlyMrbKdgXy
Via: 1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
ETag: "ef2f9f4533ef2c95c6038c7485b444c8"
Age: 20
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 126350
Last-Modified: Mon, 24 May 2021 14:45:36 GMT
Server: AmazonS3
Date: Tue, 29 Jun 2021 15:03:58 GMT
Content-Type: text/javascript
Cache-Control: max-age=1800
X-Amz-Cf-Pop: AMS1-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: ZAZNbrrGr_k_nZ_uOCTweF9d-2uC9nFZzUV2P2MJ9jXmGdKA4uyTfg==

GET
H3-29 200 css
fonts.googleapis.com/ Frame D003 2 KB
546 B 44ms
36ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: widgets.icanbuy.com
URL: https://widgets.icanbuy.com/c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3cd4435683f31935fe9fac4db83d9a8c232cfe0849eb2db5c561b839066b0608

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://widgets.icanbuy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 13:48:54 GMT
server: ESF
date: Tue, 29 Jun 2021 15:04:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 29 Jun 2021 15:04:17 GMT

GET
H2 200 nanoscroller.css
widgets.icanbuy.com/css/ Frame D003 1 KB
2 KB 108ms
105ms Stylesheet
text/css 3.217.106.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.icanbuy.com/css/nanoscroller.css?v=10

Requested by

Host: widgets.icanbuy.com
URL: https://widgets.icanbuy.com/c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.217.106.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

23c1808130ade74133389ef2fc80b57badf7b37d106d771ca47651eb02066684

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://widgets.icanbuy.com/c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:04:17 GMT
last-modified: Wed, 08 Feb 2017 18:53:26 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8c6927a13c82d21:0"
strict-transport-security: max-age=31536000
access-control-allow-methods: OPTIONS,POST,GET
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
content-length: 1391

GET
H3-29 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ Frame D003 90 KB
32 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Host: widgets.icanbuy.com
URL: https://widgets.icanbuy.com/c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://widgets.icanbuy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:00:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 249
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33018
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jun 2022 15:00:08 GMT

GET
H2 200 jquery.nanoscroller.min.js Show response
widgets.icanbuy.com/js/ Frame D003 10 KB
4 KB 109ms
106ms Script
application/javascript 3.217.106.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.icanbuy.com/js/jquery.nanoscroller.min.js?v=5

Requested by

Host: widgets.icanbuy.com
URL: https://widgets.icanbuy.com/c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.217.106.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

f46e8aea81be0e5d86904d49c8d3bf3d0353e51aa5e6f900a935d5c3b17e0b6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://widgets.icanbuy.com/c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:04:17 GMT
content-encoding: gzip
etag: "0fffe494bf3d11:0"
last-modified: Wed, 10 Aug 2016 21:08:06 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,POST,GET
content-type: application/javascript
access-control-allow-origin: *
strict-transport-security: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
content-length: 3410

GET
H3-29 200 jquery.ui.touch-punch.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jqueryui-touch-punch/0.2.3/ Frame D003 1 KB
1 KB 44ms
42ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jqueryui-touch-punch/0.2.3/jquery.ui.touch-punch.min.js

Requested by

Host: widgets.icanbuy.com
URL: https://widgets.icanbuy.com/c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

000854d782781aff1b16ea5451c1da3d07efadd35ab911ccb7e4b851571a25bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://widgets.icanbuy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:04:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 734981
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 493
cf-request-id: 0af9e5c22f0000dffbbc95d000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-50b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PoCciWOYX%2FpQb1tfamOHv3RxK%2B7%2FLhwbvea3zMkOdYdrM7BGrRYkqj1r64tsnVQpKEOZB6aHIqrIZfJitX8ZmFqRAN%2FYObWIWNcVZc55F1Ren0XTZp2qVWn%2FFqLS0pjSIlDXOQMXZWRNWRQDlg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 66700be3795cdffb-FRA
expires: Sun, 19 Jun 2022 15:04:17 GMT

GET
H2 200 jquery-ui.min.css
widgets.icanbuy.com/css/ Frame D003 16 KB
3 KB 108ms
107ms Stylesheet
text/css 3.217.106.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.icanbuy.com/css/jquery-ui.min.css

Requested by

Host: widgets.icanbuy.com
URL: https://widgets.icanbuy.com/c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.217.106.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

a68ffbe9a9dfbf981e15d698ee97b88e53c691cadc027c7ac7896b5c4f4d33d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://widgets.icanbuy.com/c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:04:17 GMT
content-encoding: gzip
etag: "802fc051c465d11:0"
last-modified: Fri, 12 Feb 2016 18:36:43 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,POST,GET
content-type: text/css
access-control-allow-origin: *
strict-transport-security: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
content-length: 2798

GET
H2 200 pagination.min.js Show response
widgets.icanbuy.com/js/ Frame D003 5 KB
2 KB 109ms
107ms Script
application/javascript 3.217.106.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.icanbuy.com/js/pagination.min.js

Requested by

Host: widgets.icanbuy.com
URL: https://widgets.icanbuy.com/c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.217.106.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

5694e832e9bf13d85326067f8c2a23e8e63072a932027e6c5ad3e71eeaf7b446

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://widgets.icanbuy.com/c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:04:17 GMT
content-encoding: gzip
etag: "01f1e944c75cf1:0"
last-modified: Wed, 21 May 2014 23:29:58 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,POST,GET
content-type: application/javascript
access-control-allow-origin: *
strict-transport-security: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
content-length: 1847

GET
H2 200 json2.min.js Show response
widgets.icanbuy.com/js/ Frame D003 3 KB
2 KB 107ms
106ms Script
application/javascript 3.217.106.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.icanbuy.com/js/json2.min.js

Requested by

Host: widgets.icanbuy.com
URL: https://widgets.icanbuy.com/c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.217.106.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

cad748d566493b79033ce00a0c0e6df797a1340a6992f731d283d1440b0e346a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://widgets.icanbuy.com/c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:04:17 GMT
content-encoding: gzip
etag: "80f1f443d34d11:0"
last-modified: Fri, 11 Dec 2015 17:56:31 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,POST,GET
content-type: application/javascript
access-control-allow-origin: *
strict-transport-security: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
content-length: 1284

GET
H2 200 persist-min.js Show response
widgets.icanbuy.com/js/ Frame D003 9 KB
3 KB 108ms
103ms Script
application/javascript 3.217.106.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.icanbuy.com/js/persist-min.js

Requested by

Host: widgets.icanbuy.com
URL: https://widgets.icanbuy.com/c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.217.106.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

cc0a4f9259e03892809a4a197c6e78bd13de909c70d3725ae086c156ec8353ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://widgets.icanbuy.com/c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:04:17 GMT
content-encoding: gzip
etag: "01e2ee7f5bbc81:0"
last-modified: Thu, 22 May 2008 10:23:40 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,POST,GET
content-type: application/javascript
access-control-allow-origin: *
strict-transport-security: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
content-length: 2946

GET
H2 200 jquery.mask.min.js Show response
widgets.icanbuy.com/js/ Frame D003 10 KB
4 KB 173ms
106ms Script
application/javascript 3.217.106.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.icanbuy.com/js/jquery.mask.min.js

Requested by

Host: widgets.icanbuy.com
URL: https://widgets.icanbuy.com/c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.217.106.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

3122cba40f7126076b4083fd64029409ddd0752309107dd50b97018342206601

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://widgets.icanbuy.com/c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:04:17 GMT
content-encoding: gzip
etag: "802f94d3938dd41:0"
last-modified: Thu, 06 Dec 2018 18:45:15 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,POST,GET
content-type: application/javascript
access-control-allow-origin: *
strict-transport-security: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
content-length: 3726

GET
H2 200 iTracking.js Show response
widgets.icanbuy.com/js/ Frame D003 3 KB
1 KB 166ms
106ms Script
application/javascript 3.217.106.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.icanbuy.com/js/iTracking.js?v=11

Requested by

Host: widgets.icanbuy.com
URL: https://widgets.icanbuy.com/c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.217.106.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

135203a2fbe2046f271ac45a49eb79f2198ef9cd6b06e03958f556a69c94f051

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://widgets.icanbuy.com/c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:04:17 GMT
content-encoding: gzip
etag: "079f34ea20d71:0"
last-modified: Thu, 11 Feb 2021 18:18:34 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,POST,GET
content-type: application/javascript
access-control-allow-origin: *
strict-transport-security: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
content-length: 1108

GET
H2 200 wurfl.js Show response
widgets.icanbuy.com/js/ Frame D003 526 B
873 B 153ms
108ms Script
application/javascript 3.217.106.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.icanbuy.com/js/wurfl.js

Requested by

Host: widgets.icanbuy.com
URL: https://widgets.icanbuy.com/c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.217.106.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

fe4ab43ec2946522dd47ec864bad9d5bde5d3ce579927573f8abc1df4c5272c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://widgets.icanbuy.com/c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:04:17 GMT
last-modified: Mon, 10 Nov 2014 20:57:11 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "e99020e628fdcf1:0"
strict-transport-security: max-age=31536000
access-control-allow-methods: OPTIONS,POST,GET
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
content-length: 526

GET
H2 200 utils.js Show response
widgets.icanbuy.com/js/ Frame D003 9 KB
3 KB 152ms
107ms Script
application/javascript 3.217.106.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.icanbuy.com/js/utils.js?v=a131

Requested by

Host: widgets.icanbuy.com
URL: https://widgets.icanbuy.com/c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.217.106.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

9b5efa0cde86f73ff649a1ebed2b0cff7daaf09517c6b3c8990666220e99399d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://widgets.icanbuy.com/c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:04:17 GMT
content-encoding: gzip
etag: "045e82954edd31:0"
last-modified: Wed, 16 May 2018 20:26:26 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,POST,GET
content-type: application/javascript
access-control-allow-origin: *
strict-transport-security: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
content-length: 2460

GET
H2 200 iframeResizer.contentWindow.min.js Show response
widgets.icanbuy.com/js/iframehack/ Frame D003 13 KB
5 KB 138ms
108ms Script
application/javascript 3.217.106.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.icanbuy.com/js/iframehack/iframeResizer.contentWindow.min.js

Requested by

Host: widgets.icanbuy.com
URL: https://widgets.icanbuy.com/c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.217.106.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

b40175f360a2a073e1ae8e4ba504945023ae6733d2edff21d895c9165f65997b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://widgets.icanbuy.com/c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:04:17 GMT
content-encoding: gzip
etag: "0bbca77d1add11:0"
last-modified: Sat, 14 May 2016 11:12:14 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,POST,GET
content-type: application/javascript
access-control-allow-origin: *
strict-transport-security: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
content-length: 5027

GET
H2 200 down.png
widgets.icanbuy.com/images/ Frame D003 244 B
581 B 110ms
109ms Image
image/png 3.217.106.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widgets.icanbuy.com/images/down.png

Requested by

Host: widgets.icanbuy.com
URL: https://widgets.icanbuy.com/c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.217.106.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

01cfae5d4062e38e47e79445fcdebbddab91397a93400e4d250203a068ca7cce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://widgets.icanbuy.com/c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:04:17 GMT
last-modified: Wed, 17 Feb 2016 21:35:32 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "06acc20cb69d11:0"
strict-transport-security: max-age=31536000
access-control-allow-methods: OPTIONS,POST,GET
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
content-length: 244

GET
H2 200 loader.gif
widgets.icanbuy.com/images/ Frame D003 2 KB
2 KB 109ms
108ms Image
image/gif 3.217.106.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widgets.icanbuy.com/images/loader.gif

Requested by

Host: widgets.icanbuy.com
URL: https://widgets.icanbuy.com/c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.217.106.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

a41e7043b455f67ca63b6a6ff98f8cb9fda13e7ab3072ad2eb1d18114d0df851

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://widgets.icanbuy.com/c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:04:17 GMT
last-modified: Mon, 18 Mar 2013 19:10:18 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "09803ac24ce1:0"
strict-transport-security: max-age=31536000
access-control-allow-methods: OPTIONS,POST,GET
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
content-length: 1924

GET
H2 200 close.png
widgets.icanbuy.com/images/ Frame D003 2 KB
2 KB 112ms
110ms Image
image/png 3.217.106.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widgets.icanbuy.com/images/close.png

Requested by

Host: widgets.icanbuy.com
URL: https://widgets.icanbuy.com/c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.217.106.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

42dc857b150b169ddbed46a6b1684a41314d282409c9286618fbab8cce885768

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://widgets.icanbuy.com/c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:04:17 GMT
last-modified: Wed, 17 Dec 2014 19:30:50 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "091caf62f1ad01:0"
strict-transport-security: max-age=31536000
access-control-allow-methods: OPTIONS,POST,GET
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
content-length: 1838

POST
H2 200 GenerateToken Show response
create.leadid.com/2.11.7/ 36 B
335 B 373ms
151ms XHR
text/plain 23.23.10.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.11.7/GenerateToken?msn=1&pid=5897b78a-3a1c-4708-8197-37432cc2d65d&_=622041639
Requested by: Host: www.refirateguide.com
URL: https://www.refirateguide.com/iconic.fhtml?mp_value1=&mp_value2=&mp_value3=&formFlowConfigId=2114&irgwc=1&viewType=FULL&clickid=whwTDYVrLxyLUFj3Y9UJ-yaMUkB31z3fCz0axQ0&irc=9285&estprg=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.10.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: 97e5b2908873e3fa1a8fb1920768001c86fa922f28634ec8f9a22fc6c258118b

Request headers

Referer: https://www.refirateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 29 Jun 2021 15:04:17 GMT
content-encoding: gzip
server: nginx/1.17.6
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 ga.js Show response
www.google-analytics.com/ Frame D003 45 KB
17 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: widgets.icanbuy.com
URL: https://widgets.icanbuy.com/js/iTracking.js?v=11

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://widgets.icanbuy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 6784
date: Tue, 29 Jun 2021 13:11:13 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Tue, 29 Jun 2021 15:11:13 GMT

GET
H2 200 GetIPData Show response
widgets.icanbuy.com/common/geolocation/GetGeoData.aspx/ Frame D003 89 B
395 B 155ms
145ms XHR
application/json 3.217.106.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.icanbuy.com/common/geolocation/GetGeoData.aspx/GetIPData?{}

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.217.106.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

5bbed7938025d5a5c2bc7090cd3dc6e15ed657674f1ef90ba6d00becfe756ba7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://widgets.icanbuy.com/c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Tue, 29 Jun 2021 15:04:17 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
strict-transport-security: max-age=31536000
access-control-allow-methods: OPTIONS,POST,GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=0
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
content-length: 89

GET
H/1.1 200
OK search Show response
www.icanbuy.com/api/ Frame D003 37 KB
37 KB 711ms
384ms Script
application/javascript 23.23.176.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.icanbuy.com/api/search?transaction=52&loan=250000&ltv=80&period=PERIOD_FIXED_30YEARS&state=WA&fico=740&show_fha=1&valoans=0&points=0.5&rate_lock=99&property_type=34&occupancy=49&siteid=b263d4c7ef37b38d&include_text_results=1&specs={%22parentpageurl%22:%22https%3A//www.refirateguide.com/%22}&&callback=localjsonpcallback&_=1624979057328

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.176.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx/1.16.1 / PHP/5.6.40

Resource Hash

54d3d85af72eb360e7f9d4accb7ba3e3b13840e64dcdd7b00d83fae2d9b78db4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://widgets.icanbuy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Jun 2021 15:04:18 GMT
Server: nginx/1.16.1
X-Powered-By: PHP/5.6.40
Transfer-Encoding: chunked
P3p: policyref="/w3c/p3p.xml", CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: application/javascript
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK iframe.html Show response
d2m2wsoho8qq12.cloudfront.net/ Frame EB17 3 KB
2 KB 66ms
22ms Document
text/html 65.9.84.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=71BB279B-25BC-F62A-2C8B-C7112D623F63&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.7&lck=D40B3CEF-3C1F-401B-86FA-CCAB4A93CB80&lac=8BEAE6FA-9692-852F-AE73-DDD9BAA92D70
Requested by: Host: d1tprjo2w7krrh.cloudfront.net
URL: https://d1tprjo2w7krrh.cloudfront.net/campaign/d40b3cef-3c1f-401b-86fa-ccab4a93cb80.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash: 4e2d95df10e65f48daac2dcbad2cc0ef091610b5d5f77e4be8ad56a2e5aed241

Request headers

Host: d2m2wsoho8qq12.cloudfront.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.refirateguide.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.refirateguide.com/

Response headers

Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Date: Tue, 29 Jun 2021 09:00:53 GMT
Server: nginx/1.17.6
Last-Modified: Wed, 23 Jun 2021 16:23:17 GMT
ETag: W/"60d35ff5-da5"
P3P: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
Content-Encoding: gzip
X-Cache: Hit from cloudfront
Via: 1.1 bdbb0d922c29917c00cfed799f55e7c2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: 1tu-OE5Q9uWw9VcZNvBvaMugiRKHeruQj2hBamEMIl7BvxhqXnoGMQ==
Age: 21804

POST
H2 200 SaveDom Show response
create.leadid.com/2.11.7/ 0
298 B 107ms
106ms XHR
text/plain 23.23.10.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.11.7/SaveDom?msn=2&pid=5897b78a-3a1c-4708-8197-37432cc2d65d&token=71BB279B-25BC-F62A-2C8B-C7112D623F63&_=622041640
Requested by: Host: www.refirateguide.com
URL: https://www.refirateguide.com/iconic.fhtml?mp_value1=&mp_value2=&mp_value3=&formFlowConfigId=2114&irgwc=1&viewType=FULL&clickid=whwTDYVrLxyLUFj3Y9UJ-yaMUkB31z3fCz0axQ0&irc=9285&estprg=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.10.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.refirateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 29 Jun 2021 15:04:17 GMT
content-encoding: gzip
server: nginx/1.17.6
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.7/ 0
298 B 158ms
157ms XHR
text/plain 23.23.10.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.11.7/InitFormData?msn=3&pid=5897b78a-3a1c-4708-8197-37432cc2d65d&token=71BB279B-25BC-F62A-2C8B-C7112D623F63&_=622041641
Requested by: Host: www.refirateguide.com
URL: https://www.refirateguide.com/iconic.fhtml?mp_value1=&mp_value2=&mp_value3=&formFlowConfigId=2114&irgwc=1&viewType=FULL&clickid=whwTDYVrLxyLUFj3Y9UJ-yaMUkB31z3fCz0axQ0&irc=9285&estprg=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.10.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.refirateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 29 Jun 2021 15:04:17 GMT
content-encoding: gzip
server: nginx/1.17.6
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 iframe.html Show response
deviceid.trueleadid.com/ Frame 9445 4 KB
2 KB 438ms
108ms Document
text/html 35.175.13.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://deviceid.trueleadid.com/iframe.html?token=71BB279B-25BC-F62A-2C8B-C7112D623F63&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.7&lck=D40B3CEF-3C1F-401B-86FA-CCAB4A93CB80&lac=8BEAE6FA-9692-852F-AE73-DDD9BAA92D70
Requested by: Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=71BB279B-25BC-F62A-2C8B-C7112D623F63&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.7&lck=D40B3CEF-3C1F-401B-86FA-CCAB4A93CB80&lac=8BEAE6FA-9692-852F-AE73-DDD9BAA92D70
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.175.13.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: 602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

:method: GET
:authority: deviceid.trueleadid.com
:scheme: https
:path: /iframe.html?token=71BB279B-25BC-F62A-2C8B-C7112D623F63&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.7&lck=D40B3CEF-3C1F-401B-86FA-CCAB4A93CB80&lac=8BEAE6FA-9692-852F-AE73-DDD9BAA92D70
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://d2m2wsoho8qq12.cloudfront.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://d2m2wsoho8qq12.cloudfront.net/

Response headers

date: Tue, 29 Jun 2021 15:04:18 GMT
content-type: text/html
server: nginx
last-modified: Wed, 02 Jun 2021 23:45:54 GMT
etag: W/"60b81832-1049"
expires: Wed, 30 Jun 2021 15:04:18 GMT
cache-control: max-age=86400 public
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
content-encoding: gzip

GET
H2 200 sr.js Show response
www.dataverify123.com/ 768 B
1 KB 170ms
161ms Script
text/javascript 54.219.55.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dataverify123.com/sr.js?a=33711&i=17593&lidtn=71BB279B-25BC-F62A-2C8B-C7112D623F63
Requested by: Host: strenghtenergy.com
URL: https://strenghtenergy.com/1762f9692f198368800/6b-1950094-3624521-113678-2299-/180216043
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.219.55.143 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c51bb2ae69851521a61200885d85e741d6268beb31a92f11b870835dfe14b0af

Request headers

Referer: https://www.refirateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:04:18 GMT
cache-control: max-age=900
expires: Tue, 29 Jun 2021 15:19:18 GMT
content-type: text/javascript;charset=ISO-8859-1
content-length: 768
p3p: CP="NOI DSP COR LAW CUR CONi TELi OUR DELi SAMi BUS UNI"

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=620872564766010&ev=Microdata&dl=https%3A%2F%2Fwww.refirateguide.com%2Ficonic.fhtml%3Fmp_value1%3D%26mp_value2%3D%26mp_value3%3D%26formFlowConfigId%3D2114%26irgwc%3D1%26viewType%3DFULL%26clickid%3DwhwTDYVrLxyLUFj3Y9UJ-yaMUkB31z3fCz0axQ0%26irc%3D9285%26estprg%3D1%230&rl=https%3A%2F%2Fstrenghtenergy.com%2F&if=false&ts=1624979058256&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Mortgage%20News%20and%20Rates%20-%20Refi%20Rate%20Guide%22%2C%22meta%3Akeywords%22%3A%22refinance%2C%20mortgage%20calculator%22%2C%22meta%3Adescription%22%3A%22This%20site%20helps%20consumers%20find%20a%20new%20mortgage%20rate%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.42&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1624979058255.1695183323&it=1624979056584&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.refirateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:04:18 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 29 Jun 2021 15:04:18 GMT

GET
H2 200 SaveDeviceId.js Show response
create.leadid.com/2.11.7/ Frame 9445 0
302 B 313ms
106ms Script
text/javascript 23.23.10.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.11.7/SaveDeviceId.js?lac=8BEAE6FA-9692-852F-AE73-DDD9BAA92D70&lck=D40B3CEF-3C1F-401B-86FA-CCAB4A93CB80&methods=16&token=71BB279B-25BC-F62A-2C8B-C7112D623F63&uuid=c566d9a905414f2d96f6ddc2db9c2786
Requested by: Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=71BB279B-25BC-F62A-2C8B-C7112D623F63&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.7&lck=D40B3CEF-3C1F-401B-86FA-CCAB4A93CB80&lac=8BEAE6FA-9692-852F-AE73-DDD9BAA92D70
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.10.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://deviceid.trueleadid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:04:18 GMT
content-encoding: gzip
server: nginx/1.17.6
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 112501.gif
mortgagerates.icanbuy.com/images/lenderslogos/ Frame D003 2 KB
2 KB 443ms
106ms Image
image/gif 23.23.176.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mortgagerates.icanbuy.com/images/lenderslogos/112501.gif

Requested by

Host: widgets.icanbuy.com
URL: https://widgets.icanbuy.com/c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.176.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

fd4a70d9e7e1669ad8f32d82bd1e3e0c4640f1f458a715f96cd2d5abd3f2df17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://widgets.icanbuy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Jun 2021 15:04:18 GMT
Last-Modified: Thu, 09 Jul 2020 19:55:01 GMT
Server: nginx/1.16.1
ETag: "5f077615-6b5"
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: image/gif
Cache-Control: max-age=2592000, private
Accept-Ranges: bytes
Content-Length: 1717
Expires: Thu, 29 Jul 2021 15:04:18 GMT

GET
H/1.1 200
OK 112539.gif
mortgagerates.icanbuy.com/images/lenderslogos/ Frame D003 4 KB
4 KB 462ms
125ms Image
image/gif 23.23.176.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mortgagerates.icanbuy.com/images/lenderslogos/112539.gif

Requested by

Host: widgets.icanbuy.com
URL: https://widgets.icanbuy.com/c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.176.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

36452f209b31bb0ecc8b6bec53ea6d305289c7f711acc6198d87c9fe1b12d468

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://widgets.icanbuy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Jun 2021 15:04:18 GMT
Last-Modified: Thu, 18 Mar 2021 21:33:47 GMT
Server: nginx/1.16.1
ETag: "6053c73b-e79"
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: image/gif
Cache-Control: max-age=2592000, private
Accept-Ranges: bytes
Content-Length: 3705
Expires: Thu, 29 Jul 2021 15:04:18 GMT

GET
H/1.1 200
OK 111668.gif
mortgagerates.icanbuy.com/images/lenderslogos/ Frame D003 2 KB
2 KB 462ms
125ms Image
image/gif 23.23.176.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mortgagerates.icanbuy.com/images/lenderslogos/111668.gif

Requested by

Host: widgets.icanbuy.com
URL: https://widgets.icanbuy.com/c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.176.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

dd76a8149d228220824a93fa5ac8f6af4037960ec8b7791d714bf74c354ec212

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://widgets.icanbuy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Jun 2021 15:04:18 GMT
Last-Modified: Wed, 19 Jun 2019 19:55:52 GMT
Server: nginx/1.16.1
ETag: "5d0a9348-73f"
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: image/gif
Cache-Control: max-age=2592000, private
Accept-Ranges: bytes
Content-Length: 1855
Expires: Thu, 29 Jul 2021 15:04:18 GMT

GET
H/1.1 200
OK 112456.gif
mortgagerates.icanbuy.com/images/lenderslogos/ Frame D003 2 KB
3 KB 461ms
125ms Image
image/gif 23.23.176.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mortgagerates.icanbuy.com/images/lenderslogos/112456.gif

Requested by

Host: widgets.icanbuy.com
URL: https://widgets.icanbuy.com/c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.176.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

ad8342716c45a6fc64623e8aaeefdcd1e1b00db79c580e52d65db56ab4db7850

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://widgets.icanbuy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Jun 2021 15:04:18 GMT
Last-Modified: Thu, 23 Jan 2020 18:27:11 GMT
Server: nginx/1.16.1
ETag: "5e29e57f-884"
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: image/gif
Cache-Control: max-age=2592000, private
Accept-Ranges: bytes
Content-Length: 2180
Expires: Thu, 29 Jul 2021 15:04:18 GMT

GET
H/1.1 200
OK 111574.gif
mortgagerates.icanbuy.com/images/lenderslogos/ Frame D003 1 KB
2 KB 462ms
123ms Image
image/gif 23.23.176.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mortgagerates.icanbuy.com/images/lenderslogos/111574.gif

Requested by

Host: widgets.icanbuy.com
URL: https://widgets.icanbuy.com/c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.176.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

9c1cab91c5dfd2e40a9ce4cd0becc07ea238663253bdc353272f15b5e53ea43c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://widgets.icanbuy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Jun 2021 15:04:18 GMT
Last-Modified: Thu, 31 Jan 2019 05:00:38 GMT
Server: nginx/1.16.1
ETag: "5c5280f6-516"
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: image/gif
Cache-Control: max-age=2592000, private
Accept-Ranges: bytes
Content-Length: 1302
Expires: Thu, 29 Jul 2021 15:04:18 GMT

GET
H/1.1 200
OK 111724.gif
mortgagerates.icanbuy.com/images/lenderslogos/ Frame D003 3 KB
3 KB 462ms
124ms Image
image/gif 23.23.176.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mortgagerates.icanbuy.com/images/lenderslogos/111724.gif

Requested by

Host: widgets.icanbuy.com
URL: https://widgets.icanbuy.com/c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.176.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

4d5b72ffb55376770f4280f353edd573b804402d4055705349d70ce8b636d0c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://widgets.icanbuy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Jun 2021 15:04:18 GMT
Last-Modified: Mon, 26 Jun 2017 21:44:16 GMT
Server: nginx/1.16.1
ETag: "59518030-a9b"
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: image/gif
Cache-Control: max-age=2592000, private
Accept-Ranges: bytes
Content-Length: 2715
Expires: Thu, 29 Jul 2021 15:04:18 GMT

GET
H/1.1 200
OK 111741.gif
mortgagerates.icanbuy.com/images/lenderslogos/ Frame D003 3 KB
4 KB 126ms
110ms Image
image/gif 23.23.176.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mortgagerates.icanbuy.com/images/lenderslogos/111741.gif

Requested by

Host: widgets.icanbuy.com
URL: https://widgets.icanbuy.com/c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.176.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

cabe12a286f1220044af367c063a6bf533f35a62028c13c6c6453416ce7fa5ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://widgets.icanbuy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Jun 2021 15:04:18 GMT
Last-Modified: Mon, 29 Mar 2021 20:42:47 GMT
Server: nginx/1.16.1
ETag: "60623bc7-d98"
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: image/gif
Cache-Control: max-age=2592000, private
Accept-Ranges: bytes
Content-Length: 3480
Expires: Thu, 29 Jul 2021 15:04:18 GMT

GET
H/1.1 200
OK 112540.gif
mortgagerates.icanbuy.com/images/lenderslogos/ Frame D003 4 KB
4 KB 116ms
110ms Image
image/gif 23.23.176.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mortgagerates.icanbuy.com/images/lenderslogos/112540.gif

Requested by

Host: widgets.icanbuy.com
URL: https://widgets.icanbuy.com/c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.176.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

5c6ef548080660bd8d2aa3cebc38bfa90349844949b5822141ec5e134dd4454a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://widgets.icanbuy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Jun 2021 15:04:18 GMT
Last-Modified: Thu, 18 Mar 2021 21:28:49 GMT
Server: nginx/1.16.1
ETag: "6053c611-f0a"
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: image/gif
Cache-Control: max-age=2592000, private
Accept-Ranges: bytes
Content-Length: 3850
Expires: Thu, 29 Jul 2021 15:04:18 GMT

GET
H/1.1 200
OK 112335.gif
mortgagerates.icanbuy.com/images/lenderslogos/ Frame D003 2 KB
2 KB 115ms
111ms Image
image/gif 23.23.176.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mortgagerates.icanbuy.com/images/lenderslogos/112335.gif

Requested by

Host: widgets.icanbuy.com
URL: https://widgets.icanbuy.com/c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.176.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

492c71431be68885ada38b9769ce84294716cb2a90f72a3226136730a62763f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://widgets.icanbuy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Jun 2021 15:04:18 GMT
Last-Modified: Wed, 31 Jul 2019 18:47:26 GMT
Server: nginx/1.16.1
ETag: "5d41e23e-67e"
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: image/gif
Cache-Control: max-age=2592000, private
Accept-Ranges: bytes
Content-Length: 1662
Expires: Thu, 29 Jul 2021 15:04:18 GMT

GET
H/1.1 200
OK 111765.gif
mortgagerates.icanbuy.com/images/lenderslogos/ Frame D003 2 KB
2 KB 115ms
111ms Image
image/gif 23.23.176.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mortgagerates.icanbuy.com/images/lenderslogos/111765.gif

Requested by

Host: widgets.icanbuy.com
URL: https://widgets.icanbuy.com/c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.176.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

fe945fad4a878eeda9d8b99affe08387a2ce308bb51ce5315a999f767435b6ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://widgets.icanbuy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Jun 2021 15:04:18 GMT
Last-Modified: Wed, 28 Oct 2020 05:00:25 GMT
Server: nginx/1.16.1
ETag: "5f98fae9-7ed"
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: image/gif
Cache-Control: max-age=2592000, private
Accept-Ranges: bytes
Content-Length: 2029
Expires: Thu, 29 Jul 2021 15:04:18 GMT

GET
H/1.1 200
OK 111245.gif
mortgagerates.icanbuy.com/images/lenderslogos/ Frame D003 2 KB
2 KB 113ms
109ms Image
image/gif 23.23.176.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mortgagerates.icanbuy.com/images/lenderslogos/111245.gif

Requested by

Host: widgets.icanbuy.com
URL: https://widgets.icanbuy.com/c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.176.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

fe945fad4a878eeda9d8b99affe08387a2ce308bb51ce5315a999f767435b6ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://widgets.icanbuy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Jun 2021 15:04:18 GMT
Last-Modified: Wed, 28 Oct 2020 04:58:43 GMT
Server: nginx/1.16.1
ETag: "5f98fa83-7ed"
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: image/gif
Cache-Control: max-age=2592000, private
Accept-Ranges: bytes
Content-Length: 2029
Expires: Thu, 29 Jul 2021 15:04:18 GMT

GET
H/1.1 200
OK 111256.gif
mortgagerates.icanbuy.com/images/lenderslogos/ Frame D003 325 B
746 B 113ms
110ms Image
image/gif 23.23.176.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mortgagerates.icanbuy.com/images/lenderslogos/111256.gif

Requested by

Host: widgets.icanbuy.com
URL: https://widgets.icanbuy.com/c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.176.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

5fb2b3d9487d4c1b76caef23fb9833736d36d1a0e7d0b9c523973ed6a41e139c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://widgets.icanbuy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Jun 2021 15:04:18 GMT
Last-Modified: Thu, 16 Aug 2012 17:45:39 GMT
Server: nginx/1.16.1
ETag: "502d31c3-145"
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: image/gif
Cache-Control: max-age=2592000, private
Accept-Ranges: bytes
Content-Length: 325
Expires: Thu, 29 Jul 2021 15:04:18 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.7/ 0
298 B 109ms
109ms XHR
text/plain 23.23.10.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.11.7/InitFormData?msn=4&pid=5897b78a-3a1c-4708-8197-37432cc2d65d&token=71BB279B-25BC-F62A-2C8B-C7112D623F63&_=622041642
Requested by: Host: www.refirateguide.com
URL: https://www.refirateguide.com/iconic.fhtml?mp_value1=&mp_value2=&mp_value3=&formFlowConfigId=2114&irgwc=1&viewType=FULL&clickid=whwTDYVrLxyLUFj3Y9UJ-yaMUkB31z3fCz0axQ0&irc=9285&estprg=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.10.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.refirateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 29 Jun 2021 15:04:18 GMT
content-encoding: gzip
server: nginx/1.17.6
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 refresheverytime.js Show response
widgets.icanbuy.com/js/ Frame D003 3 B
348 B 107ms
107ms Script
application/javascript 3.217.106.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.icanbuy.com/js/refresheverytime.js?v=3f9ab42b-1c32-1630-b33f-480aa8b7abc1

Requested by

Host: widgets.icanbuy.com
URL: https://widgets.icanbuy.com/js/utils.js?v=a131

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.217.106.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://widgets.icanbuy.com/c/standard/us/en/mortgage/tables/Mortgage.aspx?siteid=b263d4c7ef37b38d&fha=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:04:19 GMT
last-modified: Tue, 03 Oct 2017 17:41:34 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "10916ddb6e3cd31:0"
strict-transport-security: max-age=31536000
access-control-allow-methods: OPTIONS,POST,GET
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
content-length: 3

GET
H2 200 nr-1209.min.js Show response
js-agent.newrelic.com/ 31 KB
12 KB 85ms
27ms Script
application/javascript 151.101.13.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1209.min.js
Requested by: Host: www.refirateguide.com
URL: https://www.refirateguide.com/iconic.fhtml?mp_value1=&mp_value2=&mp_value3=&formFlowConfigId=2114&irgwc=1&viewType=FULL&clickid=whwTDYVrLxyLUFj3Y9UJ-yaMUkB31z3fCz0axQ0&irc=9285&estprg=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.27 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1676a8158867ca736ff0a960b9300b8e0e8c016faa2b3211d54d1317213be669

Request headers

Referer: https://www.refirateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ilyf2heqjbcb6UZHMuleD6bz44kdIrhk
content-encoding: gzip
etag: "ceffb14d16467e17c5360bf7880099fa"
x-amz-request-id: 5748RK4XNY0JFAXS
x-cache: HIT
content-length: 11738
x-amz-id-2: Bgz/pgtJbcxVQT1M95LrS9P8w6ydNOlS7rqz4RAI+tM5Ek3RKKQrMB0BxrzJZwT8Jt6pEpDvSuo=
x-served-by: cache-fra19157-FRA
last-modified: Thu, 20 May 2021 23:21:18 GMT
server: AmazonS3
x-timer: S1624979059.118576,VS0,VE0
date: Tue, 29 Jun 2021 15:04:19 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 5348

GET
H/1.1 200
OK 8bb6f53a8a Show response
bam-cell.nr-data.net/1/ 49 B
915 B 208ms
153ms Script
text/javascript 162.247.243.147
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/8bb6f53a8a?a=456225345&v=1209.f04e2b9&to=Y1ZbbUFWDxVSVBULWlocalxBQQ0DRxgVB0dGUlRYR0UIHh5RDhBYR1ZLT1ZF&rst=5709&ck=0&ref=https://www.refirateguide.com/iconic.fhtml&ap=42&be=1565&fe=5436&dc=2667&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1624979053607,%22n%22:0,%22f%22:639,%22dn%22:641,%22dne%22:641,%22c%22:641,%22s%22:641,%22ce%22:662,%22rq%22:662,%22rp%22:903,%22rpe%22:1057,%22dl%22:910,%22di%22:2667,%22ds%22:2667,%22de%22:2722,%22dc%22:5436,%22l%22:5436,%22le%22:5437%7D,%22navigation%22:%7B%7D%7D&fp=1766&fcp=1766&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1209.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Referer: https://www.refirateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Jun 2021 15:04:19 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
X-NewRelic-App-Data: PxQGQlRaCAMIU1RUFR0VMQFTYkEDCBADUxZRDVZkG3xWEU0YdQhAEgVCVAkDEWQcfgEVFk51XhUUUEJQCgMRQBxSFlIUChoCBFMPV3RMB05WAhtDXwVaAQJSUlFWVAIAAlIPA0BKBQNcEV0/
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 66700bf1299cfa34-AMS
cf-request-id: 0af9e5cabc0000fa34ba328000000001

POST
H2 200 Snap Show response
create.leadid.com/2.11.7/ 0
298 B 300ms
184ms XHR
text/plain 23.23.10.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.11.7/Snap?msn=5&pid=5897b78a-3a1c-4708-8197-37432cc2d65d&token=71BB279B-25BC-F62A-2C8B-C7112D623F63&_=622041643
Requested by: Host: www.refirateguide.com
URL: https://www.refirateguide.com/iconic.fhtml?mp_value1=&mp_value2=&mp_value3=&formFlowConfigId=2114&irgwc=1&viewType=FULL&clickid=whwTDYVrLxyLUFj3Y9UJ-yaMUkB31z3fCz0axQ0&irc=9285&estprg=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.10.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.refirateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 29 Jun 2021 15:04:20 GMT
content-encoding: gzip
server: nginx/1.17.6
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 Snap Show response
create.leadid.com/2.11.7/ 0
298 B 319ms
122ms XHR
text/plain 23.23.10.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.11.7/Snap?msn=6&pid=5897b78a-3a1c-4708-8197-37432cc2d65d&token=71BB279B-25BC-F62A-2C8B-C7112D623F63&_=622041644
Requested by: Host: www.refirateguide.com
URL: https://www.refirateguide.com/iconic.fhtml?mp_value1=&mp_value2=&mp_value3=&formFlowConfigId=2114&irgwc=1&viewType=FULL&clickid=whwTDYVrLxyLUFj3Y9UJ-yaMUkB31z3fCz0axQ0&irc=9285&estprg=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.10.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.refirateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 29 Jun 2021 15:04:20 GMT
content-encoding: gzip
server: nginx/1.17.6
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK 8bb6f53a8a Show response
bam-cell.nr-data.net/events/1/ 24 B
558 B 146ms
145ms XHR
image/gif 162.247.243.147
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/events/1/8bb6f53a8a?a=456225345&v=1209.f04e2b9&to=Y1ZbbUFWDxVSVBULWlocalxBQQ0DRxgVB0dGUlRYR0UIHh5RDhBYR1ZLT1ZF&rst=15709&ck=0&ref=https://www.refirateguide.com/iconic.fhtml
Requested by: Host: www.refirateguide.com
URL: https://www.refirateguide.com/iconic.fhtml?mp_value1=&mp_value2=&mp_value3=&formFlowConfigId=2114&irgwc=1&viewType=FULL&clickid=whwTDYVrLxyLUFj3Y9UJ-yaMUkB31z3fCz0axQ0&irc=9285&estprg=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.refirateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

Date: Tue, 29 Jun 2021 15:04:29 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.refirateguide.com
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 66700c2f5881fa34-AMS
Content-Length: 24
cf-request-id: 0af9e5f1950000fa34e121e000000001

Verdicts & Comments Add Verdict or Comment

256 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.deviceid.trueleadid.com/	1970-01-25 20:28:19	Name: uuid Value: c566d9a905414f2d96f6ddc2db9c2786
.refirateguide.com/	1970-01-19 21:32:35	Name: _fbp Value: fb.1.1624979058255.1695183323
www.refirateguide.com/	1969-12-31 23:59:59	Name: leadid_token-8BEAE6FA-9692-852F-AE73-DDD9BAA92D70-D40B3CEF-3C1F-401B-86FA-CCAB4A93CB80 Value: 71BB279B-25BC-F62A-2C8B-C7112D623F63

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.refirateguide.com/iconic.fhtml?mp_value1=&mp_value2=&mp_value3=&formFlowConfigId=2114&irgwc=1&viewType=FULL&clickid=whwTDYVrLxyLUFj3Y9UJ-yaMUkB31z3fCz0axQ0&irc=9285&estprg=1(Line 2160) Message: LTI-1426 - GA Dimension
console-api	log	URL: https://www.refirateguide.com/iconic.fhtml?mp_value1=&mp_value2=&mp_value3=&formFlowConfigId=2114&irgwc=1&viewType=FULL&clickid=whwTDYVrLxyLUFj3Y9UJ-yaMUkB31z3fCz0axQ0&irc=9285&estprg=1(Line 2189) Message: LTI-1221: -- Updated
console-api	log	URL: https://www.refirateguide.com/iconic.fhtml?mp_value1=&mp_value2=&mp_value3=&formFlowConfigId=2114&irgwc=1&viewType=FULL&clickid=whwTDYVrLxyLUFj3Y9UJ-yaMUkB31z3fCz0axQ0&irc=9285&estprg=1(Line 2196) Message: LTI-1918 Pixel
console-api	log	URL: https://www.refirateguide.com/iconic.fhtml?mp_value1=&mp_value2=&mp_value3=&formFlowConfigId=2114&irgwc=1&viewType=FULL&clickid=whwTDYVrLxyLUFj3Y9UJ-yaMUkB31z3fCz0axQ0&irc=9285&estprg=1(Line 2341) Message: LTI-1346 Pixel
console-api	log	URL: https://www.dataverify123.com/sr.js?a=33711&i=17593&lidtn=71BB279B-25BC-F62A-2C8B-C7112D623F63(Line 1) Message: invalid disclosureId srdid

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bam-cell.nr-data.net
bat.bing.com
cdnjs.cloudflare.com
connect.facebook.net
create.leadid.com
d1tkl1e3k37gw7.cloudfront.net
d1tprjo2w7krrh.cloudfront.net
d2m2wsoho8qq12.cloudfront.net
d2qcrzwi3hrnuy.cloudfront.net
deviceid.trueleadid.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js-agent.newrelic.com
maxcdn.bootstrapcdn.com
mortgagerates.icanbuy.com
r.3000trk.com
s.yimg.com
signsgenie.com
static.terramatrixmedia.com
stats.g.doubleclick.net
strenghtenergy.com
widgets.icanbuy.com
www.dataverify123.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.icanbuy.com
www.refirateguide.com
13.226.156.31
142.250.186.130
151.101.13.27
162.247.243.147
23.23.10.24
23.23.176.159
2606:4700:3037::6815:5e66
2606:4700::6810:125e
2606:4700::6810:135e
2606:4700::6812:bcf
2620:1ec:c11::200
2a00:1288:80:800::7001
2a00:1450:4001:802::2002
2a00:1450:4001:808::2004
2a00:1450:4001:812::2008
2a00:1450:4001:827::200a
2a00:1450:4001:828::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::200e
2a00:1450:4001:831::2003
2a00:1450:400c:c0a::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.217.106.215
34.235.224.253
35.175.13.165
52.222.161.64
54.219.139.9
54.219.55.143
65.9.84.166
65.9.84.218
65.98.108.70
85.234.143.24
000854d782781aff1b16ea5451c1da3d07efadd35ab911ccb7e4b851571a25bd
01cfae5d4062e38e47e79445fcdebbddab91397a93400e4d250203a068ca7cce
0b061d883fdd93ccb59569ff3fa3614c36af5e71537ab328440602624e52ffcc
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
135203a2fbe2046f271ac45a49eb79f2198ef9cd6b06e03958f556a69c94f051
158af7b21bd63bd34985512c1ab4b7952c4a5891a908fb6a7063bd14ca3f3fa8
1676a8158867ca736ff0a960b9300b8e0e8c016faa2b3211d54d1317213be669
1824e38c8fe9b23fb54ed5deafd63f31fcceed673d89111bebc8f05d1aa7b126
1c9d64ce7719748bf26cd81580ea58245e2a130baf32cd5fc92e08602626c26c
1f1b7dec278f1b2ed5df12065ddcb47b38d3fd9b3a50177c216ca1a3d1b631cf
23c1808130ade74133389ef2fc80b57badf7b37d106d771ca47651eb02066684
25e38dca8f39f5dd8b605c93d08f6aeb1fe2f14fd374754e5284c8eb06f814f2
3122cba40f7126076b4083fd64029409ddd0752309107dd50b97018342206601
31a54a93488f9711927aeb875ff1dd63a8c41359847f10f9cea7488dc65179b7
36452f209b31bb0ecc8b6bec53ea6d305289c7f711acc6198d87c9fe1b12d468
3cd4435683f31935fe9fac4db83d9a8c232cfe0849eb2db5c561b839066b0608
42dc857b150b169ddbed46a6b1684a41314d282409c9286618fbab8cce885768
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
492c71431be68885ada38b9769ce84294716cb2a90f72a3226136730a62763f4
4b507f1059f6c869c774e52a7a4e520afdb17db8584fe7aa9c8ede53802b6f92
4d5b72ffb55376770f4280f353edd573b804402d4055705349d70ce8b636d0c0
4e2d95df10e65f48daac2dcbad2cc0ef091610b5d5f77e4be8ad56a2e5aed241
54d3d85af72eb360e7f9d4accb7ba3e3b13840e64dcdd7b00d83fae2d9b78db4
550ceb9559bb4237527909ff21e719804f6b9df337f741f756821c0c9963392b
5694e832e9bf13d85326067f8c2a23e8e63072a932027e6c5ad3e71eeaf7b446
594f30259553323d9e3e1726f53b2997256b8a15a3b9a689fa605873edefb9a7
5bbed7938025d5a5c2bc7090cd3dc6e15ed657674f1ef90ba6d00becfe756ba7
5c6ef548080660bd8d2aa3cebc38bfa90349844949b5822141ec5e134dd4454a
5fb2b3d9487d4c1b76caef23fb9833736d36d1a0e7d0b9c523973ed6a41e139c
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
63b5085014a66af8d0d56afb98bb13f69a4c4f21c3c0e2cc63b30fe8c75a49d9
668e0ea0bbaa717f578636c2bd62d89a86f97fd7e40e9046dad9b8acdc27529b
7368f124fb247deb6e0bd874d14c51ca626552a153cfc5e68ffd543dd9b925cf
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
73e2e5173ed0d5a77b02914fa0ef1f67bb53143da75f0348f558f95565220ca1
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8abb8fa01ec207f372088118a0b7d7ccc10c7366cc56b638795cddf4351b11f9
92bd24374fb205c765a133d522acb2772693d2ccd486b7855e2447918de296a1
9671f8be70ad94a5362e60f4656d5d53ba214d32ab70a3f9d1603d7dadf9d1c1
971c47f1144e3bcaaafbd8ca281cc33a757b858524598ffded485107104575be
97e5b2908873e3fa1a8fb1920768001c86fa922f28634ec8f9a22fc6c258118b
9b5efa0cde86f73ff649a1ebed2b0cff7daaf09517c6b3c8990666220e99399d
9c1cab91c5dfd2e40a9ce4cd0becc07ea238663253bdc353272f15b5e53ea43c
9daff8dd097b18fc0ed9121245517e54c222626a7edcd2b461abf3cea87ed765
9dbd8320d6a4cfa63b093a28e6656b9243c10a35e872631cee3203984163ed44
a41e7043b455f67ca63b6a6ff98f8cb9fda13e7ab3072ad2eb1d18114d0df851
a6049eeaa37d3c4056783de8d23efe64732256b599fd415d66fb23a97871a493
a68ffbe9a9dfbf981e15d698ee97b88e53c691cadc027c7ac7896b5c4f4d33d7
ad8342716c45a6fc64623e8aaeefdcd1e1b00db79c580e52d65db56ab4db7850
b40175f360a2a073e1ae8e4ba504945023ae6733d2edff21d895c9165f65997b
b812c28e8434cd7648cae9bc37458c25306d994989a7090fd429727e253ef7fd
b9e6c38b3493790e6525ba6715ad839211cab5db3ddc80c7f70f20f92679fee6
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c51bb2ae69851521a61200885d85e741d6268beb31a92f11b870835dfe14b0af
cabe12a286f1220044af367c063a6bf533f35a62028c13c6c6453416ce7fa5ea
cad748d566493b79033ce00a0c0e6df797a1340a6992f731d283d1440b0e346a
cc0a4f9259e03892809a4a197c6e78bd13de909c70d3725ae086c156ec8353ab
d7383b877c99d3d35b0298d1ae84de9a32e758d156d6cf754e45abb2bcb2789f
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dd76a8149d228220824a93fa5ac8f6af4037960ec8b7791d714bf74c354ec212
e1cf5888714bf7da4af98574002731ad9daec84d7d57e8c7d9bd0b876f0d559c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f46e8aea81be0e5d86904d49c8d3bf3d0353e51aa5e6f900a935d5c3b17e0b6b
fd4a70d9e7e1669ad8f32d82bd1e3e0c4640f1f458a715f96cd2d5abd3f2df17
fe4ab43ec2946522dd47ec864bad9d5bde5d3ce579927573f8abc1df4c5272c1
fe945fad4a878eeda9d8b99affe08387a2ce308bb51ce5315a999f767435b6ce

www.refirateguide.com Open in urlscan Pro 2606:4700:3037::6815:5e66 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

89 Requests

100 %HTTPS

54 %IPv6

26 Domains

33 Subdomains

31 IPs

4 Countries

1614 kBTransfer

3844 kBSize

3 Cookies

4 Outgoing links

Page URL History

Redirected requests

89 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.refirateguide.com Open in urlscan Pro
2606:4700:3037::6815:5e66 Public Scan

Screenshot
Live screenshot

Full Image

89
Requests

100 %
HTTPS

54 %
IPv6

26
Domains

33
Subdomains

31
IPs

4
Countries

1614 kB
Transfer

3844 kB
Size

3
Cookies

89 HTTP transactions
0 data transactions