urlscan.io logo urlscan.io
SecurityTrails logo

refinance.lowermybills.com Open in urlscan Pro
35.164.48.254  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://storage.googleapis.com/01439e9df401e2e/alinkasa.html#/rd/c16328TvTYh51557277YGFE15065wsn2503vGkN1095
Effective URL: https://refinance.lowermybills.com/questions
Submission: On October 23 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 6 countries across 22 domains to perform 120 HTTP transactions. The main IP is 35.164.48.254, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is refinance.lowermybills.com.
TLS certificate: Issued by Thawte RSA CA 2018 on July 21st 2021. Valid for: a year.
This is the only time refinance.lowermybills.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 142.250.186.48 15169 (GOOGLE)
1 2 185.177.57.143 44901 (BELCLOUD)
1 191.101.232.101 61317 (ASDETUK w...)
1 1 54.173.50.35 14618 (AMAZON-AES)
1 1 52.40.27.155 16509 (AMAZON-02)
7 35.164.48.254 16509 (AMAZON-02)
8 2.16.186.232 20940 (AKAMAI-ASN1)
14 2.16.186.210 20940 (AKAMAI-ASN1)
4 142.250.181.234 15169 (GOOGLE)
2 52.222.233.63 16509 (AMAZON-02)
4 142.250.186.131 15169 (GOOGLE)
15 172.217.23.104 15169 (GOOGLE)
1 95.217.105.253 24940 (HETZNER-AS)
3 13.107.21.200 8068 (MICROSOFT...)
4 151.101.129.44 54113 (FASTLY)
1 199.232.136.157 54113 (FASTLY)
4 142.250.185.226 15169 (GOOGLE)
4 6 142.250.184.198 15169 (GOOGLE)
1 104.244.42.195 13414 (TWITTER)
6 16 142.250.185.194 15169 (GOOGLE)
16 172.217.23.100 15169 (GOOGLE)
1 172.217.18.98 15169 (GOOGLE)
1 212.82.100.181 34010 (YAHOO-IRD)
1 104.244.42.133 13414 (TWITTER)
2 142.250.185.78 15169 (GOOGLE)
5 3.233.145.244 14618 (AMAZON-AES)
1 65.21.233.18 24940 (HETZNER-AS)
1 64.233.166.156 15169 (GOOGLE)
4 141.226.228.48 200478 (TABOOLA-AS)
1 52.86.173.59 ()
1 52.222.236.123 ()
120 30
1    142.250.186.48 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f16.1e100.net
storage.googleapis.com
2    185.177.57.143 (Bulgaria)

ASN44901 (BELCLOUD, BG)
PTR: agiuvdbcxdirh.com
jarjav.com
1    191.101.232.101 (Los Angeles, United States)

ASN61317 (ASDETUK www.heficed.com, GB)
nameluxuries.com
1    54.173.50.35 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-50-35.compute-1.amazonaws.com
cdmtrk.com
1    52.40.27.155 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-40-27-155.us-west-2.compute.amazonaws.com
www.lowermybills.com
7    35.164.48.254 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-164-48-254.us-west-2.compute.amazonaws.com
refinance.lowermybills.com
8    2.16.186.232 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-232.deploy.static.akamaitechnologies.com
static-lre.lowermybills.com
14    2.16.186.210 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-210.deploy.static.akamaitechnologies.com
cdn-refinance.lowermybills.com
content.lowermybills.com
cdn.lowermybills.com
4    142.250.181.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f10.1e100.net
fonts.googleapis.com
2    52.222.233.63 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-233-63.fra56.r.cloudfront.net
www.datadoghq-browser-agent.com
4    142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net
fonts.gstatic.com
15    172.217.23.104 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f8.1e100.net
www.googletagmanager.com
1    95.217.105.253 (Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.253.105.217.95.clients.your-server.de
ads.revjet.com
3    13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
4    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
1    199.232.136.157 (United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
4    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
www.googleadservices.com
6    142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net
852807.fls.doubleclick.net
ad.doubleclick.net
1    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
16    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
googleads.g.doubleclick.net
16    172.217.23.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f4.1e100.net
www.google.com
1    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
adservice.google.com
1    212.82.100.181 (Switzerland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
sp.analytics.yahoo.com
1    104.244.42.133 (United States)

ASN13414 (TWITTER, US)
t.co
2    142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net
www.google-analytics.com
5    3.233.145.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-145-244.compute-1.amazonaws.com
rum-http-intake.logs.datadoghq.com
1    65.21.233.18 (United States)

ASN24940 (HETZNER-AS, DE)
PTR: static.18.233.21.65.clients.your-server.de
pix.revjet.com
1    64.233.166.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wm-in-f156.1e100.net
stats.g.doubleclick.net
4    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
1    52.86.173.59 (None, )

ASN- ()
session-replay.browser-intake-datadoghq.com
1    52.222.236.123 (None, )

ASN- ()
privacy-policy.truste.com
Domain Requested by
16 www.google.com
16 googleads.g.doubleclick.net 6 redirects www.googleadservices.com
15 www.googletagmanager.com cdn-refinance.lowermybills.com
www.googletagmanager.com
10 content.lowermybills.com refinance.lowermybills.com
static-lre.lowermybills.com
8 static-lre.lowermybills.com refinance.lowermybills.com
7 refinance.lowermybills.com nameluxuries.com
static-lre.lowermybills.com
www.datadoghq-browser-agent.com
5 rum-http-intake.logs.datadoghq.com www.datadoghq-browser-agent.com
4 trc-events.taboola.com cdn.taboola.com
4 852807.fls.doubleclick.net 2 redirects refinance.lowermybills.com
4 www.googleadservices.com cdn-refinance.lowermybills.com
www.googletagmanager.com
www.googleadservices.com
4 fonts.gstatic.com fonts.googleapis.com
4 fonts.googleapis.com refinance.lowermybills.com
3 bat.bing.com storage.googleapis.com
bat.bing.com
2 trc.taboola.com cdn.taboola.com
2 www.google-analytics.com www.googletagmanager.com
www.datadoghq-browser-agent.com
2 ad.doubleclick.net 2 redirects
2 cdn.taboola.com storage.googleapis.com
cdn.taboola.com
2 cdn.lowermybills.com cdn-refinance.lowermybills.com
refinance.lowermybills.com
2 www.datadoghq-browser-agent.com refinance.lowermybills.com
2 cdn-refinance.lowermybills.com refinance.lowermybills.com
2 jarjav.com 1 redirects storage.googleapis.com
1 privacy-policy.truste.com static-lre.lowermybills.com
1 session-replay.browser-intake-datadoghq.com www.datadoghq-browser-agent.com
1 stats.g.doubleclick.net www.datadoghq-browser-agent.com
1 pix.revjet.com ads.revjet.com
1 t.co refinance.lowermybills.com
1 sp.analytics.yahoo.com refinance.lowermybills.com
1 adservice.google.com refinance.lowermybills.com
1 analytics.twitter.com refinance.lowermybills.com
1 static.ads-twitter.com storage.googleapis.com
1 ads.revjet.com storage.googleapis.com
1 www.lowermybills.com 1 redirects
1 cdmtrk.com 1 redirects
1 nameluxuries.com jarjav.com
1 storage.googleapis.com
120 35

This site contains links to these domains. Also see Links.

Domain
www.fhfaoig.gov
loanlookup.freddiemac.com
www.knowyouroptions.com
Subject Issuer Validity Valid
*.storage.googleapis.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
nameluxuries.com
R3		 2021-09-27 -
2021-12-26		 3 months crt.sh
refinance.lowermybills.com
Thawte RSA CA 2018		 2021-07-21 -
2022-07-26		 a year crt.sh
cdn.lowermybills.com
R3		 2021-09-02 -
2021-12-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.datadoghq-browser-agent.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-17 -
2022-03-17		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.revjet.com
Sectigo RSA Domain Validation Secure Server CA		 2020-03-12 -
2022-04-10		 2 years crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-09-30 -
2022-03-30		 6 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-05-24 -
2021-11-17		 6 months crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.logs.datadoghq.com
Sectigo RSA Domain Validation Secure Server CA		 2020-05-31 -
2022-05-31		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.browser-intake-datadoghq.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-08-25 -
2022-08-25		 a year crt.sh
*.truste.com
Amazon		 2021-02-16 -
2022-03-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://refinance.lowermybills.com/questions
Frame ID: BC68C7455FFAE1DC829BF3EDB80A3E91
Requests: 102 HTTP requests in this frame

Frame: https://cdn.lowermybills.com/lending-images/presentations/common/navapi/deviceAtlasLmb.min.js
Frame ID: 728C1A6DAEB380823112C382D73483F3
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Refinance Mortgage, Refinancing Rates, Mortgage Rates - LowerMyBills

Page URL History Show full URLs

  1. https://storage.googleapis.com/01439e9df401e2e/alinkasa.html Page URL
  2. http://jarjav.com/rd//rd/c16328TvTYh51557277YGFE15065wsn2503vGkN1095 Page URL
  3. http://jarjav.com/track//rd/c16328TvTYh51557277YGFE15065wsn2503vGkN1095 HTTP 302
    https://nameluxuries.com/0/2/6333/07e9aedf03f7b41c4dec11d99d70f8d4/16/1095-16328/51557277-15065-2503 Page URL
  4. https://cdmtrk.com/?E=Fg2gvGAiMXXBm2TINU5%2bJw%3d%3d&s1=350394&s2=621679860 HTTP 302
    https://www.lowermybills.com/lending/home-refinance?sourceid=lmb-53704-112245-289&pkey1=289&pkey2=350394&... HTTP 301
    https://refinance.lowermybills.com/?sourceid=lmb-53704-112245-289&pkey1=289&pkey2=350394&pkey3=&sid=4&cmpid=579... Page URL
  5. https://refinance.lowermybills.com/questions Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

120
Requests

97 %
HTTPS

0 %
IPv6

22
Domains

35
Subdomains

30
IPs

6
Countries

1495 kB
Transfer

4094 kB
Size

22
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://storage.googleapis.com/01439e9df401e2e/alinkasa.html Page URL
  2. http://jarjav.com/rd//rd/c16328TvTYh51557277YGFE15065wsn2503vGkN1095 Page URL
  3. http://jarjav.com/track//rd/c16328TvTYh51557277YGFE15065wsn2503vGkN1095 HTTP 302
    https://nameluxuries.com/0/2/6333/07e9aedf03f7b41c4dec11d99d70f8d4/16/1095-16328/51557277-15065-2503 Page URL
  4. https://cdmtrk.com/?E=Fg2gvGAiMXXBm2TINU5%2bJw%3d%3d&s1=350394&s2=621679860 HTTP 302
    https://www.lowermybills.com/lending/home-refinance?sourceid=lmb-53704-112245-289&pkey1=289&pkey2=350394&pkey3=&sid=4&cmpid=579&crtid=6 HTTP 301
    https://refinance.lowermybills.com/?sourceid=lmb-53704-112245-289&pkey1=289&pkey2=350394&pkey3=&sid=4&cmpid=579&crtid=6 Page URL
  5. https://refinance.lowermybills.com/questions Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • http://jarjav.com/track//rd/c16328TvTYh51557277YGFE15065wsn2503vGkN1095 HTTP 302
  • https://nameluxuries.com/0/2/6333/07e9aedf03f7b41c4dec11d99d70f8d4/16/1095-16328/51557277-15065-2503
Request Chain 3
  • https://cdmtrk.com/?E=Fg2gvGAiMXXBm2TINU5%2bJw%3d%3d&s1=350394&s2=621679860 HTTP 302
  • https://www.lowermybills.com/lending/home-refinance?sourceid=lmb-53704-112245-289&pkey1=289&pkey2=350394&pkey3=&sid=4&cmpid=579&crtid=6 HTTP 301
  • https://refinance.lowermybills.com/?sourceid=lmb-53704-112245-289&pkey1=289&pkey2=350394&pkey3=&sid=4&cmpid=579&crtid=6
Request Chain 35
  • https://852807.fls.doubleclick.net/activityi;src=852807;type=lrepa937;cat=lrere295;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord= HTTP 302
  • https://852807.fls.doubleclick.net/activityi;dc_pre=CIHNyNb14PMCFYKOUQodIokKyA;src=852807;type=lrepa937;cat=lrere295;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=
Request Chain 37
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/973523572/?value=0&label=l0DICKT_tQcQ9JSb0AM&guid=ON&script=0 HTTP 302
  • https://www.google.com/pagead/1p-user-list/973523572/?value=0&label=l0DICKT_tQcQ9JSb0AM&guid=ON&script=0&is_vtc=1&random=868728123
Request Chain 38
  • https://852807.fls.doubleclick.net/activityi;src=852807;type=lrepa937;cat=lrere295;ord=2905a857-604d-4b75-b781-4a3ce0ed6269 HTTP 302
  • https://852807.fls.doubleclick.net/activityi;dc_pre=CJfOyNb14PMCFRv3UQodbfEGhQ;src=852807;type=lrepa937;cat=lrere295;ord=2905a857-604d-4b75-b781-4a3ce0ed6269
Request Chain 39
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1066568174/?value=1.00&currency_code=USD&label=raBACLrR_VoQ7pPK_AM&guid=ON&script=0 HTTP 302
  • https://www.google.com/pagead/1p-user-list/1066568174/?value=1.00&currency_code=USD&label=raBACLrR_VoQ7pPK_AM&guid=ON&script=0&is_vtc=1&random=2133146991
Request Chain 40
  • https://ad.doubleclick.net/ddm/activity/src=4818226;type=invmedia;cat=esvbxzky;ord=1 HTTP 302
  • https://ad.doubleclick.net/ddm/activity/src=4818226;dc_pre=CJOOy9b14PMCFRtzGQodJEcCxA;type=invmedia;cat=esvbxzky;ord=1 HTTP 302
  • https://adservice.google.com/ddm/fls/z/src=4818226;dc_pre=CJOOy9b14PMCFRtzGQodJEcCxA;type=invmedia;cat=esvbxzky;ord=1
Request Chain 58
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/968462554/?random=1635005379203&cv=9&fst=1635005379203&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&hn=www.googleadservices.com&async=1 HTTP 302
  • https://www.google.com/pagead/1p-user-list/968462554/?random=1635005379203&cv=9&fst=1635004800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&is_vtc=1&random=2264871380&resp=GooglemKTybQhCsO
Request Chain 66
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/755089552/?random=1635005379210&cv=9&fst=1635005379210&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&hn=www.googleadservices.com&async=1 HTTP 302
  • https://www.google.com/pagead/1p-user-list/755089552/?random=1635005379210&cv=9&fst=1635004800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&is_vtc=1&random=3703547195&resp=GooglemKTybQhCsO
Request Chain 79
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/849970183/?random=599689705&cv=9&fst=1635005379208&num=1&label=DKgWCPPcgqEBEIeIppUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&auid=430707114.1635005379&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=wzN0YaLuDqemx_AP2qi9-A8&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/849970183/?random=599689705&cv=9&fst=1635005379208&num=1&label=DKgWCPPcgqEBEIeIppUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&auid=430707114.1635005379&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=wzN0YaLuDqemx_AP2qi9-A8&cid=CAQSKQCNIrLMWsDhDnSpBfXOUzmyWYgol1-Ypo6WpXTwN9g6mhmucmyuumOq&random=2587167901&resp=GooglemKTybQhCsO
Request Chain 80
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/735544455/?random=1570814368&cv=9&fst=1635005379204&num=1&label=iteKCOibgqIBEIeJ3t4C&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&auid=430707114.1635005379&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=wzN0YcvwDs-8x_APu6GpsAc&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/735544455/?random=1570814368&cv=9&fst=1635005379204&num=1&label=iteKCOibgqIBEIeJ3t4C&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&auid=430707114.1635005379&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=wzN0YcvwDs-8x_APu6GpsAc&cid=CAQSKQCNIrLMwV_n_L876AkK7s03Fkdarr993EeIGftwXbyF9FKfoFR8ka0P&random=957292924&resp=GooglemKTybQhCsO

120 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
alinkasa.html
storage.googleapis.com/01439e9df401e2e/ 		178 B
751 B 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/01439e9df401e2e/alinkasa.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.48 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f16.1e100.net
Software
UploadServer /
Resource Hash

Request headers

:method
GET
:authority
storage.googleapis.com
:scheme
https
:path
/01439e9df401e2e/alinkasa.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

x-guploader-uploadid
ADPycdtnDFI81OSIgeqtPTKvKHInN38FJ4V8AwNAt0ogLojpgctLtEg87JSIbTG6z2iue1tyTCAlrkN47YtaWqcAwUE
expires
Sat, 23 Oct 2021 17:07:55 GMT
date
Sat, 23 Oct 2021 16:07:55 GMT
last-modified
Mon, 21 Jun 2021 16:14:48 GMT
etag
"72dacaa8278b63d31ce32cb68cf3e072"
x-goog-generation
1624292088016195
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
178
content-type
text/html
x-goog-hash
crc32c=Ck/U+w== md5=ctrKqCeLY9Mc4yy2jPPgcg==
x-goog-storage-class
STANDARD
accept-ranges
bytes
content-length
178
server
UploadServer
age
99
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
c16328TvTYh51557277YGFE15065wsn2503vGkN1095
jarjav.com/rd//rd/ 		235 B
352 B 		Document
General
Check archive.org
Download Go to
Full URL
http://jarjav.com/rd//rd/c16328TvTYh51557277YGFE15065wsn2503vGkN1095
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/01439e9df401e2e/alinkasa.html
Protocol
HTTP/1.1
Server
185.177.57.143 , Bulgaria, ASN44901 (BELCLOUD, BG),
Reverse DNS
agiuvdbcxdirh.com
Software
/
Resource Hash

Request headers

Host
jarjav.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Content-Type
text/html; charset=utf-8
Date
Sat, 23 Oct 2021 16:09:35 GMT
Content-Length
235
51557277-15065-2503
nameluxuries.com/0/2/6333/07e9aedf03f7b41c4dec11d99d70f8d4/16/1095-16328/
Redirect Chain
  • http://jarjav.com/track//rd/c16328TvTYh51557277YGFE15065wsn2503vGkN1095
  • https://nameluxuries.com/0/2/6333/07e9aedf03f7b41c4dec11d99d70f8d4/16/1095-16328/51557277-15065-2503
138 B
513 B 		Document
General
Check archive.org
Download Go to
Full URL
https://nameluxuries.com/0/2/6333/07e9aedf03f7b41c4dec11d99d70f8d4/16/1095-16328/51557277-15065-2503
Requested by
Host: jarjav.com
URL: http://jarjav.com/rd//rd/c16328TvTYh51557277YGFE15065wsn2503vGkN1095
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
191.101.232.101 Los Angeles, United States, ASN61317 (ASDETUK www.heficed.com, GB),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Host
nameluxuries.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
http://jarjav.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://jarjav.com/rd//rd/c16328TvTYh51557277YGFE15065wsn2503vGkN1095

Response headers

date
Sat, 23 Oct 2021 16:09:36 GMT
content-type
text/html; charset=UTF-8
server
Apache
set-cookie
uid1262=621679860-20211023120936-a876858cb149efbf254fd58758567505-; domain=; expires=Mon, 22-Nov-2021 16:09:36 GMT; path=/; SameSite=None; Secure
content-encoding
gzip
transfer-encoding
chunked
vary
Accept-Encoding

Redirect headers

Content-Type
text/html; charset=utf-8
Location
https://nameluxuries.com/0/2/6333/07e9aedf03f7b41c4dec11d99d70f8d4/16/1095-16328/51557277-15065-2503
Date
Sat, 23 Oct 2021 16:09:35 GMT
Content-Length
123
Cookie set /
refinance.lowermybills.com/
Redirect Chain
  • https://cdmtrk.com/?E=Fg2gvGAiMXXBm2TINU5%2bJw%3d%3d&s1=350394&s2=621679860
  • https://www.lowermybills.com/lending/home-refinance?sourceid=lmb-53704-112245-289&pkey1=289&pkey2=350394&pkey3=&sid=4&cmpid=579&crtid=6
  • https://refinance.lowermybills.com/?sourceid=lmb-53704-112245-289&pkey1=289&pkey2=350394&pkey3=&sid=4&cmpid=579&crtid=6
9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://refinance.lowermybills.com/?sourceid=lmb-53704-112245-289&pkey1=289&pkey2=350394&pkey3=&sid=4&cmpid=579&crtid=6
Requested by
Host: nameluxuries.com
URL: https://nameluxuries.com/0/2/6333/07e9aedf03f7b41c4dec11d99d70f8d4/16/1095-16328/51557277-15065-2503
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.164.48.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-164-48-254.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
50a49641756d89bb894ab76fe6d514200a06d9457cd2ddc8227a59250f59f83d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
refinance.lowermybills.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://nameluxuries.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nameluxuries.com/0/2/6333/07e9aedf03f7b41c4dec11d99d70f8d4/16/1095-16328/51557277-15065-2503

Response headers

Date
Sat, 23 Oct 2021 16:09:38 GMT
Content-Type
text/html; charset=utf-8
Content-Length
9541
Connection
keep-alive
X-DNS-Prefetch-Control
off
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Download-Options
noopen
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Cache-Control
no-store
Set-Cookie
visitorId=2905a857-604d-4b75-b781-4a3ce0ed6269; Path=/; Expires=Sun, 23 Oct 2022 16:09:38 GMT sourceId=lmb-53704-112245-289; Path=/; Expires=Sat, 30 Oct 2021 16:09:38 GMT connect.sid=s%3A5SL_gdjsJEE-xxOXUz8_JozQSSzpMZtq.xYVJqmJ8h1DpQRg6nwPlP3VcEzmmySy7TVM1XJkROXA; Path=/; Expires=Sat, 30 Oct 2021 16:09:38 GMT; HttpOnly BIGipServerpl.prod-lrelpwapp-lnd=!0Rd6QdbGZUGgeuVRHhj5eaSY0gTQ+GgqAIAGS/RV5Ft9pKdFawlVDtJrdgCWsy0y/smKpdC4eMF16bM=; path=/; Httponly; Secure TS014fdca0=012d8c2fc37d59e3cae3d2559f4632bb641388c620611043ab4e84dbf669a753972db8b490a73655a7960c2c8e7c70dd29167b777f; Path=/
ETag
W/"2545-q6WgGmmua4tN7aWxSJ+0T+dtHNM"
P3P
CP="NON DSP COR LAW CONi TELi OUR SAM IND CNT"

Redirect headers

Location
https://refinance.lowermybills.com/?sourceid=lmb-53704-112245-289&pkey1=289&pkey2=350394&pkey3=&sid=4&cmpid=579&crtid=6
Server
BigIP
Connection
Keep-Alive
Content-Length
0
main.e12635025c9fb5cfff6b.css
static-lre.lowermybills.com/ 		35 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-lre.lowermybills.com/main.e12635025c9fb5cfff6b.css
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?sourceid=lmb-53704-112245-289&pkey1=289&pkey2=350394&pkey3=&sid=4&cmpid=579&crtid=6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.232 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-232.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
922010a894024fc34925fafe378edfee4578db4a81bfbb2a517974bf505b51dd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
99ZLQMy65refd8OEXZJR9QoamkJihNOm
content-encoding
br
last-modified
Fri, 22 Oct 2021 23:33:16 GMT
x-amz-cf-pop
SFO5-C3
etag
"53b1451a84c1fffb08e1a7511f4a708a"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2532176
date
Sat, 23 Oct 2021 16:09:38 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
7372
x-amz-cf-id
VjvyFsqrQJIr-5HlncttLKpAX4b0jRJLdLDzVhQZ_4PTTloqGmJHQQ==
pixel-ca687c5134383c510e1c.js
cdn-refinance.lowermybills.com/ 		280 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-refinance.lowermybills.com/pixel-ca687c5134383c510e1c.js
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?sourceid=lmb-53704-112245-289&pkey1=289&pkey2=350394&pkey3=&sid=4&cmpid=579&crtid=6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.210 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-210.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b09e2cd396fb96094ce9ce509862f223b83c6a8427900690eb7368251a28978c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
etag
W/"45f7b-17caa55acd6"
x-dns-prefetch-control
off
p3p
CP="NON DSP COR LAW CONi TELi OUR SAM IND CNT"
content-length
33187
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 22 Oct 2021 23:28:34 GMT
x-frame-options
SAMEORIGIN
date
Sat, 23 Oct 2021 16:09:38 GMT
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
x-content-type-options
nosniff
deviceatlas-1.6.min.js
content.lowermybills.com/deviceatlas-1.6/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.lowermybills.com/deviceatlas-1.6/deviceatlas-1.6.min.js
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?sourceid=lmb-53704-112245-289&pkey1=289&pkey2=350394&pkey3=&sid=4&cmpid=579&crtid=6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.210 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-210.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d60aa838e099599b51126886e7fa0334ad2022c7b4f76977c86f45463b55bfe9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:09:38 GMT
content-encoding
gzip
last-modified
Fri, 15 Oct 2021 19:40:00 GMT
x-amz-cf-pop
FRA53-C1
etag
"67510dbcee1857a225b8f76bdc940c26"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=145490
accept-ranges
bytes
content-length
2759
x-amz-cf-id
LyC_oAHIdmWom8Qt4S1H57X36ig5yLYnbCMpYZIX-9HNcmlQTW9FNA==
css
fonts.googleapis.com/ 		820 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Shadows+Into+Light+Two&display=swap
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?sourceid=lmb-53704-112245-289&pkey1=289&pkey2=350394&pkey3=&sid=4&cmpid=579&crtid=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f10.1e100.net
Software
ESF /
Resource Hash
5d67b40783f583fa48ec3a8d7346bb2a7396407bb7fb4b5ad6a5bb3cab2dd53b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 23 Oct 2021 16:09:17 GMT
server
ESF
date
Sat, 23 Oct 2021 16:09:38 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sat, 23 Oct 2021 16:09:38 GMT
css2
fonts.googleapis.com/ 		5 KB
699 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;700&display=swap
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?sourceid=lmb-53704-112245-289&pkey1=289&pkey2=350394&pkey3=&sid=4&cmpid=579&crtid=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f10.1e100.net
Software
ESF /
Resource Hash
d9c65db554d57f17a964bee80b4c94050e40f3a692852cf0ca2fdb9612c83273
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 23 Oct 2021 14:26:45 GMT
server
ESF
date
Sat, 23 Oct 2021 16:09:38 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sat, 23 Oct 2021 16:09:38 GMT
continue.png
content.lowermybills.com/lre/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.lowermybills.com/lre/continue.png
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?sourceid=lmb-53704-112245-289&pkey1=289&pkey2=350394&pkey3=&sid=4&cmpid=579&crtid=6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.210 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-210.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9b899e50c2015a1c2e3c6b10138755b33f249afcb60b340cbde60c89785d7e18

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:09:38 GMT
cache-control
private, no-transform, max-age=1571993
last-modified
Tue, 14 Sep 2021 20:47:11 GMT
content-type
image/webp
etag
"d028d77ea5b3745697cc424d3f465bc9"
content-length
4932
expires
Wed, 10 Nov 2021 20:49:31 GMT
main.e12635025c9fb5cfff6b.js
static-lre.lowermybills.com/ 		122 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-lre.lowermybills.com/main.e12635025c9fb5cfff6b.js
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?sourceid=lmb-53704-112245-289&pkey1=289&pkey2=350394&pkey3=&sid=4&cmpid=579&crtid=6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.232 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-232.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d2f7a02c2194d538a9c82cf7c44ebb4baa5e5643bcb535ad88c3869779faa6f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
stpP5gCopyqn5KQsYDXDGrmcAST6Yq3W
content-encoding
br
last-modified
Fri, 22 Oct 2021 23:37:25 GMT
x-amz-cf-pop
ATL56-C3
etag
"e29e8990862f8fb9eee65e482694bf0f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2532445
date
Sat, 23 Oct 2021 16:09:38 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
24740
x-amz-cf-id
3VP58VAWzO5QfJ_ruG6KyJkykOcycqxXBwaiFQMn6ysg2ZevLOAZZQ==
manifest.7c87aba7f3ef7da22937.js
static-lre.lowermybills.com/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-lre.lowermybills.com/manifest.7c87aba7f3ef7da22937.js
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?sourceid=lmb-53704-112245-289&pkey1=289&pkey2=350394&pkey3=&sid=4&cmpid=579&crtid=6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.232 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-232.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b2a80cfc9dff72482f2d291da5f9f4524621b12ed20159b07ea7379329ce0169

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
3TELm6YFfP_yisUarAtwT0WqHReMJhnW
content-encoding
br
last-modified
Fri, 22 Oct 2021 23:33:39 GMT
x-amz-cf-pop
SEA19-C1
etag
"08827b954aeef269cd3a652eee38c960"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2532172
date
Sat, 23 Oct 2021 16:09:38 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
4194
x-amz-cf-id
Z17CrMU1azXfB6dJQc6cjakuvdlMh_Wg8sth9sOY1BD8diheSiggJg==
vendor.022a7bf0aee7569059b4.js
static-lre.lowermybills.com/ 		333 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-lre.lowermybills.com/vendor.022a7bf0aee7569059b4.js
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?sourceid=lmb-53704-112245-289&pkey1=289&pkey2=350394&pkey3=&sid=4&cmpid=579&crtid=6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.232 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-232.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
655145296c4f196f46dcdca8d90fa529af07d249242722119c30d90be8b77612

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
ACS1YI43AKmP3Sq47GugkxBslPNqHKe9
content-encoding
br
last-modified
Thu, 07 Oct 2021 12:36:16 GMT
x-amz-cf-pop
SFO5-C3
etag
"c9cafa0bd6dfb95727fcf555f843a69c"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
cache-control
max-age=1196761
date
Sat, 23 Oct 2021 16:09:38 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
92178
x-amz-cf-id
e_vBps1tLYSIVju-PHjdySNjL3LV_oHhss5GZ2MZindfiMp0mXNdRw==
datadog-rum-v3.js
www.datadoghq-browser-agent.com/ 		112 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?sourceid=lmb-53704-112245-289&pkey1=289&pkey2=350394&pkey3=&sid=4&cmpid=579&crtid=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.233.63 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-233-63.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7202824f39f82ba4c8f5cd454cc3e68e2b33112667e759b81aec57b374c42dfe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:09:34 GMT
content-encoding
br
last-modified
Mon, 18 Oct 2021 12:17:42 GMT
server
AmazonS3
age
4
etag
W/"0e1bb4ae12d194c53e58fde424cc8cb5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 ce765e91525a836efb6bc0a409334a5f.cloudfront.net (CloudFront)
cache-control
max-age=14400, s-maxage=60
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
ad5lEjsYnfbgVsrkP-sPD7HjXthK9WjrIRMkgkz003KLmHCxojMqSA==
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://refinance.lowermybills.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 04:48:55 GMT
x-content-type-options
nosniff
age
213643
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19844
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:10 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 21 Oct 2022 04:48:55 GMT
Cookie set store-info-redis
refinance.lowermybills.com/ 		2 B
815 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://refinance.lowermybills.com/store-info-redis
Requested by
Host: static-lre.lowermybills.com
URL: https://static-lre.lowermybills.com/vendor.022a7bf0aee7569059b4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.164.48.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-164-48-254.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Origin
https://refinance.lowermybills.com
Accept-Encoding
gzip, deflate, br
Accept-Language
de-DE,de;q=0.9
Sec-Fetch-Dest
empty
Cookie
visitorId=2905a857-604d-4b75-b781-4a3ce0ed6269; sourceId=lmb-53704-112245-289; connect.sid=s%3A5SL_gdjsJEE-xxOXUz8_JozQSSzpMZtq.xYVJqmJ8h1DpQRg6nwPlP3VcEzmmySy7TVM1XJkROXA; BIGipServerpl.prod-lrelpwapp-lnd=!0Rd6QdbGZUGgeuVRHhj5eaSY0gTQ+GgqAIAGS/RV5Ft9pKdFawlVDtJrdgCWsy0y/smKpdC4eMF16bM=; TS014fdca0=012d8c2fc37d59e3cae3d2559f4632bb641388c620611043ab4e84dbf669a753972db8b490a73655a7960c2c8e7c70dd29167b777f; DAPROPS="sjs.webGlRenderer:Intel Iris OpenGL Engine|bjs.accessDom:1|bcookieSupport:1|bcss.animations:1|bcss.columns:1|bcss.transforms:1|bcss.transitions:1|sdevicePixelRatio:1|idisplayColorDepth:24|bflashCapable:0|bhtml.audio:1|bhtml.canvas:1|bhtml.inlinesvg:1|bhtml.svg:1|bhtml.video:1|bjs.applicationCache:0|bjs.deviceMotion:1|bjs.deviceOrientation:0|bjs.geoLocation:1|bjs.indexedDB:1|bjs.json:1|bjs.localStorage:1|bjs.modifyCss:1|bjs.modifyDom:1|bjs.querySelector:1|bjs.sessionStorage:1|bjs.supportBasicJavaScript:1|bjs.supportConsoleLog:1|bjs.supportEventListener:1|bjs.supportEvents:1|bjs.touchEvents:0|bjs.webGl:1|bjs.webSockets:1|bjs.webSqlDatabase:0|bjs.webWorkers:1|bjs.xhr:1|buserMedia:1|bjs.battery:0"
Connection
keep-alive
Content-Length
2
Pragma
no-cache
Host
refinance.lowermybills.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json;charset=UTF-8
Accept
application/json, text/plain, */*
Cache-Control
no-cache
Referer
https://refinance.lowermybills.com/?sourceid=lmb-53704-112245-289&pkey1=289&pkey2=350394&pkey3=&sid=4&cmpid=579&crtid=6
Sec-Fetch-Site
same-origin
Accept
application/json, text/plain, */*
Referer
https://refinance.lowermybills.com/?sourceid=lmb-53704-112245-289&pkey1=289&pkey2=350394&pkey3=&sid=4&cmpid=579&crtid=6
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Date
Sat, 23 Oct 2021 16:09:38 GMT
Referrer-Policy
same-origin
X-DNS-Prefetch-Control
off
ETag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
P3P
CP="NON DSP COR LAW CONi TELi OUR SAM IND CNT"
Set-Cookie
connect.sid=s%3A5SL_gdjsJEE-xxOXUz8_JozQSSzpMZtq.xYVJqmJ8h1DpQRg6nwPlP3VcEzmmySy7TVM1XJkROXA; Path=/; Expires=Sat, 30 Oct 2021 16:09:38 GMT; HttpOnly TS014fdca0=012d8c2fc37d59e3cae3d2559f4632bb641388c620611043ab4e84dbf669a753972db8b490a73655a7960c2c8e7c70dd29167b777f; Path=/
X-XSS-Protection
1; mode=block
Cache-Control
no-store
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
application/json; charset=utf-8
Content-Length
2
X-Content-Type-Options
nosniff
visitor
refinance.lowermybills.com/ 		195 B
709 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://refinance.lowermybills.com/visitor
Requested by
Host: static-lre.lowermybills.com
URL: https://static-lre.lowermybills.com/vendor.022a7bf0aee7569059b4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.164.48.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-164-48-254.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
240622d968e81c9f11280e4881e49d38a56ba9a685257c0e8428c08effe6f0ac
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Origin
https://refinance.lowermybills.com
Accept-Encoding
gzip, deflate, br
Accept-Language
de-DE,de;q=0.9
Sec-Fetch-Dest
empty
Cookie
visitorId=2905a857-604d-4b75-b781-4a3ce0ed6269; sourceId=lmb-53704-112245-289; connect.sid=s%3A5SL_gdjsJEE-xxOXUz8_JozQSSzpMZtq.xYVJqmJ8h1DpQRg6nwPlP3VcEzmmySy7TVM1XJkROXA; BIGipServerpl.prod-lrelpwapp-lnd=!0Rd6QdbGZUGgeuVRHhj5eaSY0gTQ+GgqAIAGS/RV5Ft9pKdFawlVDtJrdgCWsy0y/smKpdC4eMF16bM=; TS014fdca0=012d8c2fc37d59e3cae3d2559f4632bb641388c620611043ab4e84dbf669a753972db8b490a73655a7960c2c8e7c70dd29167b777f; DAPROPS="sjs.webGlRenderer:Intel Iris OpenGL Engine|bjs.accessDom:1|bcookieSupport:1|bcss.animations:1|bcss.columns:1|bcss.transforms:1|bcss.transitions:1|sdevicePixelRatio:1|idisplayColorDepth:24|bflashCapable:0|bhtml.audio:1|bhtml.canvas:1|bhtml.inlinesvg:1|bhtml.svg:1|bhtml.video:1|bjs.applicationCache:0|bjs.deviceMotion:1|bjs.deviceOrientation:0|bjs.geoLocation:1|bjs.indexedDB:1|bjs.json:1|bjs.localStorage:1|bjs.modifyCss:1|bjs.modifyDom:1|bjs.querySelector:1|bjs.sessionStorage:1|bjs.supportBasicJavaScript:1|bjs.supportConsoleLog:1|bjs.supportEventListener:1|bjs.supportEvents:1|bjs.touchEvents:0|bjs.webGl:1|bjs.webSockets:1|bjs.webSqlDatabase:0|bjs.webWorkers:1|bjs.xhr:1|buserMedia:1|bjs.battery:0"
Connection
keep-alive
Content-Length
1235
Pragma
no-cache
Host
refinance.lowermybills.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json;charset=UTF-8
Accept
application/json, text/plain, */*
Cache-Control
no-cache
Referer
https://refinance.lowermybills.com/?sourceid=lmb-53704-112245-289&pkey1=289&pkey2=350394&pkey3=&sid=4&cmpid=579&crtid=6
Sec-Fetch-Site
same-origin
Accept
application/json, text/plain, */*
Referer
https://refinance.lowermybills.com/?sourceid=lmb-53704-112245-289&pkey1=289&pkey2=350394&pkey3=&sid=4&cmpid=579&crtid=6
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Date
Sat, 23 Oct 2021 16:09:39 GMT
Referrer-Policy
same-origin
X-DNS-Prefetch-Control
off
ETag
W/"c3-uDhNTSRYj9r2x0sfZa6dxDn6Ykc"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
P3P
CP="NON DSP COR LAW CONi TELi OUR SAM IND CNT"
X-XSS-Protection
1; mode=block
Cache-Control
no-store
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
application/json; charset=utf-8
Content-Length
195
X-Content-Type-Options
nosniff
deviceAtlasLmb.min.js
cdn.lowermybills.com/lending-images/presentations/common/navapi/ Frame 728C 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.lowermybills.com/lending-images/presentations/common/navapi/deviceAtlasLmb.min.js
Requested by
Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-ca687c5134383c510e1c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.210 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-210.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0cff5de0a6dddcb01b664acb7cce79cd85b5a941e7e8f74423c8024e60704005
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.lowermybills.com app.optimizely.com analytics.google.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="NON DSP COR LAW CONi TELi OUR SAM IND CNT"
content-length
2867
x-xss-protection
1; mode=block
last-modified
Fri, 21 May 2021 02:42:28 GMT
x-frame-options
SAMEORIGIN
date
Sat, 23 Oct 2021 16:09:38 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=15552000
etag
"fed6c65f5b084671-20fc-5c2ce02c32fd8"
content-security-policy
frame-ancestors 'self' *.lowermybills.com app.optimizely.com analytics.google.com
accept-ranges
bytes
expires
Thu, 21 Apr 2022 16:09:38 GMT
js
www.googletagmanager.com/gtag/ 		132 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-849970183
Requested by
Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-ca687c5134383c510e1c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
0cb157cd091e2c19170329b173ffe6b2f14c097aeed92a26062b5755e4f4ac94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:09:38 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
50387
x-xss-protection
0
last-modified
Sat, 23 Oct 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 23 Oct 2021 16:09:38 GMT
js
www.googletagmanager.com/gtag/ 		132 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-755089552
Requested by
Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-ca687c5134383c510e1c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
880a4d0de8479c0c0e444a087a00572aa6d7d3e1cab7228da780658e71d10e3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:09:38 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
50425
x-xss-protection
0
last-modified
Sat, 23 Oct 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 23 Oct 2021 16:09:38 GMT
js
www.googletagmanager.com/gtag/ 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-72055405-1
Requested by
Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-ca687c5134383c510e1c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
4b50041385af0fcfa755160157e58ebf4ad1677ba9ff433a5687404dac09cde3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:09:38 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35714
x-xss-protection
0
last-modified
Sat, 23 Oct 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 23 Oct 2021 16:09:38 GMT
js
www.googletagmanager.com/gtag/ 		132 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1066568174
Requested by
Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-ca687c5134383c510e1c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b11fe99e81476d90df8fa7e41c2d59159415c45442be952f5f5870e6a5c710b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:09:38 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
50353
x-xss-protection
0
last-modified
Sat, 23 Oct 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 23 Oct 2021 16:09:38 GMT
analytics
ads.revjet.com/ Frame 728C 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.revjet.com/analytics?acu=3370
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/01439e9df401e2e/alinkasa.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
95.217.105.253 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.253.105.217.95.clients.your-server.de
Software
nginx /
Resource Hash
2d84cdbfaf9b2bc0ba30bc5f67e45d03b265b52c3cfe24353e09175b1fb0fdfb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:09:38 GMT
content-encoding
gzip
last-modified
Wed, 08 Sep 2021 07:39:57 GMT
server
nginx
etag
W/"613868cd-4c14"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
expires
Sat, 23 Oct 2021 16:19:38 GMT
js
www.googletagmanager.com/gtag/ 		96 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-882032010
Requested by
Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-ca687c5134383c510e1c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e8f7cb6ee8635c17ccff859d2078a7bdb02dc0850c2266c37a1946c850d7f54a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:09:38 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
39216
x-xss-protection
0
last-modified
Sat, 23 Oct 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 23 Oct 2021 16:09:38 GMT
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-934858762
Requested by
Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-ca687c5134383c510e1c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
82d8f2d13a8163f9648f5eec3a19013c10b77e9bdec8feeb4c2b08464dcba165
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:09:38 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
39214
x-xss-protection
0
last-modified
Sat, 23 Oct 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 23 Oct 2021 16:09:38 GMT
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-950054130
Requested by
Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-ca687c5134383c510e1c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
080e681b208647acd499d15f43e00dc340dff6458c2b304b4d08ef0e8925a707
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:09:38 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
39217
x-xss-protection
0
last-modified
Sat, 23 Oct 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 23 Oct 2021 16:09:38 GMT
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-966730890
Requested by
Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-ca687c5134383c510e1c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
9681f42b7a12824bc464372b4571559aacd699b4f7497a805a6e4445aac425b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:09:38 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
39218
x-xss-protection
0
last-modified
Sat, 23 Oct 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 23 Oct 2021 16:09:38 GMT
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-735544455
Requested by
Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-ca687c5134383c510e1c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
4d5e89c79ace8d6e12a7d955f20f34e89afbe5ea543250c052acd43ff2863ea9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:09:38 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
39214
x-xss-protection
0
last-modified
Sat, 23 Oct 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 23 Oct 2021 16:09:38 GMT
bat.js
bat.bing.com/ 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/01439e9df401e2e/alinkasa.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d891455e32c9a425e36e190047b1f58abeb7e3709eff687134ddea7ac9cfdd3b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:09:38 GMT
content-encoding
gzip
last-modified
Wed, 06 Oct 2021 19:11:47 GMT
x-msedge-ref
Ref A: 9AD34D62C335435CAB60AABE8DBF7ABB Ref B: PRG01EDGE1119 Ref C: 2021-10-23T16:09:38Z
etag
"805b72e6bad71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
10001
js
www.googletagmanager.com/gtag/ 		97 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-874461485
Requested by
Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-ca687c5134383c510e1c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
fc9b9daeae4ab619e7a870f78497905bf578dc9711b95b91c7c2ceaf92237fae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:09:38 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
39349
x-xss-protection
0
last-modified
Sat, 23 Oct 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 23 Oct 2021 16:09:38 GMT
js
www.googletagmanager.com/gtag/ 		87 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-852807
Requested by
Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-ca687c5134383c510e1c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
7fa47ceee5c178f63b149834c081f37269df43030e636ada4f50ca45073aafb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:09:38 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35628
x-xss-protection
0
last-modified
Sat, 23 Oct 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 23 Oct 2021 16:09:38 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1007280/ Frame 728C 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1007280/tfa.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/01439e9df401e2e/alinkasa.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
abaa56c87ad50bd81c7a1aa002149fb1d552938440426660d29eef4b421ccc13

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
1yf5v7IbQqPYthmmNseTQCGtWLF1Q47h
content-encoding
gzip
etag
"43c3e2dfd2a3ad006b33d518e7792f3a"
age
0
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
24754
x-amz-id-2
mHhpU7OxTvhrM7tQJN0S6tO/2EFPQb74KfPsnWiLwVLKkyJbMQ+F+8lGcqSdAqbSMzyoYITBDcQ=
x-served-by
cache-fra19138-FRA
last-modified
Mon, 09 Aug 2021 10:26:05 GMT
server
AmazonS3
x-timer
S1635005379.937778,VS0,VE130
date
Sat, 23 Oct 2021 16:09:39 GMT
vary
Accept-Encoding
x-amz-request-id
SYVBT4FKRGTDT7T9
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
77
x-cache-hits
1
uwt.js
static.ads-twitter.com/ Frame 728C 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/01439e9df401e2e/alinkasa.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:09:38 GMT
content-encoding
gzip
last-modified
Mon, 20 Sep 2021 23:58:10 GMT
etag
"8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-geo-cc_and_ra
DE-NW
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
5410
x-served-by
cache-iad-kjyo7100054-IAD, cache-hhn11521-HHN
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-968462554
Requested by
Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-ca687c5134383c510e1c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
441a5dfc6e74393c0a658963fae6293365ab3e29ebcb30906be19f53d8e40030
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:09:38 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
39217
x-xss-protection
0
last-modified
Sat, 23 Oct 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 23 Oct 2021 16:09:38 GMT
conversion.js
www.googleadservices.com/pagead/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-ca687c5134383c510e1c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
72e6e98b1391dd750f3b44019ac52c993b93bb0fed404b5149ae5a8af9660d59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:09:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17678
x-xss-protection
0
server
cafe
etag
12763723626733652640
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 23 Oct 2021 16:09:38 GMT
activityi;dc_pre=CIHNyNb14PMCFYKOUQodIokKyA;src=852807;type=lrepa937;cat=lrere295;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D...
852807.fls.doubleclick.net/ Frame 728C
Redirect Chain
  • https://852807.fls.doubleclick.net/activityi;src=852807;type=lrepa937;cat=lrere295;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7...
  • https://852807.fls.doubleclick.net/activityi;dc_pre=CIHNyNb14PMCFYKOUQodIokKyA;src=852807;type=lrepa937;cat=lrere295;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;g...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://852807.fls.doubleclick.net/activityi;dc_pre=CIHNyNb14PMCFYKOUQodIokKyA;src=852807;type=lrepa937;cat=lrere295;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?sourceid=lmb-53704-112245-289&pkey1=289&pkey2=350394&pkey3=&sid=4&cmpid=579&crtid=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

date
Sat, 23 Oct 2021 16:09:38 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
location
https://852807.fls.doubleclick.net/activityi;dc_pre=CIHNyNb14PMCFYKOUQodIokKyA;src=852807;type=lrepa937;cat=lrere295;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsct
analytics.twitter.com/i/ Frame 728C 		43 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?txn_id=l5ksy&p_id=Twitter
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?sourceid=lmb-53704-112245-289&pkey1=289&pkey2=350394&pkey3=&sid=4&cmpid=579&crtid=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:09:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
111
pragma
no-cache
last-modified
Sat, 23 Oct 2021 16:09:39 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
32cc5c9221b01632fba38b699ebcf6de2f994e368bf7235dd001c8eb284a8d74
x-transaction
9f200e94db2f7dae
expires
Tue, 31 Mar 1981 05:00:00 GMT
/
www.google.com/pagead/1p-user-list/973523572/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/973523572/?value=0&label=l0DICKT_tQcQ9JSb0AM&guid=ON&script=0
  • https://www.google.com/pagead/1p-user-list/973523572/?value=0&label=l0DICKT_tQcQ9JSb0AM&guid=ON&script=0&is_vtc=1&random=868728123
42 B
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/973523572/?value=0&label=l0DICKT_tQcQ9JSb0AM&guid=ON&script=0&is_vtc=1&random=868728123
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 16:09:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Oct 2021 16:09:39 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
location
https://www.google.com/pagead/1p-user-list/973523572/?value=0&label=l0DICKT_tQcQ9JSb0AM&guid=ON&script=0&is_vtc=1&random=868728123
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activityi;dc_pre=CJfOyNb14PMCFRv3UQodbfEGhQ;src=852807;type=lrepa937;cat=lrere295;ord=2905a857-604d-4b75-b781-4a3ce0ed6269
852807.fls.doubleclick.net/ Frame 728C
Redirect Chain
  • https://852807.fls.doubleclick.net/activityi;src=852807;type=lrepa937;cat=lrere295;ord=2905a857-604d-4b75-b781-4a3ce0ed6269?
  • https://852807.fls.doubleclick.net/activityi;dc_pre=CJfOyNb14PMCFRv3UQodbfEGhQ;src=852807;type=lrepa937;cat=lrere295;ord=2905a857-604d-4b75-b781-4a3ce0ed6269?
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://852807.fls.doubleclick.net/activityi;dc_pre=CJfOyNb14PMCFRv3UQodbfEGhQ;src=852807;type=lrepa937;cat=lrere295;ord=2905a857-604d-4b75-b781-4a3ce0ed6269?
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?sourceid=lmb-53704-112245-289&pkey1=289&pkey2=350394&pkey3=&sid=4&cmpid=579&crtid=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

date
Sat, 23 Oct 2021 16:09:38 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
location
https://852807.fls.doubleclick.net/activityi;dc_pre=CJfOyNb14PMCFRv3UQodbfEGhQ;src=852807;type=lrepa937;cat=lrere295;ord=2905a857-604d-4b75-b781-4a3ce0ed6269?
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1066568174/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1066568174/?value=1.00&currency_code=USD&label=raBACLrR_VoQ7pPK_AM&guid=ON&script=0
  • https://www.google.com/pagead/1p-user-list/1066568174/?value=1.00&currency_code=USD&label=raBACLrR_VoQ7pPK_AM&guid=ON&script=0&is_vtc=1&random=2133146991
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1066568174/?value=1.00&currency_code=USD&label=raBACLrR_VoQ7pPK_AM&guid=ON&script=0&is_vtc=1&random=2133146991
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 16:09:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Oct 2021 16:09:39 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
location
https://www.google.com/pagead/1p-user-list/1066568174/?value=1.00&currency_code=USD&label=raBACLrR_VoQ7pPK_AM&guid=ON&script=0&is_vtc=1&random=2133146991
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
src=4818226;dc_pre=CJOOy9b14PMCFRtzGQodJEcCxA;type=invmedia;cat=esvbxzky;ord=1
adservice.google.com/ddm/fls/z/ Frame 728C
Redirect Chain
  • https://ad.doubleclick.net/ddm/activity/src=4818226;type=invmedia;cat=esvbxzky;ord=1?
  • https://ad.doubleclick.net/ddm/activity/src=4818226;dc_pre=CJOOy9b14PMCFRtzGQodJEcCxA;type=invmedia;cat=esvbxzky;ord=1?
  • https://adservice.google.com/ddm/fls/z/src=4818226;dc_pre=CJOOy9b14PMCFRtzGQodJEcCxA;type=invmedia;cat=esvbxzky;ord=1
42 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/src=4818226;dc_pre=CJOOy9b14PMCFRtzGQodJEcCxA;type=invmedia;cat=esvbxzky;ord=1
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?sourceid=lmb-53704-112245-289&pkey1=289&pkey2=350394&pkey3=&sid=4&cmpid=579&crtid=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 16:09:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Oct 2021 16:09:39 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://adservice.google.com/ddm/fls/z/src=4818226;dc_pre=CJOOy9b14PMCFRtzGQodJEcCxA;type=invmedia;cat=esvbxzky;ord=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
spp.pl
sp.analytics.yahoo.com/ Frame 728C 		43 B
964 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10070325&ec=LRELP
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?sourceid=lmb-53704-112245-289&pkey1=289&pkey2=350394&pkey3=&sid=4&cmpid=579&crtid=6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 16:09:39 GMT
X-Content-Type-Options
nosniff
Age
0
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Server
ATS
X-Frame-Options
DENY
Expect-CT
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Cache-Control
no-cache, private, must-revalidate
Accept-Ranges
bytes
Expires
Sat, 23 Oct 2021 16:09:39 GMT
edecd0ee-2144-438b-95a8-f6410e3c60df
https://refinance.lowermybills.com/ 		25 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://refinance.lowermybills.com/edecd0ee-2144-438b-95a8-f6410e3c60df
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a0f183e6a929b72ff7756f11df64e56ea8941d4a7a9d6b6aa5339e0d6845dc0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinance.lowermybills.com/?sourceid=lmb-53704-112245-289&pkey1=289&pkey2=350394&pkey3=&sid=4&cmpid=579&crtid=6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length
26035
adsct
t.co/i/ Frame 728C 		43 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nyhmx&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&event_id=6c52113f-4c05-4727-9656-72a78537dc0c&tw_document_href=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?sourceid=lmb-53704-112245-289&pkey1=289&pkey2=350394&pkey3=&sid=4&cmpid=579&crtid=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:09:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
107
pragma
no-cache
last-modified
Sat, 23 Oct 2021 16:09:39 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
b96eaf7ca9f203d2f4808a47ed84edf4a664ba9e337f4eead5d6b6672a0196d5
x-transaction
0ea861481eafedc8
expires
Tue, 31 Mar 1981 05:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-882032010
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
0b52dc3851559db81b5517ed0d7f0ae732f1f758f09834c62d09c02189ca2155
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:09:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14435
x-xss-protection
0
server
cafe
etag
3499052782129861849
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 23 Oct 2021 16:09:39 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-72055405-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Oct 2021 16:47:48 GMT
server
Golfe2
age
545
date
Sat, 23 Oct 2021 16:00:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19887
expires
Sat, 23 Oct 2021 18:00:34 GMT
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-966730890&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-882032010
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
bbca5ba83027a883c7001d6ddcd5ad46411b4307834311a2fece1e711700af5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:09:39 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
39224
x-xss-protection
0
last-modified
Sat, 23 Oct 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 23 Oct 2021 16:09:39 GMT
js
www.googletagmanager.com/gtag/ 		132 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-849970183&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-882032010
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b992b3d540d19317757abae3f0ccfc50a424b76925b29753ac62525fb9bf7a42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:09:39 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
50471
x-xss-protection
0
last-modified
Sat, 23 Oct 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 23 Oct 2021 16:09:39 GMT
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-735544455&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-882032010
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
da49e8664377e64bce7a8a36b0c1ab66964bf455f778d7532942196261d1d671
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:09:39 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
39222
x-xss-protection
0
last-modified
Sat, 23 Oct 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 23 Oct 2021 16:09:39 GMT
pubdff5c93c0a8137997d0bc115c7949e0c
rum-http-intake.logs.datadoghq.com/v1/input/ 		2 B
94 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rum-http-intake.logs.datadoghq.com/v1/input/pubdff5c93c0a8137997d0bc115c7949e0c?ddsource=browser&ddtags=sdk_version%3A3.6.12%2Cenv%3Aprod%2Cservice%3Alre-lp-webapp%2Cversion%3A1.0.3%20d-I8603TB3D&batch_time=1635005379041
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.145.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-145-244.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 23 Oct 2021 16:09:39 GMT
content-length
2
content-type
application/json
5189243.js
bat.bing.com/p/action/ 		0
111 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5189243.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 23 Oct 2021 16:09:38 GMT
cache-control
private,max-age=1800
x-msedge-ref
Ref A: 901DD44556FB4709B7D234408AD29021 Ref B: PRG01EDGE1119 Ref C: 2021-10-23T16:09:39Z
x-powered-by
ARR/3.0
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5189243&Ver=2&mid=c2b2ea26-ec81-433a-b97e-ad9974319414&sid=9fbeaf50341b11eca81aa7470e0cdce9&vid=9fbefa50341b11ec81093d7fbb6a62cd&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Refinance%20Mortgage,%20Refinancing%20Rates,%20Mortgage%20Rates%20-%20LowerMyBills&kw=refinance,%20mortgage,%20mortgages,%20refinancing,%20mortgage%20rates,%20refinance%20mortgage,%20refinance%20rates,%20refinancing%20rates,%20refinancing%20home,%20home%20loan,%20home%20loans,%20equity%20loans,%20home%20equity%20loans,%20home%20equity%20loan,%20second%20mortgage,%20home%20equity%20loan%20rates,%20credit%20card%20consolidation,%20debt%20loans,%20credit%20card%20debt%20consolidation,%20bad%20credit%20loans,%20debt%20free,%20bad%20credit,%20debt%20help,%20debt%20solutions,%20money%20management,%20credit%20card%20debt,%20personal%20loan,%20bad%20credit%20mortgage,%20mortgage%20calculator&p=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6&r=https%3A%2F%2Fnameluxuries.com%2F&lt=2641&evt=pageLoad&msclkid=N&sv=1&rn=464495
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 23 Oct 2021 16:09:38 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 6ACAA458CB564F3DB54D0E7496F46D4B Ref B: PRG01EDGE1119 Ref C: 2021-10-23T16:09:39Z
x-cache
CONFIG_NOCACHE
expires
Fri, 01 Jan 1990 00:00:00 GMT
pd2120
pix.revjet.com/track/ Frame 728C 		46 B
423 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pix.revjet.com/track/pd2120?__noscript=false&__cbf=revjet.callbacks.cb1635005379183&location=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6&referrer=https%3A%2F%2Fnameluxuries.com%2F&creditProfile=&firstMortgageBalance=&firstMortgageInterestRate=&hasFHALoan=&homeValue=&loanToValue=&propertyCity=&propertyDescription=&propertyState=&propertyZipCode=&rateType=&typeOfLoan=&loanRefiPurpose=
Requested by
Host: ads.revjet.com
URL: https://ads.revjet.com/analytics?acu=3370
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
65.21.233.18 , United States, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.18.233.21.65.clients.your-server.de
Software
/
Resource Hash
34b29975948a3a29375bf8a252813bafaaca820f9ab86319c5051d35426c0462

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 23 Oct 2021 16:09:39 GMT
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length
46
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/966730890/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/966730890/?random=1635005379198&cv=9&fst=1635005379198&num=1&value=1&currency_code=USD&label=SuU3CIKMzqoBEIrJ_MwD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
9574f210bab07a3de7e24ad8a02eadf0daabbf71fdd99d21314e966973d652d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 16:09:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1200
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/966730890/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/966730890/?random=1635005379200&cv=9&fst=1635005379200&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
5a301c6e4d2a60224d552467b8b7055c6cab5e0bafd5b28fa79339ab76c0354b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 16:09:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1128
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/966730890/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/966730890/?random=1635005379201&cv=9&fst=1635005379201&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
2ff7d98479e53513c99dd07631ffbfb0086844e367321881167b45c3deb0421c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 16:09:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1127
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/874461485/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/874461485/?random=1635005379202&cv=9&fst=1635005379202&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&tc=x&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
2d3139e620a8a5c76911739e7baa5bd159707a5790436a5f89928fd27e9a8553
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 16:09:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1118
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/882032010/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/882032010/?random=1635005379203&cv=9&fst=1635005379203&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
b86ba77296ddd5cd186391066eda2a4ffb3b69aaddd41a84f112f32f88e2b570
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 16:09:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1116
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/968462554/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/968462554/?random=1635005379203&cv=9&fst=1635005379203&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
  • https://www.google.com/pagead/1p-user-list/968462554/?random=1635005379203&cv=9&fst=1635004800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/968462554/?random=1635005379203&cv=9&fst=1635004800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&is_vtc=1&random=2264871380&resp=GooglemKTybQhCsO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 16:09:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Oct 2021 16:09:39 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
location
https://www.google.com/pagead/1p-user-list/968462554/?random=1635005379203&cv=9&fst=1635004800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&is_vtc=1&random=2264871380&resp=GooglemKTybQhCsO
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/950054130/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/950054130/?random=1635005379204&cv=9&fst=1635005379204&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
31103fd67622a2281e30f070a0d65d5b183d43cee89d79456774d80dd8d5484b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 16:09:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1116
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/735544455/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/735544455/?random=1635005379204&cv=9&fst=1635005379204&num=1&label=iteKCOibgqIBEIeJ3t4C&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&auid=430707114.1635005379&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e0d09da0297a667612d5df576d0db8fdf93464272cf04ed35492795494eb8c59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 16:09:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1256
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/735544455/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/735544455/?random=1635005379206&cv=9&fst=1635005379206&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
101e3fb37df00e440eb25511a42d2a85a16266be2daeea84b5fcbe0a63774ec3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 16:09:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1117
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/934858762/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/934858762/?random=1635005379207&cv=9&fst=1635005379207&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
f4846c59ac2dd1007ed40d6067ed3761ff61788b87e8fd9673bb6fdb284d47c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 16:09:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1119
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1066568174/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1066568174/?random=1635005379208&cv=9&fst=1635005379208&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
c1dfb2b76a648b172e6de66ff689e8d5046ffd2573789e207bf2b507317f56ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 16:09:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1120
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/849970183/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/849970183/?random=1635005379208&cv=9&fst=1635005379208&num=1&label=DKgWCPPcgqEBEIeIppUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&auid=430707114.1635005379&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
a97378d46ff5215f6ff1cf64ec9d5d9d1387413f823e9a9ec1b1331adf38fe2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 16:09:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1258
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/849970183/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/849970183/?random=1635005379210&cv=9&fst=1635005379210&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
69884e87edd4447f251890ba4308d409a74e674f65e6a1d30754d7dfb5ccb3dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 16:09:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1127
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/755089552/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/755089552/?random=1635005379210&cv=9&fst=1635005379210&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
  • https://www.google.com/pagead/1p-user-list/755089552/?random=1635005379210&cv=9&fst=1635004800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/755089552/?random=1635005379210&cv=9&fst=1635004800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&is_vtc=1&random=3703547195&resp=GooglemKTybQhCsO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 16:09:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Oct 2021 16:09:39 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
location
https://www.google.com/pagead/1p-user-list/755089552/?random=1635005379210&cv=9&fst=1635004800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&is_vtc=1&random=3703547195&resp=GooglemKTybQhCsO
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j94&a=24929741&t=pageview&_s=1&dl=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6&dr=https%3A%2F%2Fnameluxuries.com%2F&ul=en-us&de=UTF-8&dt=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=561935712&gjid=231678811&cid=1712979675.1635005379&tid=UA-72055405-1&_gid=19531262.1635005379&_r=1&gtm=2ouak0&z=1270940373
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 16:09:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://refinance.lowermybills.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
trc.taboola.com/1007280/trc/3/ Frame 728C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1007280/trc/3/json?tim=1635005379241&data=%7B%22id%22%3A652%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1635005379235%2C%22cv%22%3A%2220210809-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6%22%2C%22e%22%3A%22https%3A%2F%2Fnameluxuries.com%2F%22%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dcoredigital-sc%3Aabp%3D1%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1635005379240%2C%22ref%22%3A%22https%3A%2F%2Fnameluxuries.com%2F%22%2C%22item-url%22%3A%22https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1007280/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7e3c3d59d895ada1dbcb865003abd4084c49ab580f2abf370bf88c3d41f5ea70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms
15
date
Sat, 23 Oct 2021 16:09:39 GMT
content-encoding
gzip
server
nginx
x-timer
S1635005379.246007,VS0,VE15
x-served-by
cache-fra19138-FRA
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
/
www.google.com/pagead/1p-user-list/735544455/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/735544455/?random=1635005379206&cv=9&fst=1635004800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=1153134831&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 16:09:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/950054130/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/950054130/?random=1635005379204&cv=9&fst=1635004800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=1878799092&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 16:09:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/966730890/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/966730890/?random=1635005379200&cv=9&fst=1635004800000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=3816985767&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 16:09:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/966730890/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/966730890/?random=1635005379198&cv=9&fst=1635004800000&num=1&value=1&currency_code=USD&label=SuU3CIKMzqoBEIrJ_MwD&bg=ffffff&guid=ON&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=3629119034&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 16:09:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubdff5c93c0a8137997d0bc115c7949e0c
rum-http-intake.logs.datadoghq.com/v1/input/ 		2 B
93 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rum-http-intake.logs.datadoghq.com/v1/input/pubdff5c93c0a8137997d0bc115c7949e0c?ddsource=browser&ddtags=sdk_version%3A3.6.12%2Cenv%3Aprod%2Cservice%3Alre-lp-webapp%2Cversion%3A1.0.3%20d-I8603TB3D&batch_time=1635005379250
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.145.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-145-244.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 23 Oct 2021 16:09:39 GMT
content-length
2
content-type
application/json
/
www.google.com/pagead/1p-user-list/966730890/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/966730890/?random=1635005379201&cv=9&fst=1635004800000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=1802101767&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 16:09:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/849970183/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/849970183/?random=1635005379210&cv=9&fst=1635004800000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=472897838&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 16:09:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/874461485/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/874461485/?random=1635005379202&cv=9&fst=1635004800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=711251977&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 16:09:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/882032010/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/882032010/?random=1635005379203&cv=9&fst=1635004800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=2242142818&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 16:09:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1066568174/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1066568174/?random=1635005379208&cv=9&fst=1635004800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=2900405130&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 16:09:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-conversion/849970183/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/849970183/?random=599689705&cv=9&fst=1635005379208&num=1&label=DKgWCPPcgqEBEIeIppUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200...
  • https://www.google.com/pagead/1p-conversion/849970183/?random=599689705&cv=9&fst=1635005379208&num=1&label=DKgWCPPcgqEBEIeIppUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-conversion/849970183/?random=599689705&cv=9&fst=1635005379208&num=1&label=DKgWCPPcgqEBEIeIppUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&auid=430707114.1635005379&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=wzN0YaLuDqemx_AP2qi9-A8&cid=CAQSKQCNIrLMWsDhDnSpBfXOUzmyWYgol1-Ypo6WpXTwN9g6mhmucmyuumOq&random=2587167901&resp=GooglemKTybQhCsO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 16:09:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Oct 2021 16:09:39 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
location
https://www.google.com/pagead/1p-conversion/849970183/?random=599689705&cv=9&fst=1635005379208&num=1&label=DKgWCPPcgqEBEIeIppUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&auid=430707114.1635005379&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=wzN0YaLuDqemx_AP2qi9-A8&cid=CAQSKQCNIrLMWsDhDnSpBfXOUzmyWYgol1-Ypo6WpXTwN9g6mhmucmyuumOq&random=2587167901&resp=GooglemKTybQhCsO
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-conversion/735544455/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/735544455/?random=1570814368&cv=9&fst=1635005379204&num=1&label=iteKCOibgqIBEIeJ3t4C&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=120...
  • https://www.google.com/pagead/1p-conversion/735544455/?random=1570814368&cv=9&fst=1635005379204&num=1&label=iteKCOibgqIBEIeJ3t4C&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-conversion/735544455/?random=1570814368&cv=9&fst=1635005379204&num=1&label=iteKCOibgqIBEIeJ3t4C&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&auid=430707114.1635005379&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=wzN0YcvwDs-8x_APu6GpsAc&cid=CAQSKQCNIrLMwV_n_L876AkK7s03Fkdarr993EeIGftwXbyF9FKfoFR8ka0P&random=957292924&resp=GooglemKTybQhCsO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 16:09:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Oct 2021 16:09:39 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
location
https://www.google.com/pagead/1p-conversion/735544455/?random=1570814368&cv=9&fst=1635005379204&num=1&label=iteKCOibgqIBEIeJ3t4C&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&auid=430707114.1635005379&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=wzN0YcvwDs-8x_APu6GpsAc&cid=CAQSKQCNIrLMwV_n_L876AkK7s03Fkdarr993EeIGftwXbyF9FKfoFR8ka0P&random=957292924&resp=GooglemKTybQhCsO
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
trc.taboola.com/1390358/trc/3/ Frame 728C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1390358/trc/3/json?tim=1635005379267&data=%7B%22id%22%3A588%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1635005379235%2C%22cv%22%3A%2220210809-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6%22%2C%22e%22%3A%22https%3A%2F%2Fnameluxuries.com%2F%22%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dcoredigital-sc%3Aabp%3D1%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1635005379242%2C%22ref%22%3A%22https%3A%2F%2Fnameluxuries.com%2F%22%2C%22item-url%22%3A%22https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6%22%2C%22tos%22%3A3%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1007280/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ee63b2ebc0b6f1ef224be2dc9d98a9cd83dbea2b658a7bbedb137c927b7bf57c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms
19
date
Sat, 23 Oct 2021 16:09:39 GMT
content-encoding
gzip
server
nginx
x-timer
S1635005379.271415,VS0,VE19
x-served-by
cache-fra19138-FRA
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
track
refinance.lowermybills.com/ 		256 B
771 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://refinance.lowermybills.com/track
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.164.48.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-164-48-254.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
042aa3f9b2ac444a6deff994fdf96096421b00349cf0276bbcef452e4d663954
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Origin
https://refinance.lowermybills.com
Accept-Encoding
gzip, deflate, br
Accept-Language
de-DE,de;q=0.9
Sec-Fetch-Dest
empty
Cookie
visitorId=2905a857-604d-4b75-b781-4a3ce0ed6269; sourceId=lmb-53704-112245-289; connect.sid=s%3A5SL_gdjsJEE-xxOXUz8_JozQSSzpMZtq.xYVJqmJ8h1DpQRg6nwPlP3VcEzmmySy7TVM1XJkROXA; BIGipServerpl.prod-lrelpwapp-lnd=!0Rd6QdbGZUGgeuVRHhj5eaSY0gTQ+GgqAIAGS/RV5Ft9pKdFawlVDtJrdgCWsy0y/smKpdC4eMF16bM=; TS014fdca0=012d8c2fc37d59e3cae3d2559f4632bb641388c620611043ab4e84dbf669a753972db8b490a73655a7960c2c8e7c70dd29167b777f; DAPROPS="sjs.webGlRenderer:Intel Iris OpenGL Engine|bjs.accessDom:1|bcookieSupport:1|bcss.animations:1|bcss.columns:1|bcss.transforms:1|bcss.transitions:1|sdevicePixelRatio:1|idisplayColorDepth:24|bflashCapable:0|bhtml.audio:1|bhtml.canvas:1|bhtml.inlinesvg:1|bhtml.svg:1|bhtml.video:1|bjs.applicationCache:0|bjs.deviceMotion:1|bjs.deviceOrientation:0|bjs.geoLocation:1|bjs.indexedDB:1|bjs.json:1|bjs.localStorage:1|bjs.modifyCss:1|bjs.modifyDom:1|bjs.querySelector:1|bjs.sessionStorage:1|bjs.supportBasicJavaScript:1|bjs.supportConsoleLog:1|bjs.supportEventListener:1|bjs.supportEvents:1|bjs.touchEvents:0|bjs.webGl:1|bjs.webSockets:1|bjs.webSqlDatabase:0|bjs.webWorkers:1|bjs.xhr:1|buserMedia:1|bjs.battery:0"; _dd_s=rum=1&id=184e9c96-23cc-435c-aad3-b58b0b86716a&created=1635005378896&expire=1635006278896; _gcl_au=1.1.430707114.1635005379; _uetsid=9fbeaf50341b11eca81aa7470e0cdce9; _uetvid=9fbefa50341b11ec81093d7fbb6a62cd; _ga=GA1.2.1712979675.1635005379; _gid=GA1.2.19531262.1635005379; _gat_gtag_UA_72055405_1=1
Connection
keep-alive
Content-Length
381
Pragma
no-cache
Host
refinance.lowermybills.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json;charset=UTF-8
Accept
application/json, text/plain, */*
Cache-Control
no-cache
Referer
https://refinance.lowermybills.com/?sourceid=lmb-53704-112245-289&pkey1=289&pkey2=350394&pkey3=&sid=4&cmpid=579&crtid=6
Sec-Fetch-Site
same-origin
Accept
application/json, text/plain, */*
Referer
https://refinance.lowermybills.com/?sourceid=lmb-53704-112245-289&pkey1=289&pkey2=350394&pkey3=&sid=4&cmpid=579&crtid=6
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Date
Sat, 23 Oct 2021 16:09:39 GMT
Referrer-Policy
same-origin
X-DNS-Prefetch-Control
off
ETag
W/"100-nMwgnIEoYwb7LMJ5A2z0iYLQ2/E"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
P3P
CP="NON DSP COR LAW CONi TELi OUR SAM IND CNT"
X-XSS-Protection
1; mode=block
Cache-Control
no-store
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
application/json; charset=utf-8
Content-Length
256
X-Content-Type-Options
nosniff
/
www.google.com/pagead/1p-user-list/934858762/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/934858762/?random=1635005379207&cv=9&fst=1635004800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=3375615517&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 16:09:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-72055405-1&cid=1712979675.1635005379&jid=561935712&gjid=231678811&_gid=19531262.1635005379&_u=YEBAAUAAAAAAAC~&z=1802499727
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.166.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wm-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 23 Oct 2021 16:09:39 GMT
content-type
text/plain
access-control-allow-origin
https://refinance.lowermybills.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubdff5c93c0a8137997d0bc115c7949e0c
rum-http-intake.logs.datadoghq.com/v1/input/ 		2 B
93 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rum-http-intake.logs.datadoghq.com/v1/input/pubdff5c93c0a8137997d0bc115c7949e0c?ddsource=browser&ddtags=sdk_version%3A3.6.12%2Cenv%3Aprod%2Cservice%3Alre-lp-webapp%2Cversion%3A1.0.3%20d-I8603TB3D&batch_time=1635005379288
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.145.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-145-244.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 23 Oct 2021 16:09:39 GMT
content-length
2
content-type
application/json
cds-pips.js
cdn.taboola.com/scripts/ Frame 728C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1007280/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding
gzip
etag
"3aa74dbf5cd656dbb65deda2d238ddbd"
age
1871
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
911
x-amz-id-2
qQheTKeQES6bMdCZ/EuMmRskbiEN65W4DOuEKpUxChRbjEcyJKpTEG2fJKFHmn2GKELuYHBGLWM=
x-served-by
cache-fra19138-FRA
last-modified
Wed, 14 Jul 2021 05:06:01 GMT
server
AmazonS3
x-timer
S1635005379.297951,VS0,VE0
date
Sat, 23 Oct 2021 16:09:39 GMT
vary
Accept-Encoding
x-amz-request-id
X0T5G34XC8D2QGE8
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
77
x-cache-hits
10434
pubdff5c93c0a8137997d0bc115c7949e0c
rum-http-intake.logs.datadoghq.com/v1/input/ 		2 B
93 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rum-http-intake.logs.datadoghq.com/v1/input/pubdff5c93c0a8137997d0bc115c7949e0c?ddsource=browser&ddtags=sdk_version%3A3.6.12%2Cenv%3Aprod%2Cservice%3Alre-lp-webapp%2Cversion%3A1.0.3%20d-I8603TB3D&batch_time=1635005379318
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.145.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-145-244.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 23 Oct 2021 16:09:39 GMT
content-length
2
content-type
application/json
unip
trc-events.taboola.com/1007280/log/3/ Frame 728C 		0
254 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1007280/log/3/unip?en=pre_d_eng_tb&tos=1553&scd=0&ssd=1&est=1635005379238&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1635005380792&vi=1635005379235&ri=20630cff37998021d3a0b28b796da0e0&ui=18ad3b92-772b-411d-bcf0-6dee9ad4c427-tuct86db943&ref=https%3A%2F%2Fnameluxuries.com%2F&cv=20210809-3-RELEASE&item-url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1007280/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
https://refinance.lowermybills.com
pragma
no-cache
date
Sat, 23 Oct 2021 16:09:40 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1390358/log/3/ Frame 728C 		0
255 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1390358/log/3/unip?en=pre_d_eng_tb&tos=1554&scd=0&ssd=1&est=1635005379238&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1635005380793&vi=1635005379235&ri=536dfbc3745689c90f76f7f43c04254f&sd=v2_3729d785777eb1b6987a262889f8bf1b_18ad3b92-772b-411d-bcf0-6dee9ad4c427-tuct86db943_1635005379_1635005379_CNCP0B4Qlu5UGKPlqO_KLyABKAEwODib4wlAiIoQSKfH2QNQouwQWABgAGjr5LqW88T3vnFwAA&ui=18ad3b92-772b-411d-bcf0-6dee9ad4c427-tuct86db943&ref=https%3A%2F%2Fnameluxuries.com%2F&cv=20210809-3-RELEASE&item-url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1007280/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
https://refinance.lowermybills.com
pragma
no-cache
date
Sat, 23 Oct 2021 16:09:40 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1007280/log/3/ Frame 728C 		0
254 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1007280/log/3/unip?en=pre_d_eng_tb&tos=4555&scd=0&ssd=1&est=1635005379238&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1635005383794&vi=1635005379235&ri=20630cff37998021d3a0b28b796da0e0&ui=18ad3b92-772b-411d-bcf0-6dee9ad4c427-tuct86db943&ref=https%3A%2F%2Fnameluxuries.com%2F&cv=20210809-3-RELEASE&item-url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1007280/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
https://refinance.lowermybills.com
pragma
no-cache
date
Sat, 23 Oct 2021 16:09:43 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1390358/log/3/ Frame 728C 		0
254 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1390358/log/3/unip?en=pre_d_eng_tb&tos=4555&scd=0&ssd=1&est=1635005379238&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1635005383794&vi=1635005379235&ri=536dfbc3745689c90f76f7f43c04254f&sd=v2_3729d785777eb1b6987a262889f8bf1b_18ad3b92-772b-411d-bcf0-6dee9ad4c427-tuct86db943_1635005379_1635005379_CNCP0B4Qlu5UGKPlqO_KLyABKAEwODib4wlAiIoQSKfH2QNQouwQWABgAGjr5LqW88T3vnFwAA&ui=18ad3b92-772b-411d-bcf0-6dee9ad4c427-tuct86db943&ref=https%3A%2F%2Fnameluxuries.com%2F&cv=20210809-3-RELEASE&item-url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fsourceid%3Dlmb-53704-112245-289%26pkey1%3D289%26pkey2%3D350394%26pkey3%3D%26sid%3D4%26cmpid%3D579%26crtid%3D6
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1007280/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
https://refinance.lowermybills.com
pragma
no-cache
date
Sat, 23 Oct 2021 16:09:43 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
track
refinance.lowermybills.com/ 		257 B
772 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://refinance.lowermybills.com/track
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.164.48.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-164-48-254.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Origin
https://refinance.lowermybills.com
Accept-Encoding
gzip, deflate, br
Accept-Language
de-DE,de;q=0.9
Sec-Fetch-Dest
empty
Cookie
visitorId=2905a857-604d-4b75-b781-4a3ce0ed6269; sourceId=lmb-53704-112245-289; connect.sid=s%3A5SL_gdjsJEE-xxOXUz8_JozQSSzpMZtq.xYVJqmJ8h1DpQRg6nwPlP3VcEzmmySy7TVM1XJkROXA; BIGipServerpl.prod-lrelpwapp-lnd=!0Rd6QdbGZUGgeuVRHhj5eaSY0gTQ+GgqAIAGS/RV5Ft9pKdFawlVDtJrdgCWsy0y/smKpdC4eMF16bM=; TS014fdca0=012d8c2fc37d59e3cae3d2559f4632bb641388c620611043ab4e84dbf669a753972db8b490a73655a7960c2c8e7c70dd29167b777f; DAPROPS="sjs.webGlRenderer:Intel Iris OpenGL Engine|bjs.accessDom:1|bcookieSupport:1|bcss.animations:1|bcss.columns:1|bcss.transforms:1|bcss.transitions:1|sdevicePixelRatio:1|idisplayColorDepth:24|bflashCapable:0|bhtml.audio:1|bhtml.canvas:1|bhtml.inlinesvg:1|bhtml.svg:1|bhtml.video:1|bjs.applicationCache:0|bjs.deviceMotion:1|bjs.deviceOrientation:0|bjs.geoLocation:1|bjs.indexedDB:1|bjs.json:1|bjs.localStorage:1|bjs.modifyCss:1|bjs.modifyDom:1|bjs.querySelector:1|bjs.sessionStorage:1|bjs.supportBasicJavaScript:1|bjs.supportConsoleLog:1|bjs.supportEventListener:1|bjs.supportEvents:1|bjs.touchEvents:0|bjs.webGl:1|bjs.webSockets:1|bjs.webSqlDatabase:0|bjs.webWorkers:1|bjs.xhr:1|buserMedia:1|bjs.battery:0"; _dd_s=rum=1&id=184e9c96-23cc-435c-aad3-b58b0b86716a&created=1635005378896&expire=1635006278896; _gcl_au=1.1.430707114.1635005379; _uetsid=9fbeaf50341b11eca81aa7470e0cdce9; _uetvid=9fbefa50341b11ec81093d7fbb6a62cd; _ga=GA1.2.1712979675.1635005379; _gid=GA1.2.19531262.1635005379; _gat_gtag_UA_72055405_1=1
Connection
keep-alive
Content-Length
383
Pragma
no-cache
Host
refinance.lowermybills.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json;charset=UTF-8
Accept
application/json, text/plain, */*
Cache-Control
no-cache
Referer
https://refinance.lowermybills.com/?sourceid=lmb-53704-112245-289&pkey1=289&pkey2=350394&pkey3=&sid=4&cmpid=579&crtid=6
Sec-Fetch-Site
same-origin
Accept
application/json, text/plain, */*
Referer
https://refinance.lowermybills.com/?sourceid=lmb-53704-112245-289&pkey1=289&pkey2=350394&pkey3=&sid=4&cmpid=579&crtid=6
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Date
Sat, 23 Oct 2021 16:09:43 GMT
Referrer-Policy
same-origin
X-DNS-Prefetch-Control
off
ETag
W/"101-dAK5E3K4gAaZwq4uHg2phxiU0VQ"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
P3P
CP="NON DSP COR LAW CONi TELi OUR SAM IND CNT"
X-XSS-Protection
1; mode=block
Cache-Control
no-store
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
application/json; charset=utf-8
Content-Length
257
X-Content-Type-Options
nosniff
pubdff5c93c0a8137997d0bc115c7949e0c
rum-http-intake.logs.datadoghq.com/v1/input/ 		2 B
93 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rum-http-intake.logs.datadoghq.com/v1/input/pubdff5c93c0a8137997d0bc115c7949e0c?ddsource=browser&ddtags=sdk_version%3A3.6.12%2Cenv%3Aprod%2Cservice%3Alre-lp-webapp%2Cversion%3A1.0.3%20d-I8603TB3D&batch_time=1635005384074
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.145.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-145-244.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 23 Oct 2021 16:09:44 GMT
content-length
2
content-type
application/json
Primary Request Cookie set questions
refinance.lowermybills.com/ 		19 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://refinance.lowermybills.com/questions
Requested by
Host: static-lre.lowermybills.com
URL: https://static-lre.lowermybills.com/main.e12635025c9fb5cfff6b.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.164.48.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-164-48-254.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
dd88a7b21b4ed70bcb96c5bf56713928b522c2d68454dbea5dd849aab8d3f577
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
refinance.lowermybills.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://refinance.lowermybills.com/?sourceid=lmb-53704-112245-289&pkey1=289&pkey2=350394&pkey3=&sid=4&cmpid=579&crtid=6
Accept-Encoding
gzip, deflate, br
Cookie
visitorId=2905a857-604d-4b75-b781-4a3ce0ed6269; sourceId=lmb-53704-112245-289; connect.sid=s%3A5SL_gdjsJEE-xxOXUz8_JozQSSzpMZtq.xYVJqmJ8h1DpQRg6nwPlP3VcEzmmySy7TVM1XJkROXA; BIGipServerpl.prod-lrelpwapp-lnd=!0Rd6QdbGZUGgeuVRHhj5eaSY0gTQ+GgqAIAGS/RV5Ft9pKdFawlVDtJrdgCWsy0y/smKpdC4eMF16bM=; TS014fdca0=012d8c2fc37d59e3cae3d2559f4632bb641388c620611043ab4e84dbf669a753972db8b490a73655a7960c2c8e7c70dd29167b777f; DAPROPS="sjs.webGlRenderer:Intel Iris OpenGL Engine|bjs.accessDom:1|bcookieSupport:1|bcss.animations:1|bcss.columns:1|bcss.transforms:1|bcss.transitions:1|sdevicePixelRatio:1|idisplayColorDepth:24|bflashCapable:0|bhtml.audio:1|bhtml.canvas:1|bhtml.inlinesvg:1|bhtml.svg:1|bhtml.video:1|bjs.applicationCache:0|bjs.deviceMotion:1|bjs.deviceOrientation:0|bjs.geoLocation:1|bjs.indexedDB:1|bjs.json:1|bjs.localStorage:1|bjs.modifyCss:1|bjs.modifyDom:1|bjs.querySelector:1|bjs.sessionStorage:1|bjs.supportBasicJavaScript:1|bjs.supportConsoleLog:1|bjs.supportEventListener:1|bjs.supportEvents:1|bjs.touchEvents:0|bjs.webGl:1|bjs.webSockets:1|bjs.webSqlDatabase:0|bjs.webWorkers:1|bjs.xhr:1|buserMedia:1|bjs.battery:0"; _dd_s=rum=1&id=184e9c96-23cc-435c-aad3-b58b0b86716a&created=1635005378896&expire=1635006278896; _gcl_au=1.1.430707114.1635005379; _uetsid=9fbeaf50341b11eca81aa7470e0cdce9; _uetvid=9fbefa50341b11ec81093d7fbb6a62cd; _ga=GA1.2.1712979675.1635005379; _gid=GA1.2.19531262.1635005379; _gat_gtag_UA_72055405_1=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://refinance.lowermybills.com/?sourceid=lmb-53704-112245-289&pkey1=289&pkey2=350394&pkey3=&sid=4&cmpid=579&crtid=6

Response headers

Date
Sat, 23 Oct 2021 16:09:44 GMT
Content-Type
text/html; charset=utf-8
Content-Length
19419
Connection
keep-alive
X-DNS-Prefetch-Control
off
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Download-Options
noopen
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Cache-Control
no-store
ETag
W/"4bdb-xJkGXISo9GsFL6WrNrtbDov5oXY"
Set-Cookie
connect.sid=s%3A5SL_gdjsJEE-xxOXUz8_JozQSSzpMZtq.xYVJqmJ8h1DpQRg6nwPlP3VcEzmmySy7TVM1XJkROXA; Path=/; Expires=Sat, 30 Oct 2021 16:09:44 GMT; HttpOnly TS014fdca0=012d8c2fc37d59e3cae3d2559f4632bb641388c620611043ab4e84dbf669a753972db8b490a73655a7960c2c8e7c70dd29167b777f; Path=/
P3P
CP="NON DSP COR LAW CONi TELi OUR SAM IND CNT"
replay
session-replay.browser-intake-datadoghq.com/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://session-replay.browser-intake-datadoghq.com/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A3.6.12%2Cenv%3Aprod%2Cservice%3Alre-lp-webapp%2Cversion%3A1.0.3%20d-I8603TB3D&dd-api-key=pubdff5c93c0a8137997d0bc115c7949e0c&dd-evp-origin-version=3.6.12&dd-evp-origin=browser&dd-request-id=ddab39a4-965e-487e-b1f8-aeb0ca37e053
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.173.59 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarynea9fmEApxitPYAS

Response headers

access-control-allow-origin
*
0
bat.bing.com/actionp/ 		0
0
main.e12635025c9fb5cfff6b.css
static-lre.lowermybills.com/ 		35 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-lre.lowermybills.com/main.e12635025c9fb5cfff6b.css
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/questions
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.232 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-232.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
922010a894024fc34925fafe378edfee4578db4a81bfbb2a517974bf505b51dd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
99ZLQMy65refd8OEXZJR9QoamkJihNOm
content-encoding
br
last-modified
Fri, 22 Oct 2021 23:33:16 GMT
x-amz-cf-pop
SFO5-C3
etag
"53b1451a84c1fffb08e1a7511f4a708a"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2532170
date
Sat, 23 Oct 2021 16:09:44 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
7372
x-amz-cf-id
VjvyFsqrQJIr-5HlncttLKpAX4b0jRJLdLDzVhQZ_4PTTloqGmJHQQ==
pixel-ca687c5134383c510e1c.js
cdn-refinance.lowermybills.com/ 		280 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-refinance.lowermybills.com/pixel-ca687c5134383c510e1c.js
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/questions
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.210 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-210.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b09e2cd396fb96094ce9ce509862f223b83c6a8427900690eb7368251a28978c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
etag
W/"45f7b-17caa55acd6"
x-dns-prefetch-control
off
p3p
CP="NON DSP COR LAW CONi TELi OUR SAM IND CNT"
content-length
33187
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 22 Oct 2021 23:28:34 GMT
x-frame-options
SAMEORIGIN
date
Sat, 23 Oct 2021 16:09:44 GMT
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
x-content-type-options
nosniff
deviceatlas-1.6.min.js
content.lowermybills.com/deviceatlas-1.6/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.lowermybills.com/deviceatlas-1.6/deviceatlas-1.6.min.js
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/questions
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.210 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-210.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d60aa838e099599b51126886e7fa0334ad2022c7b4f76977c86f45463b55bfe9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:09:44 GMT
content-encoding
gzip
last-modified
Fri, 15 Oct 2021 19:40:00 GMT
x-amz-cf-pop
FRA53-C1
etag
"67510dbcee1857a225b8f76bdc940c26"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=145484
accept-ranges
bytes
content-length
2759
x-amz-cf-id
LyC_oAHIdmWom8Qt4S1H57X36ig5yLYnbCMpYZIX-9HNcmlQTW9FNA==
css
fonts.googleapis.com/ 		820 B
414 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Shadows+Into+Light+Two&display=swap
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/questions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f10.1e100.net
Software
ESF /
Resource Hash
5d67b40783f583fa48ec3a8d7346bb2a7396407bb7fb4b5ad6a5bb3cab2dd53b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 23 Oct 2021 16:09:44 GMT
server
ESF
date
Sat, 23 Oct 2021 16:09:44 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sat, 23 Oct 2021 16:09:44 GMT
css2
fonts.googleapis.com/ 		5 KB
626 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;700&display=swap
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/questions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f10.1e100.net
Software
ESF /
Resource Hash
d9c65db554d57f17a964bee80b4c94050e40f3a692852cf0ca2fdb9612c83273
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 23 Oct 2021 14:47:38 GMT
server
ESF
date
Sat, 23 Oct 2021 16:09:44 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sat, 23 Oct 2021 16:09:44 GMT
redarrow1.png
cdn.lowermybills.com/lending-images/2019/arrow/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.lowermybills.com/lending-images/2019/arrow/redarrow1.png
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/questions
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.210 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-210.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
1d7015c13fd51bf12eb98c6e4af1822cdfb32610540bf83730fed28917aadd84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:09:44 GMT
x-check-cacheable
YES
x-serial
1412
etag
"d5b3fa4bcaafbe7-1a00-5c2cdd20bb4a0"
content-type
image/png
cache-control
no-transform, max-age=15552000
last-modified
Fri, 21 May 2021 08:04:09 GMT
content-length
2687
server
Akamai Image Manager
expires
Thu, 21 Apr 2022 16:09:44 GMT
main.e12635025c9fb5cfff6b.js
static-lre.lowermybills.com/ 		122 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-lre.lowermybills.com/main.e12635025c9fb5cfff6b.js
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/questions
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.232 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-232.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d2f7a02c2194d538a9c82cf7c44ebb4baa5e5643bcb535ad88c3869779faa6f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
stpP5gCopyqn5KQsYDXDGrmcAST6Yq3W
content-encoding
br
last-modified
Fri, 22 Oct 2021 23:37:25 GMT
x-amz-cf-pop
ATL56-C3
etag
"e29e8990862f8fb9eee65e482694bf0f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2532439
date
Sat, 23 Oct 2021 16:09:44 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
24740
x-amz-cf-id
3VP58VAWzO5QfJ_ruG6KyJkykOcycqxXBwaiFQMn6ysg2ZevLOAZZQ==
manifest.7c87aba7f3ef7da22937.js
static-lre.lowermybills.com/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-lre.lowermybills.com/manifest.7c87aba7f3ef7da22937.js
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/questions
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.232 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-232.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b2a80cfc9dff72482f2d291da5f9f4524621b12ed20159b07ea7379329ce0169

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
3TELm6YFfP_yisUarAtwT0WqHReMJhnW
content-encoding
br
last-modified
Fri, 22 Oct 2021 23:33:39 GMT
x-amz-cf-pop
SEA19-C1
etag
"08827b954aeef269cd3a652eee38c960"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2532166
date
Sat, 23 Oct 2021 16:09:44 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
4194
x-amz-cf-id
Z17CrMU1azXfB6dJQc6cjakuvdlMh_Wg8sth9sOY1BD8diheSiggJg==
vendor.022a7bf0aee7569059b4.js
static-lre.lowermybills.com/ 		333 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-lre.lowermybills.com/vendor.022a7bf0aee7569059b4.js
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/questions
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.232 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-232.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
655145296c4f196f46dcdca8d90fa529af07d249242722119c30d90be8b77612

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
ACS1YI43AKmP3Sq47GugkxBslPNqHKe9
content-encoding
br
last-modified
Thu, 07 Oct 2021 12:36:16 GMT
x-amz-cf-pop
SFO5-C3
etag
"c9cafa0bd6dfb95727fcf555f843a69c"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
cache-control
max-age=1196755
date
Sat, 23 Oct 2021 16:09:44 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
92178
x-amz-cf-id
e_vBps1tLYSIVju-PHjdySNjL3LV_oHhss5GZ2MZindfiMp0mXNdRw==
datadog-rum-v3.js
www.datadoghq-browser-agent.com/ 		112 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/questions
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.233.63 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-233-63.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7202824f39f82ba4c8f5cd454cc3e68e2b33112667e759b81aec57b374c42dfe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:09:34 GMT
content-encoding
br
last-modified
Mon, 18 Oct 2021 12:17:42 GMT
server
AmazonS3
age
10
etag
W/"0e1bb4ae12d194c53e58fde424cc8cb5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 ce765e91525a836efb6bc0a409334a5f.cloudfront.net (CloudFront)
cache-control
max-age=14400, s-maxage=60
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
AkaZ2kUt2driJyTFu58SLXY2N0XgrQv8sV6lfNraHWwwOQmfhcdF3Q==
lend16007_goldscale.png
content.lowermybills.com/lre/ 		168 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.lowermybills.com/lre/lend16007_goldscale.png
Requested by
Host: static-lre.lowermybills.com
URL: https://static-lre.lowermybills.com/main.e12635025c9fb5cfff6b.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.210 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-210.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fbac76ee986c65d9c1822b2392d8bc22c6aec8626a6ebc7fa9fc96c63f77fd3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static-lre.lowermybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:09:44 GMT
cache-control
private, no-transform, max-age=1040636
last-modified
Tue, 05 Oct 2021 17:13:15 GMT
content-type
image/webp
etag
"70836be8dfb4a77c709d02a054f1a98e"
content-length
168
expires
Thu, 04 Nov 2021 17:13:40 GMT
home-desktop.jpg
content.lowermybills.com/lre/ 		199 KB
199 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.lowermybills.com/lre/home-desktop.jpg
Requested by
Host: static-lre.lowermybills.com
URL: https://static-lre.lowermybills.com/main.e12635025c9fb5cfff6b.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.210 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-210.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
127cae9821853edc1953090239e5ae0297c4626b184280bb894cbfef9f947f30

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static-lre.lowermybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:09:44 GMT
cache-control
private, no-transform, max-age=1040509
last-modified
Tue, 05 Oct 2021 17:11:17 GMT
content-type
image/jpeg
etag
"ac3af3174e2b972e0adcd85fb89d7ba1"
content-length
203332
expires
Thu, 04 Nov 2021 17:11:33 GMT
sprite_lp.png
content.lowermybills.com/lre/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.lowermybills.com/lre/sprite_lp.png
Requested by
Host: static-lre.lowermybills.com
URL: https://static-lre.lowermybills.com/main.e12635025c9fb5cfff6b.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.210 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-210.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3255db2fb88891ee1add7804275d722bdd4e1eb438c51927d08c0dd67c1c558f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static-lre.lowermybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:09:44 GMT
cache-control
private, no-transform, max-age=1040406
last-modified
Tue, 05 Oct 2021 17:09:37 GMT
content-type
image/webp
etag
"c8a52138ef54bb2745413f072f32e23a"
content-length
17424
expires
Thu, 04 Nov 2021 17:09:50 GMT
hud_logo.gif
content.lowermybills.com/lre/ 		738 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.lowermybills.com/lre/hud_logo.gif
Requested by
Host: static-lre.lowermybills.com
URL: https://static-lre.lowermybills.com/main.e12635025c9fb5cfff6b.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.210 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-210.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d8b1f3575dd2b0024383a4f47725654257a4b4ec1015595ade984a80804a56ce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static-lre.lowermybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:09:44 GMT
cache-control
private, no-transform, max-age=1927351
last-modified
Fri, 15 Oct 2021 23:31:54 GMT
content-type
image/webp
etag
"c9c9a78e117c3c6b24c9ba244ee59280"
content-length
738
expires
Sun, 14 Nov 2021 23:32:15 GMT
seal
privacy-policy.truste.com/privacy-seal/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://privacy-policy.truste.com/privacy-seal/seal?rid=36759420-4093-4a7b-bf8a-2029fcf0dd2d
Requested by
Host: static-lre.lowermybills.com
URL: https://static-lre.lowermybills.com/main.e12635025c9fb5cfff6b.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.123 -, , ASN (),
Reverse DNS
Software
TXS /
Resource Hash
4b8271a7147141530b4450016f74d728419e6cea808360acdf2c25ce1ab6cf96
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static-lre.lowermybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 05:46:16 GMT
Via
1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff, nosniff
Age
37408
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
14237
X-Xss-Protection
1; mode=block, 1; mode=block
Server
TXS
ETag
W/"14237-1594834154000"
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
max-age=0
X-Amz-Cf-Pop
FRA56-P4
Accept-Ranges
bytes
X-Amz-Cf-Id
WSsRqZrbbGpxHdMdGOGg3DXvz5Egq-u99wJWXlt536ie5hzmgTJnmg==
misc_thawte.jpg
content.lowermybills.com/lre/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.lowermybills.com/lre/misc_thawte.jpg
Requested by
Host: static-lre.lowermybills.com
URL: https://static-lre.lowermybills.com/main.e12635025c9fb5cfff6b.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.210 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-210.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9985336660219f2aa5e5c8f21d7f5456aee6c69afb706d3a9c9322ad5d601a76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static-lre.lowermybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:09:44 GMT
cache-control
private, no-transform, max-age=268577
last-modified
Sun, 26 Sep 2021 18:45:20 GMT
content-type
image/webp
etag
"fce9074d37a5424c838ef468af0c2392"
content-length
1064
expires
Tue, 26 Oct 2021 18:46:01 GMT
bbb_ReliabilitySeal4.png
content.lowermybills.com/lre/ 		792 B
974 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.lowermybills.com/lre/bbb_ReliabilitySeal4.png
Requested by
Host: static-lre.lowermybills.com
URL: https://static-lre.lowermybills.com/main.e12635025c9fb5cfff6b.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.210 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-210.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e1b5ecbe1f536ff0fef14eabe281e525514e533dc65d179493ee770857893943

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static-lre.lowermybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:09:44 GMT
cache-control
private, no-transform, max-age=1040405
last-modified
Tue, 05 Oct 2021 17:07:59 GMT
content-type
image/webp
etag
"6090dac9efe433facd03c240a291865e"
content-length
792
expires
Thu, 04 Nov 2021 17:09:49 GMT
mortgageBankersAssoc.jpg
content.lowermybills.com/lre/ 		792 B
1004 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.lowermybills.com/lre/mortgageBankersAssoc.jpg
Requested by
Host: static-lre.lowermybills.com
URL: https://static-lre.lowermybills.com/main.e12635025c9fb5cfff6b.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.210 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-210.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1c0676327f2e8a36f4566392aaec15036da66d48fda332ae8b6c6af30dc3c485

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static-lre.lowermybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:09:44 GMT
last-modified
Fri, 17 Sep 2021 00:35:09 GMT
x-serial
1626
etag
"fac151fb09dc6ee89e43925ed2c85572"
content-type
image/webp
x-check-cacheable
YES
cache-control
private, no-transform, max-age=1758151
content-length
792
expires
Sat, 13 Nov 2021 00:32:15 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://refinance.lowermybills.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 01:25:05 GMT
x-content-type-options
nosniff
age
312279
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
20040
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:44 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 20 Oct 2022 01:25:05 GMT
4iC86LVlZsRSjQhpWGedwyOoW-0A6_kpsyNmpAzHGQ.woff2
fonts.gstatic.com/s/shadowsintolighttwo/v8/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/shadowsintolighttwo/v8/4iC86LVlZsRSjQhpWGedwyOoW-0A6_kpsyNmpAzHGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Shadows+Into+Light+Two&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
9881a70e1ba7b9c3409931942e5c9870d9295667ee29e9a84f7437543a94d0d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://refinance.lowermybills.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 01:49:16 GMT
x-content-type-options
nosniff
age
138028
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15856
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 03:47:57 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 22 Oct 2022 01:49:16 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://refinance.lowermybills.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 04:48:55 GMT
x-content-type-options
nosniff
age
213649
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19844
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:10 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 21 Oct 2022 04:48:55 GMT
track
refinance.lowermybills.com/ 		259 B
774 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://refinance.lowermybills.com/track
Requested by
Host: static-lre.lowermybills.com
URL: https://static-lre.lowermybills.com/vendor.022a7bf0aee7569059b4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.164.48.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-164-48-254.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
10636070b83b0d7c796c7b7fde641a88dd9c9535160da63c34246f9efb856c1a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Origin
https://refinance.lowermybills.com
Accept-Encoding
gzip, deflate, br
Accept-Language
de-DE,de;q=0.9
Sec-Fetch-Dest
empty
Cookie
visitorId=2905a857-604d-4b75-b781-4a3ce0ed6269; sourceId=lmb-53704-112245-289; connect.sid=s%3A5SL_gdjsJEE-xxOXUz8_JozQSSzpMZtq.xYVJqmJ8h1DpQRg6nwPlP3VcEzmmySy7TVM1XJkROXA; BIGipServerpl.prod-lrelpwapp-lnd=!0Rd6QdbGZUGgeuVRHhj5eaSY0gTQ+GgqAIAGS/RV5Ft9pKdFawlVDtJrdgCWsy0y/smKpdC4eMF16bM=; TS014fdca0=012d8c2fc37d59e3cae3d2559f4632bb641388c620611043ab4e84dbf669a753972db8b490a73655a7960c2c8e7c70dd29167b777f; DAPROPS="sjs.webGlRenderer:Intel Iris OpenGL Engine|bjs.accessDom:1|bcookieSupport:1|bcss.animations:1|bcss.columns:1|bcss.transforms:1|bcss.transitions:1|sdevicePixelRatio:1|idisplayColorDepth:24|bflashCapable:0|bhtml.audio:1|bhtml.canvas:1|bhtml.inlinesvg:1|bhtml.svg:1|bhtml.video:1|bjs.applicationCache:0|bjs.deviceMotion:1|bjs.deviceOrientation:0|bjs.geoLocation:1|bjs.indexedDB:1|bjs.json:1|bjs.localStorage:1|bjs.modifyCss:1|bjs.modifyDom:1|bjs.querySelector:1|bjs.sessionStorage:1|bjs.supportBasicJavaScript:1|bjs.supportConsoleLog:1|bjs.supportEventListener:1|bjs.supportEvents:1|bjs.touchEvents:0|bjs.webGl:1|bjs.webSockets:1|bjs.webSqlDatabase:0|bjs.webWorkers:1|bjs.xhr:1|buserMedia:1|bjs.battery:0"; _dd_s=rum=1&id=184e9c96-23cc-435c-aad3-b58b0b86716a&created=1635005378896&expire=1635006278896; _gcl_au=1.1.430707114.1635005379; _uetsid=9fbeaf50341b11eca81aa7470e0cdce9; _uetvid=9fbefa50341b11ec81093d7fbb6a62cd; _ga=GA1.2.1712979675.1635005379; _gid=GA1.2.19531262.1635005379; _gat_gtag_UA_72055405_1=1
Connection
keep-alive
Content-Length
385
Pragma
no-cache
Host
refinance.lowermybills.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json;charset=UTF-8
Accept
application/json, text/plain, */*
Cache-Control
no-cache
Referer
https://refinance.lowermybills.com/questions
Sec-Fetch-Site
same-origin
Accept
application/json, text/plain, */*
Referer
https://refinance.lowermybills.com/questions
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Date
Sat, 23 Oct 2021 16:09:44 GMT
Referrer-Policy
same-origin
X-DNS-Prefetch-Control
off
ETag
W/"103-JB21so8EQcHFZxO+qtyrHSNezxw"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
P3P
CP="NON DSP COR LAW CONi TELi OUR SAM IND CNT"
X-XSS-Protection
1; mode=block
Cache-Control
no-store
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
application/json; charset=utf-8
Content-Length
259
X-Content-Type-Options
nosniff
c51480ab-79eb-4ddb-a054-e62555381f8d
https://refinance.lowermybills.com/ 		25 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://refinance.lowermybills.com/c51480ab-79eb-4ddb-a054-e62555381f8d
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a0f183e6a929b72ff7756f11df64e56ea8941d4a7a9d6b6aa5339e0d6845dc0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinance.lowermybills.com/questions
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length
26035

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bat.bing.com
URL
https://bat.bing.com/actionp/0?ti=5189243&Ver=2&mid=c2b2ea26-ec81-433a-b97e-ad9974319414&sid=9fbeaf50341b11eca81aa7470e0cdce9&vid=9fbefa50341b11ec81093d7fbb6a62cd&vids=1&evt=pageHide

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster object| regeneratorRuntime object| dataLayer function| gtag object| pixel object| DeviceAtlas object| DD_RUM object| webpackChunklre_webapp function| webpackHotUpdatelre_webapp string| app_version object| uetq object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| UET function| UET_init function| UET_push function| GooglemKTybQhCsO number| google_conversion_id object| google_conversion_format object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_enable_display_cookie_match object| google_gtag_event_data boolean| google_remarketing_only object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| google_custom_params object| google_conversion_date object| google_conversion_time object| google_conversion_js_version object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments function| google_trackConversion object| GooglebQhCsO object| gaplugins object| gaGlobal object| gaData

22 Cookies

Domain/Path Name / Value
nameluxuries.com/ Name: uid1262
Value: 621679860-20211023120936-a876858cb149efbf254fd58758567505-
.cdmtrk.com/ Name: sid
Value: Vk+s+gh2CUsm2C39ApP20T0d0B8kYTudjcrbNE3Yj/ARHRdLlrG06A==
.cdmtrk.com/ Name: trk
Value: 5K6jHHGWv2Um2C39ApP20T0d0B8kYTudjcrbNE3Yj/ARHRdLlrG06A==
.cdmtrk.com/ Name: c4
Value: Vk+s+gh2CUuCK24wGA7+wrRhKJ5+cHuCAG9wENSPy5o=
refinance.lowermybills.com/ Name: visitorId
Value: 2905a857-604d-4b75-b781-4a3ce0ed6269
refinance.lowermybills.com/ Name: sourceId
Value: lmb-53704-112245-289
refinance.lowermybills.com/ Name: connect.sid
Value: s%3A5SL_gdjsJEE-xxOXUz8_JozQSSzpMZtq.xYVJqmJ8h1DpQRg6nwPlP3VcEzmmySy7TVM1XJkROXA
refinance.lowermybills.com/ Name: BIGipServerpl.prod-lrelpwapp-lnd
Value: !0Rd6QdbGZUGgeuVRHhj5eaSY0gTQ+GgqAIAGS/RV5Ft9pKdFawlVDtJrdgCWsy0y/smKpdC4eMF16bM=
refinance.lowermybills.com/ Name: TS014fdca0
Value: 012d8c2fc37d59e3cae3d2559f4632bb641388c620611043ab4e84dbf669a753972db8b490a73655a7960c2c8e7c70dd29167b777f
refinance.lowermybills.com/ Name: DAPROPS
Value: "sjs.webGlRenderer:Intel Iris OpenGL Engine|bjs.accessDom:1|bcookieSupport:1|bcss.animations:1|bcss.columns:1|bcss.transforms:1|bcss.transitions:1|sdevicePixelRatio:1|idisplayColorDepth:24|bflashCapable:0|bhtml.audio:1|bhtml.canvas:1|bhtml.inlinesvg:1|bhtml.svg:1|bhtml.video:1|bjs.applicationCache:0|bjs.deviceMotion:1|bjs.deviceOrientation:0|bjs.geoLocation:1|bjs.indexedDB:1|bjs.json:1|bjs.localStorage:1|bjs.modifyCss:1|bjs.modifyDom:1|bjs.querySelector:1|bjs.sessionStorage:1|bjs.supportBasicJavaScript:1|bjs.supportConsoleLog:1|bjs.supportEventListener:1|bjs.supportEvents:1|bjs.touchEvents:0|bjs.webGl:1|bjs.webSockets:1|bjs.webSqlDatabase:0|bjs.webWorkers:1|bjs.xhr:1|buserMedia:1|bjs.battery:0"
refinance.lowermybills.com/ Name: _dd_s
Value: rum=1&id=184e9c96-23cc-435c-aad3-b58b0b86716a&created=1635005378896&expire=1635006278896
.lowermybills.com/ Name: _gcl_au
Value: 1.1.430707114.1635005379
.bing.com/ Name: MUID
Value: 290227378A8462120A5537EE8BC663A0
.lowermybills.com/ Name: _uetsid
Value: 9fbeaf50341b11eca81aa7470e0cdce9
.lowermybills.com/ Name: _uetvid
Value: 9fbefa50341b11ec81093d7fbb6a62cd
.doubleclick.net/ Name: IDE
Value: AHWqTUl8hAly8iphjgbS0ErXNtBSkLk3aJ0KFSvMMv5EjHNIt_zC2GVR8niO7CPwK24
.yahoo.com/ Name: A3
Value: d=AQABBMMzdGECEAXqVxs15F-VVnoRbp14clEFEgEBAQGFdWF-YQAAAAAA_SMAAA&S=AQAAAhuQFHD5FJpM6C3BfJsRZj4
.twitter.com/ Name: personalization_id
Value: "v1_PnTF27NG0+CIX/BxdnbE1A=="
.lowermybills.com/ Name: _ga
Value: GA1.2.1712979675.1635005379
.lowermybills.com/ Name: _gid
Value: GA1.2.19531262.1635005379
.lowermybills.com/ Name: _gat_gtag_UA_72055405_1
Value: 1
.revjet.com/ Name: trx
Value: 5237448892217963198

2 Console Messages

Source Level URL
Text
rendering warning URL: https://refinance.lowermybills.com/?sourceid=lmb-53704-112245-289&pkey1=289&pkey2=350394&pkey3=&sid=4&cmpid=579&crtid=6(Line 4)
Message:
Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.
rendering warning URL: https://refinance.lowermybills.com/questions(Line 4)
Message:
Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

852807.fls.doubleclick.net
ad.doubleclick.net
ads.revjet.com
adservice.google.com
analytics.twitter.com
bat.bing.com
cdmtrk.com
cdn-refinance.lowermybills.com
cdn.lowermybills.com
cdn.taboola.com
content.lowermybills.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
jarjav.com
nameluxuries.com
pix.revjet.com
privacy-policy.truste.com
refinance.lowermybills.com
rum-http-intake.logs.datadoghq.com
session-replay.browser-intake-datadoghq.com
sp.analytics.yahoo.com
static-lre.lowermybills.com
static.ads-twitter.com
stats.g.doubleclick.net
storage.googleapis.com
t.co
trc-events.taboola.com
trc.taboola.com
www.datadoghq-browser-agent.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.lowermybills.com
bat.bing.com
104.244.42.133
104.244.42.195
13.107.21.200
141.226.228.48
142.250.181.234
142.250.184.198
142.250.185.194
142.250.185.226
142.250.185.78
142.250.186.131
142.250.186.48
151.101.129.44
172.217.18.98
172.217.23.100
172.217.23.104
185.177.57.143
191.101.232.101
199.232.136.157
2.16.186.210
2.16.186.232
212.82.100.181
3.233.145.244
35.164.48.254
52.222.233.63
52.222.236.123
52.40.27.155
52.86.173.59
54.173.50.35
64.233.166.156
65.21.233.18
95.217.105.253
042aa3f9b2ac444a6deff994fdf96096421b00349cf0276bbcef452e4d663954
080e681b208647acd499d15f43e00dc340dff6458c2b304b4d08ef0e8925a707
0b52dc3851559db81b5517ed0d7f0ae732f1f758f09834c62d09c02189ca2155
0cb157cd091e2c19170329b173ffe6b2f14c097aeed92a26062b5755e4f4ac94
0cff5de0a6dddcb01b664acb7cce79cd85b5a941e7e8f74423c8024e60704005
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
101e3fb37df00e440eb25511a42d2a85a16266be2daeea84b5fcbe0a63774ec3
10636070b83b0d7c796c7b7fde641a88dd9c9535160da63c34246f9efb856c1a
127cae9821853edc1953090239e5ae0297c4626b184280bb894cbfef9f947f30
1c0676327f2e8a36f4566392aaec15036da66d48fda332ae8b6c6af30dc3c485
1d7015c13fd51bf12eb98c6e4af1822cdfb32610540bf83730fed28917aadd84
240622d968e81c9f11280e4881e49d38a56ba9a685257c0e8428c08effe6f0ac
2a0f183e6a929b72ff7756f11df64e56ea8941d4a7a9d6b6aa5339e0d6845dc0
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2d3139e620a8a5c76911739e7baa5bd159707a5790436a5f89928fd27e9a8553
2d84cdbfaf9b2bc0ba30bc5f67e45d03b265b52c3cfe24353e09175b1fb0fdfb
2ff7d98479e53513c99dd07631ffbfb0086844e367321881167b45c3deb0421c
31103fd67622a2281e30f070a0d65d5b183d43cee89d79456774d80dd8d5484b
3255db2fb88891ee1add7804275d722bdd4e1eb438c51927d08c0dd67c1c558f
34b29975948a3a29375bf8a252813bafaaca820f9ab86319c5051d35426c0462
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
441a5dfc6e74393c0a658963fae6293365ab3e29ebcb30906be19f53d8e40030
4b50041385af0fcfa755160157e58ebf4ad1677ba9ff433a5687404dac09cde3
4b8271a7147141530b4450016f74d728419e6cea808360acdf2c25ce1ab6cf96
4d5e89c79ace8d6e12a7d955f20f34e89afbe5ea543250c052acd43ff2863ea9
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
50a49641756d89bb894ab76fe6d514200a06d9457cd2ddc8227a59250f59f83d
5a301c6e4d2a60224d552467b8b7055c6cab5e0bafd5b28fa79339ab76c0354b
5d67b40783f583fa48ec3a8d7346bb2a7396407bb7fb4b5ad6a5bb3cab2dd53b
655145296c4f196f46dcdca8d90fa529af07d249242722119c30d90be8b77612
69884e87edd4447f251890ba4308d409a74e674f65e6a1d30754d7dfb5ccb3dd
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7202824f39f82ba4c8f5cd454cc3e68e2b33112667e759b81aec57b374c42dfe
72e6e98b1391dd750f3b44019ac52c993b93bb0fed404b5149ae5a8af9660d59
7e3c3d59d895ada1dbcb865003abd4084c49ab580f2abf370bf88c3d41f5ea70
7fa47ceee5c178f63b149834c081f37269df43030e636ada4f50ca45073aafb7
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3
82d8f2d13a8163f9648f5eec3a19013c10b77e9bdec8feeb4c2b08464dcba165
880a4d0de8479c0c0e444a087a00572aa6d7d3e1cab7228da780658e71d10e3b
922010a894024fc34925fafe378edfee4578db4a81bfbb2a517974bf505b51dd
9574f210bab07a3de7e24ad8a02eadf0daabbf71fdd99d21314e966973d652d1
9681f42b7a12824bc464372b4571559aacd699b4f7497a805a6e4445aac425b9
9881a70e1ba7b9c3409931942e5c9870d9295667ee29e9a84f7437543a94d0d6
9985336660219f2aa5e5c8f21d7f5456aee6c69afb706d3a9c9322ad5d601a76
9b899e50c2015a1c2e3c6b10138755b33f249afcb60b340cbde60c89785d7e18
a97378d46ff5215f6ff1cf64ec9d5d9d1387413f823e9a9ec1b1331adf38fe2e
abaa56c87ad50bd81c7a1aa002149fb1d552938440426660d29eef4b421ccc13
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b09e2cd396fb96094ce9ce509862f223b83c6a8427900690eb7368251a28978c
b11fe99e81476d90df8fa7e41c2d59159415c45442be952f5f5870e6a5c710b7
b2a80cfc9dff72482f2d291da5f9f4524621b12ed20159b07ea7379329ce0169
b86ba77296ddd5cd186391066eda2a4ffb3b69aaddd41a84f112f32f88e2b570
b992b3d540d19317757abae3f0ccfc50a424b76925b29753ac62525fb9bf7a42
bbca5ba83027a883c7001d6ddcd5ad46411b4307834311a2fece1e711700af5d
c1dfb2b76a648b172e6de66ff689e8d5046ffd2573789e207bf2b507317f56ec
d2f7a02c2194d538a9c82cf7c44ebb4baa5e5643bcb535ad88c3869779faa6f3
d60aa838e099599b51126886e7fa0334ad2022c7b4f76977c86f45463b55bfe9
d891455e32c9a425e36e190047b1f58abeb7e3709eff687134ddea7ac9cfdd3b
d8b1f3575dd2b0024383a4f47725654257a4b4ec1015595ade984a80804a56ce
d9c65db554d57f17a964bee80b4c94050e40f3a692852cf0ca2fdb9612c83273
da49e8664377e64bce7a8a36b0c1ab66964bf455f778d7532942196261d1d671
dd88a7b21b4ed70bcb96c5bf56713928b522c2d68454dbea5dd849aab8d3f577
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0d09da0297a667612d5df576d0db8fdf93464272cf04ed35492795494eb8c59
e1b5ecbe1f536ff0fef14eabe281e525514e533dc65d179493ee770857893943
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8f7cb6ee8635c17ccff859d2078a7bdb02dc0850c2266c37a1946c850d7f54a
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ee63b2ebc0b6f1ef224be2dc9d98a9cd83dbea2b658a7bbedb137c927b7bf57c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4846c59ac2dd1007ed40d6067ed3761ff61788b87e8fd9673bb6fdb284d47c1
fbac76ee986c65d9c1822b2392d8bc22c6aec8626a6ebc7fa9fc96c63f77fd3f
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
fc9b9daeae4ab619e7a870f78497905bf578dc9711b95b91c7c2ceaf92237fae