refinance.lowermybills.com Open in urlscan Pro
2606:4700::6812:139f Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://trk.klclick2.com/ls/click?upn=sIrzlCwZCKaicfLqDESIMJQ8p4-2FK-2BZIOS7a7-2Fr5oYRAHEXMyuF7Ap8Rb4vglrcwRPgmr-2Bwgge1Q...
Effective URL:
https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
Submission Tags: phishing
Submission: On July 29 via api (July 29th 2022, 10:32:25 am UTC) from US — Scanned from DE

Summary HTTP 132 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 30 IPs in 6 countries across 25 domains to perform 132 HTTP transactions. The main IP is 2606:4700::6812:139f, located in United States and belongs to CLOUDFLARENET, US. The main domain is refinance.lowermybills.com. The Cisco Umbrella rank of the primary domain is 449828.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 10th 2021. Valid for: a year.

This is the only time refinance.lowermybills.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:9000:20e... 2600:9000:20eb:7c00:15:1199:2d80:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	52.42.42.155 52.42.42.155	16509 (AMAZON-02) (AMAZON-02)
1 1	52.52.193.220 52.52.193.220	16509 (AMAZON-02) (AMAZON-02)
1 20	2606:4700::68... 2606:4700::6812:139f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	2a00:1450:401... 2a00:1450:4014:80f::2008	15169 (GOOGLE) (GOOGLE)
2	13.32.99.54 13.32.99.54	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:401... 2a00:1450:4014:80a::200a	15169 (GOOGLE) (GOOGLE)
1	13.32.13.192 13.32.13.192	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:440e::6812:2fe6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.225.78.122 13.225.78.122	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:401... 2a00:1450:4014:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::15	15169 (GOOGLE) (GOOGLE)
5	2600:1f18:24e... 2600:1f18:24e6:b902:8915:24fe:2656:7e19	14618 (AMAZON-AES) (AMAZON-AES)
1	95.217.105.226 95.217.105.226	24940 (HETZNER-AS) (HETZNER-AS)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
4	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2	104.19.134.78 104.19.134.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	142.251.36.134 142.251.36.134	15169 (GOOGLE) (GOOGLE)
2	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
7 18	2a00:1450:401... 2a00:1450:4014:80a::2002	15169 (GOOGLE) (GOOGLE)
6 16	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:401... 2a00:1450:4014:80f::2003	15169 (GOOGLE) (GOOGLE)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
2	35.170.12.248 35.170.12.248	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:401... 2a00:1450:4014:80b::200e	15169 (GOOGLE) (GOOGLE)
1	162.55.246.95 162.55.246.95	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:402... 2a00:1450:4025:402::9b	15169 (GOOGLE) (GOOGLE)
2	52.44.225.244 52.44.225.244	14618 (AMAZON-AES) (AMAZON-AES)
4	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
132	30

1 2600:9000:20eb:7c00:15:1199:2d80:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

trk.klclick2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.42.42.155 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-42-42-155.us-west-2.compute.amazonaws.com

tr4ckme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.52.193.220 (San Jose, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-52-193-220.us-west-1.compute.amazonaws.com

trackaffcdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700::6812:139f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.lowermybills.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
refinance.lowermybills.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static-lre.lowermybills.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-refinance.lowermybills.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content.lowermybills.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.lowermybills.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4014:80f::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-54.fra60.r.cloudfront.net

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4014:80a::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.13.192 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-13-192.vie50.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-122.fra2.r.cloudfront.net

privacy-policy.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4014:80e::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::15 (United States)

ASN15169 (GOOGLE, US)

sgtm.lowermybills.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f18:24e6:b902:8915:24fe:2656:7e19 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rum-http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.217.105.226 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.226.105.217.95.clients.your-server.de

ads.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.134.78 (None, )

ASN13335 (CLOUDFLARENET, US)

a.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.36.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: prg03s12-in-f6.1e100.net

852807.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4014:80a::2002 (Ireland) 7 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 6 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4014:80f::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.170.12.248 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-12-248.compute-1.amazonaws.com

psp.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4014:80b::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.246.95 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.95.246.55.162.clients.your-server.de

pix.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4025:402::9b (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.44.225.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-225-244.compute-1.amazonaws.com

trc.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 93	832 KB
21	lowermybills.com 1 redirects www.lowermybills.com — Cisco Umbrella Rank: 514195 refinance.lowermybills.com — Cisco Umbrella Rank: 449828 static-lre.lowermybills.com — Cisco Umbrella Rank: 515648 cdn-refinance.lowermybills.com — Cisco Umbrella Rank: 540960 content.lowermybills.com — Cisco Umbrella Rank: 425437 sgtm.lowermybills.com — Cisco Umbrella Rank: 465123 cdn.lowermybills.com — Cisco Umbrella Rank: 327416	446 KB
20	doubleclick.net 7 redirects 852807.fls.doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 56 ad.doubleclick.net — Cisco Umbrella Rank: 202 stats.g.doubleclick.net — Cisco Umbrella Rank: 117	13 KB
17	google.de www.google.de — Cisco Umbrella Rank: 5701 adservice.google.de — Cisco Umbrella Rank: 8252	2 KB
17	google.com 7 redirects www.google.com — Cisco Umbrella Rank: 10 adservice.google.com — Cisco Umbrella Rank: 96	2 KB
7	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 922 trc.taboola.com — Cisco Umbrella Rank: 629 trc-events.taboola.com — Cisco Umbrella Rank: 1495	22 KB
6	pushnami.com api.pushnami.com — Cisco Umbrella Rank: 4693 psp.pushnami.com — Cisco Umbrella Rank: 16658 trc.pushnami.com — Cisco Umbrella Rank: 4949	20 KB
5	datadoghq.com rum-http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 3252
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 125	86 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 344	12 KB
3	gstatic.com fonts.gstatic.com	127 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	20 KB
2	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 487	577 B
2	mgid.com a.mgid.com — Cisco Umbrella Rank: 18188	6 KB
2	revjet.com ads.revjet.com — Cisco Umbrella Rank: 2118 pix.revjet.com — Cisco Umbrella Rank: 3257	9 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 72	955 B
1	t.co t.co — Cisco Umbrella Rank: 435	337 B
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 861	633 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 610	15 KB
1	truste.com privacy-policy.truste.com — Cisco Umbrella Rank: 8914	16 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1311	5 KB
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 2302	37 KB
1	trackaffcdm.com 1 redirects trackaffcdm.com — Cisco Umbrella Rank: 899705	649 B
1	tr4ckme.com 1 redirects tr4ckme.com	803 B
1	klclick2.com 1 redirects trk.klclick2.com — Cisco Umbrella Rank: 24158	345 B
132	25

	Domain	Requested by
27	www.googletagmanager.com	refinance.lowermybills.com www.googletagmanager.com cdn-refinance.lowermybills.com
16	www.google.de
16	www.google.com	6 redirects
16	googleads.g.doubleclick.net	6 redirects www.googleadservices.com
9	content.lowermybills.com	refinance.lowermybills.com static-lre.lowermybills.com
5	rum-http-intake.logs.datadoghq.com	www.datadoghq-browser-agent.com
4	trc-events.taboola.com	cdn.taboola.com
4	www.googleadservices.com	cdn-refinance.lowermybills.com www.googletagmanager.com www.googleadservices.com
4	static-lre.lowermybills.com	refinance.lowermybills.com
4	refinance.lowermybills.com	www.datadoghq-browser-agent.com
3	bat.bing.com	refinance.lowermybills.com bat.bing.com
3	fonts.gstatic.com	fonts.googleapis.com
2	trc.pushnami.com	www.datadoghq-browser-agent.com
2	trc.taboola.com	cdn.taboola.com
2	www.google-analytics.com	www.googletagmanager.com www.datadoghq-browser-agent.com
2	psp.pushnami.com	www.datadoghq-browser-agent.com
2	analytics.twitter.com	refinance.lowermybills.com
2	852807.fls.doubleclick.net	refinance.lowermybills.com
2	a.mgid.com	refinance.lowermybills.com
2	fonts.googleapis.com	refinance.lowermybills.com
2	api.pushnami.com	refinance.lowermybills.com api.pushnami.com
1	stats.g.doubleclick.net	www.datadoghq-browser-agent.com
1	pix.revjet.com	ads.revjet.com
1	t.co	refinance.lowermybills.com
1	sp.analytics.yahoo.com	refinance.lowermybills.com
1	adservice.google.de	refinance.lowermybills.com
1	adservice.google.com	1 redirects
1	ad.doubleclick.net	1 redirects
1	static.ads-twitter.com	refinance.lowermybills.com
1	cdn.taboola.com	refinance.lowermybills.com
1	ads.revjet.com	refinance.lowermybills.com
1	cdn.lowermybills.com	cdn-refinance.lowermybills.com
1	sgtm.lowermybills.com	www.datadoghq-browser-agent.com
1	privacy-policy.truste.com	static-lre.lowermybills.com
1	static.cloudflareinsights.com	refinance.lowermybills.com
1	www.datadoghq-browser-agent.com	refinance.lowermybills.com
1	cdn-refinance.lowermybills.com	refinance.lowermybills.com
1	www.lowermybills.com	1 redirects
1	trackaffcdm.com	1 redirects
1	tr4ckme.com	1 redirects
1	trk.klclick2.com	1 redirects
132	41

This site contains links to these domains. Also see Links.

Domain
lmb.lowermybills.com
www.lowermybills.com
privacyportal-cdn.onetrust.com
www.hud.gov
privacy.truste.com
www.thawte.com
www.bbb.org
mba.org
www.quickenloans.com
sf.freddiemac.com
www.fhfaoig.gov
finance.yahoo.com
home.treasury.gov
loanlookup.freddiemac.com
www.knowyouroptions.com

Subject Issuer	Validity	Valid
lowermybills.com Cloudflare Inc ECC CA-3	`2021-12-10` - `2022-12-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.pushnami.com Amazon	`2022-04-03` - `2023-05-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.datadoghq-browser-agent.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-17` - `2023-02-18`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-10`	a year	crt.sh
*.truste.com Amazon	`2022-01-17` - `2023-02-15`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
sgtm.lowermybills.com GTS CA 1D4	`2022-07-20` - `2022-10-18`	3 months	crt.sh
*.logs.datadoghq.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-26` - `2023-04-26`	a year	crt.sh
*.revjet.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-14` - `2023-04-11`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-15` - `2022-09-07`	6 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
Frame ID: 4264F449879FD4FCBA5947C21F515E57
Requests: 111 HTTP requests in this frame

Frame: https://cdn.lowermybills.com/lending-images/presentations/common/navapi/deviceAtlasLmb.min.js
Frame ID: 6CC6822A8619157F3BABA0BAD6A7CC49
Requests: 18 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: EDF57273BB790FE01D31FF33180F8627
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Refinance Mortgage, Refinancing Rates, Mortgage Rates - LowerMyBills

Page URL History Show full URLs

https://trk.klclick2.com/ls/click?upn=sIrzlCwZCKaicfLqDESIMJQ8p4-2FK-2BZIOS7a7-2Fr5oYRAHEXMyuF7Ap8Rb4... HTTP 302
https://tr4ckme.com/?a=29&c=6&s1=NOV&_kx=_m8qAZotb8LgvyW8ayViTYLsfF6_Sf0ftlf3RZWMCWSahOxOX8OFM3h... HTTP 302
https://trackaffcdm.com/?E=V4esJKt2QPpbzicxewrHkw%3d%3d&s1=29&s2=1852485&_kx=_m8qAZotb8LgvyW8ayViTYL... HTTP 302
https://www.lowermybills.com/lending/home-refinance/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246 HTTP 301
https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246 Page URL

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Pushnami (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

api\.pushnami\.com

Page Statistics

132
Requests

94 %
HTTPS

44 %
IPv6

25
Domains

41
Subdomains

30
IPs

6
Countries

1669 kB
Transfer

4211 kB
Size

30
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://lmb.lowermybills.com/reficalculator
Title: Free Refinance Calculator

Search URL Search Domain Scan URL

URL: https://lmb.lowermybills.com/TapIntoHomeEquity
Title: Home Equity Calculator

Search URL Search Domain Scan URL

URL: https://www.lowermybills.com/legal/stateprivacy/
Title: Information that we collect and share about you

Search URL Search Domain Scan URL

URL: https://privacyportal-cdn.onetrust.com/dsarwebform/37cf9a71-5b40-4cf5-a30e-8beabeed8379/c3baaee8-0b37-4f2b-bf4c-76b0e035482e.html
Title: Do not sell my personal information

Search URL Search Domain Scan URL

URL: https://www.hud.gov/

Search URL Search Domain Scan URL

URL: https://privacy.truste.com/privacy-seal/validation?rid=36759420-4093-4a7b-bf8a-2029fcf0dd2d

Search URL Search Domain Scan URL

URL: https://www.thawte.com/ssl/secured-seal/

Search URL Search Domain Scan URL

URL: https://www.bbb.org/us/ca/los-angeles/profile/financial-services/lower-my-bills-1216-13130473

Search URL Search Domain Scan URL

URL: https://mba.org/

Search URL Search Domain Scan URL

URL: https://www.quickenloans.com/mortgage-options/fixed-home-loans
Title: https://www.quickenloans.com/mortgage-options/fixed-home-loans

Search URL Search Domain Scan URL

URL: https://www.hud.gov/program_offices/housing/sfh/lender/origination/mortgage_limits
Title: https://www.hud.gov/program_offices/housing/sfh/lender/origination/mortgage_limits

Search URL Search Domain Scan URL

URL: https://sf.freddiemac.com/articles/news/loan-limits-are-increasing-by-742-in-2021
Title: https://sf.freddiemac.com/articles/news/loan-limits-are-increasing-by-742-in-2021

Search URL Search Domain Scan URL

URL: https://www.fhfaoig.gov/Content/Files/History%20of%20the%20Government%20Sponsored%20Enterprises.pdf
Title: https://www.fhfaoig.gov/Content/Files/History%20of%20the%20Government%20Sponsored%20Enterprises.pdf

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/news/biden-signed-10-billion-mortgage-133000243.html
Title: https://finance.yahoo.com/news/biden-signed-10-billion-mortgage-133000243.html

Search URL Search Domain Scan URL

URL: https://home.treasury.gov/policy-issues/coronavirus/assistance-for-state-local-and-tribal-governments/homeowner-assistance-fund
Title: https://home.treasury.gov/policy-issues/coronavirus/assistance-for-state-local-and-tribal-governments/homeowner-assistance-fund

Search URL Search Domain Scan URL

URL: https://loanlookup.freddiemac.com/
Title: https://loanlookup.freddiemac.com/

Search URL Search Domain Scan URL

URL: https://www.knowyouroptions.com/loanlookup
Title: https://www.knowyouroptions.com/loanlookup

Search URL Search Domain Scan URL

URL: https://www.lowermybills.com/legal/terms.php
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.lowermybills.com/legal/privacy.php
Title: Our Privacy Notice

Search URL Search Domain Scan URL

URL: https://www.lowermybills.com/legal/stateprivacy
Title: State Privacy Notices

Search URL Search Domain Scan URL

URL: https://www.lowermybills.com/legal/licenses.php
Title: Licenses & Disclosures

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://trk.klclick2.com/ls/click?upn=sIrzlCwZCKaicfLqDESIMJQ8p4-2FK-2BZIOS7a7-2Fr5oYRAHEXMyuF7Ap8Rb4vglrcwRPgmr-2Bwgge1Q3Fp0-2B6OBIBVEbZ4MbPxtEcqxI-2BN-2BlL7wnqkGOUKaKQ1bciIMCl4bi0EqWlA7KBUO7R37ikCf0oMtq9y4dkkmaznOYf2WO9xM-3DP5vL_YNCi85k0I98uuYBjapG11WrKq8pe2md3W4vp7umqMsBcLE906ppT77BfmLZ9H5nzJ-2FpS0Gjaz3d6I6-2FGPBWsLsiJQMMYjmvKJSWHEqt-2B5vnc8OnGjC1OcKNgOm1CGvvfHcemlICTM2gSXfbioveoqU7pQUNTxgDagH88jI-2FTPtuXY-2FAFPYqj7MoHn4toaJ7RI8JAEVf-2FLREduZpslEEa-2BUC04AVdCAgF7OhcPMuk-2FBvxJWsVlfdigyJDI0feo-2B1HyhOqTi-2FciTsdVQe1E95xM9qCrJ0LrT6p6D7lvYjE-2FRF-2BcOdVNLozVELYyNYRz9-2Fn61mHHEGQmppR7BchNyi-2FKdlPdGGa2kFLnFu9YAadYifH88keprNgJfGdd9XcRr9cQNkpKHDNlgf047zTsUjCQvdo5YRY7fNAYQbWYBlq5hA-3D HTTP 302
https://tr4ckme.com/?a=29&c=6&s1=NOV&_kx=_m8qAZotb8LgvyW8ayViTYLsfF6_Sf0ftlf3RZWMCWSahOxOX8OFM3hUoyZ_eewW.SCW7it HTTP 302
https://trackaffcdm.com/?E=V4esJKt2QPpbzicxewrHkw%3d%3d&s1=29&s2=1852485&_kx=_m8qAZotb8LgvyW8ayViTYLsfF6_Sf0ftlf3RZWMCWSahOxOX8OFM3hUoyZ_eewW.SCW7it HTTP 302
https://www.lowermybills.com/lending/home-refinance/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246 HTTP 301
https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/973523572/?value=0&label=l0DICKT_tQcQ9JSb0AM&guid=ON&script=0 HTTP 302
https://www.google.com/pagead/1p-user-list/973523572/?value=0&label=l0DICKT_tQcQ9JSb0AM&guid=ON&script=0&is_vtc=1&random=2399292373 HTTP 302
https://www.google.de/pagead/1p-user-list/973523572/?value=0&label=l0DICKT_tQcQ9JSb0AM&guid=ON&script=0&is_vtc=1&random=2399292373&ipr=y

Request Chain 51

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1066568174/?value=1.00&currency_code=USD&label=raBACLrR_VoQ7pPK_AM&guid=ON&script=0 HTTP 302
https://www.google.com/pagead/1p-user-list/1066568174/?value=1.00&currency_code=USD&label=raBACLrR_VoQ7pPK_AM&guid=ON&script=0&is_vtc=1&random=982275856 HTTP 302
https://www.google.de/pagead/1p-user-list/1066568174/?value=1.00&currency_code=USD&label=raBACLrR_VoQ7pPK_AM&guid=ON&script=0&is_vtc=1&random=982275856&ipr=y

Request Chain 52

https://ad.doubleclick.net/ddm/activity/src=4818226;type=invmedia;cat=esvbxzky;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/p/src=4818226;type=invmedia;cat=esvbxzky;ord=1 HTTP 302
https://adservice.google.de/ddm/fls/p/src=4818226;type=invmedia;cat=esvbxzky;ord=1

Request Chain 87

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/849970183/?random=1659090740702&cv=9&fst=1659090740702&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/849970183/?random=1659090740702&cv=9&fst=1659088800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&is_vtc=1&random=3580470284&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/849970183/?random=1659090740702&cv=9&fst=1659088800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&is_vtc=1&random=3580470284&resp=GooglemKTybQhCsO&ipr=y

Request Chain 92

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/934858762/?random=1659090740711&cv=9&fst=1659090740711&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/934858762/?random=1659090740711&cv=9&fst=1659088800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&is_vtc=1&random=1381742045&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/934858762/?random=1659090740711&cv=9&fst=1659088800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&is_vtc=1&random=1381742045&resp=GooglemKTybQhCsO&ipr=y

Request Chain 97

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/849970183/?random=1142429912&cv=9&fst=1659090740703&num=1&label=DKgWCPPcgqEBEIeIppUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&gtm_ee=1&auid=1228169003.1659090740&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=NLfjYtCKLIbPxwKLr7uACA&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/849970183/?random=1142429912&cv=9&fst=1659090740703&num=1&label=DKgWCPPcgqEBEIeIppUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&gtm_ee=1&auid=1228169003.1659090740&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=NLfjYtCKLIbPxwKLr7uACA&cid=CAQSKQCNIrLMHoxPTIxhg5WB8ZShA10tNZSQ6vfaUzks8eWazn70gHTi_9sx&random=3069686275&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/849970183/?random=1142429912&cv=9&fst=1659090740703&num=1&label=DKgWCPPcgqEBEIeIppUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&gtm_ee=1&auid=1228169003.1659090740&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=NLfjYtCKLIbPxwKLr7uACA&cid=CAQSKQCNIrLMHoxPTIxhg5WB8ZShA10tNZSQ6vfaUzks8eWazn70gHTi_9sx&random=3069686275&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 98

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/735544455/?random=1396173994&cv=9&fst=1659090740691&num=1&label=iteKCOibgqIBEIeJ3t4C&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&gtm_ee=1&auid=1228169003.1659090740&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=NLfjYtzeK9Hr1warkpzQBQ&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/735544455/?random=1396173994&cv=9&fst=1659090740691&num=1&label=iteKCOibgqIBEIeJ3t4C&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&gtm_ee=1&auid=1228169003.1659090740&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=NLfjYtzeK9Hr1warkpzQBQ&cid=CAQSKQCNIrLMUku8om1vL--n0w1JTJrC6217bcp2cD4onh3PPumr4Bh4--vT&random=2700022191&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/735544455/?random=1396173994&cv=9&fst=1659090740691&num=1&label=iteKCOibgqIBEIeJ3t4C&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&gtm_ee=1&auid=1228169003.1659090740&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=NLfjYtzeK9Hr1warkpzQBQ&cid=CAQSKQCNIrLMUku8om1vL--n0w1JTJrC6217bcp2cD4onh3PPumr4Bh4--vT&random=2700022191&resp=GooglemKTybQhCsO&ipr=y&prhg=0

132 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
refinance.lowermybills.com/
Redirect Chain

https://trk.klclick2.com/ls/click?upn=sIrzlCwZCKaicfLqDESIMJQ8p4-2FK-2BZIOS7a7-2Fr5oYRAHEXMyuF7Ap8Rb4vglrcwRPgmr-2Bwgge1Q3Fp0-2B6OBIBVEbZ4MbPxtEcqxI-2BN-2BlL7wnqkGOUKaKQ1bciIMCl4bi0EqWlA7KBUO7R37ik...
https://tr4ckme.com/?a=29&c=6&s1=NOV&_kx=_m8qAZotb8LgvyW8ayViTYLsfF6_Sf0ftlf3RZWMCWSahOxOX8OFM3hUoyZ_eewW.SCW7it
https://trackaffcdm.com/?E=V4esJKt2QPpbzicxewrHkw%3d%3d&s1=29&s2=1852485&_kx=_m8qAZotb8LgvyW8ayViTYLsfF6_Sf0ftlf3RZWMCWSahOxOX8OFM3hUoyZ_eewW.SCW7it
https://www.lowermybills.com/lending/home-refinance/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246

24 KB
8 KB

1391ms
1381ms

Document
text/html

2606:4700::6812:139f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:139f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0da7fa94a3decd4e67b994d75ee65490703801aba5e3519b641c7c95171dc48a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .lowermybills.com .quickenloans.com app.optimizely.com analytics.google.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
cf-cache-status: DYNAMIC
cf-ray: 73253098d91d9b86-FRA
content-encoding: gzip
content-security-policy: frame-ancestors 'self' *.lowermybills.com *.quickenloans.com app.optimizely.com analytics.google.com
content-type: text/html; charset=utf-8
date: Fri, 29 Jul 2022 10:32:19 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP COR LAW CONi TELi OUR SAM IND CNT"
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 732530945a069b86-FRA
content-length: 0
content-security-policy: frame-ancestors 'self' *.lowermybills.com *.quickenloans.com app.optimizely.com analytics.google.com
date: Fri, 29 Jul 2022 10:32:18 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 main.8f5dc06db978b30699b7.css
static-lre.lowermybills.com/ 52 KB
11 KB 49ms
31ms Stylesheet
text/css 2606:4700::6812:139f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static-lre.lowermybills.com/main.8f5dc06db978b30699b7.css

Requested by

Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:139f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

768260deb66fd211ee2b8c7a10f21b63dd175c9e8caf4b8a5e6df9b29bbc2fce

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .lowermybills.com .quickenloans.com app.optimizely.com analytics.google.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 29 Jul 2022 10:32:19 GMT
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6742
x-cache: Hit from cloudfront
content-type: text/css
x-amz-replication-status: COMPLETED
content-encoding: gzip
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Jul 2022 13:56:23 GMT
server: cloudflare
etag: W/"c9035b3a5a01213ef0a31b4ea7b98536"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
x-amz-version-id: IJHvFMvUiIx64Q5K7SUbNi1wpDPEb_Sv
cache-control: public, max-age=7200
content-security-policy: frame-ancestors 'self' *.lowermybills.com *.quickenloans.com app.optimizely.com analytics.google.com
x-amz-cf-pop: FRA50-C1
cf-ray: 732530a19d6a9b86-FRA
x-amz-cf-id: TE7SBtE_g2LPfkzCuWZGtSr_0JCRcttVIF4GFx15xnx2gmQbSZ64ag==
expires: Fri, 29 Jul 2022 12:32:19 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 95 KB
37 KB 103ms
42ms Script
application/javascript 2a00:1450:4014:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5VHPB6M

Requested by

Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80f::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

21b3b4b9fc0b7904e6d3daaeb891cd9be233fc3f200d0cd3897a69fecfcf4973

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 29 Jul 2022 10:32:19 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36929
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 29 Jul 2022 10:32:19 GMT

GET
H2 200 pixel-13c3e8c569e8fecd2286.js Show response
cdn-refinance.lowermybills.com/ 292 KB
33 KB 67ms
30ms Script
application/javascript 2606:4700::6812:139f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-refinance.lowermybills.com/pixel-13c3e8c569e8fecd2286.js

Requested by

Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:139f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1578e1c9b16293b48e3f516add4c1ed65396104366b6c395e714d8e51393a8cb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .lowermybills.com .quickenloans.com app.optimizely.com analytics.google.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 6741
x-dns-prefetch-control: off
p3p: CP="NON DSP COR LAW CONi TELi OUR SAM IND CNT"
date: Fri, 29 Jul 2022 10:32:19 GMT
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 22 Jul 2022 09:11:01 GMT
server: cloudflare
etag: W/"48eff-182252cadf9"
x-download-options: noopen
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=7200
content-security-policy: frame-ancestors 'self' *.lowermybills.com *.quickenloans.com app.optimizely.com analytics.google.com
cf-ray: 732530a2beee9b86-FRA
x-content-type-options: nosniff
expires: Fri, 29 Jul 2022 12:32:19 GMT

GET
H2 200 deviceatlas-1.6.min.js Show response
content.lowermybills.com/deviceatlas-1.6/ 7 KB
3 KB 40ms
23ms Script
application/javascript 2606:4700::6812:139f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://content.lowermybills.com/deviceatlas-1.6/deviceatlas-1.6.min.js

Requested by

Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:139f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d60aa838e099599b51126886e7fa0334ad2022c7b4f76977c86f45463b55bfe9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .lowermybills.com .quickenloans.com app.optimizely.com analytics.google.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 29 Jul 2022 10:32:19 GMT
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7036
x-cache: Hit from cloudfront
content-encoding: gzip
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Jul 2022 23:40:55 GMT
server: cloudflare
etag: W/"67510dbcee1857a225b8f76bdc940c26"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=7200
content-security-policy: frame-ancestors 'self' *.lowermybills.com *.quickenloans.com app.optimizely.com analytics.google.com
x-amz-cf-pop: FRA50-C1
cf-ray: 732530a29ec19b86-FRA
x-amz-cf-id: YPk_x5Anwv-pDPpULbA3c3RMIV3uPBpgWQBRgx8fsaR_vFy_v2GgbA==
expires: Fri, 29 Jul 2022 12:32:19 GMT

GET
H2 200 5f0794ed2693b80012279eb1 Show response
api.pushnami.com/scripts/v1/push/ 87 KB
18 KB 379ms
318ms Script
application/javascript 13.32.99.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pushnami.com/scripts/v1/push/5f0794ed2693b80012279eb1
Requested by: Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-54.fra60.r.cloudfront.net
Software: /
Resource Hash: b18912b1f2762be2e467e59747aa2dcc9ac32755fbe3fe1e76c44e0289bf7dd0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 29 Jul 2022 10:32:19 GMT
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: no-cache
content-encoding: gzip
x-amz-cf-id: gMb6NicSxk8cA12fpXkV4wQFhCBc6qg6ds5SjHMgx64awJusYZbA2Q==

GET
H2 200 css
fonts.googleapis.com/ 251 B
299 B 96ms
37ms Stylesheet
text/css 2a00:1450:4014:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Shadows+Into+Light+Two&display=swap

Requested by

Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d655f1a42a67e83b04bb4d6828ae05911fb2f14f26730e40c84cb16c46d01520

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 29 Jul 2022 10:32:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Fri, 29 Jul 2022 10:32:19 GMT

GET
H2 200 css2
fonts.googleapis.com/ 684 B
656 B 95ms
36ms Stylesheet
text/css 2a00:1450:4014:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;700&display=swap

Requested by

Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f19a2af17c612138bca9d3e94cf4199500385abe382c460d011f052b7fdcc964

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 29 Jul 2022 10:32:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Fri, 29 Jul 2022 10:32:19 GMT

GET
H2 200 redarrow1.png
content.lowermybills.com/lre/ 3 KB
3 KB 35ms
35ms Image
image/png 2606:4700::6812:139f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.lowermybills.com/lre/redarrow1.png

Requested by

Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:139f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d7015c13fd51bf12eb98c6e4af1822cdfb32610540bf83730fed28917aadd84

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .lowermybills.com .quickenloans.com app.optimizely.com analytics.google.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 29 Jul 2022 10:32:19 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1535
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 2687
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Jul 2022 23:41:06 GMT
server: cloudflare
etag: "5cb5249e059c8222b7daf71bb9a7acb5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=7200
content-security-policy: frame-ancestors 'self' *.lowermybills.com *.quickenloans.com app.optimizely.com analytics.google.com
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 732530a34fae9b86-FRA
x-amz-cf-id: AECBPczgRsHdFujpT2spVw3cTHefJtpM9VFtRAFhPgfIgOcLEC7dDw==
expires: Fri, 29 Jul 2022 12:32:19 GMT

GET
H2 200 datadog-rum-v3.js Show response
www.datadoghq-browser-agent.com/ 115 KB
37 KB 98ms
20ms Script
application/javascript 13.32.13.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Requested by: Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.13.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-13-192.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4375ebb4771e6dbb66555214b78781f96a3f6fc43f26b6e9acc4a4751551706b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 29 Jul 2022 10:31:34 GMT
content-encoding: br
last-modified: Mon, 03 Jan 2022 16:36:14 GMT
server: AmazonS3
age: 47
etag: W/"647fda9a4d3d74344732d76cf1fff47c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ba761cfda8bfa6cbda2b6c433d6201f6.cloudfront.net (CloudFront)
cache-control: max-age=14400, s-maxage=60
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: 8cKyXE4ONOKLp7CtMbkSF-wxh571JSuBaHpSNKWfrinrHx5FtUk5hg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 197 KB
71 KB 55ms
55ms Script
application/javascript 2a00:1450:4014:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WQ7TGZQSWQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VHPB6M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80f::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d5f3885dcc10999212cfd5372cbfc6d33f450a89b0d4b1438196b66a50f211b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 29 Jul 2022 10:32:20 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72430
x-xss-protection: 0
expires: Fri, 29 Jul 2022 10:32:20 GMT

GET
H2 200 main.8f5dc06db978b30699b7.js Show response
static-lre.lowermybills.com/ 157 KB
36 KB 27ms
27ms Script
application/javascript 2606:4700::6812:139f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static-lre.lowermybills.com/main.8f5dc06db978b30699b7.js

Requested by

Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:139f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f82e065a25d70b0af9c2291c44e5371b51ed3e4b74552c338a00611964be7e09

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .lowermybills.com .quickenloans.com app.optimizely.com analytics.google.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 29 Jul 2022 10:32:19 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6742
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-replication-status: COMPLETED
content-encoding: gzip
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Jul 2022 13:56:23 GMT
server: cloudflare
etag: W/"a84fd4ef5a6d9fda41b0dfb6710f574a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
x-amz-version-id: yMH2F2HBsNLO66OK_syaWkM06PqLgDSA
cache-control: public, max-age=7200
content-security-policy: frame-ancestors 'self' *.lowermybills.com *.quickenloans.com app.optimizely.com analytics.google.com
x-amz-cf-pop: FRA50-C1
cf-ray: 732530a438fb9b86-FRA
x-amz-cf-id: jcL4ALOyF4uwbLlZ4jGCpWIEnEFAma4wOEcRXogPHoGfFvURR53l9w==
expires: Fri, 29 Jul 2022 12:32:19 GMT

GET
H2 200 manifest.e709f88ef4582e5c24bc.js Show response
static-lre.lowermybills.com/ 12 KB
5 KB 21ms
20ms Script
application/javascript 2606:4700::6812:139f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static-lre.lowermybills.com/manifest.e709f88ef4582e5c24bc.js

Requested by

Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:139f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f34b99a471d8fd8d0fce91f5612122e9d353a96ad5cc69a0e34f271ad9bc6d5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .lowermybills.com .quickenloans.com app.optimizely.com analytics.google.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 29 Jul 2022 10:32:19 GMT
via: 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6741
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-replication-status: COMPLETED
content-encoding: gzip
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Jul 2022 13:56:23 GMT
server: cloudflare
etag: W/"4036bed17c4b47091283374089e15a74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
x-amz-version-id: tgFo50uM_fIMoyN5Y1v9VTuWQCAHaucJ
cache-control: public, max-age=7200
content-security-policy: frame-ancestors 'self' *.lowermybills.com *.quickenloans.com app.optimizely.com analytics.google.com
x-amz-cf-pop: FRA50-C1
cf-ray: 732530a469399b86-FRA
x-amz-cf-id: _X8Xpv0vBElI4eTBHJarIGFpngs_xTXmXqiItiKWdSdJsy5yduS_Og==
expires: Fri, 29 Jul 2022 12:32:19 GMT

GET
H2 200 vendor.a0f4e89afe7f91cc8f4d.js Show response
static-lre.lowermybills.com/ 382 KB
121 KB 25ms
24ms Script
application/javascript 2606:4700::6812:139f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static-lre.lowermybills.com/vendor.a0f4e89afe7f91cc8f4d.js

Requested by

Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:139f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7f40dac6d30d1aedf50b58270e0578b4e5f4e6c9700f11f9bd03da5993f1a19

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .lowermybills.com .quickenloans.com app.optimizely.com analytics.google.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 29 Jul 2022 10:32:19 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6741
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-replication-status: COMPLETED
content-encoding: gzip
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Jul 2022 13:56:23 GMT
server: cloudflare
etag: W/"1ef644dd43da35aa388576b65c82beb6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
x-amz-version-id: rJg6A70EQM6qpC2voSXwh5TMbhDF6Z7B
cache-control: public, max-age=7200
content-security-policy: frame-ancestors 'self' *.lowermybills.com *.quickenloans.com app.optimizely.com analytics.google.com
x-amz-cf-pop: FRA50-C1
cf-ray: 732530a4996b9b86-FRA
x-amz-cf-id: o5lpvH5q_8Yqy-OE4A8Y-e7S4SuAxFJCINllmFFaPqYPcd-o3WfZfQ==
expires: Fri, 29 Jul 2022 12:32:19 GMT

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 100ms
45ms Script
text/javascript 2606:4700:440e::6812:2fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
Origin: https://refinance.lowermybills.com
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 29 Jul 2022 10:32:20 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 732530a5cfda9a3c-FRA

GET
H2 200 lend16007_goldscale.png
content.lowermybills.com/lre/ 190 B
427 B 27ms
26ms Image
image/png 2606:4700::6812:139f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.lowermybills.com/lre/lend16007_goldscale.png

Requested by

Host: static-lre.lowermybills.com
URL: https://static-lre.lowermybills.com/main.8f5dc06db978b30699b7.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:139f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86f9cb44b12f3d37a72622b500a99d96bf070a07ab81b5577bd3dd723aae0ecf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .lowermybills.com .quickenloans.com app.optimizely.com analytics.google.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static-lre.lowermybills.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 29 Jul 2022 10:32:20 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6741
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 190
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Jul 2022 23:41:06 GMT
server: cloudflare
etag: "70836be8dfb4a77c709d02a054f1a98e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=7200
content-security-policy: frame-ancestors 'self' *.lowermybills.com *.quickenloans.com app.optimizely.com analytics.google.com
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 732530a57a969b86-FRA
x-amz-cf-id: f4U3LYBpl8Leg_Bx_kDx8BWlRusd7ExgXZ9WVZCATRZmivixmfG_iw==
expires: Fri, 29 Jul 2022 12:32:20 GMT

GET
H2 200 home-desktop.jpg
content.lowermybills.com/lre/ 199 KB
199 KB 27ms
27ms Image
image/jpeg 2606:4700::6812:139f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.lowermybills.com/lre/home-desktop.jpg

Requested by

Host: static-lre.lowermybills.com
URL: https://static-lre.lowermybills.com/main.8f5dc06db978b30699b7.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:139f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

127cae9821853edc1953090239e5ae0297c4626b184280bb894cbfef9f947f30

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .lowermybills.com .quickenloans.com app.optimizely.com analytics.google.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static-lre.lowermybills.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 29 Jul 2022 10:32:20 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6741
x-cache: Hit from cloudfront
last-modified: Wed, 20 Jul 2022 23:41:06 GMT
vary: Accept-Encoding
content-length: 203332
x-xss-protection: 1; mode=block
cf-bgj: h2pri
server: cloudflare
etag: "ac3af3174e2b972e0adcd85fb89d7ba1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=7200
content-security-policy: frame-ancestors 'self' *.lowermybills.com *.quickenloans.com app.optimizely.com analytics.google.com
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 732530a57a999b86-FRA
x-amz-cf-id: Eb-xrYA2wtl4DOlVKV45sCAyfN5GJgr8TiKS2c9zrp2MY4M3s5bT-w==
expires: Fri, 29 Jul 2022 12:32:20 GMT

GET
H2 200 sprite_lp.png
content.lowermybills.com/lre/ 17 KB
17 KB 27ms
25ms Image
image/png 2606:4700::6812:139f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.lowermybills.com/lre/sprite_lp.png

Requested by

Host: static-lre.lowermybills.com
URL: https://static-lre.lowermybills.com/main.8f5dc06db978b30699b7.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:139f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3255db2fb88891ee1add7804275d722bdd4e1eb438c51927d08c0dd67c1c558f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .lowermybills.com .quickenloans.com app.optimizely.com analytics.google.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static-lre.lowermybills.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 29 Jul 2022 10:32:20 GMT
via: 1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6741
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 17424
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Jul 2022 23:41:06 GMT
server: cloudflare
etag: "c8a52138ef54bb2745413f072f32e23a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=7200
content-security-policy: frame-ancestors 'self' *.lowermybills.com *.quickenloans.com app.optimizely.com analytics.google.com
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 732530a57aa09b86-FRA
x-amz-cf-id: F3sSXG9P7nGB1LfGUeOAtUsQbv7WbcKeKeaPg3ea0trM0jrSIVtzsg==
expires: Fri, 29 Jul 2022 12:32:20 GMT

GET
H2 200 hud_logo.gif
content.lowermybills.com/lre/ 738 B
889 B 24ms
23ms Image
image/gif 2606:4700::6812:139f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.lowermybills.com/lre/hud_logo.gif

Requested by

Host: static-lre.lowermybills.com
URL: https://static-lre.lowermybills.com/main.8f5dc06db978b30699b7.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:139f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8b1f3575dd2b0024383a4f47725654257a4b4ec1015595ade984a80804a56ce

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .lowermybills.com .quickenloans.com app.optimizely.com analytics.google.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static-lre.lowermybills.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 29 Jul 2022 10:32:20 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6741
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 738
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Jul 2022 23:41:06 GMT
server: cloudflare
etag: "c9c9a78e117c3c6b24c9ba244ee59280"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: public, max-age=7200
content-security-policy: frame-ancestors 'self' *.lowermybills.com *.quickenloans.com app.optimizely.com analytics.google.com
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 732530a58aa29b86-FRA
x-amz-cf-id: tuAZh602Y-eazv962NxkmkCQ-SE2v6TvQmJB86QSswiB4IuEt-38uw==
expires: Fri, 29 Jul 2022 12:32:20 GMT

GET
H/1.1 200
OK seal
privacy-policy.truste.com/privacy-seal/ 14 KB
16 KB 87ms
10ms Image
image/svg+xml 13.225.78.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://privacy-policy.truste.com/privacy-seal/seal?rid=36759420-4093-4a7b-bf8a-2029fcf0dd2d

Requested by

Host: static-lre.lowermybills.com
URL: https://static-lre.lowermybills.com/main.8f5dc06db978b30699b7.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-122.fra2.r.cloudfront.net

Software

TXS /

Resource Hash

4b8271a7147141530b4450016f74d728419e6cea808360acdf2c25ce1ab6cf96

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' .trustarc.com .trustarc-svc.net .truste.com .truste-svc.net; font-src 'self' .trustarc.com .trustarc-svc.net .truste.com .truste-svc.net; style-src 'self' 'unsafe-inline' .trustarc.com .trustarc-svc.net .truste.com .truste-svc.net; img-src 'self' .trustarc.com .trustarc-svc.net .truste.com .truste-svc.net https://trustarc.com; frame-src 'self' .trustarc.com .trustarc-svc.net .truste.com .truste-svc.net; connect-src 'self' .trustarc.com .trustarc-svc.net .truste.com .truste-svc.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' .trustarc.com .trustarc-svc.net .truste.com .truste-svc.net; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static-lre.lowermybills.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date: Thu, 28 Jul 2022 19:03:31 GMT
Via: 1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff, nosniff
Age: 55728
Cross-Origin-Embedder-Policy: unsafe-none
X-Cache: Hit from cloudfront
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 14237
X-Xss-Protection: 1; mode=block, 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Server: TXS
Cross-Origin-Opener-Policy: cross-origin
ETag: W/"14237-1594834154000"
Expect-CT: enforce, max-age=60
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: image/svg+xml
Cache-Control: no-cache
Permissions-Policy: autoplay=(self), document-domain=(self), encrypted-media=(self)
Content-Security-Policy: default-src 'self' 'unsafe-eval' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; font-src 'self' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; style-src 'self' 'unsafe-inline' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; img-src 'self' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net https://trustarc.com; frame-src 'self' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; connect-src 'self' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; upgrade-insecure-requests; block-all-mixed-content;
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
X-Amz-Cf-Id: kGNMW57pe3KG-tPkp1cjQQ73dtv1WeU_sMXRZ0OFkVVE7xmMDWmcJw==

GET
H2 200 misc_thawte.jpg
content.lowermybills.com/lre/ 1 KB
1 KB 27ms
26ms Image
image/jpeg 2606:4700::6812:139f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.lowermybills.com/lre/misc_thawte.jpg

Requested by

Host: static-lre.lowermybills.com
URL: https://static-lre.lowermybills.com/main.8f5dc06db978b30699b7.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:139f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9985336660219f2aa5e5c8f21d7f5456aee6c69afb706d3a9c9322ad5d601a76

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .lowermybills.com .quickenloans.com app.optimizely.com analytics.google.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static-lre.lowermybills.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 29 Jul 2022 10:32:20 GMT
via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6741
x-cache: Hit from cloudfront
last-modified: Wed, 20 Jul 2022 23:41:06 GMT
vary: Accept-Encoding
content-length: 1064
x-xss-protection: 1; mode=block
cf-bgj: h2pri
server: cloudflare
etag: "fce9074d37a5424c838ef468af0c2392"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=7200
content-security-policy: frame-ancestors 'self' *.lowermybills.com *.quickenloans.com app.optimizely.com analytics.google.com
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 732530a58aa69b86-FRA
x-amz-cf-id: f0ndtwIb6pNrO50GD5v7-OLSiKTo3gg6WodyjfhqkxCSPgtPgcdmqQ==
expires: Fri, 29 Jul 2022 12:32:20 GMT

GET
H2 200 bbb_ReliabilitySeal4.png
content.lowermybills.com/lre/ 792 B
991 B 39ms
38ms Image
image/png 2606:4700::6812:139f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.lowermybills.com/lre/bbb_ReliabilitySeal4.png

Requested by

Host: static-lre.lowermybills.com
URL: https://static-lre.lowermybills.com/main.8f5dc06db978b30699b7.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:139f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1b5ecbe1f536ff0fef14eabe281e525514e533dc65d179493ee770857893943

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .lowermybills.com .quickenloans.com app.optimizely.com analytics.google.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static-lre.lowermybills.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 29 Jul 2022 10:32:20 GMT
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6741
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 792
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Jul 2022 23:41:06 GMT
server: cloudflare
etag: "6090dac9efe433facd03c240a291865e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=7200
content-security-policy: frame-ancestors 'self' *.lowermybills.com *.quickenloans.com app.optimizely.com analytics.google.com
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 732530a58aa79b86-FRA
x-amz-cf-id: PLyU5Abdxtkmp0Zg4mauYWltq5Qwl3C-j59VNhoFIs6myDR2erOmog==
expires: Fri, 29 Jul 2022 12:32:20 GMT

GET
H2 200 mortgageBankersAssoc.jpg
content.lowermybills.com/lre/ 792 B
982 B 27ms
26ms Image
image/jpeg 2606:4700::6812:139f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.lowermybills.com/lre/mortgageBankersAssoc.jpg

Requested by

Host: static-lre.lowermybills.com
URL: https://static-lre.lowermybills.com/main.8f5dc06db978b30699b7.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:139f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c0676327f2e8a36f4566392aaec15036da66d48fda332ae8b6c6af30dc3c485

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .lowermybills.com .quickenloans.com app.optimizely.com analytics.google.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static-lre.lowermybills.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 29 Jul 2022 10:32:20 GMT
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6741
x-cache: Hit from cloudfront
last-modified: Wed, 20 Jul 2022 23:41:06 GMT
vary: Accept-Encoding
content-length: 792
x-xss-protection: 1; mode=block
cf-bgj: h2pri
server: cloudflare
etag: "fac151fb09dc6ee89e43925ed2c85572"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=7200
content-security-policy: frame-ancestors 'self' *.lowermybills.com *.quickenloans.com app.optimizely.com analytics.google.com
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 732530a59acc9b86-FRA
x-amz-cf-id: vq41xRidImSMxfWF1NhW4nUyG2FaAZVzNT02LqIkGiIrK1c7TDG8ZQ==
expires: Fri, 29 Jul 2022 12:32:20 GMT

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Ew-.ttf
fonts.gstatic.com/s/montserrat/v25/ 107 KB
53 KB 113ms
50ms Font
font/ttf 2a00:1450:4014:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Ew-.ttf

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34169f8b24cbd7e27ad26ae5cc9c0b1bbcf34bfef440e04ef075830fb8ebc3e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://refinance.lowermybills.com
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 22 Jul 2022 16:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 584784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54474
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:56:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Jul 2023 16:05:56 GMT

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM70w-.ttf
fonts.gstatic.com/s/montserrat/v25/ 107 KB
54 KB 84ms
21ms Font
font/ttf 2a00:1450:4014:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM70w-.ttf

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06a0e623bbaf4a0237f1d605affa269f9e431ff50c7143dcbb47b815edaba9bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://refinance.lowermybills.com
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 25 Jul 2022 23:02:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 300598
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54858
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:01:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Jul 2023 23:02:22 GMT

GET
H2 200 4iC86LVlZsRSjQhpWGedwyOoW-0A6_kpsyNmpAzHHA.ttf
fonts.gstatic.com/s/shadowsintolighttwo/v13/ 27 KB
20 KB 105ms
42ms Font
font/ttf 2a00:1450:4014:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/shadowsintolighttwo/v13/4iC86LVlZsRSjQhpWGedwyOoW-0A6_kpsyNmpAzHHA.ttf

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Shadows+Into+Light+Two&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

375ef6f2cae98bb91d6f8efc8ef5dfea284928c2273da0f3aa7a6728a45fd135

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://refinance.lowermybills.com
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 25 Jul 2022 21:19:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 306761
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19908
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:54:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Jul 2023 21:19:39 GMT

POST
H2 200 visitor Show response
refinance.lowermybills.com/ 16 B
369 B 257ms
257ms XHR
application/json 2606:4700::6812:139f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://refinance.lowermybills.com/visitor

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:139f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a732617c38101a63ad0f14116a16ca6d08b8562ccc8c20be9f17291427a2849f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .lowermybills.com .quickenloans.com app.optimizely.com analytics.google.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: application/json

Response headers

date: Fri, 29 Jul 2022 10:32:20 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
p3p: CP="NON DSP COR LAW CONi TELi OUR SAM IND CNT"
content-length: 16
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"10-rUyPvz2t/XnLVYpk95e2nnkHtO8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
cache-control: no-store
content-security-policy: frame-ancestors 'self' *.lowermybills.com *.quickenloans.com app.optimizely.com analytics.google.com
cf-ray: 732530a67c389b86-FRA

GET
H2 200 collect Show response
sgtm.lowermybills.com/g/ 65 B
543 B 498ms
445ms XHR
text/plain 2001:4860:4802:32::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sgtm.lowermybills.com/g/collect?v=2&tid=G-WQ7TGZQSWQ&gtm=2oe7r0&_p=1400225883&_z=ccd.v9B&cid=1456572041.1659090740&ul=en-us&sr=1600x1200&_fplc=0&_s=1&sid=1659090740&sct=1&seg=0&dl=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&dt=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&en=page_view&_fv=1&_nsi=1&_ss=1&ep.environment=prod&ep.pageName=LMB_LRE_LANDING_VERTICAL&richsstsse

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 29 Jul 2022 10:32:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://refinance.lowermybills.com
cache-control: no-cache
access-control-allow-credentials: true
via: 1.1 google

POST
H2 200 pubdff5c93c0a8137997d0bc115c7949e0c
rum-http-intake.logs.datadoghq.com/v1/input/ 0
0 493ms
207ms Ping
application/json 2600:1f18:24e6:b902:8915:24fe:2656:7e19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pubdff5c93c0a8137997d0bc115c7949e0c?ddsource=browser&ddtags=sdk_version%3A3.11.0%2Cenv%3Aprod%2Cservice%3Alre-lp-webapp%2Cversion%3A1.0.3%20d-RREAZ2I2I&batch_time=1659090740274
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b902:8915:24fe:2656:7e19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 deviceAtlasLmb.min.js Show response
cdn.lowermybills.com/lending-images/presentations/common/navapi/ Frame 6CC6 8 KB
3 KB 55ms
36ms Script
text/javascript 2606:4700::6812:139f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lowermybills.com/lending-images/presentations/common/navapi/deviceAtlasLmb.min.js

Requested by

Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-13c3e8c569e8fecd2286.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:139f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cff5de0a6dddcb01b664acb7cce79cd85b5a941e7e8f74423c8024e60704005

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .lowermybills.com .quickenloans.com app.optimizely.com analytics.google.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 29 Jul 2022 10:32:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 44040
p3p: CP="NON DSP COR LAW CONi TELi OUR SAM IND CNT"
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Fri, 21 May 2021 02:42:28 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"fed6c65f5b084671-20fc-5c2ce02c32fd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript
cache-control: public, max-age=7200
content-security-policy: frame-ancestors 'self' *.lowermybills.com *.quickenloans.com app.optimizely.com analytics.google.com
cf-ray: 732530a6fcf89b86-FRA
expires: Fri, 29 Jul 2022 12:32:20 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 168 KB
61 KB 62ms
61ms Script
application/javascript 2a00:1450:4014:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-849970183

Requested by

Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-13c3e8c569e8fecd2286.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8bd1ad1b4db79e7754c5faa4b85aaa7673f13e604848a107d435c8c3cba04c29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 29 Jul 2022 10:32:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62395
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 29 Jul 2022 10:32:20 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 168 KB
61 KB 76ms
76ms Script
application/javascript 2a00:1450:4014:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-755089552

Requested by

Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-13c3e8c569e8fecd2286.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

de9dacdafd3cdba10a31584807280d0944c78f50f38d85e174c4a2d57b0df906

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 29 Jul 2022 10:32:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62351
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 29 Jul 2022 10:32:20 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 42ms
42ms Script
application/javascript 2a00:1450:4014:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-72055405-1

Requested by

Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-13c3e8c569e8fecd2286.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

618610b9cedab5266ed21276a41d9a75cc4c4930e40a85f61f204facc58e59b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 29 Jul 2022 10:32:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41839
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 29 Jul 2022 10:32:20 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 168 KB
61 KB 54ms
53ms Script
application/javascript 2a00:1450:4014:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1066568174

Requested by

Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-13c3e8c569e8fecd2286.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

27e8f9cab2b68ba9b255155e6f8a9ff0b15dff7d75239749ed0a4bdeb3bc39e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 29 Jul 2022 10:32:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62398
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 29 Jul 2022 10:32:20 GMT

GET
H2 200 analytics Show response
ads.revjet.com/ Frame 6CC6 19 KB
8 KB 119ms
27ms Script
application/javascript 95.217.105.226
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/analytics?acu=3370
Requested by: Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 95.217.105.226 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.226.105.217.95.clients.your-server.de
Software: nginx /
Resource Hash: 2d84cdbfaf9b2bc0ba30bc5f67e45d03b265b52c3cfe24353e09175b1fb0fdfb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 29 Jul 2022 10:32:20 GMT
content-encoding: gzip
last-modified: Thu, 23 Jun 2022 08:51:43 GMT
server: nginx
etag: W/"62b4299f-4c14"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
expires: Fri, 29 Jul 2022 10:42:20 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 114 KB
44 KB 70ms
69ms Script
application/javascript 2a00:1450:4014:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-882032010

Requested by

Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-13c3e8c569e8fecd2286.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4f1922e91ed618fcf386f71cb221fc507ce4ac3a863c6ba80453d550e60fb3b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 29 Jul 2022 10:32:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45415
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 29 Jul 2022 10:32:20 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 114 KB
44 KB 87ms
87ms Script
application/javascript 2a00:1450:4014:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-934858762

Requested by

Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-13c3e8c569e8fecd2286.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dbf147dd74a123dacdde75525100989a3f3ad633d7aa024a03f5f3eb6cef71d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 29 Jul 2022 10:32:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45417
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 29 Jul 2022 10:32:20 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 114 KB
44 KB 84ms
84ms Script
application/javascript 2a00:1450:4014:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-950054130

Requested by

Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-13c3e8c569e8fecd2286.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6bb5636b6ee30da66b7d6cc0521d8fe0dfe19df350b62fb18ca75c85f5b337fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 29 Jul 2022 10:32:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45415
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 29 Jul 2022 10:32:20 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 114 KB
44 KB 76ms
76ms Script
application/javascript 2a00:1450:4014:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-966730890

Requested by

Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-13c3e8c569e8fecd2286.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2dcdf189ecb27b3250033c804b65f346dc66f9bcd46c9f28a2886d30fe443599

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 29 Jul 2022 10:32:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45418
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 29 Jul 2022 10:32:20 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 114 KB
44 KB 80ms
80ms Script
application/javascript 2a00:1450:4014:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-735544455

Requested by

Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-13c3e8c569e8fecd2286.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a0ce758d9488daabffae1da483101a0860660b372cebba39a20b521d95de28ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 29 Jul 2022 10:32:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45416
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 29 Jul 2022 10:32:20 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 65ms
33ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1990D9D4AC4B4605889690B57D9602CD Ref B: FRAEDGE1312 Ref C: 2022-07-29T10:32:20Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Fri, 29 Jul 2022 10:32:19 GMT
accept-ranges: bytes
content-length: 11367

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 114 KB
44 KB 88ms
88ms Script
application/javascript 2a00:1450:4014:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-874461485

Requested by

Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-13c3e8c569e8fecd2286.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d8c25e6bd28d4c61026ee4fca7273d3c1d46bf8b56a8315c4d0d1cd981661596

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 29 Jul 2022 10:32:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45416
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 29 Jul 2022 10:32:20 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 105 KB
41 KB 92ms
91ms Script
application/javascript 2a00:1450:4014:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-852807

Requested by

Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-13c3e8c569e8fecd2286.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8029f72b0e07b8edabe973c03c2c985971444ef9b584b6d5c8ccda1754924b4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 29 Jul 2022 10:32:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41497
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 29 Jul 2022 10:32:20 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1007280/ Frame 6CC6 57 KB
18 KB 146ms
123ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1007280/tfa.js
Requested by: Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3fb00934a5ee9916fdd0edac940f92803ad72fed80b1f86d0adf904cab8e5779

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-amz-version-id: CXppnfVF_ikxVDXFpXq7iUdKb4usy2GN
content-encoding: gzip
etag: "54f4331aba9b91e98d74cf9650783c3d"
age: 0
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 17845
x-amz-id-2: mEiHTquRh5o589eZU407FAWVMDrFPrAHo8OSs5zerj13EB04wS2vOuGTRW7ZOh5rf578MW753yc=
x-served-by: cache-fra19124-FRA
last-modified: Tue, 26 Jul 2022 09:54:19 GMT
server: AmazonS3
x-timer: S1659090740.341808,VS0,VE102
date: Fri, 29 Jul 2022 10:32:20 GMT
vary: Accept-Encoding
x-amz-request-id: RZ80KWRZTYMYMPHP
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 25
x-cache-hits: 1

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ Frame 6CC6 56 KB
15 KB 31ms
8ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ae57d5e97bf1a0db8777b7531cd32cb09ee6f07bed183bb880469cc20f355086

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 29 Jul 2022 10:32:20 GMT
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 21:38:45 GMT
etag: "ca88912498e17137955859948f14e272+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 15196
x-served-by: cache-iad-kiad7000020-IAD, cache-hhn11573-HHN

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 114 KB
44 KB 94ms
93ms Script
application/javascript 2a00:1450:4014:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-968462554

Requested by

Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-13c3e8c569e8fecd2286.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

645f28f76b12ee067caaa296c328ae57b43db1bfc8bd8e7858206934c2cb4fe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 29 Jul 2022 10:32:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45419
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 29 Jul 2022 10:32:20 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 44 KB
44 KB 75ms
38ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-13c3e8c569e8fecd2286.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

169654a2040e9f83c46d4cd65600c3dc9db6db042904c22cc97645fb4323c362

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

timing-allow-origin: *
date: Fri, 29 Jul 2022 10:32:20 GMT
x-content-type-options: nosniff
server: cafe
etag: 6464440653375776403
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private, max-age=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44783
x-xss-protection: 0
expires: Fri, 29 Jul 2022 10:32:20 GMT

GET
H2 200 mgsensor.js Show response
a.mgid.com/ 15 KB
5 KB 166ms
134ms Script
application/javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mgid.com/mgsensor.js?d=1659090740304
Requested by: Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f7599ba1e84432f7f3319c7ed71b84ed24ffbb9741bea6b3ec61ec370707541

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 29 Jul 2022 10:32:20 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 3a656d58-2776-42e0-b0fb-7b37ed70deca
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 732530a72cac9018-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare

GET
H2 200 activityi;src=852807;type=lrepa937;cat=lrere295;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=
852807.fls.doubleclick.net/ Frame 6CC6 0
0 147ms
51ms Image
text/html 142.251.36.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://852807.fls.doubleclick.net/activityi;src=852807;type=lrepa937;cat=lrere295;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=
Requested by: Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.36.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: prg03s12-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

GET
H2 200 adsct
analytics.twitter.com/i/ Frame 6CC6 43 B
354 B 132ms
113ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=l5ksy&p_id=Twitter

Requested by

Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-response-time: 106
date: Fri, 29 Jul 2022 10:32:20 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: e5e573cd01f87a7b44875cb5ed27559e994d30fdd37f974b16dd28769c5eafb3
content-length: 43

GET
H2

200

/
www.google.de/pagead/1p-user-list/973523572/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/973523572/?value=0&label=l0DICKT_tQcQ9JSb0AM&guid=ON&script=0
https://www.google.com/pagead/1p-user-list/973523572/?value=0&label=l0DICKT_tQcQ9JSb0AM&guid=ON&script=0&is_vtc=1&random=2399292373
https://www.google.de/pagead/1p-user-list/973523572/?value=0&label=l0DICKT_tQcQ9JSb0AM&guid=ON&script=0&is_vtc=1&random=2399292373&ipr=y

42 B
548 B

111ms
42ms

Image
image/gif

2a00:1450:4014:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/973523572/?value=0&label=l0DICKT_tQcQ9JSb0AM&guid=ON&script=0&is_vtc=1&random=2399292373&ipr=y

Protocol

Server

2a00:1450:4014:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/973523572/?value=0&label=l0DICKT_tQcQ9JSb0AM&guid=ON&script=0&is_vtc=1&random=2399292373&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activityi;src=852807;type=lrepa937;cat=lrere295;ord=5bba359c-a085-4954-8324-53698e7a3a28
852807.fls.doubleclick.net/ Frame 6CC6 0
0 105ms
51ms Image
text/html 142.251.36.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://852807.fls.doubleclick.net/activityi;src=852807;type=lrepa937;cat=lrere295;ord=5bba359c-a085-4954-8324-53698e7a3a28?
Requested by: Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.36.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: prg03s12-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

GET
H2

200

/
www.google.de/pagead/1p-user-list/1066568174/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1066568174/?value=1.00&currency_code=USD&label=raBACLrR_VoQ7pPK_AM&guid=ON&script=0
https://www.google.com/pagead/1p-user-list/1066568174/?value=1.00&currency_code=USD&label=raBACLrR_VoQ7pPK_AM&guid=ON&script=0&is_vtc=1&random=982275856
https://www.google.de/pagead/1p-user-list/1066568174/?value=1.00&currency_code=USD&label=raBACLrR_VoQ7pPK_AM&guid=ON&script=0&is_vtc=1&random=982275856&ipr=y

42 B
108 B

112ms
42ms

Image
image/gif

2a00:1450:4014:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1066568174/?value=1.00&currency_code=USD&label=raBACLrR_VoQ7pPK_AM&guid=ON&script=0&is_vtc=1&random=982275856&ipr=y

Protocol

Server

2a00:1450:4014:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1066568174/?value=1.00&currency_code=USD&label=raBACLrR_VoQ7pPK_AM&guid=ON&script=0&is_vtc=1&random=982275856&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

src=4818226;type=invmedia;cat=esvbxzky;ord=1
adservice.google.de/ddm/fls/p/ Frame 6CC6
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=4818226;type=invmedia;cat=esvbxzky;ord=1?
https://adservice.google.com/ddm/fls/p/src=4818226;type=invmedia;cat=esvbxzky;ord=1
https://adservice.google.de/ddm/fls/p/src=4818226;type=invmedia;cat=esvbxzky;ord=1

42 B
492 B

56ms
55ms

Image
image/gif

2a00:1450:4014:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.de/ddm/fls/p/src=4818226;type=invmedia;cat=esvbxzky;ord=1

Requested by

Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246

Protocol

Server

2a00:1450:4014:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=ISO-8859-1
location: https://adservice.google.de/ddm/fls/p/src=4818226;type=invmedia;cat=esvbxzky;ord=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ Frame 6CC6 43 B
633 B 138ms
41ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10070325&ec=LRELP

Requested by

Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Fri, 29 Jul 2022 10:32:20 GMT

GET
H2 200 hub Show response
api.pushnami.com/scripts/v1/ Frame EDF5 2 KB
1 KB 14ms
7ms Document
text/html 13.32.99.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pushnami.com/scripts/v1/hub

Requested by

Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/push/5f0794ed2693b80012279eb1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-54.fra60.r.cloudfront.net

Software

Resource Hash

2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' *
X-Content-Security-Policy	default-src 'unsafe-inline' *

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-origin: *
age: 3367
cache-control: no-cache
content-encoding: gzip
content-security-policy: default-src 'unsafe-inline' *
content-type: text/html; charset=utf-8
date: Fri, 29 Jul 2022 09:36:13 GMT
vary: accept-encoding
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
x-amz-cf-id: f0N1L-qyi8qJ87cvbIXp75sSn-Vj8A9fsPlOyozAxyIYdeIHQ7YO_Q==
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
x-content-security-policy: default-src 'unsafe-inline' *
x-webkit-csp: default-src 'unsafe-inline' *

GET
BLOB 200
OK 5d4b94c0-8395-4447-9700-9b0dd2a1cd78
https://refinance.lowermybills.com/ 26 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://refinance.lowermybills.com/5d4b94c0-8395-4447-9700-9b0dd2a1cd78
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b99c919f168349275b903d0a29253e0de9a945945650d811ee2ee0214b9387be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Content-Length: 26149

POST
H2 200 rum Show response
refinance.lowermybills.com/cdn-cgi/ 0
208 B 19ms
19ms XHR
text/plain 2606:4700::6812:139f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://refinance.lowermybills.com/cdn-cgi/rum?

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:139f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
content-type: application/json

Response headers

date: Fri, 29 Jul 2022 10:32:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://refinance.lowermybills.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 732530a70d2f9b86-FRA
vary: Origin

GET
H2 200 adsct
t.co/i/ Frame 6CC6 43 B
337 B 133ms
116ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=bb5a85a2-48aa-4dfc-ac06-328cdcd1f4b4&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=0f15b127-2a22-4f2d-b34a-6b5db4a8e1e9&tw_document_href=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=nyhmx&type=javascript&version=2.4.15

Requested by

Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-response-time: 110
date: Fri, 29 Jul 2022 10:32:19 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 0df3a965563b2650a116f7490e7a315658e7bafe31abfc82925d7f1f629cdb52
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ Frame 6CC6 43 B
223 B 115ms
114ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=bb5a85a2-48aa-4dfc-ac06-328cdcd1f4b4&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=0f15b127-2a22-4f2d-b34a-6b5db4a8e1e9&tw_document_href=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=nyhmx&type=javascript&version=2.4.15

Requested by

Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-response-time: 102
date: Fri, 29 Jul 2022 10:32:19 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: e5e573cd01f87a7b44875cb5ed27559e994d30fdd37f974b16dd28769c5eafb3
content-length: 43

POST
H2 200 psp Show response
psp.pushnami.com/api/ 2 B
231 B 142ms
141ms Fetch
text/html 35.170.12.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.12.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-12-248.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer
key: 5f0794ed2693b80012279eb1
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://refinance.lowermybills.com
date: Fri, 29 Jul 2022 10:32:20 GMT
cache-control: no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: accept-encoding
content-type: text/html; charset=utf-8

OPTIONS
H2 200 psp
psp.pushnami.com/api/ Frame 0
0 355ms
108ms Preflight
application/json 35.170.12.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.12.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-12-248.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://refinance.lowermybills.com
Sec-Fetch-Mode: cors
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

access-control-allow-credentials: true
access-control-allow-headers: key
access-control-allow-methods: POST
access-control-allow-origin: https://refinance.lowermybills.com
access-control-expose-headers: content-type, content-length, etag
access-control-max-age: 600
cache-control: no-cache
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 29 Jul 2022 10:32:20 GMT
vary: accept-encoding

GET
H2 204 5189243.js Show response
bat.bing.com/p/action/ 0
118 B 186ms
186ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5189243.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0C0028D0D4F34F50BB14B29EF9F6C635 Ref B: FRAEDGE1312 Ref C: 2022-07-29T10:32:20Z
date: Fri, 29 Jul 2022 10:32:20 GMT
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
176 B 29ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5189243&Ver=2&mid=d9b744a6-750f-4862-90e6-947e96cf14b4&sid=b9cd95c00f2911ed90f239dc8de3889c&vid=b9cda5400f2911ed9c654502e317a0e0&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Refinance%20Mortgage,%20Refinancing%20Rates,%20Mortgage%20Rates%20-%20LowerMyBills&kw=refinance,%20mortgage,%20mortgages,%20refinancing,%20mortgage%20rates,%20refinance%20mortgage,%20refinance%20rates,%20refinancing%20rates,%20refinancing%20home,%20home%20loan,%20home%20loans,%20equity%20loans,%20home%20equity%20loans,%20home%20equity%20loan,%20second%20mortgage,%20home%20equity%20loan%20rates,%20credit%20card%20consolidation,%20debt%20loans,%20credit%20card%20debt%20consolidation,%20bad%20credit%20loans,%20debt%20free,%20bad%20credit,%20debt%20help,%20debt%20solutions,%20money%20management,%20credit%20card%20debt,%20personal%20loan,%20bad%20credit%20mortgage,%20mortgage%20calculator&p=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&r=&lt=4843&evt=pageLoad&sv=1&rn=145237

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C397EB741F8B4AB7BCF8CE9CD2EEF23F Ref B: FRAEDGE1312 Ref C: 2022-07-29T10:32:20Z
date: Fri, 29 Jul 2022 10:32:19 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 89ms
19ms Script
text/javascript 2a00:1450:4014:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-72055405-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80b::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1319
date: Fri, 29 Jul 2022 10:10:21 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 29 Jul 2022 12:10:21 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 114 KB
44 KB 60ms
60ms Script
application/javascript 2a00:1450:4014:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-966730890&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VHPB6M

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cbd772d79c1af761a7a44e4cfbc55709194d54f15ca1f06c9a4cb25300321ed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 29 Jul 2022 10:32:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45425
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 29 Jul 2022 10:32:20 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 168 KB
61 KB 51ms
51ms Script
application/javascript 2a00:1450:4014:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-849970183&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VHPB6M

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2dcb7ec24f28e99a642ccb9d5a0e9b0273b539e259d59dc262cb5cfd0689c0f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 29 Jul 2022 10:32:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62407
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 29 Jul 2022 10:32:20 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 114 KB
44 KB 55ms
55ms Script
application/javascript 2a00:1450:4014:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-735544455&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VHPB6M

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6fb17d4dab257248b09ca1b88f2d473cbb3d5253ad3e5a01b2e891eec54234e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 29 Jul 2022 10:32:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45422
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 29 Jul 2022 10:32:20 GMT

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 40 KB
40 KB 70ms
27ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-950054130

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

timing-allow-origin: *
date: Fri, 29 Jul 2022 10:32:20 GMT
x-content-type-options: nosniff
server: cafe
etag: 9823212955285023900
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private, max-age=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40450
x-xss-protection: 0
expires: Fri, 29 Jul 2022 10:32:20 GMT

GET
H2 200 pd2120 Show response
pix.revjet.com/track/ Frame 6CC6 46 B
223 B 72ms
11ms Script
text/javascript 162.55.246.95
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pix.revjet.com/track/pd2120?__noscript=false&__cbf=revjet.callbacks.cb1659090740471&location=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&referrer=&creditProfile=&firstMortgageBalance=&firstMortgageInterestRate=&hasFHALoan=&homeValue=&loanToValue=&propertyCity=&propertyDescription=&propertyState=&propertyZipCode=&rateType=&typeOfLoan=&loanRefiPurpose=
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/analytics?acu=3370
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.55.246.95 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.95.246.55.162.clients.your-server.de
Software: /
Resource Hash: bf94a950ee000abe3f9ce04a18288729048b9f056823dec6aeda65ca918204e9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 29 Jul 2022 10:32:20 GMT
content-length: 46
content-type: text/javascript

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 40ms
39ms Image
image/gif 2a00:1450:4014:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=AW-735544455&cv=1&v=3&t=t&pid=1134466731&rv=7r0&es=1&e=gtm.init_consent&eid=-1&tc=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 56ms
54ms Image
image/gif 2a00:1450:4014:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=AW-735544455&cv=1&v=3&t=t&pid=1134466731&rv=7r0&es=1&e=gtm.init&eid=0&tc=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 73ms
72ms Image
image/gif 2a00:1450:4014:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=AW-735544455&cv=1&v=3&t=t&pid=1134466731&rv=7r0&es=1&e=gtm.js&eid=1&tc=1&tr=1rep&ti=1rep&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 71ms
70ms Image
image/gif 2a00:1450:4014:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=AW-735544455&cv=1&v=3&t=t&pid=1134466731&rv=7r0&es=1&e=gtm.dom&eid=7&tc=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 71ms
70ms Image
image/gif 2a00:1450:4014:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=AW-735544455&cv=1&v=3&t=t&pid=1134466731&rv=7r0&es=1&e=gtm.load&eid=8&tc=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 72ms
71ms Image
image/gif 2a00:1450:4014:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=AW-735544455&cv=1&v=3&t=t&pid=1134466731&rv=7r0&es=1&e=*&eid=13&u=C&tc=1&epr=1AW&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 58ms
54ms Image
image/gif 2a00:1450:4014:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=AW-735544455&cv=1&v=3&t=t&pid=1134466731&rv=7r0&es=1&e=gtag.config&eid=25&u=C&ut=AAB&tc=1&epr=1AW&tdc=AW-735544455*G-WQ7TGZQSWQ&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 td
www.googletagmanager.com/ 0
15 B 192ms
188ms Image
image/gif 2a00:1450:4014:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googletagmanager.com/td?id=AW-735544455&cv=1&v=3&t=t&pid=1134466731&rv=7r0&es=1&e=gtag.config&eid=25&u=C&ut=AAB&tc=1&epr=1AW&tdc=AW-735544455*G-WQ7TGZQSWQ&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4014:80f::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
server: Golfe2
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track Show response
refinance.lowermybills.com/ 259 B
325 B 222ms
221ms XHR
application/json 2606:4700::6812:139f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://refinance.lowermybills.com/track

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:139f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33e47e1e96f0c85ce141d1b95f59678abf624a0f0d1dcaa0d50e858b2098e0f1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .lowermybills.com .quickenloans.com app.optimizely.com analytics.google.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: application/json

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
p3p: CP="NON DSP COR LAW CONi TELi OUR SAM IND CNT"
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
date: Fri, 29 Jul 2022 10:32:20 GMT
x-download-options: noopen
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json; charset=utf-8
cache-control: no-store
etag: W/"103-a+5zlC8tpREhUBb9sHBqULGoFsI"
content-security-policy: frame-ancestors 'self' *.lowermybills.com *.quickenloans.com app.optimizely.com analytics.google.com
cf-ray: 732530a8ffe19b86-FRA

GET
H2 200 json Show response
trc.taboola.com/1007280/trc/3/ Frame 6CC6 2 KB
2 KB 47ms
33ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1007280/trc/3/json?tim=1659090740662&data=%7B%22id%22%3A486%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1659090740656%2C%22cv%22%3A%2220220726-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dcoredigital-sc%3Aabp%3D1%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1659090740661%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1007280/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e2d3a0843b937cbab1ee97b249cd15b48ea0935082dbe0aa7c75778665193cd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-vcl-time-ms: 19
date: Fri, 29 Jul 2022 10:32:20 GMT
content-encoding: gzip
server: nginx
x-timer: S1659090741.681210,VS0,VE19
x-served-by: cache-fra19124-FRA
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

POST
H2 200 pubdff5c93c0a8137997d0bc115c7949e0c
rum-http-intake.logs.datadoghq.com/v1/input/ 0
0 151ms
150ms Ping
application/json 2600:1f18:24e6:b902:8915:24fe:2656:7e19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pubdff5c93c0a8137997d0bc115c7949e0c?ddsource=browser&ddtags=sdk_version%3A3.11.0%2Cenv%3Aprod%2Cservice%3Alre-lp-webapp%2Cversion%3A1.0.3%20d-RREAZ2I2I&batch_time=1659090740664
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b902:8915:24fe:2656:7e19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 94ms
35ms XHR
text/plain 2a00:1450:4014:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1400225883&t=pageview&_s=1&dl=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&ul=en-us&de=UTF-8&dt=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=56061891&gjid=317951043&cid=1456572041.1659090740&tid=UA-72055405-1&_gid=806713917.1659090741&_r=1&gtm=2ou7r0&z=1555703862

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80b::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://refinance.lowermybills.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1x1.gif
a.mgid.com/ 43 B
273 B 148ms
128ms Image
image/gif 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.mgid.com/1x1.gif?id=608665&type=c&tg=&r=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&utmc=0&utmt=0&nv=1&utms=&utmcp=&utmm=&clid=&clidv=0&cmgid=0&cmtid=0&cmtuid=0&d=1659090740687
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 29 Jul 2022 10:32:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cf-ray: 732530a97bc0bb5f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/735544455/ 2 KB
1 KB 68ms
67ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/735544455/?random=1659090740691&cv=9&fst=1659090740691&num=1&label=iteKCOibgqIBEIeJ3t4C&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&gtm_ee=1&auid=1228169003.1659090740&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e71d74229aeb04e32860be6f725cb8fa76358c5941fc8c3fcdb1ff931ef657bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1219
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/735544455/ 2 KB
1 KB 108ms
54ms Script
text/javascript 2a00:1450:4014:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/735544455/?random=1659090740700&cv=9&fst=1659090740700&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14a52222cfb02c083f4d761199dce09f7cbf95283db5d4996b24ec7a4eb4a526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1101
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/950054130/ 2 KB
1 KB 98ms
47ms Script
text/javascript 2a00:1450:4014:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/950054130/?random=1659090740701&cv=9&fst=1659090740701&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

102ab7c3298a8694cb56cff2780a5c4d4d33b2369a270eaac2088294bc9fbd7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1102
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/882032010/ 2 KB
1 KB 96ms
44ms Script
text/javascript 2a00:1450:4014:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/882032010/?random=1659090740702&cv=9&fst=1659090740702&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54360a28f9cd291df45a6ed0d2a7d0268a482ea65beca2123480185e3467ca96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1102
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/849970183/ 2 KB
1 KB 57ms
56ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/849970183/?random=1659090740703&cv=9&fst=1659090740703&num=1&label=DKgWCPPcgqEBEIeIppUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&gtm_ee=1&auid=1228169003.1659090740&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

c408d06ea360e86e15bc95012484d187322ac883d585d2cc5644a6f02266a348

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1219
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/849970183/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/849970183/?random=1659090740702&cv=9&fst=1659090740702&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
https://www.google.com/pagead/1p-user-list/849970183/?random=1659090740702&cv=9&fst=1659088800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...
https://www.google.de/pagead/1p-user-list/849970183/?random=1659090740702&cv=9&fst=1659088800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=fa...

42 B
64 B

54ms
49ms

Image
image/gif

2a00:1450:4014:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/849970183/?random=1659090740702&cv=9&fst=1659088800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&is_vtc=1&random=3580470284&resp=GooglemKTybQhCsO&ipr=y

Protocol

Server

2a00:1450:4014:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/849970183/?random=1659090740702&cv=9&fst=1659088800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&is_vtc=1&random=3580470284&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/755089552/ 2 KB
1 KB 100ms
56ms Script
text/javascript 2a00:1450:4014:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/755089552/?random=1659090740709&cv=9&fst=1659090740709&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b25da869afcc897422bf5fa2dc9c1171f851156a1c674525a728d72392aefc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1102
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/966730890/ 3 KB
1 KB 100ms
57ms Script
text/javascript 2a00:1450:4014:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/966730890/?random=1659090740710&cv=9&fst=1659090740710&num=1&value=1&currency_code=USD&label=SuU3CIKMzqoBEIrJ_MwD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc86cd756266439aaabdaf157355a669aa5fae5a4cacd66250164a79a6e122b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1172
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/966730890/ 2 KB
1 KB 96ms
53ms Script
text/javascript 2a00:1450:4014:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/966730890/?random=1659090740710&cv=9&fst=1659090740710&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4bc02cba03ab566bc0a0c31d1e9694f73b2f234c769770ee0ccf0c1d81b4e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1101
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/966730890/ 2 KB
1 KB 90ms
48ms Script
text/javascript 2a00:1450:4014:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/966730890/?random=1659090740711&cv=9&fst=1659090740711&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1bd8d174f87be15ba99437309243e000274c44842efdbe88fddf39ad5461851c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1103
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/934858762/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/934858762/?random=1659090740711&cv=9&fst=1659090740711&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
https://www.google.com/pagead/1p-user-list/934858762/?random=1659090740711&cv=9&fst=1659088800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...
https://www.google.de/pagead/1p-user-list/934858762/?random=1659090740711&cv=9&fst=1659088800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=fa...

42 B
64 B

50ms
45ms

Image
image/gif

2a00:1450:4014:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/934858762/?random=1659090740711&cv=9&fst=1659088800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&is_vtc=1&random=1381742045&resp=GooglemKTybQhCsO&ipr=y

Protocol

Server

2a00:1450:4014:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/934858762/?random=1659090740711&cv=9&fst=1659088800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&is_vtc=1&random=1381742045&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/874461485/ 2 KB
1 KB 84ms
43ms Script
text/javascript 2a00:1450:4014:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/874461485/?random=1659090740712&cv=9&fst=1659090740712&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d66fa2ad70d933d9c33cf3dce847a3a99e33c34b9e8e12bd5d07969744be9eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1103
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/968462554/ 2 KB
1 KB 85ms
45ms Script
text/javascript 2a00:1450:4014:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/968462554/?random=1659090740713&cv=9&fst=1659090740713&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

016677ab13c6138e6c18a0844f3913a32d29573c0ea1646c0783683e1c5deb18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1101
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1066568174/ 2 KB
1 KB 92ms
53ms Script
text/javascript 2a00:1450:4014:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1066568174/?random=1659090740714&cv=9&fst=1659090740714&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f986fb9ccf68db493faea934f08e8fff0a57d282e2df6ea72b53be85adf90fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1104
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/1390358/trc/3/ Frame 6CC6 2 KB
1 KB 33ms
32ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1390358/trc/3/json?tim=1659090740716&data=%7B%22id%22%3A977%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1659090740656%2C%22cv%22%3A%2220220726-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dcoredigital-sc%3Aabp%3D1%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1659090740664%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246%22%2C%22tos%22%3A4%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1007280/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 76699f8b36ba414b29439b50be0298f65c9da69d6720084f1d212e72b6303b60

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-vcl-time-ms: 22
date: Fri, 29 Jul 2022 10:32:20 GMT
content-encoding: gzip
server: nginx
x-timer: S1659090741.721470,VS0,VE22
x-served-by: cache-fra19124-FRA
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H3

200

/
www.google.de/pagead/1p-conversion/849970183/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/849970183/?random=1142429912&cv=9&fst=1659090740703&num=1&label=DKgWCPPcgqEBEIeIppUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=120...
https://www.google.com/pagead/1p-conversion/849970183/?random=1142429912&cv=9&fst=1659090740703&num=1&label=DKgWCPPcgqEBEIeIppUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&...
https://www.google.de/pagead/1p-conversion/849970183/?random=1142429912&cv=9&fst=1659090740703&num=1&label=DKgWCPPcgqEBEIeIppUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...

42 B
64 B

49ms
47ms

Image
image/gif

2a00:1450:4014:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/849970183/?random=1142429912&cv=9&fst=1659090740703&num=1&label=DKgWCPPcgqEBEIeIppUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&gtm_ee=1&auid=1228169003.1659090740&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=NLfjYtCKLIbPxwKLr7uACA&cid=CAQSKQCNIrLMHoxPTIxhg5WB8ZShA10tNZSQ6vfaUzks8eWazn70gHTi_9sx&random=3069686275&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Protocol

Server

2a00:1450:4014:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/849970183/?random=1142429912&cv=9&fst=1659090740703&num=1&label=DKgWCPPcgqEBEIeIppUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&gtm_ee=1&auid=1228169003.1659090740&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=NLfjYtCKLIbPxwKLr7uACA&cid=CAQSKQCNIrLMHoxPTIxhg5WB8ZShA10tNZSQ6vfaUzks8eWazn70gHTi_9sx&random=3069686275&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/735544455/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/735544455/?random=1396173994&cv=9&fst=1659090740691&num=1&label=iteKCOibgqIBEIeJ3t4C&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=120...
https://www.google.com/pagead/1p-conversion/735544455/?random=1396173994&cv=9&fst=1659090740691&num=1&label=iteKCOibgqIBEIeJ3t4C&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&...
https://www.google.de/pagead/1p-conversion/735544455/?random=1396173994&cv=9&fst=1659090740691&num=1&label=iteKCOibgqIBEIeJ3t4C&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...

42 B
64 B

48ms
47ms

Image
image/gif

2a00:1450:4014:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/735544455/?random=1396173994&cv=9&fst=1659090740691&num=1&label=iteKCOibgqIBEIeJ3t4C&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&gtm_ee=1&auid=1228169003.1659090740&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=NLfjYtzeK9Hr1warkpzQBQ&cid=CAQSKQCNIrLMUku8om1vL--n0w1JTJrC6217bcp2cD4onh3PPumr4Bh4--vT&random=2700022191&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Protocol

Server

2a00:1450:4014:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/735544455/?random=1396173994&cv=9&fst=1659090740691&num=1&label=iteKCOibgqIBEIeJ3t4C&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&gtm_ee=1&auid=1228169003.1659090740&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=NLfjYtzeK9Hr1warkpzQBQ&cid=CAQSKQCNIrLMUku8om1vL--n0w1JTJrC6217bcp2cD4onh3PPumr4Bh4--vT&random=2700022191&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
447 B 56ms
16ms XHR
text/plain 2a00:1450:4025:402::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-72055405-1&cid=1456572041.1659090740&jid=56061891&gjid=317951043&_gid=806713917.1659090741&_u=YADAAUAAAAAAAC~&z=2015424210

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 29 Jul 2022 10:32:20 GMT
content-type: text/plain
access-control-allow-origin: https://refinance.lowermybills.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/874461485/ 42 B
64 B 71ms
34ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/874461485/?random=1659090740712&cv=9&fst=1659088800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=678626463&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/874461485/ 42 B
64 B 114ms
56ms Image
image/gif 2a00:1450:4014:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/874461485/?random=1659090740712&cv=9&fst=1659088800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=678626463&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 pubdff5c93c0a8137997d0bc115c7949e0c
rum-http-intake.logs.datadoghq.com/v1/input/ 0
0 136ms
127ms Ping
application/json 2600:1f18:24e6:b902:8915:24fe:2656:7e19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pubdff5c93c0a8137997d0bc115c7949e0c?ddsource=browser&ddtags=sdk_version%3A3.11.0%2Cenv%3Aprod%2Cservice%3Alre-lp-webapp%2Cversion%3A1.0.3%20d-RREAZ2I2I&batch_time=1659090740802
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b902:8915:24fe:2656:7e19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 /
www.google.com/pagead/1p-user-list/882032010/ 42 B
64 B 63ms
32ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/882032010/?random=1659090740702&cv=9&fst=1659088800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=2997429298&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/882032010/ 42 B
64 B 106ms
54ms Image
image/gif 2a00:1450:4014:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/882032010/?random=1659090740702&cv=9&fst=1659088800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=2997429298&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/968462554/ 42 B
64 B 64ms
34ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/968462554/?random=1659090740713&cv=9&fst=1659088800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=1032063319&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/968462554/ 42 B
64 B 102ms
51ms Image
image/gif 2a00:1450:4014:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/968462554/?random=1659090740713&cv=9&fst=1659088800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=1032063319&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/950054130/ 42 B
64 B 79ms
53ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/950054130/?random=1659090740701&cv=9&fst=1659088800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=360317287&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/950054130/ 42 B
64 B 135ms
87ms Image
image/gif 2a00:1450:4014:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/950054130/?random=1659090740701&cv=9&fst=1659088800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=360317287&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/966730890/ 42 B
64 B 58ms
33ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/966730890/?random=1659090740711&cv=9&fst=1659088800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=3163509979&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/966730890/ 42 B
64 B 96ms
49ms Image
image/gif 2a00:1450:4014:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/966730890/?random=1659090740711&cv=9&fst=1659088800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=3163509979&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1066568174/ 42 B
64 B 48ms
28ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1066568174/?random=1659090740714&cv=9&fst=1659088800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=544921262&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1066568174/ 42 B
64 B 91ms
49ms Image
image/gif 2a00:1450:4014:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1066568174/?random=1659090740714&cv=9&fst=1659088800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=544921262&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/966730890/ 42 B
64 B 49ms
29ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/966730890/?random=1659090740710&cv=9&fst=1659088800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=4151040093&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/966730890/ 42 B
64 B 90ms
50ms Image
image/gif 2a00:1450:4014:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/966730890/?random=1659090740710&cv=9&fst=1659088800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=4151040093&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/735544455/ 42 B
64 B 47ms
29ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/735544455/?random=1659090740700&cv=9&fst=1659088800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=191166585&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/735544455/ 42 B
64 B 91ms
52ms Image
image/gif 2a00:1450:4014:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/735544455/?random=1659090740700&cv=9&fst=1659088800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=191166585&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/755089552/ 42 B
64 B 47ms
29ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/755089552/?random=1659090740709&cv=9&fst=1659088800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=2396700484&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/755089552/ 42 B
64 B 92ms
53ms Image
image/gif 2a00:1450:4014:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/755089552/?random=1659090740709&cv=9&fst=1659088800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=2396700484&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/966730890/ 42 B
64 B 49ms
32ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/966730890/?random=1659090740710&cv=9&fst=1659088800000&num=1&value=1&currency_code=USD&label=SuU3CIKMzqoBEIrJ_MwD&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=2753193575&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/966730890/ 42 B
64 B 86ms
49ms Image
image/gif 2a00:1450:4014:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/966730890/?random=1659090740710&cv=9&fst=1659088800000&num=1&value=1&currency_code=USD&label=SuU3CIKMzqoBEIrJ_MwD&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7r0&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=2753193575&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 pubdff5c93c0a8137997d0bc115c7949e0c
rum-http-intake.logs.datadoghq.com/v1/input/ 0
0 117ms
111ms Ping
application/json 2600:1f18:24e6:b902:8915:24fe:2656:7e19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pubdff5c93c0a8137997d0bc115c7949e0c?ddsource=browser&ddtags=sdk_version%3A3.11.0%2Cenv%3Aprod%2Cservice%3Alre-lp-webapp%2Cversion%3A1.0.3%20d-RREAZ2I2I&batch_time=1659090740869
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b902:8915:24fe:2656:7e19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 pubdff5c93c0a8137997d0bc115c7949e0c
rum-http-intake.logs.datadoghq.com/v1/input/ 0
0 150ms
148ms Ping
application/json 2600:1f18:24e6:b902:8915:24fe:2656:7e19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pubdff5c93c0a8137997d0bc115c7949e0c?ddsource=browser&ddtags=sdk_version%3A3.11.0%2Cenv%3Aprod%2Cservice%3Alre-lp-webapp%2Cversion%3A1.0.3%20d-RREAZ2I2I&batch_time=1659090740915
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b902:8915:24fe:2656:7e19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 46ms
45ms Image
image/gif 2a00:1450:4014:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=AW-735544455&cv=1&v=3&t=t&pid=1134466731&rv=7r0&e=gtag.config&eid=25&u=C&ut=AAB&tc=1&tr=5rep&epr=2AW&ti=1rep&al=S1.P186.C399.Z1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:20 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 36ms
36ms Image
image/gif 2a00:1450:4014:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=AW-735544455&cv=1&v=3&t=t&pid=1134466731&rv=7r0&e=*&eid=13&u=C&ut=AAB&tc=1&epr=2AW&al=S2.P188.C418.Z1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 10:32:21 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track Show response
trc.pushnami.com/api/push/ 2 B
168 B 148ms
148ms Fetch
text/html 52.44.225.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.225.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-225-244.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer
key: 5f0794ed2693b80012279eb1
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Fri, 29 Jul 2022 10:32:22 GMT
cache-control: no-cache
content-type: text/html; charset=utf-8
content-length: 2
access-control-expose-headers: WWW-Authenticate,Server-Authorization

OPTIONS
H2 204 track
trc.pushnami.com/api/push/ Frame 0
0 344ms
104ms Preflight 52.44.225.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.225.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-225-244.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://refinance.lowermybills.com
Sec-Fetch-Mode: cors
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,key
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
access-control-max-age: 86400
cache-control: no-cache
date: Fri, 29 Jul 2022 10:32:22 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1007280/log/3/ Frame 6CC6 0
254 B 81ms
15ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1007280/log/3/unip?en=pre_d_eng_tb&tos=1556&scd=0&ssd=1&est=1659090740659&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1659090742216&vi=1659090740656&ri=b3a376e34694d2753cac583d3033de74&ui=b3ddebb5-01a9-4205-bdaa-a5be61126de4-tuct9dd3cb4&ref=null&cv=20220726-7-RELEASE&item-url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1007280/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

access-control-allow-origin: https://refinance.lowermybills.com
pragma: no-cache
date: Fri, 29 Jul 2022 10:32:22 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1390358/log/3/ Frame 6CC6 0
255 B 79ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1390358/log/3/unip?en=pre_d_eng_tb&tos=1557&scd=0&ssd=1&est=1659090740659&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1659090742217&vi=1659090740656&ri=7828a592cf0f760c56728c531663e4d1&sd=v2_0d5299b64d77e7cdd5242f021e4de5c0_b3ddebb5-01a9-4205-bdaa-a5be61126de4-tuct9dd3cb4_1659090740_1659090740_CNawjgYQlu5UGLDLjsykMCABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGj8qrr_3O3W3FFwAA&ui=b3ddebb5-01a9-4205-bdaa-a5be61126de4-tuct9dd3cb4&ref=null&cv=20220726-7-RELEASE&item-url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1007280/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

access-control-allow-origin: https://refinance.lowermybills.com
pragma: no-cache
date: Fri, 29 Jul 2022 10:32:22 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1007280/log/3/ Frame 6CC6 0
254 B 15ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1007280/log/3/unip?en=pre_d_eng_tb&tos=4557&scd=0&ssd=1&est=1659090740659&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1659090745217&vi=1659090740656&ri=b3a376e34694d2753cac583d3033de74&ui=b3ddebb5-01a9-4205-bdaa-a5be61126de4-tuct9dd3cb4&ref=null&cv=20220726-7-RELEASE&item-url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1007280/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

access-control-allow-origin: https://refinance.lowermybills.com
pragma: no-cache
date: Fri, 29 Jul 2022 10:32:25 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1390358/log/3/ Frame 6CC6 0
254 B 14ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1390358/log/3/unip?en=pre_d_eng_tb&tos=4558&scd=0&ssd=1&est=1659090740659&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1659090745218&vi=1659090740656&ri=7828a592cf0f760c56728c531663e4d1&sd=v2_0d5299b64d77e7cdd5242f021e4de5c0_b3ddebb5-01a9-4205-bdaa-a5be61126de4-tuct9dd3cb4_1659090740_1659090740_CNawjgYQlu5UGLDLjsykMCABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGj8qrr_3O3W3FFwAA&ui=b3ddebb5-01a9-4205-bdaa-a5be61126de4-tuct9dd3cb4&ref=null&cv=20220726-7-RELEASE&item-url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1007280/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

access-control-allow-origin: https://refinance.lowermybills.com
pragma: no-cache
date: Fri, 29 Jul 2022 10:32:25 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Verdicts & Comments Add Verdict or Comment

105 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tr4ckme.com/	1969-12-31 23:59:59	Name: sid Value: t7ZzqMoXYNKsATP+0FXiAuLTUx/k4EHKFj1X/FvJWUXviiDhqEkC0w==
.tr4ckme.com/	1970-01-20 22:24:09	Name: trk Value: ZBKTjSRMGVmsATP+0FXiAuLTUx/k4EHKFj1X/FvJWUXviiDhqEkC0w==
.tr4ckme.com/	1970-01-20 05:34:42	Name: c4 Value: t7ZzqMoXYNL23hDq2MY5r6u5r63TCJmnUz8FKai1Q4g=
.trackaffcdm.com/	1969-12-31 23:59:59	Name: st Value: J8wyKvZR3Jgh9+0XrCmZtjdPlNc9t6MHicKMWoInF/KS+sOt+VYZaw==
.trackaffcdm.com/	1970-01-20 22:24:09	Name: tib Value: LfKFGQ/4RO0h9+0XrCmZtjdPlNc9t6MHicKMWoInF/KS+sOt+VYZaw==
refinance.lowermybills.com/	1970-01-20 13:37:06	Name: visitorId Value: 5bba359c-a085-4954-8324-53698e7a3a28
refinance.lowermybills.com/	1970-01-20 05:01:35	Name: sourceId Value: lmb-53705-112246
refinance.lowermybills.com/	1970-01-20 05:01:35	Name: connect.sid Value: s%3AzkJuAhtsyByQf-mwgipnt7oLGyxLEP0A.YTy5eRQfd3oOXp%2Bx9igc87%2F%2FDyQ%2FVpNeJlgmlC9cSHE
refinance.lowermybills.com/	1969-12-31 23:59:59	Name: BIGipServerpl.prod-lrelpwapp-lnd Value: !+PObgG3s9dv1WL89lWvuPZ+bkGcj9C2cspyPbvfoxvcvv54qSabaEk5UMhpkIJdDsFL/niiE5xqdu+M=
refinance.lowermybills.com/	1970-01-20 04:52:57	Name: DAPROPS Value: "sjs.webGlRenderer:Intel Iris OpenGL Engine\|bjs.accessDom:1\|bcookieSupport:1\|bcss.animations:1\|bcss.columns:1\|bcss.transforms:1\|bcss.transitions:1\|sdevicePixelRatio:1\|idisplayColorDepth:24\|bflashCapable:0\|bhtml.audio:1\|bhtml.canvas:1\|bhtml.inlinesvg:1\|bhtml.svg:1\|bhtml.video:1\|bjs.applicationCache:0\|bjs.deviceMotion:1\|bjs.deviceOrientation:0\|bjs.geoLocation:1\|bjs.indexedDB:1\|bjs.json:1\|bjs.localStorage:1\|bjs.modifyCss:1\|bjs.modifyDom:1\|bjs.querySelector:1\|bjs.sessionStorage:1\|bjs.supportBasicJavaScript:1\|bjs.supportConsoleLog:1\|bjs.supportEventListener:1\|bjs.supportEvents:1\|bjs.touchEvents:0\|bjs.webGl:1\|bjs.webSockets:1\|bjs.webSqlDatabase:0\|bjs.webWorkers:1\|bjs.xhr:1\|buserMedia:1\|bjs.battery:0"
refinance.lowermybills.com/	1970-01-20 04:51:31	Name: _dd_s Value: rum=1&id=bd7d296c-9705-4086-b80f-6388384429ec&created=1659090739879&expire=1659091639879
.lowermybills.com/	1970-01-20 22:22:42	Name: _ga_WQ7TGZQSWQ Value: GS1.1.1659090740.1.0.1659090740.0
.bing.com/	1970-01-20 14:13:06	Name: MUID Value: 2AFC252B3E4C6BCC100634DB3F9E6A8C
.lowermybills.com/	1970-01-20 04:52:57	Name: _uetsid Value: b9cd95c00f2911ed90f239dc8de3889c
.lowermybills.com/	1970-01-20 14:13:06	Name: _uetvid Value: b9cda5400f2911ed9c654502e317a0e0
.lowermybills.com/	1970-01-20 07:01:06	Name: _gcl_au Value: 1.1.1228169003.1659090740
.twitter.com/	1970-01-20 22:22:42	Name: personalization_id Value: "v1_hx6s6R/JPEyEiZCSVJ/DSQ=="
.mgid.com/	1970-01-20 04:51:32	Name: __cf_bm Value: KaLKTTC61mnQI67sSfajPRrFGKmPUuXz0Fn1qQgJI8M-1659090740-0-AdHzndLW7T/iYs/x/ZF4/27NbrVuME3w8ZTyVAQZP/SjsM5ARdF0/t95UTURDo5i2WhTN/dJO8WnAvTMjnpVfdM=
.revjet.com/	1970-01-20 22:22:42	Name: trx Value: 5006041266715338044
.yahoo.com/	1970-01-20 13:37:28	Name: A3 Value: d=AQABBDS342ICENExGAUB8PqjI8PB2DhW-DUFEgEBAQEI5WLtYgAAAAAA_eMAAA&S=AQAAAqV317MgH6pJRSfVIpEQN48
.t.co/	1970-01-20 22:22:42	Name: muc_ads Value: 1df4777c-4a05-410c-82c3-bc8b0e797521
.lowermybills.com/	1970-01-20 22:22:42	Name: _ga Value: GA1.2.1456572041.1659090740
.lowermybills.com/	1970-01-20 04:52:57	Name: _gid Value: GA1.2.806713917.1659090741
.lowermybills.com/	1970-01-20 04:51:30	Name: _gat_gtag_UA_72055405_1 Value: 1
refinance.lowermybills.com/	1970-01-20 07:01:06	Name: MgidSensorNVis Value: 1
refinance.lowermybills.com/	1970-01-20 07:01:06	Name: MgidSensorHref Value: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
.lowermybills.com/	1970-01-20 04:52:42	Name: FPLC Value: IBmkedbHsa473OQHlPJcHcvqu59aADL%2BfTWMQX0nQ45%2F%2Brk%2FuI6obbM4Fua%2Bwpl2e6fBKtFnejeIdFEfjqqoCKSgWc60hpRmXa4bANy23%2FQ83Ik6oCldXPx1KuXrQg%3D%3D
.lowermybills.com/	1970-01-20 22:22:42	Name: FPID Value: FPID2.2.h8C5V1dTPzj0xvijXXfCQBNIAw1haKKhXKmTf5jwZjs%3D.1659090740
.doubleclick.net/	1970-01-20 14:13:06	Name: IDE Value: AHWqTUlQFSkYHk5pgCU86NZ-iUmuiuh8mh815xKYXJfMhA9FmHU559Ti3PdSCiAs
.lowermybills.com/	1970-01-20 04:51:32	Name: __cf_bm Value: TB_JK00Hff0EA.aMuIABME7jgYkgG.6GRlyDbBGeKps-1659090742-0-AQJeaQdhV+P49aVPe0y521EJq0naeJJGiBZcLF7HSs0fqj5r/8qQtYwM/nwnNceIUt9ZqtFXZVF2Ft7iX4KPBN8=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' .lowermybills.com .quickenloans.com app.optimizely.com analytics.google.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

852807.fls.doubleclick.net
a.mgid.com
ad.doubleclick.net
ads.revjet.com
adservice.google.com
adservice.google.de
analytics.twitter.com
api.pushnami.com
bat.bing.com
cdn-refinance.lowermybills.com
cdn.lowermybills.com
cdn.taboola.com
content.lowermybills.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pix.revjet.com
privacy-policy.truste.com
psp.pushnami.com
refinance.lowermybills.com
rum-http-intake.logs.datadoghq.com
sgtm.lowermybills.com
sp.analytics.yahoo.com
static-lre.lowermybills.com
static.ads-twitter.com
static.cloudflareinsights.com
stats.g.doubleclick.net
t.co
tr4ckme.com
trackaffcdm.com
trc-events.taboola.com
trc.pushnami.com
trc.taboola.com
trk.klclick2.com
www.datadoghq-browser-agent.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.lowermybills.com
104.19.134.78
104.244.42.197
104.244.42.67
13.225.78.122
13.32.13.192
13.32.99.54
141.226.228.48
142.250.185.194
142.251.36.134
151.101.1.44
162.55.246.95
199.232.136.157
2001:4860:4802:32::15
212.82.100.181
2600:1f18:24e6:b902:8915:24fe:2656:7e19
2600:9000:20eb:7c00:15:1199:2d80:93a1
2606:4700:440e::6812:2fe6
2606:4700::6812:139f
2620:1ec:c11::200
2a00:1450:4001:80f::2004
2a00:1450:4014:80a::2002
2a00:1450:4014:80a::200a
2a00:1450:4014:80b::200e
2a00:1450:4014:80e::2003
2a00:1450:4014:80f::2003
2a00:1450:4014:80f::2008
2a00:1450:4025:402::9b
35.170.12.248
52.42.42.155
52.44.225.244
52.52.193.220
95.217.105.226
016677ab13c6138e6c18a0844f3913a32d29573c0ea1646c0783683e1c5deb18
06a0e623bbaf4a0237f1d605affa269f9e431ff50c7143dcbb47b815edaba9bd
0cff5de0a6dddcb01b664acb7cce79cd85b5a941e7e8f74423c8024e60704005
0da7fa94a3decd4e67b994d75ee65490703801aba5e3519b641c7c95171dc48a
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
102ab7c3298a8694cb56cff2780a5c4d4d33b2369a270eaac2088294bc9fbd7a
127cae9821853edc1953090239e5ae0297c4626b184280bb894cbfef9f947f30
14a52222cfb02c083f4d761199dce09f7cbf95283db5d4996b24ec7a4eb4a526
1578e1c9b16293b48e3f516add4c1ed65396104366b6c395e714d8e51393a8cb
169654a2040e9f83c46d4cd65600c3dc9db6db042904c22cc97645fb4323c362
1bd8d174f87be15ba99437309243e000274c44842efdbe88fddf39ad5461851c
1c0676327f2e8a36f4566392aaec15036da66d48fda332ae8b6c6af30dc3c485
1d7015c13fd51bf12eb98c6e4af1822cdfb32610540bf83730fed28917aadd84
21b3b4b9fc0b7904e6d3daaeb891cd9be233fc3f200d0cd3897a69fecfcf4973
27e8f9cab2b68ba9b255155e6f8a9ff0b15dff7d75239749ed0a4bdeb3bc39e1
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
2d84cdbfaf9b2bc0ba30bc5f67e45d03b265b52c3cfe24353e09175b1fb0fdfb
2dcb7ec24f28e99a642ccb9d5a0e9b0273b539e259d59dc262cb5cfd0689c0f8
2dcdf189ecb27b3250033c804b65f346dc66f9bcd46c9f28a2886d30fe443599
2f7599ba1e84432f7f3319c7ed71b84ed24ffbb9741bea6b3ec61ec370707541
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
3255db2fb88891ee1add7804275d722bdd4e1eb438c51927d08c0dd67c1c558f
33e47e1e96f0c85ce141d1b95f59678abf624a0f0d1dcaa0d50e858b2098e0f1
34169f8b24cbd7e27ad26ae5cc9c0b1bbcf34bfef440e04ef075830fb8ebc3e4
375ef6f2cae98bb91d6f8efc8ef5dfea284928c2273da0f3aa7a6728a45fd135
3f986fb9ccf68db493faea934f08e8fff0a57d282e2df6ea72b53be85adf90fa
3fb00934a5ee9916fdd0edac940f92803ad72fed80b1f86d0adf904cab8e5779
4375ebb4771e6dbb66555214b78781f96a3f6fc43f26b6e9acc4a4751551706b
4b8271a7147141530b4450016f74d728419e6cea808360acdf2c25ce1ab6cf96
4f1922e91ed618fcf386f71cb221fc507ce4ac3a863c6ba80453d550e60fb3b6
54360a28f9cd291df45a6ed0d2a7d0268a482ea65beca2123480185e3467ca96
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
618610b9cedab5266ed21276a41d9a75cc4c4930e40a85f61f204facc58e59b5
645f28f76b12ee067caaa296c328ae57b43db1bfc8bd8e7858206934c2cb4fe1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bb5636b6ee30da66b7d6cc0521d8fe0dfe19df350b62fb18ca75c85f5b337fa
6fb17d4dab257248b09ca1b88f2d473cbb3d5253ad3e5a01b2e891eec54234e1
76699f8b36ba414b29439b50be0298f65c9da69d6720084f1d212e72b6303b60
768260deb66fd211ee2b8c7a10f21b63dd175c9e8caf4b8a5e6df9b29bbc2fce
7f34b99a471d8fd8d0fce91f5612122e9d353a96ad5cc69a0e34f271ad9bc6d5
8029f72b0e07b8edabe973c03c2c985971444ef9b584b6d5c8ccda1754924b4a
86f9cb44b12f3d37a72622b500a99d96bf070a07ab81b5577bd3dd723aae0ecf
8b25da869afcc897422bf5fa2dc9c1171f851156a1c674525a728d72392aefc0
8bd1ad1b4db79e7754c5faa4b85aaa7673f13e604848a107d435c8c3cba04c29
9985336660219f2aa5e5c8f21d7f5456aee6c69afb706d3a9c9322ad5d601a76
a0ce758d9488daabffae1da483101a0860660b372cebba39a20b521d95de28ef
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a732617c38101a63ad0f14116a16ca6d08b8562ccc8c20be9f17291427a2849f
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae57d5e97bf1a0db8777b7531cd32cb09ee6f07bed183bb880469cc20f355086
b18912b1f2762be2e467e59747aa2dcc9ac32755fbe3fe1e76c44e0289bf7dd0
b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb
b99c919f168349275b903d0a29253e0de9a945945650d811ee2ee0214b9387be
bf94a950ee000abe3f9ce04a18288729048b9f056823dec6aeda65ca918204e9
c408d06ea360e86e15bc95012484d187322ac883d585d2cc5644a6f02266a348
cbd772d79c1af761a7a44e4cfbc55709194d54f15ca1f06c9a4cb25300321ed0
d4bc02cba03ab566bc0a0c31d1e9694f73b2f234c769770ee0ccf0c1d81b4e82
d5f3885dcc10999212cfd5372cbfc6d33f450a89b0d4b1438196b66a50f211b0
d60aa838e099599b51126886e7fa0334ad2022c7b4f76977c86f45463b55bfe9
d655f1a42a67e83b04bb4d6828ae05911fb2f14f26730e40c84cb16c46d01520
d66fa2ad70d933d9c33cf3dce847a3a99e33c34b9e8e12bd5d07969744be9eb7
d7f40dac6d30d1aedf50b58270e0578b4e5f4e6c9700f11f9bd03da5993f1a19
d8b1f3575dd2b0024383a4f47725654257a4b4ec1015595ade984a80804a56ce
d8c25e6bd28d4c61026ee4fca7273d3c1d46bf8b56a8315c4d0d1cd981661596
dbf147dd74a123dacdde75525100989a3f3ad633d7aa024a03f5f3eb6cef71d5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de9dacdafd3cdba10a31584807280d0944c78f50f38d85e174c4a2d57b0df906
e1b5ecbe1f536ff0fef14eabe281e525514e533dc65d179493ee770857893943
e2d3a0843b937cbab1ee97b249cd15b48ea0935082dbe0aa7c75778665193cd5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e71d74229aeb04e32860be6f725cb8fa76358c5941fc8c3fcdb1ff931ef657bd
ecc86cd756266439aaabdaf157355a669aa5fae5a4cacd66250164a79a6e122b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f19a2af17c612138bca9d3e94cf4199500385abe382c460d011f052b7fdcc964
f82e065a25d70b0af9c2291c44e5371b51ed3e4b74552c338a00611964be7e09
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

refinance.lowermybills.com Open in urlscan Pro 2606:4700::6812:139f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

132 Requests

94 %HTTPS

44 %IPv6

25 Domains

41 Subdomains

30 IPs

6 Countries

1669 kBTransfer

4211 kBSize

30 Cookies

21 Outgoing links

Page URL History

Redirected requests

132 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

refinance.lowermybills.com Open in urlscan Pro
2606:4700::6812:139f Public Scan

Screenshot
Live screenshot

Full Image

132
Requests

94 %
HTTPS

44 %
IPv6

25
Domains

41
Subdomains

30
IPs

6
Countries

1669 kB
Transfer

4211 kB
Size

30
Cookies

132 HTTP transactions
0 data transactions