ltimortgage.com Open in urlscan Pro
159.89.144.60 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.ltimortgage.moneymikemortgage.com/
Effective URL:
https://ltimortgage.com/
Submission: On January 11 via automatic, source certstream-suspicious (January 11th 2021, 3:38:12 am UTC)

Summary HTTP 66 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 15 domains to perform 66 HTTP transactions. The main IP is 159.89.144.60, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is ltimortgage.com.
TLS certificate: Issued by R3 on January 11th 2021. Valid for: 3 months.

This is the only time ltimortgage.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	159.89.144.60 159.89.144.60	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
26	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	13.224.194.32 13.224.194.32	16509 (AMAZON-02) (AMAZON-02)
1	2.18.233.40 2.18.233.40	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2a00:1450:400... 2a00:1450:4001:815::2003	15169 (GOOGLE) (GOOGLE)
4	2a02:6ea0:c70... 2a02:6ea0:c700::4	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
1	13.224.194.56 13.224.194.56	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
6	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	13.224.194.11 13.224.194.11	16509 (AMAZON-02) (AMAZON-02)
1	44.239.124.210 44.239.124.210	16509 (AMAZON-02) (AMAZON-02)
1	52.18.148.102 52.18.148.102	16509 (AMAZON-02) (AMAZON-02)
1	13.225.80.5 13.225.80.5	16509 (AMAZON-02) (AMAZON-02)
1	52.208.238.241 52.208.238.241	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
66	22

3 159.89.144.60 (Santa Clara, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: sfo01.dnspool.net

www.ltimortgage.moneymikemortgage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ltimortgage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 151.139.128.11 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)

h2p4v9q6.rocketcdn.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.32 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-32.fra2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.40 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-40.deploy.static.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6ea0:c700::4 (Germany)

ASN60068 (CDN77 (^_^)/, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.56 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-56.fra2.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.11 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-11.fra2.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.239.124.210 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-124-210.us-west-2.compute.amazonaws.com

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.148.102 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.80.5 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-5.fra2.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.238.241 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

ws6.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	rocketcdn.me h2p4v9q6.rocketcdn.me	467 KB
6	facebook.com www.facebook.com	616 B
6	gstatic.com fonts.gstatic.com	84 KB
5	userway.org cdn.userway.org api.userway.org	24 KB
5	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com ws6.hotjar.com	61 KB
3	facebook.net connect.facebook.net	166 KB
3	wp.com stats.wp.com pixel.wp.com i0.wp.com	10 KB
3	googleapis.com fonts.googleapis.com	3 KB
2	google-analytics.com www.google-analytics.com	507 B
2	ltimortgage.com ltimortgage.com	29 KB
1	youtube.com www.youtube.com
1	hotjar.io vc.hotjar.io	256 B
1	adroll.com s.adroll.com
1	googletagmanager.com www.googletagmanager.com	51 KB
1	moneymikemortgage.com 1 redirects www.ltimortgage.moneymikemortgage.com	412 B
66	15

	Domain	Requested by
26	h2p4v9q6.rocketcdn.me	ltimortgage.com
6	www.facebook.com	ltimortgage.com connect.facebook.net
6	fonts.gstatic.com	fonts.googleapis.com
4	cdn.userway.org	ltimortgage.com cdn.userway.org
3	connect.facebook.net	ltimortgage.com connect.facebook.net
3	fonts.googleapis.com	ltimortgage.com
2	www.google-analytics.com	www.googletagmanager.com
2	ltimortgage.com	h2p4v9q6.rocketcdn.me
1	www.youtube.com	h2p4v9q6.rocketcdn.me
1	ws6.hotjar.com	script.hotjar.com
1	vc.hotjar.io	script.hotjar.com
1	in.hotjar.com	script.hotjar.com
1	api.userway.org	cdn.userway.org
1	vars.hotjar.com	static.hotjar.com
1	i0.wp.com	ltimortgage.com
1	script.hotjar.com	static.hotjar.com
1	pixel.wp.com	ltimortgage.com
1	s.adroll.com	ltimortgage.com
1	static.hotjar.com	ltimortgage.com
1	stats.wp.com	ltimortgage.com
1	www.googletagmanager.com	ltimortgage.com
1	www.ltimortgage.moneymikemortgage.com	1 redirects
66	22

This site contains links to these domains. Also see Links.

Domain
1906838.my1003app.com
smarturl.it
www.nmlsconsumeraccess.org
www.sml.texas.gov

Subject Issuer	Validity	Valid
www.ltimortgage.moneymikemortgage.com R3	`2021-01-11` - `2021-04-11`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.rocketcdn.me Let's Encrypt Authority X3	`2020-10-24` - `2021-01-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-12-22` - `2021-03-21`	3 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
*.adroll.com DigiCert SHA2 Secure Server CA	`2020-01-29` - `2021-04-29`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
cdn.userway.org Sectigo RSA Domain Validation Secure Server CA	`2021-01-05` - `2022-01-05`	a year	crt.sh
api.userway.org Amazon	`2020-12-02` - `2021-12-31`	a year	crt.sh
*.hotjar.io Amazon	`2020-09-15` - `2021-10-15`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://ltimortgage.com/
Frame ID: B375E0CA81D78EB72C4BF8FC8388739A
Requests: 65 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: AE7251E811DB49312570CBA618C63B41
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v4.0/plugins/customerchat.php?app_id=173595519873924&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df38719992bfa12%26domain%3Dltimortgage.com%26origin%3Dhttps%253A%252F%252Fltimortgage.com%252Ff2666b84869052%26relation%3Dparent.parent&container_width=0&locale=en_US&logged_in_greeting=Hello!%20How%20can%20i%20help%20you%3F&logged_out_greeting=Hello!%20How%20can%20i%20help%20you%3F&page_id=105990741010056&ref=websiteplugin&request_time=1610336269993&sdk=joey
Frame ID: A78640BF84035630E76EA76801EFBA96
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/M6OKbHwK-m4?rel=1&modestbranding=0&controls=1&showinfo=1&autoplay=1&fs=1&wmode=transparent&mute=1
Frame ID: 148EC383665FA32C3014976ADA82F969
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v4.0/plugins/customer_chat/bubble
Frame ID: 1C41330096D3E280067C287E12E1786B
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v4.0/plugins/customer_chat/bubble
Frame ID: 7C875956E5AD3A934D6F28B20D0E7ACD
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v4.0/plugins/customer_chat/bubble
Frame ID: 4439ABE93F7E8E424BC274718CFAD324
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.ltimortgage.moneymikemortgage.com/ HTTP 301
https://ltimortgage.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /(?:a|s)\.adroll\.com/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

66
Requests

98 %
HTTPS

43 %
IPv6

15
Domains

22
Subdomains

22
IPs

4
Countries

897 kB
Transfer

3318 kB
Size

10
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://1906838.my1003app.com/
Title: Apply Online Now!

Search URL Search Domain Scan URL

URL: http://smarturl.it/moneymikemortgage
Title: Get Started Now!

Search URL Search Domain Scan URL

URL: http://www.nmlsconsumeraccess.org/
Title: Consumer Access Portal

Search URL Search Domain Scan URL

URL: https://www.sml.texas.gov/ConsumerInformation/tdsml_consumer_complaints.html
Title: Disclosure For Texas Consumers

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.ltimortgage.moneymikemortgage.com/ HTTP 301
https://ltimortgage.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

66 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
ltimortgage.com/
Redirect Chain

https://www.ltimortgage.moneymikemortgage.com/
https://ltimortgage.com/

128 KB
28 KB

674ms
214ms

Document
text/html

159.89.144.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://ltimortgage.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.144.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: sfo01.dnspool.net
Software: Apache /
Resource Hash: 7181f20cd8327e77b4b1be84886abdcdec9dc9da5fa3e6b3aa3a18d7557f478d

Request headers

Host: ltimortgage.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 11 Jan 2021 03:37:45 GMT
Server: Apache
Last-Modified: Mon, 11 Jan 2021 00:58:58 GMT
Cache-Control: max-age=0
Expires: Mon, 11 Jan 2021 03:37:45 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 28295
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Mon, 11 Jan 2021 03:37:44 GMT
Server: Apache
X-Pingback: https://ltimortgage.com/xmlrpc.php
X-Redirect-By: WordPress
Location: https://ltimortgage.com/
Cache-Control: max-age=0
Expires: Mon, 11 Jan 2021 03:37:44 GMT
Vary: User-Agent,Accept-Encoding
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 css
fonts.googleapis.com/ 37 KB
2 KB 21ms
17ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7CLiterata%3A400%2C400i%2C600%2C600i%2C700%2C700i%7CMuli%3A400%2C400i%2C800%2C800i%2C700%2C700i%2C500%2C500i%2C600%2C300%2C200%2C900%7CSource%20Sans%20Pro%3A400%2C600&subset=latin&display=swap

Requested by

Host: ltimortgage.com
URL: https://ltimortgage.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e687cc180fc18e85f16ace72c608fe23e75c30c92456979c73beb7c8072cc895

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 11 Jan 2021 03:37:45 GMT
server: ESF
date: Mon, 11 Jan 2021 03:37:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Jan 2021 03:37:45 GMT

GET
H2 200 base-b0717b53f6bc7fddf4d0b4d18f676357.css
h2p4v9q6.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/thrive-visual-editor/landing-page/templates/css/ 700 B
675 B 91ms
29ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://h2p4v9q6.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/thrive-visual-editor/landing-page/templates/css/base-b0717b53f6bc7fddf4d0b4d18f676357.css
Requested by: Host: ltimortgage.com
URL: https://ltimortgage.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: Apache / RocketCDN
Resource Hash: 452756306e2828de7e34cd35e4f027b82043d592cf06437b4892448f117d7493

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 03:37:46 GMT
content-encoding: gzip
etag: "1608207450"
last-modified: Thu, 17 Dec 2020 12:17:30 GMT
server: Apache
x-powered-by: RocketCDN
vary: Accept-Encoding
x-hw: 1610336265.cds064.lo4.hn,1610336266.cds088.lo4.c
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, public
accept-ranges: bytes
link: <https://ltimortgage.com/wp-content/cache/min/1/wp-content/plugins/thrive-visual-editor/landing-page/templates/css/base-b0717b53f6bc7fddf4d0b4d18f676357.css>; rel="canonical"
content-length: 317

GET
H2 200 style.min.css
h2p4v9q6.rocketcdn.me/wp-includes/css/dist/block-library/ 50 KB
8 KB 92ms
29ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://h2p4v9q6.rocketcdn.me/wp-includes/css/dist/block-library/style.min.css?ver=5.6
Requested by: Host: ltimortgage.com
URL: https://ltimortgage.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: imunify360-webshield/1.13 / RocketCDN
Resource Hash: 5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 03:37:46 GMT
content-encoding: gzip
etag: "1608246579"
last-modified: Thu, 17 Dec 2020 23:09:39 GMT
server: imunify360-webshield/1.13
x-powered-by: RocketCDN
vary: Accept-Encoding
x-hw: 1610336266.cds064.lo4.hn,1610336266.cds247.lo4.c
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, public
accept-ranges: bytes
link: <https://ltimortgage.com/wp-includes/css/dist/block-library/style.min.css>; rel="canonical"
content-length: 7855

GET
H2 200 thrive_flat.css
h2p4v9q6.rocketcdn.me/wp-content/plugins/thrive-visual-editor/editor/css/ 856 KB
85 KB 98ms
35ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://h2p4v9q6.rocketcdn.me/wp-content/plugins/thrive-visual-editor/editor/css/thrive_flat.css?ver=2.6.4
Requested by: Host: ltimortgage.com
URL: https://ltimortgage.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: imunify360-webshield/1.13 / RocketCDN
Resource Hash: 67449d4ab1fb4b59388ab2abdbe15c70dcd1fb0eafc62e02e36465558327fae2

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 03:37:46 GMT
content-encoding: gzip
etag: "1608247037"
last-modified: Thu, 17 Dec 2020 23:17:17 GMT
server: imunify360-webshield/1.13
x-powered-by: RocketCDN
vary: Accept-Encoding
x-hw: 1610336266.cds064.lo4.hn,1610336266.cds012.lo4.c
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, public
accept-ranges: bytes
link: <https://ltimortgage.com/wp-content/plugins/thrive-visual-editor/editor/css/thrive_flat.css>; rel="canonical"
content-length: 86514

GET
H2 200 landingpage-inner-frame-1574ba9ac99947c9e7a03cfa3d1e97c8.css
h2p4v9q6.rocketcdn.me/wp-content/cache/min/1/wp-content/themes/thrive-theme/inc/assets/dist/ 7 KB
2 KB 125ms
63ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://h2p4v9q6.rocketcdn.me/wp-content/cache/min/1/wp-content/themes/thrive-theme/inc/assets/dist/landingpage-inner-frame-1574ba9ac99947c9e7a03cfa3d1e97c8.css
Requested by: Host: ltimortgage.com
URL: https://ltimortgage.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: imunify360-webshield/1.13 / RocketCDN
Resource Hash: f5c60e8de53207159cde99aecb2a612c17257a23c7ebebac2a528dc061bff6f5

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 03:37:46 GMT
content-encoding: gzip
etag: "1608248752"
last-modified: Thu, 17 Dec 2020 23:45:52 GMT
server: imunify360-webshield/1.13
x-powered-by: RocketCDN
vary: Accept-Encoding
x-hw: 1610336266.cds064.lo4.hn,1610336266.cds245.lo4.c
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, public
accept-ranges: bytes
link: <https://ltimortgage.com/wp-content/cache/min/1/wp-content/themes/thrive-theme/inc/assets/dist/landingpage-inner-frame-1574ba9ac99947c9e7a03cfa3d1e97c8.css>; rel="canonical"
content-length: 1612

GET
H2 200 style-47b295fd0b8ef57da2b8b13d3fe9451c.css
h2p4v9q6.rocketcdn.me/wp-content/cache/min/1/wp-content/themes/thrive-theme/ 46 KB
10 KB 126ms
64ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://h2p4v9q6.rocketcdn.me/wp-content/cache/min/1/wp-content/themes/thrive-theme/style-47b295fd0b8ef57da2b8b13d3fe9451c.css
Requested by: Host: ltimortgage.com
URL: https://ltimortgage.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: imunify360-webshield/1.13 / RocketCDN
Resource Hash: 04bcf97ca1f9d643523156080f9a0a0db4858b368ea109866053bcca85d729d1

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 03:37:46 GMT
content-encoding: gzip
etag: "1608207450"
last-modified: Thu, 17 Dec 2020 12:17:30 GMT
server: imunify360-webshield/1.13
x-powered-by: RocketCDN
vary: Accept-Encoding
x-hw: 1610336266.cds064.lo4.hn,1610336266.cds221.lo4.c
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, public
accept-ranges: bytes
link: <https://ltimortgage.com/wp-content/cache/min/1/wp-content/themes/thrive-theme/style-47b295fd0b8ef57da2b8b13d3fe9451c.css>; rel="canonical"
content-length: 10075

GET
H2 200 app.min-0966b5d084b7fed786b1aba1cefae383.css
h2p4v9q6.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/wprequal/assets/css/ 233 KB
31 KB 2581ms
2520ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://h2p4v9q6.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/wprequal/assets/css/app.min-0966b5d084b7fed786b1aba1cefae383.css
Requested by: Host: ltimortgage.com
URL: https://ltimortgage.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: imunify360-webshield/1.13 / RocketCDN
Resource Hash: cdeff993c99c8155e9c975baf08e47aa36a7035ee5b27d97d5d40c69a4c3aa10

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 03:37:48 GMT
content-encoding: gzip
etag: "1608207451"
last-modified: Thu, 17 Dec 2020 12:17:31 GMT
server: imunify360-webshield/1.13
x-powered-by: RocketCDN
vary: Accept-Encoding
x-hw: 1610336266.cds064.lo4.hn,1610336266.cds272.lo4.sc,1610336268.cds272.lo4.pr
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, public
accept-ranges: bytes
link: <https://ltimortgage.com/wp-content/cache/min/1/wp-content/plugins/wprequal/assets/css/app.min-0966b5d084b7fed786b1aba1cefae383.css>; rel="canonical"
content-length: 31142

GET
H2 200 jetpack-4350a88f69eb3e1785cf92336b01e02b.css
h2p4v9q6.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/jetpack/css/ 75 KB
14 KB 127ms
65ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://h2p4v9q6.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/jetpack/css/jetpack-4350a88f69eb3e1785cf92336b01e02b.css
Requested by: Host: ltimortgage.com
URL: https://ltimortgage.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: imunify360-webshield/1.13 / RocketCDN
Resource Hash: 05880b53eeea634c70dc70bebc89f2fc96c15aadbc5f4cec85c6114a34788beb

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 03:37:46 GMT
content-encoding: gzip
etag: "1608207451"
last-modified: Thu, 17 Dec 2020 12:17:31 GMT
server: imunify360-webshield/1.13
x-powered-by: RocketCDN
vary: Accept-Encoding
x-hw: 1610336266.cds064.lo4.hn,1610336266.cds088.lo4.c
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, public
accept-ranges: bytes
link: <https://ltimortgage.com/wp-content/cache/min/1/wp-content/plugins/jetpack/css/jetpack-4350a88f69eb3e1785cf92336b01e02b.css>; rel="canonical"
content-length: 13693

GET
H2 200 jquery.min.js Show response
h2p4v9q6.rocketcdn.me/wp-includes/js/jquery/ 87 KB
30 KB 1149ms
1149ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://h2p4v9q6.rocketcdn.me/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: ltimortgage.com
URL: https://ltimortgage.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: imunify360-webshield/1.13 / RocketCDN
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 03:37:47 GMT
content-encoding: gzip
etag: "1608246597"
last-modified: Thu, 17 Dec 2020 23:09:57 GMT
server: imunify360-webshield/1.13
x-powered-by: RocketCDN
vary: Accept-Encoding
x-hw: 1610336266.cds064.lo4.hn,1610336266.cds222.lo4.sc,1610336267.cds222.lo4.p
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, public
accept-ranges: bytes
link: <https://ltimortgage.com/wp-includes/js/jquery/jquery.min.js>; rel="canonical"
content-length: 30916

GET
H2 200 jquery-migrate.min.js Show response
h2p4v9q6.rocketcdn.me/wp-includes/js/jquery/ 11 KB
4 KB 2544ms
2537ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://h2p4v9q6.rocketcdn.me/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: ltimortgage.com
URL: https://ltimortgage.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: imunify360-webshield/1.13 / RocketCDN
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 03:37:48 GMT
content-encoding: gzip
etag: "1608246595"
last-modified: Thu, 17 Dec 2020 23:09:55 GMT
server: imunify360-webshield/1.13
x-powered-by: RocketCDN
vary: Accept-Encoding
x-hw: 1610336266.cds064.lo4.hn,1610336266.cds077.lo4.sc,1610336268.cds077.lo4.p
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, public
accept-ranges: bytes
link: <https://ltimortgage.com/wp-includes/js/jquery/jquery-migrate.min.js>; rel="canonical"
content-length: 4169

GET
H2 200 app.min.js Show response
h2p4v9q6.rocketcdn.me/wp-content/plugins/wprequal/assets/js/ 103 KB
33 KB 35ms
28ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://h2p4v9q6.rocketcdn.me/wp-content/plugins/wprequal/assets/js/app.min.js?ver=7.8.3
Requested by: Host: ltimortgage.com
URL: https://ltimortgage.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: imunify360-webshield/1.13 / RocketCDN
Resource Hash: 7f34d5e178b4f77d194c2e5dfdb06b3c24ccce625e0bff545f40d04a9c86a662

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 03:37:46 GMT
content-encoding: gzip
etag: "1609095876"
last-modified: Sun, 27 Dec 2020 19:04:36 GMT
server: imunify360-webshield/1.13
x-powered-by: RocketCDN
vary: Accept-Encoding
x-hw: 1610336266.cds064.lo4.hn,1610336266.cds092.lo4.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, public
accept-ranges: bytes
link: <https://ltimortgage.com/wp-content/plugins/wprequal/assets/js/app.min.js>; rel="canonical"
content-length: 33879

GET
H2 200 moxie.min.js Show response
h2p4v9q6.rocketcdn.me/wp-includes/js/plupload/ 86 KB
27 KB 2460ms
2453ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://h2p4v9q6.rocketcdn.me/wp-includes/js/plupload/moxie.min.js?ver=1.3.5
Requested by: Host: ltimortgage.com
URL: https://ltimortgage.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: imunify360-webshield/1.13 / RocketCDN
Resource Hash: ea8f6fb79fa2083c0b68b0a618446767c7bdf2d6aafc07d54a1c80e06a838c1c

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 03:37:48 GMT
content-encoding: gzip
etag: "1570324750"
last-modified: Sun, 06 Oct 2019 01:19:10 GMT
server: imunify360-webshield/1.13
x-powered-by: RocketCDN
vary: Accept-Encoding
x-hw: 1610336266.cds064.lo4.hn,1610336266.cds076.lo4.sc,1610336268.cds076.lo4.p
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, public
accept-ranges: bytes
link: <https://ltimortgage.com/wp-includes/js/plupload/moxie.min.js>; rel="canonical"
content-length: 27675

GET
H2 200 plupload.min.js Show response
h2p4v9q6.rocketcdn.me/wp-includes/js/plupload/ 15 KB
6 KB 38ms
32ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://h2p4v9q6.rocketcdn.me/wp-includes/js/plupload/plupload.min.js?ver=2.1.9
Requested by: Host: ltimortgage.com
URL: https://ltimortgage.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: imunify360-webshield/1.13 / RocketCDN
Resource Hash: 1985f2d29e27f6c8a54b740b8b384fab214215c090e16d6652295e4911db0fdd

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 03:37:46 GMT
content-encoding: gzip
etag: "1570324750"
last-modified: Sun, 06 Oct 2019 01:19:10 GMT
server: imunify360-webshield/1.13
x-powered-by: RocketCDN
vary: Accept-Encoding
x-hw: 1610336266.cds064.lo4.hn,1610336266.cds065.lo4.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, public
accept-ranges: bytes
link: <https://ltimortgage.com/wp-includes/js/plupload/plupload.min.js>; rel="canonical"
content-length: 5597

GET
H3-Q050 200 css
fonts.googleapis.com/ 2 KB
420 B 65ms
49ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,300&subset=latin

Requested by

Host: ltimortgage.com
URL: https://ltimortgage.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4c50acf54e17870e9a5ebe944f589ecc5e1d947426519c6a969ae9db93040c88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 11 Jan 2021 03:37:46 GMT
server: ESF
date: Mon, 11 Jan 2021 03:37:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Jan 2021 03:37:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 133 KB
51 KB 38ms
32ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NZTEEQBYB5

Requested by

Host: ltimortgage.com
URL: https://ltimortgage.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ae672f2a7ab7431398a1e32fa75c04a25629df1a3bef2d4fc5e8370865e63cae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 03:37:46 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52305
x-xss-protection: 0
expires: Mon, 11 Jan 2021 03:37:46 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ 4 KB
1 KB 62ms
48ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=latin

Requested by

Host: ltimortgage.com
URL: https://ltimortgage.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9c88bbf6795ced59fe226716a4b1221bdb548e874e2600e5eba42c35aac8e7fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 11 Jan 2021 03:37:46 GMT
server: ESF
date: Mon, 11 Jan 2021 03:37:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Jan 2021 03:37:46 GMT

GET
H2 200 style-e6f5a0b1e72d0999b1ca5a1b48008211.css
h2p4v9q6.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/userway-accessibility-widget/assets/ 184 B
340 B 27ms
27ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://h2p4v9q6.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/userway-accessibility-widget/assets/style-e6f5a0b1e72d0999b1ca5a1b48008211.css
Requested by: Host: ltimortgage.com
URL: https://ltimortgage.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: imunify360-webshield/1.13 / RocketCDN
Resource Hash: 0e87512d36ee77a7f6875f848ea516ef80ae5c385ab90aa66e2f17ea5114fa27

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 03:37:46 GMT
content-encoding: gzip
etag: "1608207451"
last-modified: Thu, 17 Dec 2020 12:17:31 GMT
server: imunify360-webshield/1.13
x-powered-by: RocketCDN
vary: Accept-Encoding
x-hw: 1610336266.cds064.lo4.hn,1610336266.cds242.lo4.c
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, public
accept-ranges: bytes
link: <https://ltimortgage.com/wp-content/cache/min/1/wp-content/plugins/userway-accessibility-widget/assets/style-e6f5a0b1e72d0999b1ca5a1b48008211.css>; rel="canonical"
content-length: 125

GET
H2 200 photon.min.js Show response
h2p4v9q6.rocketcdn.me/wp-content/plugins/jetpack/_inc/build/photon/ 758 B
605 B 41ms
35ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://h2p4v9q6.rocketcdn.me/wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001
Requested by: Host: ltimortgage.com
URL: https://ltimortgage.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: imunify360-webshield/1.13 / RocketCDN
Resource Hash: e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 03:37:46 GMT
content-encoding: gzip
etag: "1608247008"
last-modified: Thu, 17 Dec 2020 23:16:48 GMT
server: imunify360-webshield/1.13
x-powered-by: RocketCDN
vary: Accept-Encoding
x-hw: 1610336266.cds064.lo4.hn,1610336266.cds272.lo4.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, public
accept-ranges: bytes
link: <https://ltimortgage.com/wp-content/plugins/jetpack/_inc/build/photon/photon.min.js>; rel="canonical"
content-length: 421

GET
H2 200 imagesloaded.min.js Show response
h2p4v9q6.rocketcdn.me/wp-includes/js/ 5 KB
2 KB 3636ms
3630ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://h2p4v9q6.rocketcdn.me/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by: Host: ltimortgage.com
URL: https://ltimortgage.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: imunify360-webshield/1.13 / RocketCDN
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 03:37:49 GMT
content-encoding: gzip
etag: "1608246601"
last-modified: Thu, 17 Dec 2020 23:10:01 GMT
server: imunify360-webshield/1.13
x-powered-by: RocketCDN
vary: Accept-Encoding
x-hw: 1610336266.cds064.lo4.hn,1610336266.cds204.lo4.sc,1610336269.cds204.lo4.p
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, public
accept-ranges: bytes
link: <https://ltimortgage.com/wp-includes/js/imagesloaded.min.js>; rel="canonical"
content-length: 1834

GET
H2 200 masonry.min.js Show response
h2p4v9q6.rocketcdn.me/wp-includes/js/ 24 KB
7 KB 44ms
39ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://h2p4v9q6.rocketcdn.me/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by: Host: ltimortgage.com
URL: https://ltimortgage.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: imunify360-webshield/1.13 / RocketCDN
Resource Hash: e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 03:37:46 GMT
content-encoding: gzip
etag: "1608246601"
last-modified: Thu, 17 Dec 2020 23:10:01 GMT
server: imunify360-webshield/1.13
x-powered-by: RocketCDN
vary: Accept-Encoding
x-hw: 1610336266.cds064.lo4.hn,1610336266.cds275.lo4.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, public
accept-ranges: bytes
link: <https://ltimortgage.com/wp-includes/js/masonry.min.js>; rel="canonical"
content-length: 7382

GET
H2 200 jquery.masonry.min.js Show response
h2p4v9q6.rocketcdn.me/wp-includes/js/jquery/ 2 KB
893 B 44ms
39ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://h2p4v9q6.rocketcdn.me/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
Requested by: Host: ltimortgage.com
URL: https://ltimortgage.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: imunify360-webshield/1.13 / RocketCDN
Resource Hash: c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 03:37:46 GMT
content-encoding: gzip
etag: "1471566330"
last-modified: Fri, 19 Aug 2016 00:25:30 GMT
server: imunify360-webshield/1.13
x-powered-by: RocketCDN
vary: Accept-Encoding
x-hw: 1610336266.cds064.lo4.hn,1610336266.cds064.lo4.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, public
accept-ranges: bytes
link: <https://ltimortgage.com/wp-includes/js/jquery/jquery.masonry.min.js>; rel="canonical"
content-length: 716

GET
H2 200 frontend.min.js Show response
h2p4v9q6.rocketcdn.me/wp-content/plugins/thrive-visual-editor/editor/js/dist/ 217 KB
63 KB 3638ms
3633ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://h2p4v9q6.rocketcdn.me/wp-content/plugins/thrive-visual-editor/editor/js/dist/frontend.min.js?ver=2.6.4
Requested by: Host: ltimortgage.com
URL: https://ltimortgage.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: imunify360-webshield/1.13 / RocketCDN
Resource Hash: ba08cf5b71555b3c8bfad8c8633cb0020917db77503b88a832db0ff6a9b4986a

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 03:37:49 GMT
content-encoding: gzip
last-modified: Thu, 17 Dec 2020 23:17:17 GMT
server: imunify360-webshield/1.13
x-powered-by: RocketCDN
etag: "1608247037"
vary: Accept-Encoding
x-hw: 1610336266.cds064.lo4.hn,1610336266.cds216.lo4.sc,1610336269.cds216.lo4.p
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, public
accept-ranges: bytes
link: <https://ltimortgage.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/frontend.min.js>; rel="canonical"

GET
H2 200 frontend.min.js Show response
h2p4v9q6.rocketcdn.me/wp-content/themes/thrive-theme/thrive-dashboard/js/dist/ 3 KB
1 KB 50ms
45ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://h2p4v9q6.rocketcdn.me/wp-content/themes/thrive-theme/thrive-dashboard/js/dist/frontend.min.js?ver=2.3.6
Requested by: Host: ltimortgage.com
URL: https://ltimortgage.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: imunify360-webshield/1.13 / RocketCDN
Resource Hash: 9a8d4f55a83aa4e1f884930f204914da68bd3f34cb4a66b8337b032f2ebabafc

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 03:37:46 GMT
content-encoding: gzip
etag: "1608247472"
last-modified: Thu, 17 Dec 2020 23:24:32 GMT
server: imunify360-webshield/1.13
x-powered-by: RocketCDN
vary: Accept-Encoding
x-hw: 1610336266.cds064.lo4.hn,1610336266.cds071.lo4.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, public
accept-ranges: bytes
link: <https://ltimortgage.com/wp-content/themes/thrive-theme/thrive-dashboard/js/dist/frontend.min.js>; rel="canonical"
content-length: 1291

GET
H2 200 core.min.js Show response
h2p4v9q6.rocketcdn.me/wp-includes/js/jquery/ui/ 20 KB
7 KB 50ms
46ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://h2p4v9q6.rocketcdn.me/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
Requested by: Host: ltimortgage.com
URL: https://ltimortgage.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: imunify360-webshield/1.13 / RocketCDN
Resource Hash: c1c5a298e367fc64f4e974ad8e2a7661b1c0d958e506558d706ecd3fa9640cdc

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 03:37:46 GMT
content-encoding: gzip
etag: "1608246595"
last-modified: Thu, 17 Dec 2020 23:09:55 GMT
server: imunify360-webshield/1.13
x-powered-by: RocketCDN
vary: Accept-Encoding
x-hw: 1610336266.cds064.lo4.hn,1610336266.cds006.lo4.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, public
accept-ranges: bytes
link: <https://ltimortgage.com/wp-includes/js/jquery/ui/core.min.js>; rel="canonical"
content-length: 6909

GET
H2 200 mouse.min.js Show response
h2p4v9q6.rocketcdn.me/wp-includes/js/jquery/ui/ 3 KB
1 KB 55ms
51ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://h2p4v9q6.rocketcdn.me/wp-includes/js/jquery/ui/mouse.min.js?ver=1.12.1
Requested by: Host: ltimortgage.com
URL: https://ltimortgage.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: imunify360-webshield/1.13 / RocketCDN
Resource Hash: e03137e01bf318c26ba8d99f00ea79d8d8a764d1b1c829afe2dc4b65d6036817

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 03:37:46 GMT
content-encoding: gzip
etag: "1608246595"
last-modified: Thu, 17 Dec 2020 23:09:55 GMT
server: imunify360-webshield/1.13
x-powered-by: RocketCDN
vary: Accept-Encoding
x-hw: 1610336266.cds064.lo4.hn,1610336266.cds089.lo4.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, public
accept-ranges: bytes
link: <https://ltimortgage.com/wp-includes/js/jquery/ui/mouse.min.js>; rel="canonical"
content-length: 1071

GET
H2 200 resizable.min.js Show response
h2p4v9q6.rocketcdn.me/wp-includes/js/jquery/ui/ 18 KB
5 KB 56ms
51ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://h2p4v9q6.rocketcdn.me/wp-includes/js/jquery/ui/resizable.min.js?ver=1.12.1
Requested by: Host: ltimortgage.com
URL: https://ltimortgage.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: imunify360-webshield/1.13 / RocketCDN
Resource Hash: d6fbcec2c73d33b9d2ac8f68a91f731483f6c17edeecf6022f62e1997b14f6f3

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 03:37:46 GMT
content-encoding: gzip
etag: "1608246595"
last-modified: Thu, 17 Dec 2020 23:09:55 GMT
server: imunify360-webshield/1.13
x-powered-by: RocketCDN
vary: Accept-Encoding
x-hw: 1610336266.cds064.lo4.hn,1610336266.cds041.lo4.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, public
accept-ranges: bytes
link: <https://ltimortgage.com/wp-includes/js/jquery/ui/resizable.min.js>; rel="canonical"
content-length: 5293

GET
H2 200 frontend.min.js Show response
h2p4v9q6.rocketcdn.me/wp-content/themes/thrive-theme/inc/assets/dist/ 33 KB
10 KB 57ms
53ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://h2p4v9q6.rocketcdn.me/wp-content/themes/thrive-theme/inc/assets/dist/frontend.min.js?ver=1.9
Requested by: Host: ltimortgage.com
URL: https://ltimortgage.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: imunify360-webshield/1.13 / RocketCDN
Resource Hash: f540758de2e104efe1aca999b3d75a8989868f3e32ac3886c7d1ebfc62e16bf5

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 03:37:46 GMT
content-encoding: gzip
etag: "1608247463"
last-modified: Thu, 17 Dec 2020 23:24:23 GMT
server: imunify360-webshield/1.13
x-powered-by: RocketCDN
vary: Accept-Encoding
x-hw: 1610336266.cds064.lo4.hn,1610336266.cds070.lo4.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, public
accept-ranges: bytes
link: <https://ltimortgage.com/wp-content/themes/thrive-theme/inc/assets/dist/frontend.min.js>; rel="canonical"
content-length: 9647

GET
H2 200 e-202102.js Show response
stats.wp.com/ 9 KB
3 KB 56ms
15ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202102.js
Requested by: Host: ltimortgage.com
URL: https://ltimortgage.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams
date: Mon, 11 Jan 2021 03:37:46 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Sun, 02 Jan 2022 23:03:56 GMT

GET
H2 200 lazyload.min.js Show response
h2p4v9q6.rocketcdn.me/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ 8 KB
3 KB 57ms
53ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://h2p4v9q6.rocketcdn.me/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
Requested by: Host: ltimortgage.com
URL: https://ltimortgage.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: imunify360-webshield/1.13 / RocketCDN
Resource Hash: 6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 03:37:46 GMT
content-encoding: gzip
etag: "1608247085"
last-modified: Thu, 17 Dec 2020 23:18:05 GMT
server: imunify360-webshield/1.13
x-powered-by: RocketCDN
vary: Accept-Encoding
x-hw: 1610336266.cds064.lo4.hn,1610336266.cds272.lo4.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, public
accept-ranges: bytes
link: <https://ltimortgage.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js>; rel="canonical"
content-length: 2704

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 90 KB
23 KB 10ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ltimortgage.com
URL: https://ltimortgage.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a8755954660f9bef43d2dc61d725f022a3115b81ae76a6af093ab18cfdfa5de7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23366
x-fb-rlafr: 0
pragma: public
x-fb-debug: hs4NTE4w1R24XPQyCe5LyJMN+u8e63L1anwh2MBnkrgIUgo3UDpTlRGYGfk7Jddl47WBduhOwL2rRoQgOMgzRQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 11 Jan 2021 03:37:46 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hotjar-1719862.js Show response
static.hotjar.com/c/ 3 KB
2 KB 101ms
51ms Script
application/javascript 13.224.194.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1719862.js?sv=6

Requested by

Host: ltimortgage.com
URL: https://ltimortgage.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.32 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-32.fra2.r.cloudfront.net

Software

Resource Hash

f8ebb2ae45bc13d0cefa89bdc447739ffb76d5ca2ec5a43286cbd1bc0cae797f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 03:37:46 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA2-C1
etag: W/6deda4257abe2f85b22e53b811ebe7dd
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-cache-hit: 1
content-length: 1546
via: 1.1 c3b74c81fdcb7942211a6c721efa13fd.cloudfront.net (CloudFront)
x-amz-cf-id: KGGvZ-gOoVgJmfeZXwSYApk_VWtYU1qPNG-cA-xtg3_sQkWcpz8FLg==

GET
H/1.1 403
Forbidden roundtrip.js
s.adroll.com/j/W3NJI7GSJVDCHKSE3SGAG7https://h2p4v9q6.rocketcdn.me/ 0
0 732ms
684ms Script
application/xml 2.18.233.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/W3NJI7GSJVDCHKSE3SGAG7https://h2p4v9q6.rocketcdn.me/roundtrip.js
Requested by: Host: ltimortgage.com
URL: https://ltimortgage.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7afe72766f094d15ca29ce8ca821d2451e5f2003dd69969ac1889fcac932a03

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2e2080e992d38f7ae5fb64a3de576ddee20d795d6bd6faa0f45f0b84f4fe094

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7386aad4c22ce930ab59252ee045f6f9f0ebc86899b3f9b50b7cc9a4179b98b7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c0fa0b75a3d7a693d5f29f30faf02dca5ab35a9f9b515408c285aed9fc01c15

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 LTI-Mortgage-House.jpg
h2p4v9q6.rocketcdn.me/wp-content/uploads/2020/01/ 96 KB
96 KB 41ms
41ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h2p4v9q6.rocketcdn.me/wp-content/uploads/2020/01/LTI-Mortgage-House.jpg
Requested by: Host: ltimortgage.com
URL: https://ltimortgage.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: imunify360-webshield/1.13 / RocketCDN
Resource Hash: e5548dbd2bd36467ae88c82b5db4ef69126aedaec56d7ae216879f9719d6d64c

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 03:37:46 GMT
etag: "1591532610"
last-modified: Sun, 07 Jun 2020 12:23:30 GMT
server: imunify360-webshield/1.13
x-powered-by: RocketCDN
vary: Accept-Encoding
x-hw: 1610336266.cds064.lo4.hn,1610336266.cds007.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=10368000, public, public
accept-ranges: bytes
link: <https://ltimortgage.com/wp-content/uploads/2020/01/LTI-Mortgage-House.jpg>; rel="canonical"
content-length: 98009

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 8ms
5ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,300&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ltimortgage.com
Referer: https://fonts.googleapis.com/css?family=Lato:400,700,300&subset=latin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 11:59:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:25 GMT
server: sffe
age: 315488
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14176
x-xss-protection: 0
expires: Fri, 07 Jan 2022 11:59:38 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 15ms
13ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ltimortgage.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=latin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 17:46:29 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:27 GMT
server: sffe
age: 381077
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Thu, 06 Jan 2022 17:46:29 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 13ms
12ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ltimortgage.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=latin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 20:12:17 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 285929
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Fri, 07 Jan 2022 20:12:17 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 12ms
11ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,300&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ltimortgage.com
Referer: https://fonts.googleapis.com/css?family=Lato:400,700,300&subset=latin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 07:00:49 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:14 GMT
server: sffe
age: 506217
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13912
x-xss-protection: 0
expires: Wed, 05 Jan 2022 07:00:49 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,300&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ltimortgage.com
Referer: https://fonts.googleapis.com/css?family=Lato:400,700,300&subset=latin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 08:34:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:59 GMT
server: sffe
age: 241420
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14044
x-xss-protection: 0
expires: Sat, 08 Jan 2022 08:34:06 GMT

GET
H2 200 7Auwp_0qiz-afTLGLQjUwkQ.woff2
fonts.gstatic.com/s/muli/v22/ 24 KB
24 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v22/7Auwp_0qiz-afTLGLQjUwkQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7CLiterata%3A400%2C400i%2C600%2C600i%2C700%2C700i%7CMuli%3A400%2C400i%2C800%2C800i%2C700%2C700i%2C500%2C500i%2C600%2C300%2C200%2C900%7CSource%20Sans%20Pro%3A400%2C600&subset=latin&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a71c8749cc0bb450f96766d4cab3b2b9c4d5a9b30c3683f3a5863d8d2ed9c9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ltimortgage.com
Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7CLiterata%3A400%2C400i%2C600%2C600i%2C700%2C700i%7CMuli%3A400%2C400i%2C800%2C800i%2C700%2C700i%2C500%2C500i%2C600%2C300%2C200%2C900%7CSource%20Sans%20Pro%3A400%2C600&subset=latin&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 20:05:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 15 Jul 2020 20:49:47 GMT
server: sffe
age: 286312
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24884
x-xss-protection: 0
expires: Fri, 07 Jan 2022 20:05:54 GMT

GET
H2 200 widget.js Show response
cdn.userway.org/ 1 KB
996 B 89ms
28ms Script
application/javascript 2a02:6ea0:c700::4
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widget.js
Requested by: Host: ltimortgage.com
URL: https://ltimortgage.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 , Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 68c3c8b85b9a9e41a23cd57f934a89b41114e423b1f65055458e54ba401bb5e7

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 03:37:46 GMT
via: 1.1 2f0580a0593ad9d3fb82aee9226d8179.cloudfront.net (CloudFront)
x-77-nzt-ray: WWhI1t5Yv7U=
age: 2927
x-edge-pop: frankfurtDE
x-cache: HIT
x-age: 1494
content-encoding: br
x-77-nzt: AcO1rzUcaR7v1gUAAA==
last-modified: Wed, 06 Jan 2021 19:18:49 GMT
server: CDN77-Turbo
etag: W/"83f6d300419ba4e3189d57439d589187"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public
x-edge-ip: 195.181.175.53
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: dhniE4NMkJQKrasnbuJ7D6akCT16ZLqZkbcei1KkQPCD1Sv7R_8g0g==

GET
H2 200 xfbml.customerchat.js Show response
connect.facebook.net/en_US/sdk/ 254 KB
74 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js

Requested by

Host: ltimortgage.com
URL: https://ltimortgage.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b174fedc44e9fae2d879ce05a4b6472df38d176ed6dc854f730ee892b5f341fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: b4dxkH9lcGbXmckOA/UqeA==
cross-origin-resource-policy: cross-origin
expires: Mon, 11 Jan 2021 03:49:34 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 75348
x-fb-rlafr: 0
x-fb-debug: J9GGBLRK9EiI0z8Fs6AtIqqdW/Br09nKCJQIQkJxT5ZU8QEIVgTxi2z6zJ3XvnyREM7exnE9rBTdH+8kWARHsg==
x-fb-trip-id: 686109401
x-fb-content-md5: 6d9ab9f95d0e747cbaf9a654f598d491
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 11 Jan 2021 03:37:46 GMT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "b72448032f564995921077060d5ac65e"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 741022162757979 Show response
connect.facebook.net/signals/config/ 241 KB
69 KB 229ms
228ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/741022162757979?v=2.9.32&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

220d4d0826ac45bed66261491eec7a6ba425086495b73971298b2a5e6cd8a750

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: ZiDYlEemNJyVvxNx2qbIsagNDK/+8jCGfZXhac7+9ITVS4maSfZJchxQAq81r9B+ADVIRwTF9ithRtKFuG9g/w==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 11 Jan 2021 03:37:46 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 1622305024
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
92 B 15ms
14ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A9.2.1&blog=177993964&post=2&tz=0&srv=ltimortgage.com&host=ltimortgage.com&ref=&fcp=2587&rand=0.9604206885012048
Requested by: Host: ltimortgage.com
URL: https://ltimortgage.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 03:37:46 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 modules.9a7681f2864b86bb700a.js Show response
script.hotjar.com/ 223 KB
59 KB 74ms
26ms Script
application/javascript 13.224.194.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.9a7681f2864b86bb700a.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1719862.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.56 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-56.fra2.r.cloudfront.net

Software

Resource Hash

98cda42abefd73a296ddf0d07c8d34838e45a104bbc3fec3a5d06e6e3baf0793

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 15:21:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 217001
x-cache: Hit from cloudfront
content-length: 59766
access-control-allow-origin: *
last-modified: Fri, 08 Jan 2021 15:19:16 GMT
etag: "f5ea4f1b6e11ea553c87c5ce99d0ca9d"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: We2yEITA35UWYd3exvcLvWD4PuGKYIj7fD4O1ZzEp5IIJiDOJiZImQ==

POST
H2 204 collect
www.google-analytics.com/g/ 0
170 B 13ms
12ms Other
text/plain 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-NZTEEQBYB5&gtm=2oebu0&_p=614882876&sr=1600x1200&ul=en-us&cid=1635737163.1610336266&_s=1&dl=https%3A%2F%2Fltimortgage.com%2F&dr=&dt=Home%20-%20LTI%20MORTGAGE&sid=1610336266&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NZTEEQBYB5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 11 Jan 2021 03:37:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ltimortgage.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 LTI-Logo-Small.png
h2p4v9q6.rocketcdn.me/wp-content/uploads/2020/01/ 20 KB
20 KB 895ms
894ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h2p4v9q6.rocketcdn.me/wp-content/uploads/2020/01/LTI-Logo-Small.png
Requested by: Host: ltimortgage.com
URL: https://ltimortgage.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: imunify360-webshield/1.13 / RocketCDN
Resource Hash: fea9b92cba153acc98a950935ac8af1751b038d286c3a700481ea79bbfccf373

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 03:37:47 GMT
last-modified: Sun, 07 Jun 2020 12:23:41 GMT
server: imunify360-webshield/1.13
x-powered-by: RocketCDN
etag: "1591532621"
vary: Accept-Encoding
x-hw: 1610336266.cds064.lo4.hn,1610336266.cds220.lo4.sc,1610336267.cds220.lo4.p
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=10368000, public, public
accept-ranges: bytes
link: <https://ltimortgage.com/wp-content/uploads/2020/01/LTI-Logo-Small.png>; rel="canonical"
content-length: 20086

GET
H2 200 Youtube_Thumbnail.png
i0.wp.com/ltimortgage.com/wp-content/uploads/2020/06/ 7 KB
7 KB 76ms
39ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/ltimortgage.com/wp-content/uploads/2020/06/Youtube_Thumbnail.png?resize=350%2C199&ssl=1

Requested by

Host: ltimortgage.com
URL: https://ltimortgage.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

489a4ad119ce65b76bc19d603109717d88c6be4907acbeb21283916299771a35

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: MISS ams 6
date: Mon, 11 Jan 2021 03:37:46 GMT
x-content-type-options: nosniff
last-modified: Mon, 11 Jan 2021 03:37:46 GMT
server: nginx
etag: "4296a36729349dfd"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
link: <https://ltimortgage.com/wp-content/uploads/2020/06/Youtube_Thumbnail.png>; rel="canonical"
content-length: 7028
expires: Wed, 11 Jan 2023 15:37:46 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 22ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=173595519873924&ev=fb_page_view&dl=https%3A%2F%2Fltimortgage.com%2F&rl=&if=false&ts=1610336266330&sw=1600&sh=1200&at=

Requested by

Host: ltimortgage.com
URL: https://ltimortgage.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 03:37:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 11 Jan 2021 03:37:46 GMT

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame AE72 0
0 69ms
21ms Document
text/html 13.224.194.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1719862.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.11 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-11.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ltimortgage.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ltimortgage.com/

Response headers

content-type: text/html
content-length: 851
date: Mon, 23 Nov 2020 17:01:03 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified: Mon, 23 Nov 2020 15:41:01 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 9Nkm7VZE1g8C1ujy9o1OiFUtWCytu25_uueCrT5CcnMah7hW2qIVpA==
age: 4185403

GET
H2 200 widget_app_base_1609960689039.js Show response
cdn.userway.org/widgetapp/2021-01-06/ 78 KB
21 KB 32ms
32ms Script
application/javascript 2a02:6ea0:c700::4
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2021-01-06/widget_app_base_1609960689039.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 , Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7dfd98ca06ddf7c02cda8f5bfe36d9dc64fc71dfc291bc371f36cd6832cce12d

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 03:37:46 GMT
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
x-77-nzt-ray: HM0bWK+3P2k=
age: 215
x-edge-pop: frankfurtDE
x-cache: HIT
x-age: 375204
content-encoding: br
x-77-nzt: AcO1rzWgrxHvpLkFAA==
last-modified: Wed, 06 Jan 2021 19:18:48 GMT
server: CDN77-Turbo
etag: W/"58c6289c36e40e72d96fe34157b0fd4e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000, public
x-edge-ip: 195.181.175.53
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 0j-q-A34_M2VbhhUB9RAnKbtBzfo7GKsKcMZVPdoSEnb6wFBhoFe9A==

POST
H2 200 cQuNmWex76 Show response
api.userway.org/api/tunings/ 447 B
650 B 553ms
183ms XHR
application/json 44.239.124.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/cQuNmWex76
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2021-01-06/widget_app_base_1609960689039.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.239.124.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-239-124-210.us-west-2.compute.amazonaws.com
Software: _ / Express
Resource Hash: 9ec284c037c34b3a2e8dd2e6f5c4e4cbf2f5cf22262f7fd7ae6b0374a5790d2d

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 11 Jan 2021 03:37:46 GMT
content-encoding: gzip
etag: W/"1bf-CGe0VH2HtlLFHLsi+TZRbluK9oA"
server: _
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0
access-control-allow-headers: Authorization,Origin,X-Requested-With,Content-Type,Accept,Cache-Control,If-Modified-Since,Pragma,X-Auth-Language,X-Auth-Token,X-Spl-Token
expires: Mon, 11 Jan 2021 03:37:46 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1719862/ 178 B
321 B 108ms
40ms XHR
application/json 52.18.148.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1719862/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.9a7681f2864b86bb700a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.148.102 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 11 Jan 2021 03:37:46 GMT
content-encoding: br
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json

GET
H2 204 1719862 Show response
vc.hotjar.io/sessions/ 0
256 B 94ms
47ms XHR
text/plain 13.225.80.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/1719862?s=0.25&r=0.1078120847000048
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.9a7681f2864b86bb700a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.80.5 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-80-5.fra2.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 03:37:46 GMT
via: 1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: jGzhoj3SCM9atRQi-Wf2DPPUu3WSfvlUGntqCdDlLwRKbbupnKGIgQ==

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=741022162757979&ev=PageView&dl=https%3A%2F%2Fltimortgage.com%2F&rl=&if=false&ts=1610336266521&sw=1600&sh=1200&v=2.9.32&r=stable&ec=0&o=30&fbp=fb.1.1610336266520.443228200&it=1610336266265&coo=false&rqm=GET

Requested by

Host: ltimortgage.com
URL: https://ltimortgage.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 03:37:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 11 Jan 2021 03:37:46 GMT

POST
H/1.1 200
OK content Show response
ws6.hotjar.com/api/v2/sites/1719862/recordings/ 69 B
394 B 185ms
81ms XHR
application/json 52.208.238.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws6.hotjar.com/api/v2/sites/1719862/recordings/content
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.9a7681f2864b86bb700a.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.238.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 72e40d60120eda4b87489e73479475347865aec0a3322e3261041a86381d2848

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

Date: Mon, 11 Jan 2021 03:37:46 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked

POST
H2 200 /
www.facebook.com/tr/ 0
106 B 7ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarymu0OHVelywPCRn6G

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 11 Jan 2021 03:37:47 GMT
content-type: text/plain
access-control-allow-origin: https://ltimortgage.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 wheel_left_wh.svg
cdn.userway.org/widgetapp/images/ 935 B
899 B 29ms
28ms Image
image/svg+xml 2a02:6ea0:c700::4
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/wheel_left_wh.svg
Requested by: Host: ltimortgage.com
URL: https://ltimortgage.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 , Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 00cd608f9c6b99a47846bd152d76b976c269088c660b53bc6c6e1c252c394aa0

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 03:37:47 GMT
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-77-nzt-ray: mk/56YiLhtY=
age: 58753
x-edge-pop: frankfurtDE
x-cache: HIT
x-age: 471231
content-encoding: br
x-77-nzt: AcO1rzVYdsbvvzAHAA==
last-modified: Tue, 22 Dec 2020 21:22:23 GMT
server: CDN77-Turbo
etag: W/"9f8663d43c09deecb6876f09ecc4a6ec"
content-type: image/svg+xml
cache-control: max-age=2592000, public
x-edge-ip: 195.181.175.53
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: bPAPwFLO1XV3OZ5kRhFW4C2wgmiottqmhScEu92jVLKo70phgM9EOA==

GET
H2 200 spin_wh.svg
cdn.userway.org/widgetapp/images/ 2 KB
951 B 29ms
29ms Image
image/svg+xml 2a02:6ea0:c700::4
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_wh.svg
Requested by: Host: ltimortgage.com
URL: https://ltimortgage.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 , Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 03:37:47 GMT
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
x-77-nzt-ray: hJ8rlNMFwZc=
age: 53370
x-edge-pop: frankfurtDE
x-cache: HIT
x-age: 473584
content-encoding: br
x-77-nzt: AcO1rzX9xNrv8DkHAA==
last-modified: Tue, 22 Dec 2020 21:22:23 GMT
server: CDN77-Turbo
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000, public
x-edge-ip: 195.181.175.53
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: t3OJ6UI-AvcpV0sMzyAnKZfD-lN99NYNUHkSIwL34UaMCIcLNhUsnQ==

GET
H/1.1 200
OK / Show response
ltimortgage.com/wp-json/wprequal/7.8.3/nonce/ 12 B
664 B 1142ms
1141ms XHR
application/json 159.89.144.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://ltimortgage.com/wp-json/wprequal/7.8.3/nonce/

Requested by

Host: h2p4v9q6.rocketcdn.me
URL: https://h2p4v9q6.rocketcdn.me/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

159.89.144.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

sfo01.dnspool.net

Software

Apache /

Resource Hash

6e29ac9066379674fd7c75711024f956d31371f4b0fc3fe1488cd74b9c16653d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://ltimortgage.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 11 Jan 2021 03:37:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Link: <https://ltimortgage.com/wp-json/>; rel="https://api.w.org/"
Connection: Keep-Alive
Vary: Origin,Accept-Encoding,User-Agent
Content-Length: 32
Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
Server: Apache
Allow: GET
Content-Type: application/json; charset=UTF-8
Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link
Cache-Control: max-age=0
X-Robots-Tag: noindex
Keep-Alive: timeout=5, max=99
Expires: Mon, 11 Jan 2021 03:37:48 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2437ddf45aa84303d14cc4569941c1ae58e8accca92216349c1332794015c6f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 customerchat.php
www.facebook.com/v4.0/plugins/ Frame A786 0
0 122ms
122ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v4.0/plugins/customerchat.php?app_id=173595519873924&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df38719992bfa12%26domain%3Dltimortgage.com%26origin%3Dhttps%253A%252F%252Fltimortgage.com%252Ff2666b84869052%26relation%3Dparent.parent&container_width=0&locale=en_US&logged_in_greeting=Hello!%20How%20can%20i%20help%20you%3F&logged_out_greeting=Hello!%20How%20can%20i%20help%20you%3F&page_id=105990741010056&ref=websiteplugin&request_time=1610336269993&sdk=joey

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests; frame-ancestors https://ltimortgage.com;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v4.0/plugins/customerchat.php?app_id=173595519873924&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df38719992bfa12%26domain%3Dltimortgage.com%26origin%3Dhttps%253A%252F%252Fltimortgage.com%252Ff2666b84869052%26relation%3Dparent.parent&container_width=0&locale=en_US&logged_in_greeting=Hello!%20How%20can%20i%20help%20you%3F&logged_out_greeting=Hello!%20How%20can%20i%20help%20you%3F&page_id=105990741010056&ref=websiteplugin&request_time=1610336269993&sdk=joey
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ltimortgage.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: fr=0jSkCcJVTLcZnuYdg..Bf-8gK...1.0.Bf-8gK.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ltimortgage.com/

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests; frame-ancestors https://ltimortgage.com;
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-encoding: br
facebook-api-version: v4.0
x-content-type-options: nosniff
vary: Accept-Encoding
pragma: no-cache
x-fb-rlafr: 0
content-type: text/html; charset="utf-8"
x-fb-debug: 5AaTkhlV6AxCze4P/GwNQ7Nfjjo5JKaiq8XNmDgw/RJiERdMFvSRCJ8JDKcYUuscddT5kw/2IBOrbTbsqoPsVg==
date: Mon, 11 Jan 2021 03:37:50 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 M6OKbHwK-m4
www.youtube.com/embed/ Frame 148E 0
0 98ms
97ms Document
text/html 2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/M6OKbHwK-m4?rel=1&modestbranding=0&controls=1&showinfo=1&autoplay=1&fs=1&wmode=transparent&mute=1

Requested by

Host: h2p4v9q6.rocketcdn.me
URL: https://h2p4v9q6.rocketcdn.me/wp-content/plugins/thrive-visual-editor/editor/js/dist/frontend.min.js?ver=2.6.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/M6OKbHwK-m4?rel=1&modestbranding=0&controls=1&showinfo=1&autoplay=1&fs=1&wmode=transparent&mute=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ltimortgage.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ltimortgage.com/

Response headers

strict-transport-security: max-age=31536000
expires: Tue, 27 Apr 1971 19:44:06 GMT
content-encoding: br
cache-control: no-cache
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-length: 20717
date: Mon, 11 Jan 2021 03:37:50 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=jR5AzPsB5OM; path=/; domain=.youtube.com; secure; expires=Sat, 10-Jul-2021 03:37:50 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=jR5AzPsB5OM; path=/; domain=.youtube.com; secure; expires=Sat, 10-Jul-2021 03:37:50 GMT; httponly; samesite=None YSC=V_6EgtO5aSw; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Mon, 11-Jan-2021 04:07:50 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 bubble
www.facebook.com/v4.0/plugins/customer_chat/ Frame 1C41 0
0 40ms
39ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v4.0/plugins/customer_chat/bubble

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v4.0/plugins/customer_chat/bubble
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ltimortgage.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: fr=0jSkCcJVTLcZnuYdg..Bf-8gK...1.0.Bf-8gK.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ltimortgage.com/

Response headers

x-fb-rlafr: 0
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection: 0
content-encoding: br
strict-transport-security: max-age=15552000; preload
facebook-api-version: v4.0
x-content-type-options: nosniff
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
pragma: no-cache
content-type: text/html; charset="utf-8"
x-fb-debug: jQgJk8uychXOwBi38PKJ0kZsYe6C6jUrMqXXZ2yFdVHqNdsjTbPdAp7qpxVNRDIdvqxKheqn0RDiv8gKFoQeEw==
date: Mon, 11 Jan 2021 03:37:50 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET bubble
www.facebook.com/v4.0/plugins/customer_chat/ Frame 7C87 0
0

GET
H2 200 bubble
www.facebook.com/v4.0/plugins/customer_chat/ Frame 4439 0
0 39ms
38ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v4.0/plugins/customer_chat/bubble

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v4.0/plugins/customer_chat/bubble
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ltimortgage.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: fr=0jSkCcJVTLcZnuYdg..Bf-8gK...1.0.Bf-8gK.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ltimortgage.com/

Response headers

x-fb-rlafr: 0
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection: 0
content-encoding: br
strict-transport-security: max-age=15552000; preload
facebook-api-version: v4.0
x-content-type-options: nosniff
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
pragma: no-cache
content-type: text/html; charset="utf-8"
x-fb-debug: W+ohoYep7p1nnFTggK3PNbRSCWssgyJDTDZsELjHl+w2Vb3fLPKWJaenYXHwyNx45jV4ygveeRMHY3ZjHjwkmw==
date: Mon, 11 Jan 2021 03:37:50 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

POST
H3-Q050 204 collect
www.google-analytics.com/g/ 0
337 B 67ms
13ms Other
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-NZTEEQBYB5&gtm=2oebu0&_p=614882876&sr=1600x1200&ul=en-us&cid=1635737163.1610336266&_s=2&dl=https%3A%2F%2Fltimortgage.com%2F&dr=&dt=Home%20-%20LTI%20MORTGAGE&sid=1610336266&sct=1&seg=0&en=optimize.callback&_et=111&ep.callback=function(e%2Ct%2Cn)%7Bhj.log.debug(%22Experiment%20with%20ID%3A%20%22.concat(t%2C%22%20is%20on%20variant%3A%20%22).concat(e)%2C%22integrations.google_optimize%22)%2Chj.event.signal(%22exp.go%22%2C%7BexperimentId%3At%2CvariantId%3Ae%2CcontainerId%3An%7D)%7D
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NZTEEQBYB5
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ltimortgage.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 11 Jan 2021 03:37:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ltimortgage.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.facebook.com
URL: https://www.facebook.com/v4.0/plugins/customer_chat/bubble

Verdicts & Comments Add Verdict or Comment

116 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.facebook.com/	1970-01-19 17:28:32	Name: fr Value: 0jSkCcJVTLcZnuYdg..Bf-8gK...1.0.Bf-8gK.
.youtube.com/	1970-01-19 19:38:08	Name: VISITOR_INFO1_LIVE Value: jR5AzPsB5OM
.ltimortgage.com/	1970-01-19 17:28:32	Name: _fbp Value: fb.1.1610336266520.443228200
.ltimortgage.com/	1970-01-19 15:18:58	Name: _hjAbsoluteSessionInProgress Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: V_6EgtO5aSw
ltimortgage.com/	1970-01-19 15:18:56	Name: _hjIncludedInPageviewSample Value: 1
.ltimortgage.com/	1970-01-20 08:50:08	Name: _ga Value: GA1.1.1635737163.1610336266
.ltimortgage.com/	1970-01-19 15:18:58	Name: _hjFirstSeen Value: 1
.ltimortgage.com/	1970-01-20 00:04:32	Name: _hjid Value: d6868229-4b71-4e05-a910-7a73d628e994
.ltimortgage.com/	1970-01-20 08:50:08	Name: _ga_NZTEEQBYB5 Value: GS1.1.1610336266.1.0.1610336266.0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.userway.org/widget.js(Line 1) Message: Loading for: https://ltimortgage.com
console-api	log	URL: https://h2p4v9q6.rocketcdn.me/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.userway.org
cdn.userway.org
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
h2p4v9q6.rocketcdn.me
i0.wp.com
in.hotjar.com
ltimortgage.com
pixel.wp.com
s.adroll.com
script.hotjar.com
static.hotjar.com
stats.wp.com
vars.hotjar.com
vc.hotjar.io
ws6.hotjar.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.ltimortgage.moneymikemortgage.com
www.youtube.com
www.facebook.com
13.224.194.11
13.224.194.32
13.224.194.56
13.225.80.5
151.139.128.11
159.89.144.60
192.0.76.3
192.0.77.2
2.18.233.40
2a00:1450:4001:802::2008
2a00:1450:4001:803::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:815::2003
2a00:1450:4001:816::200e
2a00:1450:4001:81f::200e
2a02:6ea0:c700::4
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
44.239.124.210
52.18.148.102
52.208.238.241
00cd608f9c6b99a47846bd152d76b976c269088c660b53bc6c6e1c252c394aa0
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
04bcf97ca1f9d643523156080f9a0a0db4858b368ea109866053bcca85d729d1
05880b53eeea634c70dc70bebc89f2fc96c15aadbc5f4cec85c6114a34788beb
0e87512d36ee77a7f6875f848ea516ef80ae5c385ab90aa66e2f17ea5114fa27
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1985f2d29e27f6c8a54b740b8b384fab214215c090e16d6652295e4911db0fdd
1c0fa0b75a3d7a693d5f29f30faf02dca5ab35a9f9b515408c285aed9fc01c15
220d4d0826ac45bed66261491eec7a6ba425086495b73971298b2a5e6cd8a750
452756306e2828de7e34cd35e4f027b82043d592cf06437b4892448f117d7493
489a4ad119ce65b76bc19d603109717d88c6be4907acbeb21283916299771a35
4c50acf54e17870e9a5ebe944f589ecc5e1d947426519c6a969ae9db93040c88
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd
67449d4ab1fb4b59388ab2abdbe15c70dcd1fb0eafc62e02e36465558327fae2
68c3c8b85b9a9e41a23cd57f934a89b41114e423b1f65055458e54ba401bb5e7
6e29ac9066379674fd7c75711024f956d31371f4b0fc3fe1488cd74b9c16653d
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38
7181f20cd8327e77b4b1be84886abdcdec9dc9da5fa3e6b3aa3a18d7557f478d
72e40d60120eda4b87489e73479475347865aec0a3322e3261041a86381d2848
7386aad4c22ce930ab59252ee045f6f9f0ebc86899b3f9b50b7cc9a4179b98b7
7dfd98ca06ddf7c02cda8f5bfe36d9dc64fc71dfc291bc371f36cd6832cce12d
7f34d5e178b4f77d194c2e5dfdb06b3c24ccce625e0bff545f40d04a9c86a662
8a71c8749cc0bb450f96766d4cab3b2b9c4d5a9b30c3683f3a5863d8d2ed9c9a
98cda42abefd73a296ddf0d07c8d34838e45a104bbc3fec3a5d06e6e3baf0793
9a8d4f55a83aa4e1f884930f204914da68bd3f34cb4a66b8337b032f2ebabafc
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
9c88bbf6795ced59fe226716a4b1221bdb548e874e2600e5eba42c35aac8e7fb
9ec284c037c34b3a2e8dd2e6f5c4e4cbf2f5cf22262f7fd7ae6b0374a5790d2d
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a8755954660f9bef43d2dc61d725f022a3115b81ae76a6af093ab18cfdfa5de7
ae672f2a7ab7431398a1e32fa75c04a25629df1a3bef2d4fc5e8370865e63cae
b174fedc44e9fae2d879ce05a4b6472df38d176ed6dc854f730ee892b5f341fc
ba08cf5b71555b3c8bfad8c8633cb0020917db77503b88a832db0ff6a9b4986a
c1c5a298e367fc64f4e974ad8e2a7661b1c0d958e506558d706ecd3fa9640cdc
c2e2080e992d38f7ae5fb64a3de576ddee20d795d6bd6faa0f45f0b84f4fe094
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
cdeff993c99c8155e9c975baf08e47aa36a7035ee5b27d97d5d40c69a4c3aa10
d2437ddf45aa84303d14cc4569941c1ae58e8accca92216349c1332794015c6f
d6fbcec2c73d33b9d2ac8f68a91f731483f6c17edeecf6022f62e1997b14f6f3
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e03137e01bf318c26ba8d99f00ea79d8d8a764d1b1c829afe2dc4b65d6036817
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5548dbd2bd36467ae88c82b5db4ef69126aedaec56d7ae216879f9719d6d64c
e687cc180fc18e85f16ace72c608fe23e75c30c92456979c73beb7c8072cc895
e7afe72766f094d15ca29ce8ca821d2451e5f2003dd69969ac1889fcac932a03
ea8f6fb79fa2083c0b68b0a618446767c7bdf2d6aafc07d54a1c80e06a838c1c
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f540758de2e104efe1aca999b3d75a8989868f3e32ac3886c7d1ebfc62e16bf5
f5c60e8de53207159cde99aecb2a612c17257a23c7ebebac2a528dc061bff6f5
f8ebb2ae45bc13d0cefa89bdc447739ffb76d5ca2ec5a43286cbd1bc0cae797f
fea9b92cba153acc98a950935ac8af1751b038d286c3a700481ea79bbfccf373
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

ltimortgage.com Open in urlscan Pro 159.89.144.60 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

66 Requests

98 %HTTPS

43 %IPv6

15 Domains

22 Subdomains

22 IPs

4 Countries

897 kBTransfer

3318 kBSize

10 Cookies

4 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ltimortgage.com Open in urlscan Pro
159.89.144.60 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

98 %
HTTPS

43 %
IPv6

15
Domains

22
Subdomains

22
IPs

4
Countries

897 kB
Transfer

3318 kB
Size

10
Cookies

66 HTTP transactions
5 data transactions