quotes.harpmortgagequiz.com Open in urlscan Pro
2606:4700:30::681b:9aec Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://reficonnectonline.com/
Effective URL:
https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&r...
Submission: On November 01 via manual (November 1st 2018, 11:41:24 pm UTC) from US

Summary HTTP 44 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 18 domains to perform 44 HTTP transactions. The main IP is 2606:4700:30::681b:9aec, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is quotes.harpmortgagequiz.com.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on October 24th 2018. Valid for: 6 months.

This is the only time quotes.harpmortgagequiz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	192.64.119.75 192.64.119.75	22612 (NAMECHEAP...) (NAMECHEAP-NET - Namecheap)
1 1	100.24.199.52 100.24.199.52	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 10	2606:4700:30:... 2606:4700:30::681b:9aec	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2a00:1450:400... 2a00:1450:4001:816::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.222.163.58 52.222.163.58	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
3	34.197.139.110 34.197.139.110	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	2a04:4e42:400... 2a04:4e42:400::729	54113 (FASTLY) (FASTLY - Fastly)
1	2606:4700:20:... 2606:4700:20::6819:6274	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1288:7c:... 2a00:1288:7c:800::4000	43428 (YAHOO-ULS) (YAHOO-ULS)
1	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
3	188.125.66.33 188.125.66.33	34010 (YAHOO-IRD) (YAHOO-IRD)
1	216.58.208.34 216.58.208.34	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:814::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:81d::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	52.222.163.174 52.222.163.174	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
44	18

1 192.64.119.75 (Los Angeles, United States) 1 redirects

ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US)

reficonnectonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 100.24.199.52 (United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-100-24-199-52.compute-1.amazonaws.com

clkwiz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:30::681b:9aec (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

quotes.harpmortgagequiz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:816::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.163.58 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-163-58.fra54.r.cloudfront.net

d1tprjo2w7krrh.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.197.139.110 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-197-139-110.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::729 (European Union)

ASN54113 (FASTLY - Fastly, US)

cdn.ravenjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::6819:6274 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

j.wizdmd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:7c:800::4000 (United Kingdom)

ASN43428 (YAHOO-ULS, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.125.66.33 (Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.208.34 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s12-in-f34.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.163.174 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-163-174.fra54.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	harpmortgagequiz.com 1 redirects quotes.harpmortgagequiz.com	175 KB
6	googleapis.com fonts.googleapis.com ajax.googleapis.com	73 KB
5	facebook.com www.facebook.com	1 KB
4	facebook.net connect.facebook.net	110 KB
3	yahoo.com sp.analytics.yahoo.com	639 B
3	leadid.com create.leadid.com	2 KB
2	google.de www.google.de	218 B
2	google.com www.google.com	218 B
2	doubleclick.net googleads.g.doubleclick.net	2 KB
2	cloudfront.net d1tprjo2w7krrh.cloudfront.net d2m2wsoho8qq12.cloudfront.net	123 KB
1	googleadservices.com www.googleadservices.com	9 KB
1	googletagmanager.com www.googletagmanager.com	31 KB
1	yimg.com s.yimg.com	4 KB
1	wizdmd.com j.wizdmd.com	4 KB
1	ravenjs.com cdn.ravenjs.com	11 KB
1	gstatic.com fonts.gstatic.com	14 KB
1	clkwiz.com 1 redirects clkwiz.com	749 B
1	reficonnectonline.com 1 redirects reficonnectonline.com	270 B
44	18

	Domain	Requested by
10	quotes.harpmortgagequiz.com	1 redirects quotes.harpmortgagequiz.com
5	www.facebook.com	quotes.harpmortgagequiz.com
5	ajax.googleapis.com	quotes.harpmortgagequiz.com
4	connect.facebook.net	quotes.harpmortgagequiz.com connect.facebook.net
3	sp.analytics.yahoo.com	s.yimg.com
3	create.leadid.com	d1tprjo2w7krrh.cloudfront.net
2	www.google.de	quotes.harpmortgagequiz.com
2	www.google.com	quotes.harpmortgagequiz.com
2	googleads.g.doubleclick.net	www.googleadservices.com
1	d2m2wsoho8qq12.cloudfront.net	d1tprjo2w7krrh.cloudfront.net
1	www.googleadservices.com	www.googletagmanager.com
1	www.googletagmanager.com	quotes.harpmortgagequiz.com
1	s.yimg.com	quotes.harpmortgagequiz.com
1	j.wizdmd.com	quotes.harpmortgagequiz.com
1	cdn.ravenjs.com	quotes.harpmortgagequiz.com
1	fonts.gstatic.com	quotes.harpmortgagequiz.com
1	d1tprjo2w7krrh.cloudfront.net	quotes.harpmortgagequiz.com
1	fonts.googleapis.com	quotes.harpmortgagequiz.com
1	clkwiz.com	1 redirects
1	reficonnectonline.com	1 redirects
44	20

This site contains links to these domains. Also see Links.

Domain
www.nmlsconsumeraccess.org
www.unsubdepot.com

Subject Issuer	Validity	Valid
sni181659.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-10-24` - `2019-05-02`	6 months	crt.sh
*.googleapis.com Google Internet Authority G3	`2018-10-16` - `2019-01-08`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2018-10-08` - `2019-10-09`	a year	crt.sh
*.google.com Google Internet Authority G3	`2018-10-16` - `2019-01-08`	3 months	crt.sh
create.leadid.com Amazon	`2018-02-16` - `2019-03-16`	a year	crt.sh
osff.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2018-10-11` - `2019-02-24`	4 months	crt.sh
ssl373843.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-10-13` - `2019-04-21`	6 months	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2018-11-01` - `2018-12-07`	a month	crt.sh
*.google-analytics.com Google Internet Authority G3	`2018-10-16` - `2019-01-08`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2017-12-15` - `2019-03-22`	a year	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2018-06-08` - `2018-12-05`	6 months	crt.sh
www.googleadservices.com Google Internet Authority G3	`2018-10-16` - `2019-01-08`	3 months	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2018-10-16` - `2019-01-08`	3 months	crt.sh
www.google.com Google Internet Authority G3	`2018-10-16` - `2019-01-08`	3 months	crt.sh
www.google.de Google Internet Authority G3	`2018-10-16` - `2019-01-08`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
Frame ID: E46009ACE2B12433562A07484E31F845
Requests: 41 HTTP requests in this frame

Frame: https://quotes.harpmortgagequiz.com/shared/retargeting-pixels.php
Frame ID: 2859AC9CAD63E6AE785BDDA39DC87B72
Requests: 2 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=EE7EA396-4E69-9091-B993-CABC84B1B8C4&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.5.2&lck=60BA34E7-404B-BF0F-E894-1ED18AEDAB8A&lac=E20AD3B7-6097-09C7-A141-7C62B502FA7E
Frame ID: 1A0985DD3804D60D228952733C67F554
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://reficonnectonline.com/ HTTP 302
https://clkwiz.com/?E=T5xD92Bag6OdQkXF%2fjVP6w%3d%3d&s1=redirect HTTP 302
https://quotes.harpmortgagequiz.com/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY HTTP 302
https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=386907... Page URL

Detected technologies

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

env /^angular$/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^google_tag_manager$/i

YUI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^YAHOO$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

44
Requests

100 %
HTTPS

65 %
IPv6

18
Domains

20
Subdomains

18
IPs

4
Countries

560 kB
Transfer

1398 kB
Size

3
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.nmlsconsumeraccess.org/
Title: http://www.nmlsconsumeraccess.org

Search URL Search Domain Scan URL

URL: http://www.unsubdepot.com/?offer=HRQ
Title: please click on this link

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://reficonnectonline.com/ HTTP 302
https://clkwiz.com/?E=T5xD92Bag6OdQkXF%2fjVP6w%3d%3d&s1=redirect HTTP 302
https://quotes.harpmortgagequiz.com/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY HTTP 302
https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/
Redirect Chain

http://reficonnectonline.com/
https://clkwiz.com/?E=T5xD92Bag6OdQkXF%2fjVP6w%3d%3d&s1=redirect
https://quotes.harpmortgagequiz.com/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY
https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311

5 KB
2 KB

250ms
250ms

Document
text/html

2606:4700:30::681b:9aec
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681b:9aec , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 202926bab33dbfcf59e2c98afb1da5dbf5ff02c660a4d7d1c6fbb07c1bbb88fa

Request headers

:method: GET
:authority: quotes.harpmortgagequiz.com
:scheme: https
:path: /fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate
cookie: __cfduid=d5fe524063e833fad5ec1803b93bf3daa1541115672; inParams=%7B%22tpl%22%3A%22381%22%2C%22offer%22%3A%22913%22%2C%22affid%22%3A%22901%22%2C%22mediacid%22%3A%224230%22%2C%22r%22%3A%2238690717%22%2C%22sub_id%22%3A%22redirect%22%2C%22region%22%3A%22BY%22%7D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Thu, 01 Nov 2018 23:41:13 GMT
content-type: text/html
last-modified: Tue, 23 Oct 2018 01:41:11 GMT
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 473235fdcf1f9720-FRA
content-encoding: gzip

Redirect headers

status: 302
date: Thu, 01 Nov 2018 23:41:13 GMT
content-type: text/html
set-cookie: __cfduid=d5fe524063e833fad5ec1803b93bf3daa1541115672; expires=Fri, 01-Nov-19 23:41:12 GMT; path=/; domain=.harpmortgagequiz.com; HttpOnly inParams=%7B%22tpl%22%3A%22381%22%2C%22offer%22%3A%22913%22%2C%22affid%22%3A%22901%22%2C%22mediacid%22%3A%224230%22%2C%22r%22%3A%2238690717%22%2C%22sub_id%22%3A%22redirect%22%2C%22region%22%3A%22BY%22%7D; expires=Sun, 31-Mar-2019 23:41:13 GMT; Max-Age=12960000; path=/
location: /fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 473235fbce7d9720-FRA

GET
S 200 css
fonts.googleapis.com/ 1 KB
532 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:81c::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700

Requested by

Host: quotes.harpmortgagequiz.com
URL: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81c::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

c9eae62b3360e08098ef3472d2b9cf64ccd7f530549f12e9c3b026d81ed7a35c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
last-modified: Thu, 01 Nov 2018 23:41:13 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Thu, 01 Nov 2018 23:41:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection: 1; mode=block
expires: Thu, 01 Nov 2018 23:41:13 GMT

GET
H2 200 vendor.542aeb51.css
quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/styles/ 4 KB
1 KB 261ms
260ms Stylesheet
text/css 2606:4700:30::681b:9aec
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/styles/vendor.542aeb51.css
Requested by: Host: quotes.harpmortgagequiz.com
URL: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681b:9aec , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc11d33335d193d868a6e8cd72b4a56c0fb69d7ea978085eef1b9cb670ca8b44

Request headers

:path: /fv3/harpmortgagequiz/381/styles/vendor.542aeb51.css
pragma: no-cache
cookie: __cfduid=d5fe524063e833fad5ec1803b93bf3daa1541115672; inParams=%7B%22tpl%22%3A%22381%22%2C%22offer%22%3A%22913%22%2C%22affid%22%3A%22901%22%2C%22mediacid%22%3A%224230%22%2C%22r%22%3A%2238690717%22%2C%22sub_id%22%3A%22redirect%22%2C%22region%22%3A%22BY%22%7D
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: quotes.harpmortgagequiz.com
referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
:scheme: https
:method: GET
Referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 01 Nov 2018 23:41:13 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Tue, 23 Oct 2018 01:41:13 GMT
server: cloudflare
etag: "ee6-578db770b74da-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 473235ff6fa19720-FRA
content-length: 1126
expires: Fri, 02 Nov 2018 03:41:13 GMT

GET
H2 200 main.9b620eaa.css
quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/styles/ 123 KB
23 KB 395ms
394ms Stylesheet
text/css 2606:4700:30::681b:9aec
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/styles/main.9b620eaa.css
Requested by: Host: quotes.harpmortgagequiz.com
URL: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681b:9aec , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2afb69ea8c1f6d3b23b5a0cc0015fbe472fe2b6e26f0d86f51ea00760052d46

Request headers

:path: /fv3/harpmortgagequiz/381/styles/main.9b620eaa.css
pragma: no-cache
cookie: __cfduid=d5fe524063e833fad5ec1803b93bf3daa1541115672; inParams=%7B%22tpl%22%3A%22381%22%2C%22offer%22%3A%22913%22%2C%22affid%22%3A%22901%22%2C%22mediacid%22%3A%224230%22%2C%22r%22%3A%2238690717%22%2C%22sub_id%22%3A%22redirect%22%2C%22region%22%3A%22BY%22%7D
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: quotes.harpmortgagequiz.com
referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
:scheme: https
:method: GET
Referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 01 Nov 2018 23:41:13 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Tue, 23 Oct 2018 01:41:13 GMT
server: cloudflare
etag: "1ed9b-578db7705b81d-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 473235ff6fa29720-FRA
content-length: 23466
expires: Fri, 02 Nov 2018 03:41:13 GMT

GET
H2 200 logo.bb42ae35.png
quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/images/ 3 KB
3 KB 260ms
258ms Image
image/png 2606:4700:30::681b:9aec
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/images/logo.bb42ae35.png
Requested by: Host: quotes.harpmortgagequiz.com
URL: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681b:9aec , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 725ab55f9193267f010cac301616d46ab182d43f5b22cd7b500dde6a533407c8

Request headers

:path: /fv3/harpmortgagequiz/381/images/logo.bb42ae35.png
pragma: no-cache
cookie: __cfduid=d5fe524063e833fad5ec1803b93bf3daa1541115672; inParams=%7B%22tpl%22%3A%22381%22%2C%22offer%22%3A%22913%22%2C%22affid%22%3A%22901%22%2C%22mediacid%22%3A%224230%22%2C%22r%22%3A%2238690717%22%2C%22sub_id%22%3A%22redirect%22%2C%22region%22%3A%22BY%22%7D
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: quotes.harpmortgagequiz.com
referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
:scheme: https
:method: GET
Referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 01 Nov 2018 23:41:13 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 23 Oct 2018 01:41:10 GMT
server: cloudflare
etag: "c4a-578db76d91a53"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 473235ff6fa59720-FRA
content-length: 3146
expires: Fri, 02 Nov 2018 03:41:13 GMT

GET
H2 200 norton-seal-large.b7b6e34b.png
quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/images/ 7 KB
7 KB 262ms
260ms Image
image/png 2606:4700:30::681b:9aec
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/images/norton-seal-large.b7b6e34b.png
Requested by: Host: quotes.harpmortgagequiz.com
URL: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681b:9aec , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff04d2319de79c63445b27e306c1198fd57d8332149af1581ca50faa80b48b0f

Request headers

:path: /fv3/harpmortgagequiz/381/images/norton-seal-large.b7b6e34b.png
pragma: no-cache
cookie: __cfduid=d5fe524063e833fad5ec1803b93bf3daa1541115672; inParams=%7B%22tpl%22%3A%22381%22%2C%22offer%22%3A%22913%22%2C%22affid%22%3A%22901%22%2C%22mediacid%22%3A%224230%22%2C%22r%22%3A%2238690717%22%2C%22sub_id%22%3A%22redirect%22%2C%22region%22%3A%22BY%22%7D
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: quotes.harpmortgagequiz.com
referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
:scheme: https
:method: GET
Referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 01 Nov 2018 23:41:13 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 23 Oct 2018 01:41:10 GMT
server: cloudflare
etag: "1b51-578db76dc3732"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 473235ff6fa69720-FRA
content-length: 6993
expires: Fri, 02 Nov 2018 03:41:13 GMT

GET
S 200 angular.min.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.6.1/ 162 KB
57 KB 36ms
5ms Script
text/javascript 2a00:1450:4001:816::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.6.1/angular.min.js

Requested by

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:816::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

dd2acb8cf7913dad687ccdbcd2bf8e31c52325928b5891ebe9246d46eddd45bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 02 Oct 2018 06:26:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2654105
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 58281
x-xss-protection: 1; mode=block
last-modified: Sat, 24 Dec 2016 11:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Oct 2019 06:26:08 GMT

GET
S 200 angular-animate.min.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.6.1/ 25 KB
9 KB 47ms
17ms Script
text/javascript 2a00:1450:4001:816::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.6.1/angular-animate.min.js

Requested by

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:816::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d1ca6cec7c2083970e64b8ebf23fda096a6c8f19a7ea8af306f7d2b0a67dd50a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 02 Oct 2018 06:44:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2652995
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 9275
x-xss-protection: 1; mode=block
last-modified: Sat, 24 Dec 2016 11:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Oct 2019 06:44:38 GMT

GET
S 200 angular-resource.min.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.6.1/ 4 KB
2 KB 49ms
19ms Script
text/javascript 2a00:1450:4001:816::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.6.1/angular-resource.min.js

Requested by

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:816::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

53349b48a77d50ca3c13c30f9d3c7d3937d76229fac665470a798e3940d89faf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 31 Oct 2018 21:46:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93269
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 2239
x-xss-protection: 1; mode=block
last-modified: Sat, 24 Dec 2016 11:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Oct 2019 21:46:44 GMT

GET
S 200 angular-route.min.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.6.1/ 5 KB
3 KB 48ms
19ms Script
text/javascript 2a00:1450:4001:816::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.6.1/angular-route.min.js

Requested by

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:816::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

494b0dcb1f4aafdac7037b61af349e7dd4bcf37cf543464e2d73c5de9d93b7ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 31 Oct 2018 17:34:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 108388
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 2470
x-xss-protection: 1; mode=block
last-modified: Sat, 24 Dec 2016 11:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Oct 2019 17:34:45 GMT

GET
S 200 angular-cookies.min.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.6.1/ 1 KB
904 B 48ms
18ms Script
text/javascript 2a00:1450:4001:816::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.6.1/angular-cookies.min.js

Requested by

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:816::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4a1fb9dba6e52df0b92c11805b907ec144eeaeb33ec674985bb64e2d9e132e52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 02 Oct 2018 07:31:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2650156
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 810
x-xss-protection: 1; mode=block
last-modified: Sat, 24 Dec 2016 11:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Oct 2019 07:31:57 GMT

GET
H2 200 vendor.56557bb8.js Show response
quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/scripts/ 165 KB
51 KB 513ms
513ms Script
application/javascript 2606:4700:30::681b:9aec
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/scripts/vendor.56557bb8.js
Requested by: Host: quotes.harpmortgagequiz.com
URL: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681b:9aec , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 297046f74f24d1136cc26f5c440f6a11825087d7837cb81f87425315056e3604

Request headers

:path: /fv3/harpmortgagequiz/381/scripts/vendor.56557bb8.js
pragma: no-cache
cookie: __cfduid=d5fe524063e833fad5ec1803b93bf3daa1541115672; inParams=%7B%22tpl%22%3A%22381%22%2C%22offer%22%3A%22913%22%2C%22affid%22%3A%22901%22%2C%22mediacid%22%3A%224230%22%2C%22r%22%3A%2238690717%22%2C%22sub_id%22%3A%22redirect%22%2C%22region%22%3A%22BY%22%7D
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: quotes.harpmortgagequiz.com
referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
:scheme: https
:method: GET
Referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 01 Nov 2018 23:41:14 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Tue, 23 Oct 2018 01:41:12 GMT
server: cloudflare
etag: "294c6-578db76f18447-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 473235ff6fa79720-FRA
content-length: 52310
expires: Fri, 02 Nov 2018 03:41:13 GMT

GET
H2 200 scripts.b2980280.js Show response
quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/scripts/ 87 KB
20 KB 368ms
368ms Script
application/javascript 2606:4700:30::681b:9aec
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/scripts/scripts.b2980280.js
Requested by: Host: quotes.harpmortgagequiz.com
URL: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681b:9aec , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b50dc3cdab0b9b3224e0386d7f7792f85f488667538a9639573eb5072e5c9bc9

Request headers

:path: /fv3/harpmortgagequiz/381/scripts/scripts.b2980280.js
pragma: no-cache
cookie: __cfduid=d5fe524063e833fad5ec1803b93bf3daa1541115672; inParams=%7B%22tpl%22%3A%22381%22%2C%22offer%22%3A%22913%22%2C%22affid%22%3A%22901%22%2C%22mediacid%22%3A%224230%22%2C%22r%22%3A%2238690717%22%2C%22sub_id%22%3A%22redirect%22%2C%22region%22%3A%22BY%22%7D
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: quotes.harpmortgagequiz.com
referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
:scheme: https
:method: GET
Referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 01 Nov 2018 23:41:13 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Tue, 23 Oct 2018 01:41:12 GMT
server: cloudflare
etag: "15aef-578db76f8f683-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 473235ff6fa89720-FRA
content-length: 20003
expires: Fri, 02 Nov 2018 03:41:13 GMT

GET
H/1.1 200
OK 60ba34e7-404b-bf0f-e894-1ed18aedab8a.js Show response
d1tprjo2w7krrh.cloudfront.net/campaign/ 122 KB
123 KB 54ms
14ms Script
text/javascript 52.222.163.58
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1tprjo2w7krrh.cloudfront.net/campaign/60ba34e7-404b-bf0f-e894-1ed18aedab8a.js
Requested by: Host: quotes.harpmortgagequiz.com
URL: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.163.58 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-163-58.fra54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c6d8ee2af62bf093751480e3ea231517dba0eac7ae5e2548c75288c5146ec4a

Request headers

Referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 11 May 2018 08:59:00 GMT
Via: 1.1 b4b6d30e349cbed36f8141249dcef99f.cloudfront.net (CloudFront)
Last-Modified: Fri, 27 Apr 2018 14:22:01 GMT
Server: AmazonS3
Age: 1231
ETag: "e7aec075d53826dfbc21173d1e5ac61c"
X-Cache: Hit from cloudfront
x-amz-version-id: 8oeQ6qxVrd4.BTeHFvKqucdNP.a9JiX.
Cache-Control: max-age=1800
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 125400
X-Amz-Cf-Id: j5WO7odT3ZFUeS_sqTjqq71yhzkkwTEI5AFl8Uxx-MiNPyaNnHECew==

GET
H2 200 retargeting-pixels.php Show response
quotes.harpmortgagequiz.com/shared/ Frame 2859 13 KB
5 KB 140ms
140ms Document
text/html 2606:4700:30::681b:9aec
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://quotes.harpmortgagequiz.com/shared/retargeting-pixels.php
Requested by: Host: quotes.harpmortgagequiz.com
URL: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681b:9aec , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7793c1ba8bf11728deb11f8867a9d14767e5d25e4ced724214f61bf3ed86b7a6

Request headers

:method: GET
:authority: quotes.harpmortgagequiz.com
:scheme: https
:path: /shared/retargeting-pixels.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
accept-encoding: gzip, deflate
cookie: __cfduid=d5fe524063e833fad5ec1803b93bf3daa1541115672; inParams=%7B%22tpl%22%3A%22381%22%2C%22offer%22%3A%22913%22%2C%22affid%22%3A%22901%22%2C%22mediacid%22%3A%224230%22%2C%22r%22%3A%2238690717%22%2C%22sub_id%22%3A%22redirect%22%2C%22region%22%3A%22BY%22%7D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311

Response headers

status: 200
date: Thu, 01 Nov 2018 23:41:14 GMT
content-type: text/html
access-control-allow-origin: *
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4732360319449720-FRA
content-encoding: gzip

GET
S 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v14/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81c::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v14/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: quotes.harpmortgagequiz.com
URL: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/scripts/vendor.56557bb8.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81c::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

52726fb580d6bffc46615863ddbf4c319524b5a68fb484be2972bdad4fd0310d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:400,700
Origin: https://quotes.harpmortgagequiz.com

Response headers

date: Thu, 01 Nov 2018 18:03:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:23:20 GMT
server: sffe
age: 20263
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 13944
x-xss-protection: 1; mode=block
expires: Fri, 01 Nov 2019 18:03:31 GMT

GET
H2 200 fontawesome-webfont.woff2
quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/bower_components/fontawesome/fonts/ 63 KB
63 KB 24ms
24ms Font
application/octet-stream 2606:4700:30::681b:9aec
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/bower_components/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: quotes.harpmortgagequiz.com
URL: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/scripts/vendor.56557bb8.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681b:9aec , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Request headers

:path: /fv3/harpmortgagequiz/bower_components/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma: no-cache
cookie: __cfduid=d5fe524063e833fad5ec1803b93bf3daa1541115672; inParams=%7B%22tpl%22%3A%22381%22%2C%22offer%22%3A%22913%22%2C%22affid%22%3A%22901%22%2C%22mediacid%22%3A%224230%22%2C%22r%22%3A%2238690717%22%2C%22sub_id%22%3A%22redirect%22%2C%22region%22%3A%22BY%22%7D
origin: https://quotes.harpmortgagequiz.com
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: quotes.harpmortgagequiz.com
referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/styles/main.9b620eaa.css
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/styles/main.9b620eaa.css
Origin: https://quotes.harpmortgagequiz.com

Response headers

date: Thu, 01 Nov 2018 23:41:14 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Oct 2018 01:03:06 GMT
server: cloudflare
etag: "fbd0-577e98897ac1d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 4732360359699720-FRA
content-length: 64464
expires: Fri, 02 Nov 2018 03:41:14 GMT

POST
H/1.1 200
OK GenerateToken Show response
create.leadid.com/2.5.2/ 36 B
850 B 472ms
145ms XHR
text/plain 34.197.139.110
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.5.2/GenerateToken?msn=1&pid=83e818c2-9812-40d7-9359-a39c8d8207ff&_=128818103
Requested by: Host: d1tprjo2w7krrh.cloudfront.net
URL: https://d1tprjo2w7krrh.cloudfront.net/campaign/60ba34e7-404b-bf0f-e894-1ed18aedab8a.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.139.110 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-197-139-110.compute-1.amazonaws.com
Software: nginx/1.10.1 / PHP/7.1.20
Resource Hash: 450f18ae65e1d99135d3f86cbf95216f3934abb66042179f0e0e0c024f808a0c

Request headers

Referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
Origin: https://quotes.harpmortgagequiz.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Thu, 01 Nov 2018 23:41:14 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
X-Powered-By: PHP/7.1.20
Access-Control-Max-Age: 1728000
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 56
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
S 200 raven.min.js Show response
cdn.ravenjs.com/3.22.1/ Frame 2859 28 KB
11 KB 39ms
6ms Script
application/javascript 2a04:4e42:400::729
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ravenjs.com/3.22.1/raven.min.js
Requested by: Host: quotes.harpmortgagequiz.com
URL: https://quotes.harpmortgagequiz.com/shared/retargeting-pixels.php
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::729 , European Union, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Fastly /
Resource Hash: 0bce161c1546eba68585e5b193dd43e865c729dfaae9fe8904fcca51bbb55b33

Request headers

Referer: https://quotes.harpmortgagequiz.com/shared/retargeting-pixels.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 01 Nov 2018 23:41:14 GMT
content-encoding: gzip
last-modified: Mon, 15 Jan 2018 12:12:19 GMT
server: Fastly
age: 20080
etag: "9c99806be4993ea92ae76f58fa2dfdb6"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 10646

GET
S 200 cpa Show response
j.wizdmd.com/js/ 9 KB
4 KB 411ms
339ms Script
application/javascript 2606:4700:20::6819:6274
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://j.wizdmd.com/js/cpa?u=https%3A%2F%2Fquotes.harpmortgagequiz.com%2Ffv3%2Fharpmortgagequiz%2F381%2F%3Ftpl%3D381%26offer%3D913%26affid%3D901%26mediacid%3D4230%26r%3D38690717%26sub_id%3Dredirect%26region%3DBY%26s5%3Df2%2C620561%26fl%3D30990311%23%2F
Requested by: Host: quotes.harpmortgagequiz.com
URL: https://quotes.harpmortgagequiz.com/shared/retargeting-pixels.php
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6819:6274 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43e4f9b599dcae1c8d4a599814431e403adcea96424372d5382fa3b07bd7498e

Request headers

Referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Nov 2018 23:41:14 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: GET, POST, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 473236047c326385-FRA

GET
S 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
4 KB 42ms
42ms Script
application/javascript 2a00:1288:7c:800::4000
YAHOO-ULS

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: quotes.harpmortgagequiz.com
URL: https://quotes.harpmortgagequiz.com/shared/retargeting-pixels.php

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:7c:800::4000 , United Kingdom, ASN43428 (YAHOO-ULS, GB),

Reverse DNS

Software

ATS /

Resource Hash

bd999047408eaf20ae15ab916d344330d118fa72b0703fa1784deb648d36bb7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 01 Nov 2018 23:41:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
status: 200
strict-transport-security: max-age=15552000
content-length: 4111
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 18 Oct 2018 11:04:00 GMT
server: ATS
x-frame-options: DENY
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
content-type: application/javascript
via: http/1.1 spdc0015.pbp.ir2.yahoo.com (ApacheTrafficServer), https/1.1 e11.ycpi.lob.yahoo.com (ApacheTrafficServer [cMsSf ])
public-key-pins-report-only: max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; pin-sha256="dolnbtzEBnELx/9lOEQ22e6OZO/QNb6VSSX2XHA3E7A="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only"
accept-ranges: bytes

GET
S 200 js Show response
www.googletagmanager.com/gtag/ 86 KB
31 KB 56ms
56ms Script
application/javascript 2a00:1450:4001:81c::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-831368248

Requested by

Host: quotes.harpmortgagequiz.com
URL: https://quotes.harpmortgagequiz.com/shared/retargeting-pixels.php

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

64e3d0d0b3e3d1942492cd40963bf72a9364629fb55cd7c60a4d5825d47483fe

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 01 Nov 2018 23:41:14 GMT
content-encoding: gzip
server: Google Tag Manager (scaffolding)
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 31814
x-xss-protection: 1; mode=block
expires: Thu, 01 Nov 2018 23:41:14 GMT

GET
S 200 fbevents.js Show response
connect.facebook.net/en_US/ 73 KB
24 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: quotes.harpmortgagequiz.com
URL: https://quotes.harpmortgagequiz.com/shared/retargeting-pixels.php

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

d17ea7f38ba0acd5b1dfc4131655626a2353277fe99c97936765e4f6ae55a56c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';report-uri https://www.facebook.net/csp.php
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';report-uri https://www.facebook.net/csp.php
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 23406
x-xss-protection: 0
pragma: public
x-fb-debug: 4rJ/kgbNden2YbCRjE7e1n64kXjmC59FDWtPSKWMEnybDKYo/irJNclf7mBvGRw0bCXmV9xeoIZaUN0NubPVfA==
x-frame-options: DENY
date: Thu, 01 Nov 2018 23:41:14 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
S 200 409896072532602 Show response
connect.facebook.net/signals/config/ 20 KB
8 KB 33ms
33ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/409896072532602?v=2.8.32&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

b951e6b3961ad6d7cef1e3552d0258e5aa1aa9c344993261bd4d2cba72a7e849

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 0
pragma: public
x-fb-debug: mg3r5lm2MScHY5vcN+zPLE1r3x9rzKGT1ykNEbGvMS7rgsZ7TDKckQdFLl4tyoXhM9gbjJ4nkudMeZZrVraGnQ==
x-frame-options: DENY
date: Thu, 01 Nov 2018 23:41:14 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
S 200 sp.pl Show response
sp.analytics.yahoo.com/ 0
95 B 144ms
38ms Script
application/x-javascript 188.125.66.33
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&jsonp=YAHOO.ywa.I13N.handleJSONResponse&d=Thu%2C%2001%20Nov%202018%2023%3A41%3A14%20GMT&n=0&b=HarpMortgageQuiz.com&.yp=10039716&f=https%3A%2F%2Fquotes.harpmortgagequiz.com%2Ffv3%2Fharpmortgagequiz%2F381%2F%3Ftpl%3D381%26offer%3D913%26affid%3D901%26mediacid%3D4230%26r%3D38690717%26sub_id%3Dredirect%26region%3DBY%26s5%3Df2%2C620561%26fl%3D30990311&enc=UTF-8

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.125.66.33 , Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 01 Nov 2018 23:41:14 GMT
via: http/1.1 spdc0003.pbp.ir2.yahoo.com (ApacheTrafficServer)
x-content-type-options: nosniff
age: 0
status: 200
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: ATS
x-frame-options: DENY
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: application/x-javascript
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
expires: Thu, 01 Nov 2018 23:41:14 GMT

GET
S 200 sp.pl Show response
sp.analytics.yahoo.com/ 0
95 B 144ms
38ms Script
application/x-javascript 188.125.66.33
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&jsonp=YAHOO.ywa.I13N.handleJSONResponse&b=HarpMortgageQuiz.com&.yp=10039716&f=https%3A%2F%2Fquotes.harpmortgagequiz.com%2Ffv3%2Fharpmortgagequiz%2F381%2F%3Ftpl%3D381%26offer%3D913%26affid%3D901%26mediacid%3D4230%26r%3D38690717%26sub_id%3Dredirect%26region%3DBY%26s5%3Df2%2C620561%26fl%3D30990311&enc=UTF-8&et=custom&ea=test1

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.125.66.33 , Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 01 Nov 2018 23:41:14 GMT
via: http/1.1 spdc0003.pbp.ir2.yahoo.com (ApacheTrafficServer)
x-content-type-options: nosniff
age: 0
status: 200
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: ATS
x-frame-options: DENY
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: application/x-javascript
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
expires: Thu, 01 Nov 2018 23:41:14 GMT

GET
S 200 sp.pl Show response
sp.analytics.yahoo.com/ 0
449 B 139ms
34ms Script
application/x-javascript 188.125.66.33
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&jsonp=YAHOO.ywa.I13N.handleJSONResponse&b=HarpMortgageQuiz.com&.yp=10065751&f=https%3A%2F%2Fquotes.harpmortgagequiz.com%2Ffv3%2Fharpmortgagequiz%2F381%2F%3Ftpl%3D381%26offer%3D913%26affid%3D901%26mediacid%3D4230%26r%3D38690717%26sub_id%3Dredirect%26region%3DBY%26s5%3Df2%2C620561%26fl%3D30990311&enc=UTF-8&et=custom&ea=test1

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.125.66.33 , Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 01 Nov 2018 23:41:14 GMT
via: http/1.1 spdc0003.pbp.ir2.yahoo.com (ApacheTrafficServer)
x-content-type-options: nosniff
age: 0
status: 200
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: ATS
x-frame-options: DENY
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: application/x-javascript
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
expires: Thu, 01 Nov 2018 23:41:14 GMT

GET
S 200 544864752645852 Show response
connect.facebook.net/signals/config/ 167 KB
39 KB 41ms
41ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/544864752645852?v=2.8.32&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

fde7192e9cd18f015c1839408f3909f7a0ab78d4cf8ff87534ce4869c3a2e5bf

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 0
pragma: public
x-fb-debug: Q5VzxGAk3TmlUNUUW5dpxdOAUya3UjGeQgYp0tGYjJ692UsMuqONjV3oPcr16VJ0Kd6yv8akz0aqcGuEsavFkg==
x-frame-options: DENY
date: Thu, 01 Nov 2018 23:41:14 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
S 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 23 KB
9 KB 68ms
15ms Script
text/javascript 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-831368248

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

abeb901632fcf757ba233d0b84c224b9d5ab9aa18bcf8beab1d4e5515624ccd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 01 Nov 2018 23:41:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 8776
x-xss-protection: 1; mode=block
server: cafe
etag: 11603869552807009247
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 01 Nov 2018 23:41:14 GMT

GET
S 200 326636357919346 Show response
connect.facebook.net/signals/config/ 167 KB
39 KB 43ms
43ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/326636357919346?v=2.8.32&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

14534be7fc8d400fd0e1c98815525a94bebe4df39f2e5fe19f62f1f22427119a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 0
pragma: public
x-fb-debug: qM8gy/NAEyca8LNHZfDRpGb+hxcRl9CijaeuH3rH44JLgspBW+i5u34FMF4pOMuvQECHmZ3HGEsY+R4f4QNGUA==
x-frame-options: DENY
date: Thu, 01 Nov 2018 23:41:14 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
S 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/831368248/ 3 KB
1 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/831368248/?random=1541115674401&cv=9&fst=1541115674401&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470%2C659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&data=event%3Dgtag.config&gtm=2oaas3&sendb=1&frm=0&url=https%3A%2F%2Fquotes.harpmortgagequiz.com%2Ffv3%2Fharpmortgagequiz%2F381%2F%3Ftpl%3D381%26offer%3D913%26affid%3D901%26mediacid%3D4230%26r%3D38690717%26sub_id%3Dredirect%26region%3DBY%26s5%3Df2%2C620561%26fl%3D30990311&tiba=HarpMortgageQuiz.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

76dbd9c1894f2aafb287c8fe3406048cf7de08dd30b603cb66d50d8a0a2051bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Nov 2018 23:41:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1084
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/831368248/ 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/831368248/?random=1541115674410&cv=9&fst=1541115674410&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470%2C659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&data=event%3Dtest1&gtm=2oaas3&sendb=1&frm=0&url=https%3A%2F%2Fquotes.harpmortgagequiz.com%2Ffv3%2Fharpmortgagequiz%2F381%2F%3Ftpl%3D381%26offer%3D913%26affid%3D901%26mediacid%3D4230%26r%3D38690717%26sub_id%3Dredirect%26region%3DBY%26s5%3Df2%2C620561%26fl%3D30990311&tiba=HarpMortgageQuiz.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

6e1c3aac6ae09fa54f438080aa1f9fb9f95fc551658419e96e49b481eadfa71a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Nov 2018 23:41:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1080
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 /
www.google.com/pagead/1p-user-list/831368248/ 42 B
109 B 22ms
21ms Image
image/gif 2a00:1450:4001:81d::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/831368248/?random=1541115674401&cv=9&fst=1541113200000&num=1&bg=ffffff&guid=ON&eid=376635470%2C659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&data=event%3Dgtag.config&gtm=2oaas3&sendb=1&frm=0&url=https%3A%2F%2Fquotes.harpmortgagequiz.com%2Ffv3%2Fharpmortgagequiz%2F381%2F%3Ftpl%3D381%26offer%3D913%26affid%3D901%26mediacid%3D4230%26r%3D38690717%26sub_id%3Dredirect%26region%3DBY%26s5%3Df2%2C620561%26fl%3D30990311&tiba=HarpMortgageQuiz.com&async=1&fmt=3&crd=CITQGw&cdct=2&is_vtc=1&random=433051993&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81d::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Nov 2018 23:41:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 /
www.google.de/pagead/1p-user-list/831368248/ 42 B
109 B 23ms
22ms Image
image/gif 2a00:1450:4001:806::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/831368248/?random=1541115674401&cv=9&fst=1541113200000&num=1&bg=ffffff&guid=ON&eid=376635470%2C659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&data=event%3Dgtag.config&gtm=2oaas3&sendb=1&frm=0&url=https%3A%2F%2Fquotes.harpmortgagequiz.com%2Ffv3%2Fharpmortgagequiz%2F381%2F%3Ftpl%3D381%26offer%3D913%26affid%3D901%26mediacid%3D4230%26r%3D38690717%26sub_id%3Dredirect%26region%3DBY%26s5%3Df2%2C620561%26fl%3D30990311&tiba=HarpMortgageQuiz.com&async=1&fmt=3&crd=CITQGw&cdct=2&is_vtc=1&random=433051993&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:806::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Nov 2018 23:41:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 /
www.google.com/pagead/1p-user-list/831368248/ 42 B
109 B 21ms
21ms Image
image/gif 2a00:1450:4001:81d::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/831368248/?random=1541115674410&cv=9&fst=1541113200000&num=1&bg=ffffff&guid=ON&eid=376635470%2C659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&data=event%3Dtest1&gtm=2oaas3&sendb=1&frm=0&url=https%3A%2F%2Fquotes.harpmortgagequiz.com%2Ffv3%2Fharpmortgagequiz%2F381%2F%3Ftpl%3D381%26offer%3D913%26affid%3D901%26mediacid%3D4230%26r%3D38690717%26sub_id%3Dredirect%26region%3DBY%26s5%3Df2%2C620561%26fl%3D30990311&tiba=HarpMortgageQuiz.com&async=1&fmt=3&crd=CITQGw&cdct=2&is_vtc=1&random=3645430563&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81d::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Nov 2018 23:41:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 /
www.google.de/pagead/1p-user-list/831368248/ 42 B
109 B 22ms
22ms Image
image/gif 2a00:1450:4001:806::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/831368248/?random=1541115674410&cv=9&fst=1541113200000&num=1&bg=ffffff&guid=ON&eid=376635470%2C659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&data=event%3Dtest1&gtm=2oaas3&sendb=1&frm=0&url=https%3A%2F%2Fquotes.harpmortgagequiz.com%2Ffv3%2Fharpmortgagequiz%2F381%2F%3Ftpl%3D381%26offer%3D913%26affid%3D901%26mediacid%3D4230%26r%3D38690717%26sub_id%3Dredirect%26region%3DBY%26s5%3Df2%2C620561%26fl%3D30990311&tiba=HarpMortgageQuiz.com&async=1&fmt=3&crd=CITQGw&cdct=2&is_vtc=1&random=3645430563&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:806::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Nov 2018 23:41:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 /
www.facebook.com/tr/ 44 B
296 B 21ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=409896072532602&ev=PageView&dl=https%3A%2F%2Fquotes.harpmortgagequiz.com%2Ffv3%2Fharpmortgagequiz%2F381%2F%3Ftpl%3D381%26offer%3D913%26affid%3D901%26mediacid%3D4230%26r%3D38690717%26sub_id%3Dredirect%26region%3DBY%26s5%3Df2%2C620561%26fl%3D30990311%23%2F&rl=&if=false&ts=1541115674468&sw=1600&sh=1200&v=2.8.32&r=stable&ec=0&o=28&fbp=fb.1.1541115674467.1501641542&it=1541115674278&coo=false
Requested by: Host: quotes.harpmortgagequiz.com
URL: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 01 Nov 2018 23:41:14 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Thu, 01 Nov 2018 23:41:14 GMT

GET
S 200 /
www.facebook.com/tr/ 44 B
200 B 21ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=544864752645852&ev=PageView&dl=https%3A%2F%2Fquotes.harpmortgagequiz.com%2Ffv3%2Fharpmortgagequiz%2F381%2F%3Ftpl%3D381%26offer%3D913%26affid%3D901%26mediacid%3D4230%26r%3D38690717%26sub_id%3Dredirect%26region%3DBY%26s5%3Df2%2C620561%26fl%3D30990311%23%2F&rl=&if=false&ts=1541115674470&sw=1600&sh=1200&v=2.8.32&r=stable&ec=0&o=30&fbp=fb.1.1541115674467.1501641542&it=1541115674278&coo=false
Requested by: Host: quotes.harpmortgagequiz.com
URL: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 01 Nov 2018 23:41:14 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Thu, 01 Nov 2018 23:41:14 GMT

GET
S 200 /
www.facebook.com/tr/ 44 B
200 B 20ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=326636357919346&ev=PageView&dl=https%3A%2F%2Fquotes.harpmortgagequiz.com%2Ffv3%2Fharpmortgagequiz%2F381%2F%3Ftpl%3D381%26offer%3D913%26affid%3D901%26mediacid%3D4230%26r%3D38690717%26sub_id%3Dredirect%26region%3DBY%26s5%3Df2%2C620561%26fl%3D30990311%23%2F&rl=&if=false&ts=1541115674470&sw=1600&sh=1200&v=2.8.32&r=stable&ec=0&o=30&fbp=fb.1.1541115674467.1501641542&it=1541115674278&coo=false
Requested by: Host: quotes.harpmortgagequiz.com
URL: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 01 Nov 2018 23:41:14 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Thu, 01 Nov 2018 23:41:14 GMT

GET
H/1.1 200
OK iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 1A09 0
0 55ms
7ms Document
text/html 52.222.163.174
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=EE7EA396-4E69-9091-B993-CABC84B1B8C4&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.5.2&lck=60BA34E7-404B-BF0F-E894-1ED18AEDAB8A&lac=E20AD3B7-6097-09C7-A141-7C62B502FA7E
Requested by: Host: d1tprjo2w7krrh.cloudfront.net
URL: https://d1tprjo2w7krrh.cloudfront.net/campaign/60ba34e7-404b-bf0f-e894-1ed18aedab8a.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.163.174 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-163-174.fra54.r.cloudfront.net
Software: nginx/1.10.1 /
Resource Hash

Request headers

Host: d2m2wsoho8qq12.cloudfront.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311

Response headers

Content-Type: text/html
Content-Length: 1440
Connection: keep-alive
Content-Encoding: gzip
Date: Thu, 01 Nov 2018 03:03:35 GMT
ETag: W/"5bd702d8-da5"
Last-Modified: Mon, 29 Oct 2018 12:53:44 GMT
P3P: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
Server: nginx/1.10.1
Age: 74259
X-Cache: Hit from cloudfront
Via: 1.1 1d32f672764a20290d04a16248d04c57.cloudfront.net (CloudFront)
X-Amz-Cf-Id: wiYztQOTAOaCxUSRu70ddWltwe3LOQYXZx5KYlo1k24NaOx4Jo4YqA==

POST
H/1.1 200
OK SaveDom Show response
create.leadid.com/2.5.2/ 0
814 B 111ms
111ms XHR
text/plain 34.197.139.110
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.5.2/SaveDom?msn=2&pid=83e818c2-9812-40d7-9359-a39c8d8207ff&token=EE7EA396-4E69-9091-B993-CABC84B1B8C4&_=128818104
Requested by: Host: d1tprjo2w7krrh.cloudfront.net
URL: https://d1tprjo2w7krrh.cloudfront.net/campaign/60ba34e7-404b-bf0f-e894-1ed18aedab8a.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.139.110 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-197-139-110.compute-1.amazonaws.com
Software: nginx/1.10.1 / PHP/7.1.20
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
Origin: https://quotes.harpmortgagequiz.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Thu, 01 Nov 2018 23:41:14 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
X-Powered-By: PHP/7.1.20
Access-Control-Max-Age: 1728000
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK Snap Show response
create.leadid.com/2.5.2/ 0
814 B 317ms
317ms XHR
text/plain 34.197.139.110
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.5.2/Snap?msn=3&pid=83e818c2-9812-40d7-9359-a39c8d8207ff&token=EE7EA396-4E69-9091-B993-CABC84B1B8C4&_=128818105
Requested by: Host: d1tprjo2w7krrh.cloudfront.net
URL: https://d1tprjo2w7krrh.cloudfront.net/campaign/60ba34e7-404b-bf0f-e894-1ed18aedab8a.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.139.110 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-197-139-110.compute-1.amazonaws.com
Software: nginx/1.10.1 / PHP/7.1.20
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
Origin: https://quotes.harpmortgagequiz.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Thu, 01 Nov 2018 23:41:15 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
X-Powered-By: PHP/7.1.20
Access-Control-Max-Age: 1728000
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
S 200 /
www.facebook.com/tr/ 44 B
246 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=544864752645852&ev=Microdata&dl=https%3A%2F%2Fquotes.harpmortgagequiz.com%2Ffv3%2Fharpmortgagequiz%2F381%2F%3Ftpl%3D381%26offer%3D913%26affid%3D901%26mediacid%3D4230%26r%3D38690717%26sub_id%3Dredirect%26region%3DBY%26s5%3Df2%2C620561%26fl%3D30990311%23%2F&rl=&if=false&ts=1541115675984&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%7D&cd[Meta]=%7B%22title%22%3A%22HarpMortgageQuiz.com%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[DataLayer]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.8.32&r=stable&ec=1&o=30&fbp=fb.1.1541115675984.322010187&it=1541115674278&coo=false&es=automatic
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 01 Nov 2018 23:41:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Thu, 01 Nov 2018 23:41:15 GMT

GET
S 200 /
www.facebook.com/tr/ 44 B
200 B 6ms
5ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=326636357919346&ev=Microdata&dl=https%3A%2F%2Fquotes.harpmortgagequiz.com%2Ffv3%2Fharpmortgagequiz%2F381%2F%3Ftpl%3D381%26offer%3D913%26affid%3D901%26mediacid%3D4230%26r%3D38690717%26sub_id%3Dredirect%26region%3DBY%26s5%3Df2%2C620561%26fl%3D30990311%23%2F&rl=&if=false&ts=1541115675986&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%7D&cd[Meta]=%7B%22title%22%3A%22HarpMortgageQuiz.com%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[DataLayer]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.8.32&r=stable&ec=1&o=30&fbp=fb.1.1541115675984.322010187&it=1541115674278&coo=false&es=automatic
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: https://quotes.harpmortgagequiz.com/fv3/harpmortgagequiz/381/?tpl=381&offer=913&affid=901&mediacid=4230&r=38690717&sub_id=redirect&region=BY&s5=f2,620561&fl=30990311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 01 Nov 2018 23:41:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Thu, 01 Nov 2018 23:41:15 GMT

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
quotes.harpmortgagequiz.com/	1970-01-18 23:41:15	Name: inParams Value: %7B%22tpl%22%3A%22381%22%2C%22offer%22%3A%22913%22%2C%22affid%22%3A%22901%22%2C%22mediacid%22%3A%224230%22%2C%22r%22%3A%2238690717%22%2C%22sub_id%22%3A%22redirect%22%2C%22region%22%3A%22BY%22%7D
.harpmortgagequiz.com/	1970-01-18 20:05:23	Name: _fbp Value: fb.1.1541115674467.1501641542
.harpmortgagequiz.com/	1970-01-19 04:50:51	Name: __cfduid Value: d5fe524063e833fad5ec1803b93bf3daa1541115672

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.ravenjs.com
clkwiz.com
connect.facebook.net
create.leadid.com
d1tprjo2w7krrh.cloudfront.net
d2m2wsoho8qq12.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
j.wizdmd.com
quotes.harpmortgagequiz.com
reficonnectonline.com
s.yimg.com
sp.analytics.yahoo.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
100.24.199.52
188.125.66.33
192.64.119.75
216.58.208.34
2606:4700:20::6819:6274
2606:4700:30::681b:9aec
2a00:1288:7c:800::4000
2a00:1450:4001:806::2003
2a00:1450:4001:814::2002
2a00:1450:4001:816::200a
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::2008
2a00:1450:4001:81c::200a
2a00:1450:4001:81d::2004
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:400::729
34.197.139.110
52.222.163.174
52.222.163.58
0bce161c1546eba68585e5b193dd43e865c729dfaae9fe8904fcca51bbb55b33
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14534be7fc8d400fd0e1c98815525a94bebe4df39f2e5fe19f62f1f22427119a
202926bab33dbfcf59e2c98afb1da5dbf5ff02c660a4d7d1c6fbb07c1bbb88fa
297046f74f24d1136cc26f5c440f6a11825087d7837cb81f87425315056e3604
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
43e4f9b599dcae1c8d4a599814431e403adcea96424372d5382fa3b07bd7498e
450f18ae65e1d99135d3f86cbf95216f3934abb66042179f0e0e0c024f808a0c
494b0dcb1f4aafdac7037b61af349e7dd4bcf37cf543464e2d73c5de9d93b7ea
4a1fb9dba6e52df0b92c11805b907ec144eeaeb33ec674985bb64e2d9e132e52
4c6d8ee2af62bf093751480e3ea231517dba0eac7ae5e2548c75288c5146ec4a
52726fb580d6bffc46615863ddbf4c319524b5a68fb484be2972bdad4fd0310d
53349b48a77d50ca3c13c30f9d3c7d3937d76229fac665470a798e3940d89faf
64e3d0d0b3e3d1942492cd40963bf72a9364629fb55cd7c60a4d5825d47483fe
6e1c3aac6ae09fa54f438080aa1f9fb9f95fc551658419e96e49b481eadfa71a
725ab55f9193267f010cac301616d46ab182d43f5b22cd7b500dde6a533407c8
76dbd9c1894f2aafb287c8fe3406048cf7de08dd30b603cb66d50d8a0a2051bb
7793c1ba8bf11728deb11f8867a9d14767e5d25e4ced724214f61bf3ed86b7a6
abeb901632fcf757ba233d0b84c224b9d5ab9aa18bcf8beab1d4e5515624ccd5
b50dc3cdab0b9b3224e0386d7f7792f85f488667538a9639573eb5072e5c9bc9
b951e6b3961ad6d7cef1e3552d0258e5aa1aa9c344993261bd4d2cba72a7e849
bc11d33335d193d868a6e8cd72b4a56c0fb69d7ea978085eef1b9cb670ca8b44
bd999047408eaf20ae15ab916d344330d118fa72b0703fa1784deb648d36bb7a
c9eae62b3360e08098ef3472d2b9cf64ccd7f530549f12e9c3b026d81ed7a35c
d17ea7f38ba0acd5b1dfc4131655626a2353277fe99c97936765e4f6ae55a56c
d1ca6cec7c2083970e64b8ebf23fda096a6c8f19a7ea8af306f7d2b0a67dd50a
dd2acb8cf7913dad687ccdbcd2bf8e31c52325928b5891ebe9246d46eddd45bd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2afb69ea8c1f6d3b23b5a0cc0015fbe472fe2b6e26f0d86f51ea00760052d46
fde7192e9cd18f015c1839408f3909f7a0ab78d4cf8ff87534ce4869c3a2e5bf
ff04d2319de79c63445b27e306c1198fd57d8332149af1581ca50faa80b48b0f

quotes.harpmortgagequiz.com Open in urlscan Pro 2606:4700:30::681b:9aec Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

44 Requests

100 %HTTPS

65 %IPv6

18 Domains

20 Subdomains

18 IPs

4 Countries

560 kBTransfer

1398 kBSize

3 Cookies

2 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

quotes.harpmortgagequiz.com Open in urlscan Pro
2606:4700:30::681b:9aec Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

100 %
HTTPS

65 %
IPv6

18
Domains

20
Subdomains

18
IPs

4
Countries

560 kB
Transfer

1398 kB
Size

3
Cookies

44 HTTP transactions
0 data transactions