urlscan.io logo urlscan.io
SecurityTrails logo

www.rossmortgageco.com Open in urlscan Pro
209.17.116.160  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://rossfarm.itmsolutions.us/
Effective URL: https://www.rossmortgageco.com/employee-mortgage-benefits-program/
Submission: On January 27 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 4 countries across 20 domains to perform 50 HTTP transactions. The main IP is 209.17.116.160, located in Jacksonville, United States and belongs to DEFENSE-NET, US. The main domain is www.rossmortgageco.com.
TLS certificate: Issued by Network Solutions DV Server CA 2 on December 4th 2018. Valid for: 2 years.
This is the only time www.rossmortgageco.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    96.32.252.91 (Westborough, United States)

ASN20115 (CHARTER-20115, US)
PTR: 96-32-252-91.static.oxfr.ma.charter.com
rossfarm.itmsolutions.us
18    209.17.116.160 (Jacksonville, United States)

ASN55002 (DEFENSE-NET, US)
www.rossmortgageco.com
8    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a02:26f0:64:189::37f0 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
static.ctctcdn.com
1    2606:4700::6811:d5cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
2    2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net
www.googleadservices.com
3    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:81b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2606:4700::6811:74b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsadspixel.net
1    2606:4700::6811:44b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2606:4700::6811:83ab (United States)

ASN13335 (CLOUDFLARENET, US)
js.hscollectedforms.net
1    2606:4700::6810:5805 (United States)

ASN13335 (CLOUDFLARENET, US)
forms.hsforms.com
1    2606:4700::6811:c8cc (United States)

ASN13335 (CLOUDFLARENET, US)
api.hubapi.com
1    2606:4700::6810:fb05 (United States)

ASN13335 (CLOUDFLARENET, US)
track.hubspot.com
Domain Requested by
18 www.rossmortgageco.com 1 redirects www.rossmortgageco.com
8 fonts.googleapis.com www.rossmortgageco.com
3 www.facebook.com www.rossmortgageco.com
3 connect.facebook.net www.rossmortgageco.com
connect.facebook.net
2 www.google.de www.rossmortgageco.com
2 www.google.com www.rossmortgageco.com
2 googleads.g.doubleclick.net www.googleadservices.com
2 www.googletagmanager.com www.rossmortgageco.com
www.googletagmanager.com
1 track.hubspot.com
1 api.hubapi.com js.hsadspixel.net
1 forms.hsforms.com www.rossmortgageco.com
1 js.hscollectedforms.net js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 js.hsadspixel.net js.hs-scripts.com
1 www.googleadservices.com www.googletagmanager.com
1 fonts.gstatic.com www.rossmortgageco.com
1 www.youtube.com www.rossmortgageco.com
1 js.hs-scripts.com www.rossmortgageco.com
1 static.ctctcdn.com www.rossmortgageco.com
1 rossfarm.itmsolutions.us 1 redirects
50 20
Subject Issuer Validity Valid
www.rossmortgageco.com
Network Solutions DV Server CA 2		 2018-12-04 -
2020-11-28		 2 years crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh
www.constantcontact.com
GlobalSign Organization Validation CA - SHA256 - G2		 2019-03-05 -
2021-03-01		 2 years crt.sh
ssl817718.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2020-01-21 -
2020-07-29		 6 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh
www.googleadservices.com
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-01-16 -
2020-04-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh
ssl803643.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-11-06 -
2020-05-14		 6 months crt.sh
ssl803670.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-11-06 -
2020-05-14		 6 months crt.sh
ssl803673.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-11-06 -
2020-05-14		 6 months crt.sh
ssl431287.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2020-01-01 -
2020-07-09		 6 months crt.sh
hubapi.com
CloudFlare Inc ECC CA-2		 2020-01-21 -
2020-10-09		 9 months crt.sh
hubspot.com
CloudFlare Inc ECC CA-2		 2019-12-04 -
2020-10-09		 10 months crt.sh

This page contains 2 frames:

Primary Page: https://www.rossmortgageco.com/employee-mortgage-benefits-program/
Frame ID: F07AFD1D56E2BDA4BB08DE6D1C491221
Requests: 49 HTTP requests in this frame

Frame: https://www.youtube.com/embed/SnFPzNREMnc
Frame ID: 808EB547EE691B1A070227D335D61E23
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://rossfarm.itmsolutions.us/ HTTP 307
    https://www.rossmortgageco.com/employee-mortgage-benefits-program HTTP 301
    https://www.rossmortgageco.com/employee-mortgage-benefits-program/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link [^>]*href="[^>]*\/mt-content\/[^>]*\.css/i
Overall confidence: 100%
Detected patterns
  • html /<link [^>]*href="[^>]*\/mt-content\/[^>]*\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link [^>]*href="[^>]*\/mt-content\/[^>]*\.css/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • html /<!-- (?:End )?Google Tag Manager -->/i
Overall confidence: 100%
Detected patterns
  • html /<link [^>]*href="[^>]*\/mt-content\/[^>]*\.css/i

Page Statistics

50
Requests

100 %
HTTPS

85 %
IPv6

20
Domains

20
Subdomains

19
IPs

4
Countries

1258 kB
Transfer

3399 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://rossfarm.itmsolutions.us/ HTTP 307
    https://www.rossmortgageco.com/employee-mortgage-benefits-program HTTP 301
    https://www.rossmortgageco.com/employee-mortgage-benefits-program/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.rossmortgageco.com/employee-mortgage-benefits-program/
Redirect Chain
  • http://rossfarm.itmsolutions.us/
  • https://www.rossmortgageco.com/employee-mortgage-benefits-program
  • https://www.rossmortgageco.com/employee-mortgage-benefits-program/
62 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.rossmortgageco.com/employee-mortgage-benefits-program/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.17.116.160 Jacksonville, United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
openresty/1.13.6.2 / PHP/7.0.2-pl0-gentoo
Resource Hash
d1a7e53642ba4a7b7e5e3ab25c53a0ab918b469429ccb843d212c0acd8682560

Request headers

Host
www.rossmortgageco.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Server
openresty/1.13.6.2
Date
Mon, 27 Jan 2020 17:12:46 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Powered-By
PHP/7.0.2-pl0-gentoo
X-Webcom-Cache-Status
BYPASS
Content-Encoding
gzip

Redirect headers

Server
openresty/1.13.6.2
Date
Mon, 27 Jan 2020 17:12:42 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.0.2-pl0-gentoo
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Location
https://www.rossmortgageco.com/employee-mortgage-benefits-program/
X-Webcom-Cache-Status
BYPASS
assets.min.css
www.rossmortgageco.com/mt-includes/css/ 		180 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rossmortgageco.com/mt-includes/css/assets.min.css?_build=1560377921
Requested by
Host: www.rossmortgageco.com
URL: https://www.rossmortgageco.com/employee-mortgage-benefits-program/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.17.116.160 Jacksonville, United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
openresty/1.13.6.2 /
Resource Hash
c48e83c38ce0f8f5d5bdffea4a6e2ab0d71606f49917e2fd96c86afdb7f84b91

Request headers

Referer
https://www.rossmortgageco.com/employee-mortgage-benefits-program/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 27 Jan 2020 17:12:50 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jun 2019 22:18:41 GMT
Server
openresty/1.13.6.2
X-Webcom-Cache-Status
BYPASS
ETag
W/"10548949-2cfe0-58b27cbb5c5a7"
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 03 Feb 2020 17:12:48 GMT
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Abel:regular|Archivo+Narrow:regular,italic,700,700italic|Arvo:regular,italic,700,700italic|Asap:regular,italic,700,700italic|Contrail+One:regular&subset=latin,latin-ext,cyrillic,cyrillic-ext,vietnamese,devanagari,greek-ext,greek
Requested by
Host: www.rossmortgageco.com
URL: https://www.rossmortgageco.com/employee-mortgage-benefits-program/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
820600e2a1ec4a50d9b129c3363f2f82a88d1fe758e85c2b146c210cfe2c6fb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 27 Jan 2020 17:12:49 GMT
server
ESF
access-control-allow-origin
*
date
Mon, 27 Jan 2020 17:12:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Mon, 27 Jan 2020 17:12:49 GMT
styles.css
www.rossmortgageco.com/mt-content/assets/ 		219 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rossmortgageco.com/mt-content/assets/styles.css?_build=1580136454
Requested by
Host: www.rossmortgageco.com
URL: https://www.rossmortgageco.com/employee-mortgage-benefits-program/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.17.116.160 Jacksonville, United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
openresty/1.13.6.2 /
Resource Hash
0400ac3c5b4664f9619ddac58e0642274569362019481382e39f3b99f1439b91

Request headers

Referer
https://www.rossmortgageco.com/employee-mortgage-benefits-program/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 27 Jan 2020 17:12:50 GMT
Content-Encoding
gzip
Last-Modified
Mon, 27 Jan 2020 14:47:34 GMT
Server
openresty/1.13.6.2
X-Webcom-Cache-Status
BYPASS
ETag
W/"1689a88d-36b4c-59d203011e3bd"
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 03 Feb 2020 17:12:49 GMT
css
fonts.googleapis.com/ 		4 KB
776 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Cutive:regular|Droid:regular,700|Droid+Sans:regular,700|Droid+Serif:regular,italic,700,700italic|Herr+Von+Muellerhoff:regular&subset=latin,latin-ext,cyrillic,cyrillic-ext,vietnamese,devanagari,greek-ext,greek
Requested by
Host: www.rossmortgageco.com
URL: https://www.rossmortgageco.com/employee-mortgage-benefits-program/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
63d8be479db4385af1fd3d4ed860e0c780ca815ed3638d7c580a5fba77f639e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.rossmortgageco.com/employee-mortgage-benefits-program/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 27 Jan 2020 17:12:49 GMT
server
ESF
access-control-allow-origin
*
date
Mon, 27 Jan 2020 17:12:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Mon, 27 Jan 2020 17:12:49 GMT
css
fonts.googleapis.com/ 		19 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Istok+Web:regular,italic,700,700italic|Krona+One:regular|Lato:100,300,regular,italic,700|Lobster:regular|Merriweather+Sans:300,300italic,regular,italic,700,700italic,800,800italic&subset=latin,latin-ext,cyrillic,cyrillic-ext,vietnamese,devanagari,greek-ext,greek
Requested by
Host: www.rossmortgageco.com
URL: https://www.rossmortgageco.com/employee-mortgage-benefits-program/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
39146976d8762c2e28de19afc7f97784e7c43feb54da25d62f7aa0f0fdc05cc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.rossmortgageco.com/employee-mortgage-benefits-program/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 27 Jan 2020 17:12:49 GMT
server
ESF
access-control-allow-origin
*
date
Mon, 27 Jan 2020 17:12:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Mon, 27 Jan 2020 17:12:49 GMT
css
fonts.googleapis.com/ 		42 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:regular,700|Mr+Dafoe:regular|Noto+Sans:300,regular,700|Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic|Open+Sans+Condensed:300,300italic,700&subset=latin,latin-ext,cyrillic,cyrillic-ext,vietnamese,devanagari,greek-ext,greek
Requested by
Host: www.rossmortgageco.com
URL: https://www.rossmortgageco.com/employee-mortgage-benefits-program/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b7c88929e2af1b4e98dfce0ce95a969cd906b93013431e5194a915c0b0b5296f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.rossmortgageco.com/employee-mortgage-benefits-program/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 27 Jan 2020 17:12:49 GMT
server
ESF
access-control-allow-origin
*
date
Mon, 27 Jan 2020 17:12:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Mon, 27 Jan 2020 17:12:49 GMT
css
fonts.googleapis.com/ 		24 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald:300,regular,700|Pacifico:300,regular,700|Play:regular,700|Playfair+Display:regular,italic,700,700italic,900,900italic|PT+Sans:regular,italic,700,700italic&subset=latin,latin-ext,cyrillic,cyrillic-ext,vietnamese,devanagari,greek-ext,greek
Requested by
Host: www.rossmortgageco.com
URL: https://www.rossmortgageco.com/employee-mortgage-benefits-program/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3b253c1f21075aaff8f2e8c61154677de33e67aa5517d16e244748fcb372d0fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.rossmortgageco.com/employee-mortgage-benefits-program/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 27 Jan 2020 17:12:49 GMT
server
ESF
access-control-allow-origin
*
date
Mon, 27 Jan 2020 17:12:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Mon, 27 Jan 2020 17:12:49 GMT
css
fonts.googleapis.com/ 		36 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Racing:regular|Racing+Sans+One:regular|Raleway:100,200,300,regular,500,600,700,800,900|Righteous:regular|Roboto:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,900,900italic&subset=latin,latin-ext,cyrillic,cyrillic-ext,vietnamese,devanagari,greek-ext,greek
Requested by
Host: www.rossmortgageco.com
URL: https://www.rossmortgageco.com/employee-mortgage-benefits-program/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c78e16b077a5662913d980286d5e418fbf92c24254e2602c62d1627f0d9ce4ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.rossmortgageco.com/employee-mortgage-benefits-program/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 27 Jan 2020 17:12:49 GMT
server
ESF
access-control-allow-origin
*
date
Mon, 27 Jan 2020 17:12:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Mon, 27 Jan 2020 17:12:49 GMT
css
fonts.googleapis.com/ 		34 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:300,300italic,regular,italic,700,700italic|Russo+One:regular|Sarina:reqular|Six+Caps:regular|Ubuntu:300,300italic,regular,italic,500,500italic,700,700italic&subset=latin,latin-ext,cyrillic,cyrillic-ext,vietnamese,devanagari,greek-ext,greek
Requested by
Host: www.rossmortgageco.com
URL: https://www.rossmortgageco.com/employee-mortgage-benefits-program/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a7e14e7be9630733d8ac22e2527fcfcdf1e7fac1ddb6fc1cc04f116f33dd2a88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.rossmortgageco.com/employee-mortgage-benefits-program/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 27 Jan 2020 17:12:49 GMT
server
ESF
access-control-allow-origin
*
date
Mon, 27 Jan 2020 17:12:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Mon, 27 Jan 2020 17:12:49 GMT
css
fonts.googleapis.com/ 		3 KB
627 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu+Condensed:regular|Yesteryear:regular|Zeyada:regular&subset=latin,latin-ext,cyrillic,cyrillic-ext,vietnamese,devanagari,greek-ext,greek
Requested by
Host: www.rossmortgageco.com
URL: https://www.rossmortgageco.com/employee-mortgage-benefits-program/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
655b419525af0c9021eac3abdb7d536cf2c7dff406e9d1694b5b29cf6dd26842
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.rossmortgageco.com/employee-mortgage-benefits-program/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 27 Jan 2020 17:12:49 GMT
server
ESF
access-control-allow-origin
*
date
Mon, 27 Jan 2020 17:12:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Mon, 27 Jan 2020 17:12:49 GMT
signup-form-widget.min.js
static.ctctcdn.com/js/signup-form-widget/current/ 		444 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ctctcdn.com/js/signup-form-widget/current/signup-form-widget.min.js
Requested by
Host: www.rossmortgageco.com
URL: https://www.rossmortgageco.com/employee-mortgage-benefits-program/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64:189::37f0 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
9e1dbb44fe5495ad5cbb57a492a71307c29e5cd82057a5a61fe6837a212d6980

Request headers

Referer
https://www.rossmortgageco.com/employee-mortgage-benefits-program/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 27 Jan 2020 17:12:49 GMT
content-encoding
gzip
last-modified
Fri, 12 Jul 2019 14:27:04 GMT
server
Apache
access-control-allow-origin
*
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=165
accept-ranges
bytes
content-length
37677
expires
Mon, 27 Jan 2020 17:15:34 GMT
website.assets.min.js
www.rossmortgageco.com/mt-includes/js/ 		646 KB
240 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rossmortgageco.com/mt-includes/js/website.assets.min.js?_build=1560377921
Requested by
Host: www.rossmortgageco.com
URL: https://www.rossmortgageco.com/employee-mortgage-benefits-program/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.17.116.160 Jacksonville, United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
openresty/1.13.6.2 /
Resource Hash
b8538844aaddfc34e8b3f93aa5467f3bad20d50c3edee37eb83d0bf0e014d62b

Request headers

Referer
https://www.rossmortgageco.com/employee-mortgage-benefits-program/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 27 Jan 2020 17:12:50 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jun 2019 22:18:41 GMT
Server
openresty/1.13.6.2
X-Webcom-Cache-Status
BYPASS
ETag
W/"17db9e71-a16b2-58b27cbb6235b"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 03 Feb 2020 17:12:48 GMT
website.min.js
www.rossmortgageco.com/mt-includes/js/ 		96 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rossmortgageco.com/mt-includes/js/website.min.js?_build=1560377921
Requested by
Host: www.rossmortgageco.com
URL: https://www.rossmortgageco.com/employee-mortgage-benefits-program/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.17.116.160 Jacksonville, United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
openresty/1.13.6.2 /
Resource Hash
77fcddb16c3ece9b23265ca8026ccd8be02da78d4f3c75a97bc479ffd706efcb

Request headers

Referer
https://www.rossmortgageco.com/employee-mortgage-benefits-program/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 27 Jan 2020 17:12:50 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jun 2019 22:18:41 GMT
Server
openresty/1.13.6.2
X-Webcom-Cache-Status
BYPASS
ETag
W/"17db9e72-17e00-58b27cbb65daf"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 03 Feb 2020 17:12:49 GMT
6712298.js
js.hs-scripts.com/ 		1 KB
973 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/6712298.js
Requested by
Host: www.rossmortgageco.com
URL: https://www.rossmortgageco.com/employee-mortgage-benefits-program/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:d5cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dff9267fbcc2c9885ad42858e022c7ffd5dd763c72594847b9d3584d23c20be9

Request headers

Referer
https://www.rossmortgageco.com/employee-mortgage-benefits-program/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 27 Jan 2020 17:12:49 GMT
content-encoding
gzip
cf-cache-status
HIT
age
4
cf-polished
origSize=1355
status
200
access-control-max-age
3600
cf-bgj
minify
server
cloudflare
x-trace
2B9F59A0FB519AFB332BAF1E6FED440E07D585A367000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://www.rossmortgageco.com
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
55bc5a904d75c2db-FRA
expires
Mon, 27 Jan 2020 17:13:49 GMT
gtm.js
www.googletagmanager.com/ 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PHC8SFZ
Requested by
Host: www.rossmortgageco.com
URL: https://www.rossmortgageco.com/employee-mortgage-benefits-program/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
526941bc6f0be8e01af174a026d66a220742258c1dd5d495efda0a7db248961d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.rossmortgageco.com/employee-mortgage-benefits-program/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 27 Jan 2020 17:12:50 GMT
content-encoding
br
last-modified
Mon, 27 Jan 2020 15:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
20035
x-xss-protection
0
expires
Mon, 27 Jan 2020 17:12:50 GMT
SnFPzNREMnc
www.youtube.com/embed/ Frame 808E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/SnFPzNREMnc
Requested by
Host: www.rossmortgageco.com
URL: https://www.rossmortgageco.com/employee-mortgage-benefits-program/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/SnFPzNREMnc
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.rossmortgageco.com/employee-mortgage-benefits-program/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.rossmortgageco.com/employee-mortgage-benefits-program/

Response headers

status
200
strict-transport-security
max-age=31536000
expires
Tue, 27 Apr 1971 19:44:06 GMT
content-encoding
br
cache-control
no-cache
content-type
text/html; charset=utf-8
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
date
Mon, 27 Jan 2020 17:12:50 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=gZBlUhAZ2xU; path=/; domain=.youtube.com; secure; expires=Sat, 25-Jul-2020 17:12:50 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=gZBlUhAZ2xU; path=/; domain=.youtube.com; secure; expires=Sat, 25-Jul-2020 17:12:50 GMT; httponly; samesite=None YSC=U_w_LO2WXYA; path=/; domain=.youtube.com; httponly GPS=1; path=/; domain=.youtube.com; expires=Mon, 27-Jan-2020 17:42:50 GMT
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
facebook.png
www.rossmortgageco.com/mt-content/uploads/2017/09/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rossmortgageco.com/mt-content/uploads/2017/09/facebook.png
Requested by
Host: www.rossmortgageco.com
URL: https://www.rossmortgageco.com/employee-mortgage-benefits-program/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.17.116.160 Jacksonville, United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
openresty/1.13.6.2 /
Resource Hash
8dc3e768eb1f283a9dd97ae972e223c39286d34486fed03d8cd6320f340ca93c

Request headers

Referer
https://www.rossmortgageco.com/mt-content/assets/styles.css?_build=1580136454
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 27 Jan 2020 17:12:50 GMT
Last-Modified
Fri, 15 Sep 2017 03:35:00 GMT
Server
openresty/1.13.6.2
X-Webcom-Cache-Status
BYPASS
ETag
"17c42a42-3e0d-5593213e1d03f"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15885
Expires
Mon, 03 Feb 2020 17:12:49 GMT
twitter.png
www.rossmortgageco.com/mt-content/uploads/2017/09/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rossmortgageco.com/mt-content/uploads/2017/09/twitter.png
Requested by
Host: www.rossmortgageco.com
URL: https://www.rossmortgageco.com/employee-mortgage-benefits-program/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.17.116.160 Jacksonville, United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
openresty/1.13.6.2 /
Resource Hash
0d8ed816c8e642d1d7e4ea921f026d635161c0f12007fa63e8d94d6631372560

Request headers

Referer
https://www.rossmortgageco.com/mt-content/assets/styles.css?_build=1580136454
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 27 Jan 2020 17:12:50 GMT
Last-Modified
Fri, 15 Sep 2017 03:35:02 GMT
Server
openresty/1.13.6.2
X-Webcom-Cache-Status
BYPASS
ETag
"17c42a45-3ecd-559321404a69e"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16077
Expires
Mon, 03 Feb 2020 17:12:50 GMT
you-tube.png
www.rossmortgageco.com/mt-content/uploads/2017/09/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rossmortgageco.com/mt-content/uploads/2017/09/you-tube.png
Requested by
Host: www.rossmortgageco.com
URL: https://www.rossmortgageco.com/employee-mortgage-benefits-program/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.17.116.160 Jacksonville, United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
openresty/1.13.6.2 /
Resource Hash
672afb4e117a036933b2c94ad9654c9cd7ba4318b12aafc98d8acfd17275b2d2

Request headers

Referer
https://www.rossmortgageco.com/mt-content/assets/styles.css?_build=1580136454
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 27 Jan 2020 17:12:50 GMT
Last-Modified
Fri, 15 Sep 2017 03:35:03 GMT
Server
openresty/1.13.6.2
X-Webcom-Cache-Status
BYPASS
ETag
"17c42a46-3fd0-559321414fdff"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16336
Expires
Mon, 03 Feb 2020 17:12:49 GMT
google_plus.png
www.rossmortgageco.com/mt-content/uploads/2017/09/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rossmortgageco.com/mt-content/uploads/2017/09/google_plus.png
Requested by
Host: www.rossmortgageco.com
URL: https://www.rossmortgageco.com/employee-mortgage-benefits-program/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.17.116.160 Jacksonville, United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
openresty/1.13.6.2 /
Resource Hash
79b02a05217ad207da62fe21e62db0a6982cfe5e2b5388b4056575e281b321c6

Request headers

Referer
https://www.rossmortgageco.com/mt-content/assets/styles.css?_build=1580136454
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 27 Jan 2020 17:12:50 GMT
Last-Modified
Fri, 15 Sep 2017 03:35:00 GMT
Server
openresty/1.13.6.2
X-Webcom-Cache-Status
BYPASS
ETag
"17c42a41-3ebf-5593213e02618"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16063
Expires
Mon, 03 Feb 2020 17:12:49 GMT
linkedin.png
www.rossmortgageco.com/mt-content/uploads/2017/09/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rossmortgageco.com/mt-content/uploads/2017/09/linkedin.png
Requested by
Host: www.rossmortgageco.com
URL: https://www.rossmortgageco.com/employee-mortgage-benefits-program/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.17.116.160 Jacksonville, United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
openresty/1.13.6.2 /
Resource Hash
78560997b552994053894f909c840ccdeac59bfcc8946c285d02983a0a91f5a0

Request headers

Referer
https://www.rossmortgageco.com/mt-content/assets/styles.css?_build=1580136454
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 27 Jan 2020 17:12:50 GMT
Last-Modified
Fri, 15 Sep 2017 03:35:01 GMT
Server
openresty/1.13.6.2
X-Webcom-Cache-Status
BYPASS
ETag
"17c42a43-3e67-5593213efe9a5"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15975
Expires
Mon, 03 Feb 2020 17:12:49 GMT
email.png
www.rossmortgageco.com/mt-content/uploads/2017/09/ 		280 B
640 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rossmortgageco.com/mt-content/uploads/2017/09/email.png
Requested by
Host: www.rossmortgageco.com
URL: https://www.rossmortgageco.com/employee-mortgage-benefits-program/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.17.116.160 Jacksonville, United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
openresty/1.13.6.2 /
Resource Hash
ac3c7b99150721526aa12b65b4c7c7bc4bb749b164ca9e67e2fd04e87d5b8555

Request headers

Referer
https://www.rossmortgageco.com/mt-content/assets/styles.css?_build=1580136454
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 27 Jan 2020 17:12:50 GMT
Last-Modified
Fri, 15 Sep 2017 03:34:58 GMT
Server
openresty/1.13.6.2
X-Webcom-Cache-Status
BYPASS
ETag
"17c42a40-118-5593213cbdf1d"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
280
Expires
Mon, 03 Feb 2020 17:12:50 GMT
screen-shot-2017-09-14-at-9.47.08-pm.png
www.rossmortgageco.com/mt-content/uploads/2017/09/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rossmortgageco.com/mt-content/uploads/2017/09/screen-shot-2017-09-14-at-9.47.08-pm.png
Requested by
Host: www.rossmortgageco.com
URL: https://www.rossmortgageco.com/employee-mortgage-benefits-program/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.17.116.160 Jacksonville, United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
openresty/1.13.6.2 /
Resource Hash
e352619cc158dc780314933d49230d9404d140b859bfd351ace79017c3b41798

Request headers

Referer
https://www.rossmortgageco.com/employee-mortgage-benefits-program/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 27 Jan 2020 17:12:50 GMT
Last-Modified
Fri, 15 Sep 2017 01:47:37 GMT
Server
openresty/1.13.6.2
X-Webcom-Cache-Status
BYPASS
ETag
"108ee365-1e05-5593093d4d2cc"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7685
Expires
Mon, 03 Feb 2020 17:12:49 GMT
mt-0163-home-bg_body.png
www.rossmortgageco.com/mt-content/uploads/2015/10/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rossmortgageco.com/mt-content/uploads/2015/10/mt-0163-home-bg_body.png
Requested by
Host: www.rossmortgageco.com
URL: https://www.rossmortgageco.com/employee-mortgage-benefits-program/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.17.116.160 Jacksonville, United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
openresty/1.13.6.2 /
Resource Hash
8b39c66c8091b9cdf2a7a2536ae5d5eb2adda14867ab25a2e44e2f88efbb8e31

Request headers

Referer
https://www.rossmortgageco.com/mt-content/assets/styles.css?_build=1580136454
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 27 Jan 2020 17:12:50 GMT
Last-Modified
Mon, 11 Sep 2017 12:39:30 GMT
Server
openresty/1.13.6.2
X-Webcom-Cache-Status
BYPASS
ETag
"179c888c-b24-558e937cd8ed5"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2852
Expires
Mon, 03 Feb 2020 17:12:50 GMT
fontawesome-webfont.woff2
www.rossmortgageco.com/mt-includes/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.rossmortgageco.com/mt-includes/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.rossmortgageco.com
URL: https://www.rossmortgageco.com/employee-mortgage-benefits-program/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.17.116.160 Jacksonville, United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
openresty/1.13.6.2 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.rossmortgageco.com/mt-includes/css/assets.min.css?_build=1560377921
Origin
https://www.rossmortgageco.com

Response headers

Date
Mon, 27 Jan 2020 17:12:50 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Sep 2017 12:39:31 GMT
Server
openresty/1.13.6.2
X-Webcom-Cache-Status
BYPASS
ETag
W/"1054895c-12d68-558e937e5bdd2"
Vary
Accept-Encoding
Content-Type
text/plain; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
4iCs6KVjbNBYlgoKfw72nU6AFw.woff2
fonts.gstatic.com/s/ubuntu/v14/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v14/4iCs6KVjbNBYlgoKfw72nU6AFw.woff2
Requested by
Host: www.rossmortgageco.com
URL: https://www.rossmortgageco.com/employee-mortgage-benefits-program/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
943a150e9577247cc5e8e493065795ca77a35485b4169f33a4d6f570c209b010
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto+Condensed:300,300italic,regular,italic,700,700italic|Russo+One:regular|Sarina:reqular|Six+Caps:regular|Ubuntu:300,300italic,regular,italic,500,500italic,700,700italic&subset=latin,latin-ext,cyrillic,cyrillic-ext,vietnamese,devanagari,greek-ext,greek
Origin
https://www.rossmortgageco.com

Response headers

date
Wed, 15 Jan 2020 04:36:49 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:17:45 GMT
server
sffe
age
1082161
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13720
x-xss-protection
0
expires
Thu, 14 Jan 2021 04:36:49 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PHC8SFZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
e70adb67bcdec61516ea9e7174456c50effa918e43b3c8663baf1aa762f705de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rossmortgageco.com/employee-mortgage-benefits-program/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 27 Jan 2020 17:12:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9920
x-xss-protection
0
server
cafe
etag
4870430129932666244
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 27 Jan 2020 17:12:50 GMT
fbevents.js
connect.facebook.net/en_US/ 		126 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.rossmortgageco.com
URL: https://www.rossmortgageco.com/employee-mortgage-benefits-program/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.rossmortgageco.com/employee-mortgage-benefits-program/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
30466
x-xss-protection
0
pragma
public
x-fb-debug
R9KD2/xi+GegYLiQ80wPOnQ23mt69RF1SqOH6QgI18pvicQoDTOdApE2eiV0OVvfmmnRTfaNp+akcG7mfF9zpA==
x-fb-trip-id
1850256238
date
Mon, 27 Jan 2020 17:12:50 GMT, Mon, 27 Jan 2020 17:12:50 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-708430161
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PHC8SFZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d4ab92c9450de67040eee368f0ba68320c83fea410f9b79bc060b8e2525038c9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.rossmortgageco.com/employee-mortgage-benefits-program/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 27 Jan 2020 17:12:50 GMT
content-encoding
br
last-modified
Mon, 27 Jan 2020 15:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
28304
x-xss-protection
0
expires
Mon, 27 Jan 2020 17:12:50 GMT
293278171079428
connect.facebook.net/signals/config/ 		447 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/293278171079428?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5c1ab7a4220eacd38ee3d4f435bdd97eb01bc1a0b557a087c09d13a80814e74b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.rossmortgageco.com/employee-mortgage-benefits-program/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
xXFYUiNKe+N0QnqpLu+2rUOiGv2Tu8d5WYLroO7HQuRvwSDpWTf6CkOms2XLmjd5uQ3tm6+Jr77acNRs6rLaEQ==
x-fb-trip-id
1850256238
date
Mon, 27 Jan 2020 17:12:50 GMT, Mon, 27 Jan 2020 17:12:50 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/708430161/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/708430161/?random=1580145170650&cv=9&fst=1580145170650&num=1&label=W8SvCPiM568BENGS59EC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg1f1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.rossmortgageco.com%2Femployee-mortgage-benefits-program%2F&tiba=Employee%20Mortgage%20Benefits%20Program%20%7C%20Ross%20Mortgage%20Company&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6587cb6f8849f2aaa7ebfbdf159844bf6a6b1c31ed62313f14512f71fbf72e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rossmortgageco.com/employee-mortgage-benefits-program/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Jan 2020 17:12:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1086
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/708430161/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/708430161/?random=1580145170674&cv=9&fst=1580145170674&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa1f1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.rossmortgageco.com%2Femployee-mortgage-benefits-program%2F&tiba=Employee%20Mortgage%20Benefits%20Program%20%7C%20Ross%20Mortgage%20Company&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
644ed71fd6a9a9c5b6e97d1122acdbdb1a489d37fdb3ed115d6687a8dbbce7c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rossmortgageco.com/employee-mortgage-benefits-program/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Jan 2020 17:12:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1060
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/708430161/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/708430161/?random=1580145170674&cv=9&fst=1580144400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa1f1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.rossmortgageco.com%2Femployee-mortgage-benefits-program%2F&tiba=Employee%20Mortgage%20Benefits%20Program%20%7C%20Ross%20Mortgage%20Company&async=1&fmt=3&is_vtc=1&random=3091126656&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.rossmortgageco.com
URL: https://www.rossmortgageco.com/employee-mortgage-benefits-program/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rossmortgageco.com/employee-mortgage-benefits-program/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Jan 2020 17:12:50 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/708430161/ 		42 B
156 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/708430161/?random=1580145170674&cv=9&fst=1580144400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa1f1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.rossmortgageco.com%2Femployee-mortgage-benefits-program%2F&tiba=Employee%20Mortgage%20Benefits%20Program%20%7C%20Ross%20Mortgage%20Company&async=1&fmt=3&is_vtc=1&random=3091126656&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.rossmortgageco.com
URL: https://www.rossmortgageco.com/employee-mortgage-benefits-program/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rossmortgageco.com/employee-mortgage-benefits-program/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Jan 2020 17:12:50 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/708430161/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/708430161/?random=1580145170650&cv=9&fst=1580144400000&num=1&label=W8SvCPiM568BENGS59EC&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg1f1&sendb=1&frm=0&url=https%3A%2F%2Fwww.rossmortgageco.com%2Femployee-mortgage-benefits-program%2F&tiba=Employee%20Mortgage%20Benefits%20Program%20%7C%20Ross%20Mortgage%20Company&async=1&fmt=3&is_vtc=1&random=3110503661&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.rossmortgageco.com
URL: https://www.rossmortgageco.com/employee-mortgage-benefits-program/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rossmortgageco.com/employee-mortgage-benefits-program/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Jan 2020 17:12:50 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/708430161/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/708430161/?random=1580145170650&cv=9&fst=1580144400000&num=1&label=W8SvCPiM568BENGS59EC&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg1f1&sendb=1&frm=0&url=https%3A%2F%2Fwww.rossmortgageco.com%2Femployee-mortgage-benefits-program%2F&tiba=Employee%20Mortgage%20Benefits%20Program%20%7C%20Ross%20Mortgage%20Company&async=1&fmt=3&is_vtc=1&random=3110503661&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.rossmortgageco.com
URL: https://www.rossmortgageco.com/employee-mortgage-benefits-program/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rossmortgageco.com/employee-mortgage-benefits-program/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Jan 2020 17:12:50 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=293278171079428&ev=PageView&dl=https%3A%2F%2Fwww.rossmortgageco.com%2Femployee-mortgage-benefits-program%2F&rl=&if=false&ts=1580145170733&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1580145170732.1647959854&it=1580145170644&coo=false&rqm=GET
Requested by
Host: www.rossmortgageco.com
URL: https://www.rossmortgageco.com/employee-mortgage-benefits-program/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.rossmortgageco.com/employee-mortgage-benefits-program/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 27 Jan 2020 17:12:50 GMT, Mon, 27 Jan 2020 17:12:50 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Mon, 27 Jan 2020 17:12:50 GMT
fb.js
js.hsadspixel.net/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6712298.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:74b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d998e1c989da89276b479d0ab823fb7090fa39e25fdc4856c9034e8af92caa0c

Request headers

Referer
https://www.rossmortgageco.com/employee-mortgage-benefits-program/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 27 Jan 2020 17:12:51 GMT
via
1.1 bc60bbe1d8a8b7017a4f9b63ff273dec.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
64
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-encoding
gzip
x-amz-version-id
o3e7t_ng9I6UO2yJ9PBoEsHFkU9lFHC8
last-modified
Mon, 13 Jan 2020 04:57:54 GMT
server
cloudflare
etag
W/"5df15688eed67be6535dfec7cf8fe9e6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=600
x-amz-cf-pop
IAD89-C2
cf-ray
55bc5a977e94d6e5-FRA
x-amz-cf-id
TSbwE2RAn_kNRbR4va-2fnaib6yXUWyRvV36oqe6zsEBWtBPv1RCzg==
6712298.js
js.hs-analytics.net/analytics/1580145000000/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1580145000000/6712298.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6712298.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:44b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b882414c52836145c0316b6141360443a2fb695b3e1c811adbc8844dae196f0a

Request headers

Referer
https://www.rossmortgageco.com/employee-mortgage-benefits-program/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 27 Jan 2020 17:12:51 GMT
content-encoding
gzip
cf-cache-status
HIT
age
4
status
200
x-amz-request-id
DC6A90B74B8BEFA7
x-amz-id-2
cAqVvMjiaPlsi/H8Pjg6pzOKzwt9Z/kAMZQqvy5i1v+jyLi1iYEOa59enXbAHgHaBBQ7V/ZjpLs=
last-modified
Tue, 21 Jan 2020 19:43:35 GMT
server
cloudflare
etag
W/"04d7acfe09b26720270807835ce10629"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=300, public
access-control-allow-credentials
false
x-amz-version-id
null
cf-ray
55bc5a977e10d6e9-FRA
expires
Mon, 27 Jan 2020 17:17:47 GMT
collectedforms.js
js.hscollectedforms.net/ 		84 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6712298.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:83ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34f7ec85a88bb0b956c14ff68b6bbcbb0b6c0cd86db761b553129d681b0149a1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.rossmortgageco.com/employee-mortgage-benefits-program/
Origin
https://www.rossmortgageco.com

Response headers

date
Mon, 27 Jan 2020 17:12:51 GMT
via
1.1 ab2f63669c9809614cbcf54bfba8ee06.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
4
x-cache
Miss from cloudfront
status
200
access-control-max-age
3000
x-amz-replication-status
COMPLETED
content-encoding
gzip
content-type
application/javascript; charset=utf-8
last-modified
Fri, 13 Dec 2019 10:57:31 GMT
server
cloudflare
etag
W/"a1288efcca8ca35661e31644bdcc0f76"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
x-amz-version-id
T86BGnigcY0.o4rQSj_aOQ6XCAJ0QZGv
access-control-allow-origin
*
cache-control
max-age=600
x-amz-cf-pop
IAD89-C2
cf-ray
55bc5a97bea0c286-FRA
x-amz-cf-id
4QlGc5Kx9MMgyf5kU1JFKCZByF2tWq8BPNmo8un31RchOW-GTe0dTw==
counters.gif
forms.hsforms.com/embed/v3/ 		35 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-error-caught&count=1
Requested by
Host: www.rossmortgageco.com
URL: https://www.rossmortgageco.com/employee-mortgage-benefits-program/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5805 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.rossmortgageco.com/employee-mortgage-benefits-program/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 27 Jan 2020 17:12:51 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-trace
2BEFE7A01C7E1588B0717C98FFBF218C5C914620B4000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
cf-ray
55bc5a986f0f2760-FRA
content-length
35
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=293278171079428&ev=Microdata&dl=https%3A%2F%2Fwww.rossmortgageco.com%2Femployee-mortgage-benefits-program%2F&rl=&if=false&ts=1580145171251&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Employee%20Mortgage%20Benefits%20Program%20%7C%20Ross%20Mortgage%20Company%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Employee%20Mortgage%20Benefits%20Program%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.rossmortgageco.com%2Femployee-mortgage-benefits-program%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1580145170732.1647959854&it=1580145170644&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.rossmortgageco.com
URL: https://www.rossmortgageco.com/employee-mortgage-benefits-program/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.rossmortgageco.com/employee-mortgage-benefits-program/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 27 Jan 2020 17:12:51 GMT, Mon, 27 Jan 2020 17:12:51 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Mon, 27 Jan 2020 17:12:51 GMT
logo.png
www.rossmortgageco.com/mt-content/uploads/2017/09/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rossmortgageco.com/mt-content/uploads/2017/09/logo.png
Requested by
Host: www.rossmortgageco.com
URL: https://www.rossmortgageco.com/employee-mortgage-benefits-program/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.17.116.160 Jacksonville, United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
openresty/1.13.6.2 /
Resource Hash
6545d5d19a87ab648203e9be3de9026a64f0d76cbdf7262639425162ca7900b9

Request headers

Referer
https://www.rossmortgageco.com/employee-mortgage-benefits-program/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 27 Jan 2020 17:12:51 GMT
Last-Modified
Fri, 15 Sep 2017 01:46:31 GMT
Server
openresty/1.13.6.2
X-Webcom-Cache-Status
BYPASS
ETag
"108ee364-ae75-559308fecf880"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
44661
Expires
Mon, 03 Feb 2020 17:12:50 GMT
employee_mortgage_benefits_program.png
www.rossmortgageco.com/mt-content/uploads/2019/09/ 		354 KB
354 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rossmortgageco.com/mt-content/uploads/2019/09/employee_mortgage_benefits_program.png
Requested by
Host: www.rossmortgageco.com
URL: https://www.rossmortgageco.com/employee-mortgage-benefits-program/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.17.116.160 Jacksonville, United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
openresty/1.13.6.2 /
Resource Hash
ca5675d6e93f14a59dcaccf35ac134546e291f214e7e0205f308dd542dbf17a7

Request headers

Referer
https://www.rossmortgageco.com/employee-mortgage-benefits-program/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 27 Jan 2020 17:12:51 GMT
Last-Modified
Mon, 16 Sep 2019 14:22:18 GMT
Server
openresty/1.13.6.2
X-Webcom-Cache-Status
BYPASS
ETag
"158137b8-5877b-592ac54d718ca"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
362363
Expires
Mon, 03 Feb 2020 17:12:50 GMT
liznardelli_m_240x300.jpeg
www.rossmortgageco.com/mt-content/uploads/2019/12/thumbnails/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rossmortgageco.com/mt-content/uploads/2019/12/thumbnails/liznardelli_m_240x300.jpeg
Requested by
Host: www.rossmortgageco.com
URL: https://www.rossmortgageco.com/employee-mortgage-benefits-program/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.17.116.160 Jacksonville, United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
openresty/1.13.6.2 /
Resource Hash
1f8af0d6c716e13055ebc4d9456b8531842f07a47916ff562523c02e339c3aeb

Request headers

Referer
https://www.rossmortgageco.com/employee-mortgage-benefits-program/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 27 Jan 2020 17:12:51 GMT
Last-Modified
Thu, 05 Dec 2019 14:54:04 GMT
Server
openresty/1.13.6.2
X-Webcom-Cache-Status
BYPASS
ETag
"10b4ffcf-22a6-598f619b9c5a5"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8870
Expires
Mon, 03 Feb 2020 17:12:50 GMT
json
api.hubapi.com/hs-script-loader-public/v1/config/ 		32 B
608 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubapi.com/hs-script-loader-public/v1/config/json?portalId=6712298
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c8cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36d96357b24b85f5db32d5c8e6261ef1a185b99b08fcfdf6321097ea9a11bc38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.rossmortgageco.com/employee-mortgage-benefits-program/
Origin
https://www.rossmortgageco.com

Response headers

date
Mon, 27 Jan 2020 17:12:52 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
32
server
cloudflare
x-trace
2B2A4E318297612DD744FAEEDB03C684E69840FFC2000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.rossmortgageco.com
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
55bc5a9ea903dfad-FRA
access-control-allow-headers
*
__ptq.gif
track.hubspot.com/ 		45 B
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=643011938&v=1.1&a=6712298&rcu=https%3A%2F%2Fwww.rossmortgageco.com%2Femployee-mortgage-benefits-program%2F&pu=https%3A%2F%2Fwww.rossmortgageco.com%2Femployee-mortgage-benefits-program%2F&t=Employee+Mortgage+Benefits+Program+%7C+Ross+Mortgage+Company&cts=1580145172251&vi=36eae1d05a02168cff26c35d5915efdb&nc=true&u=95322755.36eae1d05a02168cff26c35d5915efdb.1580145172248.1580145172248.1580145172248.1&b=95322755.1.1580145172248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fb05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.rossmortgageco.com/employee-mortgage-benefits-program/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 27 Jan 2020 17:12:52 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CUR ADM OUR NOR STA NID"
status
200
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
55bc5a9eaaa6c2fe-FRA
content-type
image/gif
content-length
45
x-robots-tag
none
485229822197808
connect.facebook.net/signals/config/ 		100 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/485229822197808?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9c813660b31de2161c3d1216374d1d219dd90f1b461477b1878a7183aebca861
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.rossmortgageco.com/employee-mortgage-benefits-program/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
kPGRNOKr6umQP2nkoyfNG1onIfOKf0McBXBLM5MDhbIzsu3Z6Zi46u40oh3yqWGPShjvKjMGzGZKHbaHWgO3FQ==
x-fb-trip-id
1850256238
date
Mon, 27 Jan 2020 17:12:52 GMT, Mon, 27 Jan 2020 17:12:52 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=485229822197808&ev=PageView&dl=https%3A%2F%2Fwww.rossmortgageco.com%2Femployee-mortgage-benefits-program%2F&rl=&if=false&ts=1580145172424&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=28&fbp=fb.1.1580145170732.1647959854&it=1580145170644&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.rossmortgageco.com/employee-mortgage-benefits-program/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 27 Jan 2020 17:12:52 GMT, Mon, 27 Jan 2020 17:12:52 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Mon, 27 Jan 2020 17:12:52 GMT

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| dataLayer string| _ctct_m object| SignUpFormWidget object| google_tag_manager function| fbq function| _fbq function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| gtag object| ngFileUpload object| app object| timerModule function| $ function| jQuery function| WOW object| angular function| Stellar object| mejs function| MediaElement object| HtmlMediaElement function| onYouTubePlayerAPIReady function| DefaultPlayer function| MediaElementPlayer function| humanizeDuration function| moment object| lazySizesConfig object| lazySizes object| websiteConfig function| googleMapLoadedCallback_1580145171011 boolean| PIXELS_RAN object| _hsq object| _paq boolean| _hstc_loaded function| OutpostErrorReporter function| setImmediate function| clearImmediate object| __hsCollectedFormsDebug boolean| COMMON_SETUP_RAN boolean| _hstc_ran string| __hsUserToken number| expireDateTime

9 Cookies

Domain/Path Name / Value
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: gZBlUhAZ2xU
.youtube.com/ Name: YSC
Value: U_w_LO2WXYA
.rossmortgageco.com/ Name: __hssc
Value: 95322755.1.1580145172248
.rossmortgageco.com/ Name: _fbp
Value: fb.1.1580145170732.1647959854
.rossmortgageco.com/ Name: __hssrc
Value: 1
.rossmortgageco.com/ Name: hubspotutk
Value: 36eae1d05a02168cff26c35d5915efdb
.youtube.com/ Name: GPS
Value: 1
.rossmortgageco.com/ Name: __hstc
Value: 95322755.36eae1d05a02168cff26c35d5915efdb.1580145172248.1580145172248.1580145172248.1
www.rossmortgageco.com/employee-mortgage-benefits-program Name: 7d661b26a6b3059c47e5b4d00c8d9f0c_session-started
Value: 1580145171054

1 Console Messages

Source Level URL
Text
console-api warning URL: https://www.rossmortgageco.com/mt-includes/js/website.assets.min.js?_build=1560377921(Line 1)
Message:
This browser does not support Web Storage!

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubapi.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
googleads.g.doubleclick.net
js.hs-analytics.net
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
rossfarm.itmsolutions.us
static.ctctcdn.com
track.hubspot.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.rossmortgageco.com
www.youtube.com
172.217.18.98
209.17.116.160
2606:4700::6810:5805
2606:4700::6810:fb05
2606:4700::6811:44b0
2606:4700::6811:74b0
2606:4700::6811:83ab
2606:4700::6811:c8cc
2606:4700::6811:d5cc
2a00:1450:4001:806::200a
2a00:1450:4001:816::2002
2a00:1450:4001:81a::2008
2a00:1450:4001:81b::2004
2a00:1450:4001:81d::2003
2a00:1450:4001:820::2003
2a00:1450:4001:821::200e
2a02:26f0:64:189::37f0
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
96.32.252.91
0400ac3c5b4664f9619ddac58e0642274569362019481382e39f3b99f1439b91
0d8ed816c8e642d1d7e4ea921f026d635161c0f12007fa63e8d94d6631372560
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1f8af0d6c716e13055ebc4d9456b8531842f07a47916ff562523c02e339c3aeb
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
34f7ec85a88bb0b956c14ff68b6bbcbb0b6c0cd86db761b553129d681b0149a1
36d96357b24b85f5db32d5c8e6261ef1a185b99b08fcfdf6321097ea9a11bc38
39146976d8762c2e28de19afc7f97784e7c43feb54da25d62f7aa0f0fdc05cc2
3b253c1f21075aaff8f2e8c61154677de33e67aa5517d16e244748fcb372d0fd
526941bc6f0be8e01af174a026d66a220742258c1dd5d495efda0a7db248961d
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5c1ab7a4220eacd38ee3d4f435bdd97eb01bc1a0b557a087c09d13a80814e74b
63d8be479db4385af1fd3d4ed860e0c780ca815ed3638d7c580a5fba77f639e6
644ed71fd6a9a9c5b6e97d1122acdbdb1a489d37fdb3ed115d6687a8dbbce7c5
6545d5d19a87ab648203e9be3de9026a64f0d76cbdf7262639425162ca7900b9
655b419525af0c9021eac3abdb7d536cf2c7dff406e9d1694b5b29cf6dd26842
672afb4e117a036933b2c94ad9654c9cd7ba4318b12aafc98d8acfd17275b2d2
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
77fcddb16c3ece9b23265ca8026ccd8be02da78d4f3c75a97bc479ffd706efcb
78560997b552994053894f909c840ccdeac59bfcc8946c285d02983a0a91f5a0
79b02a05217ad207da62fe21e62db0a6982cfe5e2b5388b4056575e281b321c6
820600e2a1ec4a50d9b129c3363f2f82a88d1fe758e85c2b146c210cfe2c6fb5
8b39c66c8091b9cdf2a7a2536ae5d5eb2adda14867ab25a2e44e2f88efbb8e31
8dc3e768eb1f283a9dd97ae972e223c39286d34486fed03d8cd6320f340ca93c
943a150e9577247cc5e8e493065795ca77a35485b4169f33a4d6f570c209b010
9c813660b31de2161c3d1216374d1d219dd90f1b461477b1878a7183aebca861
9e1dbb44fe5495ad5cbb57a492a71307c29e5cd82057a5a61fe6837a212d6980
a7e14e7be9630733d8ac22e2527fcfcdf1e7fac1ddb6fc1cc04f116f33dd2a88
ac3c7b99150721526aa12b65b4c7c7bc4bb749b164ca9e67e2fd04e87d5b8555
b6587cb6f8849f2aaa7ebfbdf159844bf6a6b1c31ed62313f14512f71fbf72e4
b7c88929e2af1b4e98dfce0ce95a969cd906b93013431e5194a915c0b0b5296f
b8538844aaddfc34e8b3f93aa5467f3bad20d50c3edee37eb83d0bf0e014d62b
b882414c52836145c0316b6141360443a2fb695b3e1c811adbc8844dae196f0a
c48e83c38ce0f8f5d5bdffea4a6e2ab0d71606f49917e2fd96c86afdb7f84b91
c78e16b077a5662913d980286d5e418fbf92c24254e2602c62d1627f0d9ce4ce
ca5675d6e93f14a59dcaccf35ac134546e291f214e7e0205f308dd542dbf17a7
d1a7e53642ba4a7b7e5e3ab25c53a0ab918b469429ccb843d212c0acd8682560
d4ab92c9450de67040eee368f0ba68320c83fea410f9b79bc060b8e2525038c9
d998e1c989da89276b479d0ab823fb7090fa39e25fdc4856c9034e8af92caa0c
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dff9267fbcc2c9885ad42858e022c7ffd5dd763c72594847b9d3584d23c20be9
e352619cc158dc780314933d49230d9404d140b859bfd351ace79017c3b41798
e70adb67bcdec61516ea9e7174456c50effa918e43b3c8663baf1aa762f705de
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629