harpsubstitute.com Open in urlscan Pro
162.242.135.68 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://u9779597.ct.sendgrid.net/ls/click?upn=Q8vTpT3plOI-2BVu3A9trQwGEDUvxTp-2FYtw0Dp0VqSRekwZutzTTIG2-2BQz2eECsZp-2Fw0aFd39hT6T...
Effective URL:
https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
Submission: On June 23 via api (June 23rd 2020, 2:40:36 pm UTC) from US

Summary HTTP 86 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 23 domains to perform 86 HTTP transactions. The main IP is 162.242.135.68, located in San Antonio, United States and belongs to RMH-14, US. The main domain is harpsubstitute.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on February 25th 2019. Valid for: 2 years.

This is the only time harpsubstitute.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.118.35 167.89.118.35	11377 (SENDGRID) (SENDGRID)
1 1	95.215.210.129 95.215.210.129	49055 (NEWIT-AS) (NEWIT-AS)
39	162.242.135.68 162.242.135.68	33070 (RMH-14) (RMH-14)
1	23.62.118.34 23.62.118.34	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6810:85e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:252f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:30e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.218.232.8 52.218.232.8	16509 (AMAZON-02) (AMAZON-02)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	54.243.138.231 54.243.138.231	14618 (AMAZON-AES) (AMAZON-AES)
2	52.24.167.168 52.24.167.168	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:9000:215... 2600:9000:2156:ee00:2:7bf5:a0c0:21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:d01:ff:9... 2a00:d01:ff:905:94:228:142:86	41887 (PROLOCATI...) (PROLOCATION Transit policy pref 100)
2	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
1	143.204.94.82 143.204.94.82	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:821::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:29e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	50.97.168.187 50.97.168.187	36351 (SOFTLAYER) (SOFTLAYER)
10	54.173.215.17 54.173.215.17	14618 (AMAZON-AES) (AMAZON-AES)
1	52.217.41.6 52.217.41.6	16509 (AMAZON-02) (AMAZON-02)
1	143.204.238.189 143.204.238.189	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:aef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE)
86	21

1 167.89.118.35 (United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789118x35.outbound-mail.sendgrid.net

u9779597.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.215.210.129 (Russian Federation) 1 redirects

ASN49055 (NEWIT-AS, RU)

newack.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 162.242.135.68 (San Antonio, United States)

ASN33070 (RMH-14, US)
PTR: 764085-web3.reallygreatrate.com

harpsubstitute.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.reallygreatrate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.62.118.34 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-118-34.deploy.static.akamaitechnologies.com

cdn-3.convertexperiments.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:85e5 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:252f (United States)

ASN13335 (CLOUDFLARENET, US)

js.maxmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:30e (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.useproof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.232.8 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.243.138.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-138-231.compute-1.amazonaws.com

finance.mediaalpha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.24.167.168 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-24-167-168.us-west-2.compute.amazonaws.com

cdn.fcmrktplace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:ee00:2:7bf5:a0c0:21 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

djjcyqvteia9v.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:d01:ff:905:94:228:142:86 (Netherlands)

ASN41887 (PROLOCATION Transit policy pref 100, NL)

ehawk.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.94.82 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-94-82.fra50.r.cloudfront.net

pushpros.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:29e5 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 50.97.168.187 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: bb.a8.6132.ip4.static.sl-reverse.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 54.173.215.17 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-215-17.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.41.6 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.238.189 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-238-189.cph50.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:aef (United States)

ASN13335 (CLOUDFLARENET, US)

geoip-js.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	harpsubstitute.com harpsubstitute.com	424 KB
11	trustedform.com api.trustedform.com	24 KB
10	leadid.com create.leadid.com	3 KB
5	gstatic.com fonts.gstatic.com	76 KB
3	reallygreatrate.com www.reallygreatrate.com	1 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	googleapis.com fonts.googleapis.com	2 KB
2	cloudfront.net 1 redirects djjcyqvteia9v.cloudfront.net d2m2wsoho8qq12.cloudfront.net	297 B
2	fcmrktplace.com cdn.fcmrktplace.com	11 KB
2	amazonaws.com s3-us-west-2.amazonaws.com s3.amazonaws.com	13 KB
2	useproof.com cdn.useproof.com	487 KB
1	geoip-js.com geoip-js.com	2 KB
1	lidstatic.com create.lidstatic.com	39 KB
1	pushpros.tech pushpros.tech	2 KB
1	googletagmanager.com www.googletagmanager.com	25 KB
1	ehawk.net ehawk.net	43 KB
1	mediaalpha.com finance.mediaalpha.com	2 KB
1	jquery.com code.jquery.com	33 KB
1	maxmind.com js.maxmind.com	2 KB
1	cloudflare.com cdnjs.cloudflare.com	7 KB
1	convertexperiments.com cdn-3.convertexperiments.com	57 KB
1	newack.club 1 redirects newack.club	269 B
1	sendgrid.net 1 redirects u9779597.ct.sendgrid.net	244 B
86	23

	Domain	Requested by
36	harpsubstitute.com	harpsubstitute.com code.jquery.com ehawk.net
11	api.trustedform.com	harpsubstitute.com api.trustedform.com
10	create.leadid.com	create.lidstatic.com
5	fonts.gstatic.com	harpsubstitute.com
3	www.reallygreatrate.com	harpsubstitute.com
2	www.google-analytics.com	www.googletagmanager.com harpsubstitute.com
2	fonts.googleapis.com	harpsubstitute.com
2	cdn.fcmrktplace.com	harpsubstitute.com
2	cdn.useproof.com	harpsubstitute.com cdn.useproof.com
1	geoip-js.com	js.maxmind.com
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	s3.amazonaws.com	harpsubstitute.com
1	create.lidstatic.com	harpsubstitute.com
1	pushpros.tech	harpsubstitute.com
1	www.googletagmanager.com	harpsubstitute.com
1	ehawk.net	harpsubstitute.com
1	djjcyqvteia9v.cloudfront.net	1 redirects
1	finance.mediaalpha.com	harpsubstitute.com
1	code.jquery.com	harpsubstitute.com
1	s3-us-west-2.amazonaws.com	harpsubstitute.com
1	js.maxmind.com	harpsubstitute.com
1	cdnjs.cloudflare.com	harpsubstitute.com
1	cdn-3.convertexperiments.com	harpsubstitute.com
1	newack.club	1 redirects
1	u9779597.ct.sendgrid.net	1 redirects
86	25

This site contains links to these domains. Also see Links.

Domain
privacyportal-eu-cdn.onetrust.com
www.cnbc.com
www.nmlsconsumeraccess.org
www.refiexpert.net
www.onetrust.com

Subject Issuer	Validity	Valid
harpsubstitute.com Go Daddy Secure Certificate Authority - G2	`2019-02-25` - `2021-02-25`	2 years	crt.sh
*.convertexperiments.com DigiCert SHA2 Secure Server CA	`2020-03-19` - `2021-06-18`	a year	crt.sh
cloudflare.com CloudFlare Inc ECC CA-2	`2020-01-07` - `2020-10-09`	9 months	crt.sh
*.maxmind.com COMODO RSA Organization Validation Secure Server CA	`2018-10-15` - `2020-11-06`	2 years	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-11-23` - `2020-10-09`	a year	crt.sh
*.s3-us-west-2.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2020-12-10`	a year	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
mediaalpha.com Amazon	`2019-10-04` - `2020-11-04`	a year	crt.sh
*.fcmrktplace.com Amazon	`2020-04-06` - `2021-05-06`	a year	crt.sh
*.ehawk.net Sectigo RSA Domain Validation Secure Server CA	`2020-01-13` - `2021-01-13`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
pushpros.tech Amazon	`2019-08-28` - `2020-09-28`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
lidstatic.com Cloudflare Inc ECC CA-3	`2020-05-31` - `2021-05-31`	a year	crt.sh
*.trustedform.com Go Daddy Secure Certificate Authority - G2	`2020-01-05` - `2021-03-05`	a year	crt.sh
create.leadid.com Amazon	`2020-05-22` - `2021-06-22`	a year	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2020-12-02`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
www.reallygreatrate.com Go Daddy Secure Certificate Authority - G2	`2020-04-16` - `2022-06-15`	2 years	crt.sh

This page contains 3 frames:

Primary Page: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
Frame ID: E0B1FE96829DB71A817C6D4C61D1685A
Requests: 84 HTTP requests in this frame

Frame: https://cdn.useproof.com/proxy/index.html
Frame ID: 72B48846BA93A5E4B278179AFE31E661
Requests: 1 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=6310A475-026F-D0EA-D804-B1CD910EA49E&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.7.0&lck=55BC924F-7A64-632A-27E9-C00A43B0343D&lac=29705C9D-232A-8A19-97CA-C832491B96A7
Frame ID: 70E312CC19222333E427B1276B5F13E7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://u9779597.ct.sendgrid.net/ls/click?upn=Q8vTpT3plOI-2BVu3A9trQwGEDUvxTp-2FYtw0Dp0VqSRekwZutzTTIG2-2BQz2... HTTP 302
http://newack.club/rgr.php?s1=SG9API_22nd HTTP 302
https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd Page URL

Detected technologies

Red Hat (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Red Hat/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Lightbox (JavaScript Libraries) Expand

Page Statistics

86
Requests

100 %
HTTPS

50 %
IPv6

23
Domains

25
Subdomains

21
IPs

4
Countries

1272 kB
Transfer

2519 kB
Size

6
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://privacyportal-eu-cdn.onetrust.com/dsarwebform/942fbf02-bbfe-4a5d-808d-080b06c5651c/3fdf8f1d-7ab3-4a99-bb4e-24965500290d.html
Title: Do Not Sell My Info

Search URL Search Domain Scan URL

URL: https://www.cnbc.com/2019/06/03/as-mortgage-rates-plunge-millions-more-homeowners-can-benefit-from-refinancing.html
Title: CNBC

Search URL Search Domain Scan URL

URL: https://www.nmlsconsumeraccess.org/EntityDetails.aspx/COMPANY/2721
Title: Nationwide Mortgage Licensing System (NMLS) ID # 2721.

Search URL Search Domain Scan URL

URL: http://www.refiexpert.net/
Title: Licenses and Disclosures

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/ccpa-id-verification/
Title: here

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://u9779597.ct.sendgrid.net/ls/click?upn=Q8vTpT3plOI-2BVu3A9trQwGEDUvxTp-2FYtw0Dp0VqSRekwZutzTTIG2-2BQz2eECsZp-2Fw0aFd39hT6TgauDPUSo2DA-3D-3D0mZY_q-2FohAx-2FOwcqx5aBLRqiPgIYCCAIdVhfUtU2-2BIXwGKfA2-2F5JTt012UYjlbo0kwWi-2FuaXpOpMhGQosQDh-2BvYDOZtlnNGwyQi4uJn-2F5sLuUtTPDkmtg6-2Fvg-2BP5nhPSfjcpPkSzb2pAF7-2BELrQqeHWXEqZqaiEog9wA23lHT7Bs1ZSr4VXrxzDt0C86fMcvqirLG0pKRxqxO9UA9K4p9y-2F9z6A2smxomQbywqfjhEZrl95xdklXNyyldfkqlp9s68QR2O2dTpY99FOpwuTuMsok9KL2PfBX8CYdqC9qx8vjgmoU-3D HTTP 302
http://newack.club/rgr.php?s1=SG9API_22nd HTTP 302
https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://djjcyqvteia9v.cloudfront.net/EHawkTalon.js HTTP 301
https://ehawk.net/talon-cdn/EHawkTalon.js

86 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
harpsubstitute.com/
Redirect Chain

http://u9779597.ct.sendgrid.net/ls/click?upn=Q8vTpT3plOI-2BVu3A9trQwGEDUvxTp-2FYtw0Dp0VqSRekwZutzTTIG2-2BQz2eECsZp-2Fw0aFd39hT6TgauDPUSo2DA-3D-3D0mZY_q-2FohAx-2FOwcqx5aBLRqiPgIYCCAIdVhfUtU2-2BIXwGK...
http://newack.club/rgr.php?s1=SG9API_22nd
https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd

109 KB
28 KB

567ms
137ms

Document
text/html

162.242.135.68
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.242.135.68 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS: 764085-web3.reallygreatrate.com
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: c44e103d43175772153ee7ec6de86dd20bd3bcdf8e4742f7436a70426b1472c3

Request headers

Host: harpsubstitute.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 14:40:16 GMT
Server: Apache/2.2.15 (Red Hat)
Last-Modified: Mon, 15 Jun 2020 18:21:55 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 28785
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Tue, 23 Jun 2020 14:39:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/7.3.11
Location: https://harpsubstitute.com?publisher_id=1190&subid=SG9API_22nd
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK 10025084-10024636.js Show response
cdn-3.convertexperiments.com/js/ 179 KB
57 KB 1498ms
122ms Script
application/javascript 23.62.118.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-3.convertexperiments.com/js/10025084-10024636.js
Requested by: Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.118.34 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-118-34.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e075b9d33b31c068479eeff713f7eac09953f530db616177c8c63f2e575479ba

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 14:40:18 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=300
Connection: keep-alive
Content-Length: 57961
X-Privacy-Policy: You can find our privacy policy at https://www.convert.com/privacy-notice/

GET
H/1.1 200
OK bootstrap.min.css
harpsubstitute.com/css/ 118 KB
20 KB 366ms
135ms Stylesheet
text/css 162.242.135.68
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://harpsubstitute.com/css/bootstrap.min.css
Requested by: Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.242.135.68 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS: 764085-web3.reallygreatrate.com
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 14:40:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 18:21:55 GMT
Server: Apache/2.2.15 (Red Hat)
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 19744
Expires: Thu, 23 Jul 2020 14:40:17 GMT

GET
H/1.1 200
OK style.css
harpsubstitute.com/css/ 13 KB
4 KB 397ms
132ms Stylesheet
text/css 162.242.135.68
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://harpsubstitute.com/css/style.css
Requested by: Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.242.135.68 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS: 764085-web3.reallygreatrate.com
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: 2e988639b9cf3eed8f9521702d16bbdcdcc6602fbdf82785aa0e11d2c557aa13

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 14:40:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 18:21:55 GMT
Server: Apache/2.2.15 (Red Hat)
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 3220
Expires: Thu, 23 Jul 2020 14:40:17 GMT

GET
H/1.1 200
OK jquery.lightbox.css
harpsubstitute.com/css/ 5 KB
2 KB 406ms
135ms Stylesheet
text/css 162.242.135.68
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://harpsubstitute.com/css/jquery.lightbox.css
Requested by: Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.242.135.68 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS: 764085-web3.reallygreatrate.com
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: c20200c1fce72a3749a5a2fe92a2c63a7f313adfd8b68376d6c6d1d7a51bd04c

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 14:40:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 18:21:55 GMT
Server: Apache/2.2.15 (Red Hat)
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 1430
Expires: Thu, 23 Jul 2020 14:40:17 GMT

GET
H/1.1 200
OK style.confirm.css
harpsubstitute.com/css/ 8 KB
3 KB 414ms
138ms Stylesheet
text/css 162.242.135.68
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://harpsubstitute.com/css/style.confirm.css
Requested by: Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.242.135.68 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS: 764085-web3.reallygreatrate.com
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: 7be0ac99f2ea3e5f96e91fadfabfa6a74df8e9dde83f25bb847730cfd5b25310

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 14:40:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 18:21:55 GMT
Server: Apache/2.2.15 (Red Hat)
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 2331
Expires: Thu, 23 Jul 2020 14:40:17 GMT

GET
H/1.1 200
OK animate.css
harpsubstitute.com/css/ 71 KB
5 KB 416ms
139ms Stylesheet
text/css 162.242.135.68
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://harpsubstitute.com/css/animate.css
Requested by: Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.242.135.68 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS: 764085-web3.reallygreatrate.com
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: b02261de48e43eb36ebd12bb35cc8cf835709afdafc45090f720268f47c0ecd1

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 14:40:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 18:21:55 GMT
Server: Apache/2.2.15 (Red Hat)
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 4427
Expires: Thu, 23 Jul 2020 14:40:17 GMT

GET
H2 200 font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/css/ 34 KB
7 KB 13ms
11ms Stylesheet
text/css 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/css/font-awesome.css

Requested by

Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b977f453450222a069d89dd2e776f6f21f9fa42f6e15c03c7fe6ff34d9a2c159

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 14:40:16 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 13906067
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 038338735c00003250f0018200000001
served-in-seconds: 0.001
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:19:53 GMT
server: cloudflare
etag: W/"5afd4939-893e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 5a7ef6989e943250-FRA
expires: Sun, 13 Jun 2021 14:40:16 GMT

GET
H/1.1 200
OK sh_confirm.css
harpsubstitute.com/css/ 569 B
637 B 414ms
138ms Stylesheet
text/css 162.242.135.68
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://harpsubstitute.com/css/sh_confirm.css
Requested by: Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.242.135.68 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS: 764085-web3.reallygreatrate.com
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: cecb7574a7b590943facd083b1fa50a4d723e2aab07e11b7ceb2221778404e20

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 14:40:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 18:21:55 GMT
Server: Apache/2.2.15 (Red Hat)
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 248
Expires: Thu, 23 Jul 2020 14:40:17 GMT

GET
H2 200 geoip2.js Show response
js.maxmind.com/js/apis/geoip2/v2.1/ 3 KB
2 KB 42ms
24ms Script
application/javascript 2606:4700::6810:252f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.maxmind.com/js/apis/geoip2/v2.1/geoip2.js
Requested by: Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:252f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab7954e1447f64d179eaec1e53a64438f59fc59a3d701897acab070e1138f849

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 14:40:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 22 Jun 2020 18:07:59 GMT
server: cloudflare
age: 1601
etag: W/"5ef0f37f-cfc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 5a7ef698aac805e4-FRA
cf-request-id: 038338736d000005e4de889200000001
expires: Tue, 23 Jun 2020 18:40:16 GMT

GET
H2 200 proof.js Show response
cdn.useproof.com/ 486 KB
487 KB 60ms
21ms Script
application/javascript 2606:4700:20::681a:30e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proof.js?acc=TWoRTkvsVLQNe3zCfcg3pETq91r1
Requested by: Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:30e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0135e2e9e8402d3042377fb8fcba6fe26521209e26c2ae50a85e24d974fb1f8e

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 14:40:18 GMT
cf-cache-status: HIT
age: 10113453
cf-ray: 5a7ef6a2dc67c2d1-FRA
status: 200
content-length: 497715
x-amz-id-2: bS+v5eKXHXOmCual2HeAK4LhRA8Yv1qyOLBXSy0cntrZf6KhFmbi5NFEQ0WGtNGfkCphZLoaibg=
last-modified: Thu, 15 Aug 2019 15:41:48 GMT
server: cloudflare
etag: "fa2c0c9552b99319ed55ce70955855f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 92EB98372714E456
cache-control: public, max-age=315360000, no-transform
x-amz-version-id: 7RsCJUNysRMcqkyRLwe1KtYXPZzstQg_
cf-request-id: 03833879c20000c2d125188200000001
accept-ranges: bytes
content-type: application/javascript

GET
H/1.1 200
OK ajax-loader.gif
harpsubstitute.com/images/ 19 KB
19 KB 139ms
138ms Image
image/gif 162.242.135.68
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://harpsubstitute.com/images/ajax-loader.gif
Requested by: Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.242.135.68 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS: 764085-web3.reallygreatrate.com
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: 24ed9db3eb0d97ecf1f0832cbd30bd37744e0d2b520ccdad5af60f7a08a45b90

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 14:40:18 GMT
Last-Modified: Mon, 15 Jun 2020 18:21:55 GMT
Server: Apache/2.2.15 (Red Hat)
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97
Content-Length: 19110
Expires: Wed, 23 Jun 2021 14:40:18 GMT

GET
H/1.1 200
OK logo.png
harpsubstitute.com/images/ 16 KB
16 KB 339ms
133ms Image
image/png 162.242.135.68
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://harpsubstitute.com/images/logo.png
Requested by: Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.242.135.68 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS: 764085-web3.reallygreatrate.com
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: 17037d542b6031ffd87ba2a7948eb3380bb3bb3d241822ff1401a0e46cbc7702

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 14:40:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 18:21:55 GMT
Server: Apache/2.2.15 (Red Hat)
Vary: Accept-Encoding,User-Agent
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=89
Content-Length: 16141
Expires: Wed, 23 Jun 2021 14:40:18 GMT

GET
H/1.1 200
OK single-family.png
harpsubstitute.com/images/ 28 KB
28 KB 191ms
139ms Image
image/png 162.242.135.68
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://harpsubstitute.com/images/single-family.png
Requested by: Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.242.135.68 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS: 764085-web3.reallygreatrate.com
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: f826c601f6f8c59a9c7f600974e7315b807aae691cc0255aa9102f512b13f125

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 14:40:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 18:21:55 GMT
Server: Apache/2.2.15 (Red Hat)
Vary: Accept-Encoding,User-Agent
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 28481
Expires: Wed, 23 Jun 2021 14:40:18 GMT

GET
H/1.1 200
OK multi-family.png
harpsubstitute.com/images/ 26 KB
26 KB 190ms
139ms Image
image/png 162.242.135.68
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://harpsubstitute.com/images/multi-family.png
Requested by: Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.242.135.68 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS: 764085-web3.reallygreatrate.com
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: b31dd5c68363ab900b9c0072b0f800e463c01a4d30b9318ae5407e7b3d4a8f2c

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 14:40:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 18:21:55 GMT
Server: Apache/2.2.15 (Red Hat)
Vary: Accept-Encoding,User-Agent
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 26741
Expires: Wed, 23 Jun 2021 14:40:18 GMT

GET
H/1.1 200
OK condo.png
harpsubstitute.com/images/ 30 KB
30 KB 141ms
139ms Image
image/png 162.242.135.68
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://harpsubstitute.com/images/condo.png
Requested by: Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.242.135.68 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS: 764085-web3.reallygreatrate.com
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: bc8f52f0616202cd73dda803b41c7e4171da483c146594e5a9a64a2323a65191

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 14:40:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 18:21:55 GMT
Server: Apache/2.2.15 (Red Hat)
Vary: Accept-Encoding,User-Agent
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 30119
Expires: Wed, 23 Jun 2021 14:40:18 GMT

GET
H/1.1 200
OK mobile-home.png
harpsubstitute.com/images/ 21 KB
21 KB 178ms
133ms Image
image/png 162.242.135.68
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://harpsubstitute.com/images/mobile-home.png
Requested by: Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.242.135.68 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS: 764085-web3.reallygreatrate.com
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: f33bd58eaa8862892bfaaf1d07b4010ec83175e0b2b85b4b96b75c08cfa4a662

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 14:40:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 18:21:55 GMT
Server: Apache/2.2.15 (Red Hat)
Vary: Accept-Encoding,User-Agent
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 21066
Expires: Wed, 23 Jun 2021 14:40:18 GMT

GET
H/1.1 200
OK credit1_sls.png
harpsubstitute.com/images/ 71 KB
9 KB 476ms
133ms Image
image/png 162.242.135.68
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://harpsubstitute.com/images/credit1_sls.png
Requested by: Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.242.135.68 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS: 764085-web3.reallygreatrate.com
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: 1ecfc83abd219e2c4fb7ad45669b8d34a2d1e576fc56d23d960a380edffb5750

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 14:40:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 18:21:55 GMT
Server: Apache/2.2.15 (Red Hat)
Vary: Accept-Encoding,User-Agent
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=88
Content-Length: 9195
Expires: Wed, 23 Jun 2021 14:40:18 GMT

GET
H/1.1 200
OK credit2_sls.png
harpsubstitute.com/images/ 71 KB
10 KB 431ms
133ms Image
image/png 162.242.135.68
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://harpsubstitute.com/images/credit2_sls.png
Requested by: Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.242.135.68 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS: 764085-web3.reallygreatrate.com
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: 41810523dacc10e7bdcc782c009ed5c0e8e11e11ae233e360e913aad7dc89bd6

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 14:40:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 18:21:55 GMT
Server: Apache/2.2.15 (Red Hat)
Vary: Accept-Encoding,User-Agent
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97
Content-Length: 9521
Expires: Wed, 23 Jun 2021 14:40:18 GMT

GET
H/1.1 200
OK credit3_sls.png
harpsubstitute.com/images/ 71 KB
10 KB 445ms
136ms Image
image/png 162.242.135.68
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://harpsubstitute.com/images/credit3_sls.png
Requested by: Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.242.135.68 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS: 764085-web3.reallygreatrate.com
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: 6aefee02eadfc44105dba985d35f60a30f510ca16a80cda6c54a98b7905e3e58

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 14:40:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 18:21:55 GMT
Server: Apache/2.2.15 (Red Hat)
Vary: Accept-Encoding,User-Agent
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97
Content-Length: 9561
Expires: Wed, 23 Jun 2021 14:40:18 GMT

GET
H/1.1 200
OK credit4_sls.png
harpsubstitute.com/images/ 71 KB
9 KB 306ms
136ms Image
image/png 162.242.135.68
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://harpsubstitute.com/images/credit4_sls.png
Requested by: Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.242.135.68 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS: 764085-web3.reallygreatrate.com
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: 4a046c518db7cc7a1d4c4b4373142fbe4d1cea90ff025f4cff9ec961363aab85

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 14:40:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 18:21:55 GMT
Server: Apache/2.2.15 (Red Hat)
Vary: Accept-Encoding,User-Agent
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 8859
Expires: Wed, 23 Jun 2021 14:40:18 GMT

GET
H/1.1 200
OK brand.png
harpsubstitute.com/images/ 19 KB
19 KB 455ms
138ms Image
image/png 162.242.135.68
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://harpsubstitute.com/images/brand.png
Requested by: Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.242.135.68 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS: 764085-web3.reallygreatrate.com
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: 8e76eef62b062738a039caadccc53acc5729bae82c4291a420647a1a57c2e501

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 14:40:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 18:21:55 GMT
Server: Apache/2.2.15 (Red Hat)
Vary: Accept-Encoding,User-Agent
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97
Content-Length: 19406
Expires: Wed, 23 Jun 2021 14:40:18 GMT

GET
H/1.1 200
OK getemails.js Show response
s3-us-west-2.amazonaws.com/files.getemails.com/account/V3VHEYD/source/ 0
367 B 673ms
172ms Script
application/javascript 52.218.232.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/files.getemails.com/account/V3VHEYD/source/getemails.js
Requested by: Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.232.8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 14:40:19 GMT
Last-Modified: Fri, 19 Jun 2020 16:25:17 GMT
Server: AmazonS3
x-amz-request-id: E9DCD4D56D1941C4
ETag: "d41d8cd98f00b204e9800998ecf8427e"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 0
x-amz-id-2: oVF+i9b81w4Cbca3znFFAmAzks2Sfs1SlBTO5DfB2KXZMR+FoK9MhD3GZhcbR5IJd0y6c0B83BM=

GET
H/1.1 200
OK jquery-1.12.0.min.js Show response
code.jquery.com/ 95 KB
33 KB 27ms
6ms Script
application/javascript 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.12.0.min.js
Requested by: Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 14:40:17 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Jan 2016 19:57:42 GMT
Server: nginx
ETag: W/"569014b6-17c52"
Vary: Accept-Encoding
X-HW: 1592923217.dop165.fr8.t,1592923217.cds106.fr8.shn,1592923217.cds106.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 33820

GET
H/1.1 200
OK rhinoslider-1.05.min.js Show response
harpsubstitute.com/js/ 39 KB
6 KB 133ms
133ms Script
text/javascript 162.242.135.68
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://harpsubstitute.com/js/rhinoslider-1.05.min.js
Requested by: Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.242.135.68 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS: 764085-web3.reallygreatrate.com
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: 2bdf83f75f66adf883bffa8154a933820ebe1774462491fa9569ced274dcfb76

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 14:40:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 18:21:55 GMT
Server: Apache/2.2.15 (Red Hat)
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 5241
Expires: Thu, 23 Jul 2020 14:40:17 GMT

GET
H/1.1 200
OK angular.min.js Show response
harpsubstitute.com/js/ 104 KB
39 KB 138ms
137ms Script
text/javascript 162.242.135.68
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://harpsubstitute.com/js/angular.min.js
Requested by: Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.242.135.68 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS: 764085-web3.reallygreatrate.com
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: 28a050e3bb0c1932abdde03a00adedf53cb095b71bed2041cc5ff29c34bbad8c

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 14:40:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 18:21:55 GMT
Server: Apache/2.2.15 (Red Hat)
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97
Content-Length: 39201
Expires: Thu, 23 Jul 2020 14:40:17 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
harpsubstitute.com/js/ 36 KB
10 KB 134ms
133ms Script
text/javascript 162.242.135.68
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://harpsubstitute.com/js/bootstrap.min.js
Requested by: Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.242.135.68 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS: 764085-web3.reallygreatrate.com
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 14:40:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 18:21:55 GMT
Server: Apache/2.2.15 (Red Hat)
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=96
Content-Length: 9833
Expires: Thu, 23 Jul 2020 14:40:17 GMT

GET
H/1.1 200
OK jquery.inputmask.bundle.min.js Show response
harpsubstitute.com/js/ 74 KB
22 KB 136ms
135ms Script
text/javascript 162.242.135.68
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://harpsubstitute.com/js/jquery.inputmask.bundle.min.js
Requested by: Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.242.135.68 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS: 764085-web3.reallygreatrate.com
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: 1f7c1711bbcc552ffcfa2d4a1ce63f0e5fde356e71d9c2fd7d7358888b93e798

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 14:40:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 18:21:55 GMT
Server: Apache/2.2.15 (Red Hat)
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=95
Content-Length: 22633
Expires: Thu, 23 Jul 2020 14:40:17 GMT

GET
H/1.1 200
OK jquery.lightbox.js Show response
harpsubstitute.com/js/ 48 KB
14 KB 135ms
134ms Script
text/javascript 162.242.135.68
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://harpsubstitute.com/js/jquery.lightbox.js
Requested by: Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.242.135.68 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS: 764085-web3.reallygreatrate.com
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: 6c78ce6b6d1928630b903084ea9d503643f303ba05455860cc7cd17f7687cc65

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 14:40:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 18:21:55 GMT
Server: Apache/2.2.15 (Red Hat)
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=94
Content-Length: 13922
Expires: Thu, 23 Jul 2020 14:40:17 GMT

GET
H/1.1 200
OK main.js Show response
harpsubstitute.com/js/ 2 KB
1 KB 133ms
132ms Script
text/javascript 162.242.135.68
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://harpsubstitute.com/js/main.js
Requested by: Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.242.135.68 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS: 764085-web3.reallygreatrate.com
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: 81b970efb0c597b9e5d7def67dd00f07a17a319d965e2898974330c3df170fea

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 14:40:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 18:21:55 GMT
Server: Apache/2.2.15 (Red Hat)
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=93
Content-Length: 853
Expires: Thu, 23 Jul 2020 14:40:18 GMT

GET
H/1.1 200
OK mousewheel.js Show response
harpsubstitute.com/js/ 1 KB
1 KB 133ms
132ms Script
text/javascript 162.242.135.68
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://harpsubstitute.com/js/mousewheel.js
Requested by: Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.242.135.68 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS: 764085-web3.reallygreatrate.com
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: e9a022804abc1a1f59c15181c083016892735cf323fd6f80385abb6bf335c3cf

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 14:40:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 18:21:55 GMT
Server: Apache/2.2.15 (Red Hat)
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=92
Content-Length: 716
Expires: Thu, 23 Jul 2020 14:40:18 GMT

GET
H/1.1 200
OK easing.js Show response
harpsubstitute.com/js/ 8 KB
2 KB 139ms
138ms Script
text/javascript 162.242.135.68
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://harpsubstitute.com/js/easing.js
Requested by: Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.242.135.68 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS: 764085-web3.reallygreatrate.com
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: f958ea302a444495a64a523f633b078327c56f360cc3ba54326952708978002f

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 14:40:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 18:21:55 GMT
Server: Apache/2.2.15 (Red Hat)
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 2002
Expires: Thu, 23 Jul 2020 14:40:18 GMT

GET
H/1.1 200
OK scripts.js Show response
harpsubstitute.com/js/ 17 KB
3 KB 143ms
139ms Script
text/javascript 162.242.135.68
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://harpsubstitute.com/js/scripts.js
Requested by: Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.242.135.68 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS: 764085-web3.reallygreatrate.com
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: 609630696da97a52bd84b733404f83774ad969bf959b5b4da6a46b1feddca327

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 14:40:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 18:21:55 GMT
Server: Apache/2.2.15 (Red Hat)
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 2870
Expires: Thu, 23 Jul 2020 14:40:18 GMT

GET
H/1.1 200
OK config.js Show response
harpsubstitute.com/ 58 B
469 B 142ms
138ms Script
text/javascript 162.242.135.68
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://harpsubstitute.com/config.js
Requested by: Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.242.135.68 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS: 764085-web3.reallygreatrate.com
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: 935c1c855f0827688ca668a51e15beb8754280c34843b9cc9038971b37cc7236

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 14:40:18 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Feb 2019 19:41:30 GMT
Server: Apache/2.2.15 (Red Hat)
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 75
Expires: Thu, 23 Jul 2020 14:40:18 GMT

GET
H/1.1 200
OK app.js Show response
harpsubstitute.com/js/ 62 KB
13 KB 141ms
137ms Script
text/javascript 162.242.135.68
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://harpsubstitute.com/js/app.js
Requested by: Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.242.135.68 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS: 764085-web3.reallygreatrate.com
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: 058986aa49aa8b9ae58d5c728d86f816f1fad9c527fcda566fef3c6c39c823d8

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 14:40:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 18:21:55 GMT
Server: Apache/2.2.15 (Red Hat)
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 12799
Expires: Thu, 23 Jul 2020 14:40:18 GMT

GET
H/1.1 200
OK postscribe.min.js Show response
harpsubstitute.com/js/ 17 KB
6 KB 136ms
133ms Script
text/javascript 162.242.135.68
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://harpsubstitute.com/js/postscribe.min.js
Requested by: Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.242.135.68 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS: 764085-web3.reallygreatrate.com
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 14:40:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 18:21:55 GMT
Server: Apache/2.2.15 (Red Hat)
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 5720
Expires: Thu, 23 Jul 2020 14:40:18 GMT

GET
H/1.1 200
OK serve.js Show response
finance.mediaalpha.com/js/ 5 KB
2 KB 440ms
124ms Script
application/javascript 54.243.138.231
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://finance.mediaalpha.com/js/serve.js
Requested by: Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.243.138.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-138-231.compute-1.amazonaws.com
Software: Apache /
Resource Hash: d78ed93a873694116f57756b7b1a02c1f6bb7f16311435fd78f7e79d1a67307c

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 14:40:18 GMT
Content-Encoding: gzip
Server: Apache
Connection: keep-alive
Content-Length: 2266
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8

GET
H2 200 clicksnet.js Show response
cdn.fcmrktplace.com/scripts/ 9 KB
10 KB 574ms
175ms Script
application/javascript 52.24.167.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fcmrktplace.com/scripts/clicksnet.js
Requested by: Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.24.167.168 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-24-167-168.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 7656b5a72cee89a429742d2575df383f9d0a5a36464ab05ee13fb1dafeb73bdf

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 14:40:18 GMT
etag: "d0d9da6b4b2d41:0"
last-modified: Wed, 23 Jan 2019 00:43:25 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
status: 200
p3p: Policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
accept-ranges: bytes
content-type: application/javascript
content-length: 9506

GET
H2 200 clicksnet_mortgage.js Show response
cdn.fcmrktplace.com/scripts/ 5 KB
2 KB 730ms
331ms Script
application/javascript 52.24.167.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fcmrktplace.com/scripts/clicksnet_mortgage.js
Requested by: Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.24.167.168 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-24-167-168.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 479bbacc482a04fafa069e27d88922ed314c9f7df86ebf8b117de571c4869512

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 14:40:18 GMT
content-encoding: gzip
etag: "80348a6b4b2d41:0"
last-modified: Wed, 23 Jan 2019 00:43:25 GMT
server: Microsoft-IIS/8.5
status: 200
x-powered-by: ASP.NET
vary: Accept-Encoding
p3p: Policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
accept-ranges: bytes
content-type: application/javascript
content-length: 1559

GET
H/1.1

200
OK

EHawkTalon.js Show response
ehawk.net/talon-cdn/
Redirect Chain

https://djjcyqvteia9v.cloudfront.net/EHawkTalon.js
https://ehawk.net/talon-cdn/EHawkTalon.js

43 KB
43 KB

132ms
14ms

Script
application/javascript

2a00:d01:ff:905:94:228:142:86
PROLOCATION Trans...

General

Check archive.org

Show headers Download Go to

Full URL

https://ehawk.net/talon-cdn/EHawkTalon.js

Requested by

Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:d01:ff:905:94:228:142:86 , Netherlands, ASN41887 (PROLOCATION Transit policy pref 100, NL),

Reverse DNS

Software

Apache /

Resource Hash

1a2a572f006b242096d76275e8c9edb114f9aa65cbd67fd1c4d57053da83932f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 14:40:18 GMT
Last-Modified: Mon, 04 May 2020 17:54:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 43822

Redirect headers

date: Tue, 23 Jun 2020 14:13:27 GMT
via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
server: Apache
age: 1611
status: 301
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: text/html; charset=iso-8859-1
location: https://ehawk.net/talon-cdn/EHawkTalon.js
x-amz-cf-pop: FRA50-C1
content-length: 249
x-amz-cf-id: N4cOEVqjazHX-jMjwx2UFXoEuLBvnb_-s3uAi3zRR7MTNdrp_ySOkg==

GET
H2 200 css
fonts.googleapis.com/ 10 KB
893 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700

Requested by

Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c06b6329970d1560039f39c4935a041d96fcf0f877b47951d8ece559a1b4dc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Jun 2020 13:50:26 GMT
server: ESF
date: Tue, 23 Jun 2020 14:40:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Jun 2020 14:40:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
695 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:100,300,400,500,700

Requested by

Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

83d4573c0d46d8b3ab186ebe6a6158db10dc4404f3daa3d34939df4ec36499ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Jun 2020 14:40:18 GMT
server: ESF
date: Tue, 23 Jun 2020 14:40:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Jun 2020 14:40:18 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 68 KB
25 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KFG2H9Z

Requested by

Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d6e34292d04cdc650fdbb9d914aa5b8e6ab5201e7cda5e90c2786bc6cfe195d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 14:40:18 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24986
x-xss-protection: 0
last-modified: Tue, 23 Jun 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 23 Jun 2020 14:40:18 GMT

GET
H2 200 GetPushScript Show response
pushpros.tech/ 2 KB
2 KB 553ms
469ms Fetch
application/json 143.204.94.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pushpros.tech/GetPushScript?key=2Xa3N8H4tIMDq5DaLOjgimHq4HG8UhWO&domain=harpsubstitute.com
Requested by: Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.94.82 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-82.fra50.r.cloudfront.net
Software: /
Resource Hash: 6abe50353a2a5173c7ae19d47eefe442c6a27847760508c3d04240e9bbc490e5

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 14:40:18 GMT
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amzn-requestid: 508d4eef-6b6f-46fb-9ea1-765a41c6e137
status: 200
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-5ef21452-fb46eca3b2c8de2f34dd4b74;Sampled=0
x-amz-apigw-id: Olgc8FQ1IAMFwZw=
content-length: 2185
x-amz-cf-id: oLKx99MNqcYqeNiM10KF_wBqHcN2EbWfEA6fBIvmC6nWoQj7EDXBnQ==

GET
H/1.1 200
OK arrow.png
harpsubstitute.com/images/ 1 KB
1 KB 206ms
132ms Image
image/png 162.242.135.68
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://harpsubstitute.com/images/arrow.png
Requested by: Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.242.135.68 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS: 764085-web3.reallygreatrate.com
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: c0504aaebc704c9e2f127b37b96aa475865d6dc9e8a7b3ebb84dabdaa87305ce

Request headers

Referer: https://harpsubstitute.com/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 14:40:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 18:21:55 GMT
Server: Apache/2.2.15 (Red Hat)
Vary: Accept-Encoding,User-Agent
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=90
Content-Length: 861
Expires: Wed, 23 Jun 2021 14:40:18 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Origin: https://harpsubstitute.com

Response headers

date: Fri, 12 Jun 2020 16:51:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:44 GMT
server: sffe
age: 942526
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
expires: Sat, 12 Jun 2021 16:51:32 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Origin: https://harpsubstitute.com

Response headers

date: Thu, 11 Jun 2020 13:03:24 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 1042614
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Fri, 11 Jun 2021 13:03:24 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
fonts.gstatic.com/s/raleway/v15/ 40 KB
40 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v15/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2

Requested by

Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

affd3bf16b486f467118301191499eaca2bea9a5e1e792a5b642d0191377486c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Raleway:100,300,400,500,700
Origin: https://harpsubstitute.com

Response headers

date: Wed, 17 Jun 2020 04:22:11 GMT
x-content-type-options: nosniff
last-modified: Wed, 17 Jun 2020 04:06:49 GMT
server: sffe
age: 555487
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40884
x-xss-protection: 0
expires: Thu, 17 Jun 2021 04:22:11 GMT

GET
H/1.1 200
OK glyphicons-halflings-regular.woff2
harpsubstitute.com/fonts/ 18 KB
18 KB 149ms
132ms Font
application/octet-stream 162.242.135.68
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://harpsubstitute.com/fonts/glyphicons-halflings-regular.woff2
Requested by: Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.242.135.68 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS: 764085-web3.reallygreatrate.com
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://harpsubstitute.com/css/bootstrap.min.css
Origin: https://harpsubstitute.com

Response headers

Date: Tue, 23 Jun 2020 14:40:18 GMT
Last-Modified: Mon, 15 Jun 2020 18:21:55 GMT
Server: Apache/2.2.15 (Red Hat)
Vary: User-Agent
Content-Type: text/plain; charset=UTF-8
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=91
Content-Length: 18028

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Origin: https://harpsubstitute.com

Response headers

date: Thu, 11 Jun 2020 20:40:26 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:37 GMT
server: sffe
age: 1015192
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9016
x-xss-protection: 0
expires: Fri, 11 Jun 2021 20:40:26 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 7ms
5ms Font
font/woff2 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Origin: https://harpsubstitute.com

Response headers

date: Fri, 12 Jun 2020 16:53:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:11 GMT
server: sffe
age: 942435
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Sat, 12 Jun 2021 16:53:03 GMT

GET
H2 200 55bc924f-7a64-632a-27e9-c00a43b0343d.js Show response
create.lidstatic.com/campaign/ 123 KB
39 KB 48ms
15ms Script
text/javascript 2606:4700:10::ac43:29e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/55bc924f-7a64-632a-27e9-c00a43b0343d.js?snippet_version=2
Requested by: Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:29e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 463b0ec64a3b1a3326d4150720d8188e59f5614ab306162e6c48f78142bb74ba

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 14:40:18 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 672
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: 09652A7659AAF5C0
x-amz-id-2: tw2aoXyC2GUxlC/N/hSG6WbMLq8gmHzfyatGGRruP/4hmk08ob9yqRZGeRq5WuURed9e5r9nY6k=
last-modified: Tue, 21 Apr 2020 14:59:57 GMT
server: cloudflare
etag: W/"007da4cec5bf5d1300ef73a05b3da14c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1800
x-amz-version-id: iA153Ud.tgH6G1dGuTuWFOoNthncYRyc
cf-request-id: 0383387a2300001f512ab21200000001
cf-ray: 5a7ef6a368441f51-FRA

GET
H2 200 index.html
cdn.useproof.com/proxy/ Frame 72B4 0
0 684ms
683ms Document
text/html 2606:4700:20::681a:30e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proxy/index.html
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proof.js?acc=TWoRTkvsVLQNe3zCfcg3pETq91r1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:30e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.useproof.com
:scheme: https
:path: /proxy/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd

Response headers

status: 200
date: Tue, 23 Jun 2020 14:40:19 GMT
content-type: text/html
content-length: 325
set-cookie: __cfduid=da0c8143b765517705259f3add91ba71c1592923218; expires=Thu, 23-Jul-20 14:40:18 GMT; path=/; domain=.useproof.com; HttpOnly; SameSite=Lax; Secure
x-amz-id-2: m+X5EIDRJtWT6d8CtmtEFM46CY24kQ36sn73eGa6Y3aAAmYVKzt5PF8zv+r/xXMfImXzDj/X3ow=
x-amz-request-id: 7DE4AF4CA796578B
last-modified: Thu, 15 Aug 2019 15:41:48 GMT
etag: "f92252b1f21fd30ac52b59395971ecdb"
cache-control: max-age=315360000, no-transform, public
x-amz-version-id: V3wOD8RjbA.D9D1fAXIzDOps5d_6lt3O
accept-ranges: bytes
cf-cache-status: DYNAMIC
cf-request-id: 0383387a480000c2d125192200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5a7ef6a3adf7c2d1-FRA

GET
H2 200 trustedform.js Show response
api.trustedform.com/ 3 KB
2 KB 433ms
144ms Script
application/javascript 50.97.168.187
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=15929232185870.504181241422438

Requested by

Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.97.168.187 Dallas, United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

bb.a8.6132.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

1861008a1353e41c6d5d58c5211ba4e8b3f2b6b70857c8748e9650dc121c5a17

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 14:40:18 GMT
content-encoding: gzip
server: nginx
status: 200
strict-transport-security: max-age=15768000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true

POST
H2 200 GenerateToken Show response
create.leadid.com/2.7.0/ 36 B
332 B 354ms
137ms XHR
text/plain 54.173.215.17
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.7.0/GenerateToken?msn=1&pid=cfb138ce-549c-4c30-a18d-614e1ee17bf1&_=830270143
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/55bc924f-7a64-632a-27e9-c00a43b0343d.js?snippet_version=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.173.215.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-215-17.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: 0f5bb6c07b7f3e42e2ad862ab10ea462c1f1fcc3e96899b63b519af160211d05

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 23 Jun 2020 14:40:18 GMT
content-encoding: gzip
server: nginx/1.17.6
status: 200
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK trackpush.min.js Show response
s3.amazonaws.com/trackpush/ 45 KB
13 KB 411ms
110ms Script
text/javascript 52.217.41.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/trackpush/trackpush.min.js
Requested by: Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.41.6 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: a5d20d9f800889c15761ef2c05630291e949bb7f1ab654784cf37bf0fedfeea3

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 14:40:20 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 May 2020 23:14:18 GMT
Server: AmazonS3
x-amz-request-id: 221EEDE8522162B1
ETag: "e4bed32a876898247b53f4b3ea650884"
Content-Type: text/javascript
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 12770
x-amz-id-2: uV1E3EyDFelP40QEv1h2RW0Ye7rlbDajqQZOVMsCH/QdT7+iEE818QQ+EAtcpIJ6szGO86C8M8Y=

GET
H/1.1 200
OK iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 70E3 0
0 178ms
42ms Document
text/html 143.204.238.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=6310A475-026F-D0EA-D804-B1CD910EA49E&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.7.0&lck=55BC924F-7A64-632A-27E9-C00A43B0343D&lac=29705C9D-232A-8A19-97CA-C832491B96A7
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/55bc924f-7a64-632a-27e9-c00a43b0343d.js?snippet_version=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.238.189 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-238-189.cph50.r.cloudfront.net
Software: nginx/1.17.6 /
Resource Hash

Request headers

Host: d2m2wsoho8qq12.cloudfront.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd

Response headers

Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Date: Tue, 23 Jun 2020 08:07:41 GMT
Server: nginx/1.17.6
Last-Modified: Wed, 17 Jun 2020 20:07:15 GMT
ETag: W/"5eea77f3-dbc"
P3P: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
Content-Encoding: gzip
X-Cache: Hit from cloudfront
Via: 1.1 c63e477878535a923916847cfe5704eb.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CPH50-C1
X-Amz-Cf-Id: NT9BOum0onf4MxW125ai7sFpkLWENhFzLRHMC9qvCtKkt-ao12ijCA==
Age: 23558

POST
H2 200 SaveDom Show response
create.leadid.com/2.7.0/ 0
298 B 105ms
105ms XHR
text/plain 54.173.215.17
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.7.0/SaveDom?msn=2&pid=cfb138ce-549c-4c30-a18d-614e1ee17bf1&token=6310A475-026F-D0EA-D804-B1CD910EA49E&_=830270144
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/55bc924f-7a64-632a-27e9-c00a43b0343d.js?snippet_version=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.173.215.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-215-17.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 23 Jun 2020 14:40:19 GMT
content-encoding: gzip
server: nginx/1.17.6
status: 200
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.7.0/ 0
298 B 103ms
103ms XHR
text/plain 54.173.215.17
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.7.0/InitFormData?msn=3&pid=cfb138ce-549c-4c30-a18d-614e1ee17bf1&token=6310A475-026F-D0EA-D804-B1CD910EA49E&_=830270145
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/55bc924f-7a64-632a-27e9-c00a43b0343d.js?snippet_version=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.173.215.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-215-17.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 23 Jun 2020 14:40:19 GMT
content-encoding: gzip
server: nginx/1.17.6
status: 200
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK / Show response
www.reallygreatrate.com/api/hdi/ 16 B
561 B 635ms
145ms XHR
application/json 162.242.135.68
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://www.reallygreatrate.com/api/hdi/?upload_type=HS&publisher_id=1190&lead_type=Refinance
Requested by: Host: harpsubstitute.com
URL: https://harpsubstitute.com/js/angular.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.242.135.68 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS: 764085-web3.reallygreatrate.com
Software: Apache/2.2.15 (Red Hat) / PHP/5.4.45
Resource Hash: 69760d497ac54eee0a7c6cdea04a2cb2f1721169a777220433ef552cda326527

Request headers

Accept: application/json, text/plain, */*
Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Jun 2020 14:40:19 GMT
Server: Apache/2.2.15 (Red Hat)
X-Powered-By: PHP/5.4.45
Content-Type: application/json
access-control-allow-origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Length: 16
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK / Show response
www.reallygreatrate.com/api/user/ip_address/ 30 B
248 B 623ms
132ms XHR
application/json 162.242.135.68
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://www.reallygreatrate.com/api/user/ip_address/
Requested by: Host: harpsubstitute.com
URL: https://harpsubstitute.com/js/angular.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.242.135.68 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS: 764085-web3.reallygreatrate.com
Software: Apache/2.2.15 (Red Hat) / PHP/5.4.45
Resource Hash: ecb97cf0b390d2c82d10e53ddc43860e281ee1679ac710588d054aa79e4b79dd

Request headers

Accept: application/json, text/plain, */*
Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Tue, 23 Jun 2020 14:40:19 GMT
Server: Apache/2.2.15 (Red Hat)
Connection: close
X-Powered-By: PHP/5.4.45
Content-Length: 30
Content-Type: application/json

GET
H/1.1 200
OK index.php Show response
www.reallygreatrate.com/api/prepop/ 69 B
486 B 657ms
150ms XHR
text/html 162.242.135.68
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://www.reallygreatrate.com/api/prepop/index.php?token=undefined&lead_type=refinance&action=d
Requested by: Host: harpsubstitute.com
URL: https://harpsubstitute.com/js/angular.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.242.135.68 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS: 764085-web3.reallygreatrate.com
Software: Apache/2.2.15 (Red Hat) / PHP/5.4.45
Resource Hash: 12d5f5436c92db2953a77e0c1d3d10ddf7ca6365129dbda3300e705d7d8bcb0d

Request headers

Accept: application/json, text/plain, */*
Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Jun 2020 14:40:19 GMT
Server: Apache/2.2.15 (Red Hat)
X-Powered-By: PHP/5.4.45
Content-Type: text/html; charset=UTF-8
access-control-allow-origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Length: 69
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK prev.png
harpsubstitute.com/images/ 4 KB
4 KB 140ms
139ms Image
image/png 162.242.135.68
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://harpsubstitute.com/images/prev.png
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.12.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.242.135.68 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS: 764085-web3.reallygreatrate.com
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: cec51d1f5afeba765ab9602d837434702c09425a31ecf455f93b3f02e1a6d84a

Request headers

Referer: https://harpsubstitute.com/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 14:40:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 18:21:55 GMT
Server: Apache/2.2.15 (Red Hat)
Vary: Accept-Encoding,User-Agent
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=96
Content-Length: 3524
Expires: Wed, 23 Jun 2021 14:40:19 GMT

GET
H/1.1 200
OK next.png
harpsubstitute.com/images/ 4 KB
4 KB 139ms
139ms Image
image/png 162.242.135.68
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://harpsubstitute.com/images/next.png
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.12.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.242.135.68 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS: 764085-web3.reallygreatrate.com
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: 8535b3b2f13ac82fe4c0dd0dc58e136eb33ab996e1ccb098c8a9fdf391e1b0a4

Request headers

Referer: https://harpsubstitute.com/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 14:40:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 18:21:55 GMT
Server: Apache/2.2.15 (Red Hat)
Vary: Accept-Encoding,User-Agent
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=96
Content-Length: 3500
Expires: Wed, 23 Jun 2021 14:40:19 GMT

GET
H2 200 me Show response
geoip-js.com/geoip/v2.1/city/ 1 KB
2 KB 85ms
66ms XHR
application/vnd.maxmind.com-city+json 2606:4700::6812:aef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geoip-js.com/geoip/v2.1/city/me?referrer=https%3A%2F%2Fharpsubstitute.com
Requested by: Host: js.maxmind.com
URL: https://js.maxmind.com/js/apis/geoip2/v2.1/geoip2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:aef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36036beb34f14874a1d5adcb40e2264c9e7b915a1b9ef9af5c4548a157f25d85

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 14:40:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
content-type: application/vnd.maxmind.com-city+json; charset=UTF-8; version=2.1
access-control-allow-origin: *
cf-ray: 5a7ef6a7fe0e0746-FRA
content-length: 1445
cf-request-id: 0383387cf900000746f08fb200000001

GET
H/1.1 200
OK prev-disable.png
harpsubstitute.com/images/ 2 KB
3 KB 133ms
133ms Image
image/png 162.242.135.68
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://harpsubstitute.com/images/prev-disable.png
Requested by: Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.242.135.68 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS: 764085-web3.reallygreatrate.com
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: 329e9a67933b05b6109d75174bdfcc80438c242e775b5b6a95f1353a726612ef

Request headers

Referer: https://harpsubstitute.com/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 14:40:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 18:21:55 GMT
Server: Apache/2.2.15 (Red Hat)
Vary: Accept-Encoding,User-Agent
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=87
Content-Length: 2289
Expires: Wed, 23 Jun 2021 14:40:19 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFG2H9Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 41
date: Tue, 23 Jun 2020 14:39:38 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Tue, 23 Jun 2020 16:39:38 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
98 B 13ms
12ms Image
image/gif 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1479111126&t=event&ni=1&_s=1&dl=https%3A%2F%2Fharpsubstitute.com%2F%3Fpublisher_id%3D1190%26subid%3DSG9API_22nd&ul=en-us&de=UTF-8&dt=Harp%20Substitute&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=HS%20Landing&ea=HS%20Landing&el=HS%20Landing&_u=YEBAAEAB~&jid=930070705&gjid=1123364443&cid=147439360.1592923219&tid=UA-104373288-9&_gid=998842349.1592923219&_r=1&gtm=2wg6a0KFG2H9Z&z=1743599342

Requested by

Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jun 2020 14:40:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 t.js Show response
api.trustedform.com/e8b9fb09604672223db43a57de1457057df4d6a8/ 57 KB
21 KB 146ms
146ms Script
application/javascript 50.97.168.187
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://api.trustedform.com/e8b9fb09604672223db43a57de1457057df4d6a8/t.js?lo=https%3A%2F%2Fharpsubstitute.com%2F%3Fpublisher_id%3D1190%26subid%3DSG9API_22nd&l=15929232185870.504181241422438&f=false&n=bdd342e5d99688ab5546892cb25079f5912b061d&cs=g3QAAAACZAABdGJe8hRSZAABdnQAAAADbQAAAAVmaWVsZG0AAAAUeHhUcnVzdGVkRm9ybUNlcnRVcmxtAAAAAWxtAAAAHjE1OTI5MjMyMTg1ODcwLjUwNDE4MTI0MTQyMjQzOG0AAAAQcHJvdmlkZV9yZWZlcnJlcmQABWZhbHNl&csh=8ZbYfJL8BMwwRfmI2tYwVa9kHj9ml9l5C8kPQgCwiBQ%3D

Requested by

Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=15929232185870.504181241422438

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.97.168.187 Dallas, United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

bb.a8.6132.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

f9b5b46f7f48476e5b3dff899d98700e71eb06dea34acbe716f4e59f9e680060

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 14:40:19 GMT
content-encoding: gzip
server: nginx
status: 200
strict-transport-security: max-age=15768000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK helveticaltstd-boldcond.woff
harpsubstitute.com/fonts/ 18 KB
18 KB 132ms
132ms Font
application/octet-stream 162.242.135.68
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://harpsubstitute.com/fonts/helveticaltstd-boldcond.woff
Requested by: Host: ehawk.net
URL: https://ehawk.net/talon-cdn/EHawkTalon.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.242.135.68 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS: 764085-web3.reallygreatrate.com
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: 86b9810f5af65c62a1d7c0ae9b8fcfbf88fec66b80b6ba723eb6b37eb4c3fef8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://harpsubstitute.com/css/style.confirm.css
Origin: https://harpsubstitute.com

Response headers

Date: Tue, 23 Jun 2020 14:40:19 GMT
Last-Modified: Mon, 15 Jun 2020 18:21:55 GMT
Server: Apache/2.2.15 (Red Hat)
Vary: User-Agent
Content-Type: text/plain; charset=UTF-8
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=86
Content-Length: 17936

POST
H2 200 h Show response
api.trustedform.com/e8b9fb09604672223db43a57de1457057df4d6a8/ 0
207 B 683ms
404ms XHR
text/html 50.97.168.187
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://api.trustedform.com/e8b9fb09604672223db43a57de1457057df4d6a8/h?n=fae69f51d66253331d2f7b63bb32fd1ffbdf5e93&l=15929232185870.504181241422438&a=1&ce=z&t=cors

Requested by

Host: api.trustedform.com
URL: https://api.trustedform.com/e8b9fb09604672223db43a57de1457057df4d6a8/t.js?lo=https%3A%2F%2Fharpsubstitute.com%2F%3Fpublisher_id%3D1190%26subid%3DSG9API_22nd&l=15929232185870.504181241422438&f=false&n=bdd342e5d99688ab5546892cb25079f5912b061d&cs=g3QAAAACZAABdGJe8hRSZAABdnQAAAADbQAAAAVmaWVsZG0AAAAUeHhUcnVzdGVkRm9ybUNlcnRVcmxtAAAAAWxtAAAAHjE1OTI5MjMyMTg1ODcwLjUwNDE4MTI0MTQyMjQzOG0AAAAQcHJvdmlkZV9yZWZlcnJlcmQABWZhbHNl&csh=8ZbYfJL8BMwwRfmI2tYwVa9kHj9ml9l5C8kPQgCwiBQ%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.97.168.187 Dallas, United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

bb.a8.6132.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Jun 2020 14:40:20 GMT
server: nginx
status: 200
strict-transport-security: max-age=15768000
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 0

POST
H2 200 f Show response
api.trustedform.com/e8b9fb09604672223db43a57de1457057df4d6a8/ 0
208 B 415ms
143ms XHR
text/html 50.97.168.187
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://api.trustedform.com/e8b9fb09604672223db43a57de1457057df4d6a8/f?l=15929232185870.504181241422438&n=28385422cf7b9cc75098e8b9515f5495ef750c04&rn=0&a=1&t=cors

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.97.168.187 Dallas, United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

bb.a8.6132.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Jun 2020 14:40:20 GMT
server: nginx
status: 200
strict-transport-security: max-age=15768000
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 0

POST
H2 200 md Show response
api.trustedform.com/e8b9fb09604672223db43a57de1457057df4d6a8/ 0
207 B 415ms
143ms XHR
text/html 50.97.168.187
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://api.trustedform.com/e8b9fb09604672223db43a57de1457057df4d6a8/md?a=1&t=cors

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.97.168.187 Dallas, United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

bb.a8.6132.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Jun 2020 14:40:20 GMT
server: nginx
status: 200
strict-transport-security: max-age=15768000
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 0

POST
H2 200 InitFormData Show response
create.leadid.com/2.7.0/ 0
298 B 120ms
119ms XHR
text/plain 54.173.215.17
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.7.0/InitFormData?msn=4&pid=cfb138ce-549c-4c30-a18d-614e1ee17bf1&token=6310A475-026F-D0EA-D804-B1CD910EA49E&_=830270146
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/55bc924f-7a64-632a-27e9-c00a43b0343d.js?snippet_version=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.173.215.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-215-17.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 23 Jun 2020 14:40:20 GMT
content-encoding: gzip
server: nginx/1.17.6
status: 200
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 e Show response
api.trustedform.com/e8b9fb09604672223db43a57de1457057df4d6a8/ 0
207 B 140ms
140ms XHR
text/html 50.97.168.187
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://api.trustedform.com/e8b9fb09604672223db43a57de1457057df4d6a8/e?cs=g2Je8hRT&csh=lQPxrQuuE0xSIXo9xuufche3gYE9vmsl3Dwx%252FsD47RU%253D&a=1&t=cors

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.97.168.187 Dallas, United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

bb.a8.6132.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Jun 2020 14:40:20 GMT
server: nginx
status: 200
strict-transport-security: max-age=15768000
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 0

POST
H2 200 Snap Show response
create.leadid.com/2.7.0/ 0
298 B 404ms
288ms XHR
text/plain 54.173.215.17
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.7.0/Snap?msn=5&pid=cfb138ce-549c-4c30-a18d-614e1ee17bf1&token=6310A475-026F-D0EA-D804-B1CD910EA49E&_=830270147
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/55bc924f-7a64-632a-27e9-c00a43b0343d.js?snippet_version=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.173.215.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-215-17.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 23 Jun 2020 14:40:22 GMT
content-encoding: gzip
server: nginx/1.17.6
status: 200
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 Snap Show response
create.leadid.com/2.7.0/ 0
298 B 444ms
255ms XHR
text/plain 54.173.215.17
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.7.0/Snap?msn=6&pid=cfb138ce-549c-4c30-a18d-614e1ee17bf1&token=6310A475-026F-D0EA-D804-B1CD910EA49E&_=830270148
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/55bc924f-7a64-632a-27e9-c00a43b0343d.js?snippet_version=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.173.215.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-215-17.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 23 Jun 2020 14:40:22 GMT
content-encoding: gzip
server: nginx/1.17.6
status: 200
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 e Show response
api.trustedform.com/e8b9fb09604672223db43a57de1457057df4d6a8/ 0
207 B 144ms
144ms XHR
text/html 50.97.168.187
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://api.trustedform.com/e8b9fb09604672223db43a57de1457057df4d6a8/e?cs=g2Je8hRT&csh=lQPxrQuuE0xSIXo9xuufche3gYE9vmsl3Dwx%252FsD47RU%253D&a=1&t=cors

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.97.168.187 Dallas, United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

bb.a8.6132.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Jun 2020 14:40:22 GMT
server: nginx
status: 200
strict-transport-security: max-age=15768000
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 0

POST
H2 200 e Show response
api.trustedform.com/e8b9fb09604672223db43a57de1457057df4d6a8/ 0
207 B 142ms
142ms XHR
text/html 50.97.168.187
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://api.trustedform.com/e8b9fb09604672223db43a57de1457057df4d6a8/e?cs=g2Je8hRT&csh=lQPxrQuuE0xSIXo9xuufche3gYE9vmsl3Dwx%252FsD47RU%253D&a=1&t=cors

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.97.168.187 Dallas, United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

bb.a8.6132.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Jun 2020 14:40:22 GMT
server: nginx
status: 200
strict-transport-security: max-age=15768000
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 0

POST
H2 200 Snap Show response
create.leadid.com/2.7.0/ 0
298 B 134ms
134ms XHR
text/plain 54.173.215.17
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.7.0/Snap?msn=7&pid=cfb138ce-549c-4c30-a18d-614e1ee17bf1&token=6310A475-026F-D0EA-D804-B1CD910EA49E&_=830270149
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/55bc924f-7a64-632a-27e9-c00a43b0343d.js?snippet_version=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.173.215.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-215-17.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 23 Jun 2020 14:40:24 GMT
content-encoding: gzip
server: nginx/1.17.6
status: 200
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 e Show response
api.trustedform.com/e8b9fb09604672223db43a57de1457057df4d6a8/ 0
207 B 143ms
143ms XHR
text/html 50.97.168.187
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://api.trustedform.com/e8b9fb09604672223db43a57de1457057df4d6a8/e?cs=g2Je8hRT&csh=lQPxrQuuE0xSIXo9xuufche3gYE9vmsl3Dwx%252FsD47RU%253D&a=1&t=cors

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.97.168.187 Dallas, United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

bb.a8.6132.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Jun 2020 14:40:25 GMT
server: nginx
status: 200
strict-transport-security: max-age=15768000
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 0

POST
H2 200 Snap Show response
create.leadid.com/2.7.0/ 0
298 B 134ms
134ms XHR
text/plain 54.173.215.17
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.7.0/Snap?msn=8&pid=cfb138ce-549c-4c30-a18d-614e1ee17bf1&token=6310A475-026F-D0EA-D804-B1CD910EA49E&_=830270150
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/55bc924f-7a64-632a-27e9-c00a43b0343d.js?snippet_version=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.173.215.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-215-17.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 23 Jun 2020 14:40:25 GMT
content-encoding: gzip
server: nginx/1.17.6
status: 200
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 e Show response
api.trustedform.com/e8b9fb09604672223db43a57de1457057df4d6a8/ 0
207 B 142ms
141ms XHR
text/html 50.97.168.187
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://api.trustedform.com/e8b9fb09604672223db43a57de1457057df4d6a8/e?cs=g2Je8hRT&csh=lQPxrQuuE0xSIXo9xuufche3gYE9vmsl3Dwx%252FsD47RU%253D&a=1&t=cors

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.97.168.187 Dallas, United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

bb.a8.6132.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Jun 2020 14:40:25 GMT
server: nginx
status: 200
strict-transport-security: max-age=15768000
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 0

POST
H2 200 Snap Show response
create.leadid.com/2.7.0/ 0
298 B 133ms
133ms XHR
text/plain 54.173.215.17
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.7.0/Snap?msn=9&pid=cfb138ce-549c-4c30-a18d-614e1ee17bf1&token=6310A475-026F-D0EA-D804-B1CD910EA49E&_=830270151
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/55bc924f-7a64-632a-27e9-c00a43b0343d.js?snippet_version=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.173.215.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-215-17.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 23 Jun 2020 14:40:29 GMT
content-encoding: gzip
server: nginx/1.17.6
status: 200
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 e Show response
api.trustedform.com/e8b9fb09604672223db43a57de1457057df4d6a8/ 0
207 B 143ms
143ms XHR
text/html 50.97.168.187
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://api.trustedform.com/e8b9fb09604672223db43a57de1457057df4d6a8/e?cs=g2Je8hRT&csh=lQPxrQuuE0xSIXo9xuufche3gYE9vmsl3Dwx%252FsD47RU%253D&a=1&t=cors

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.97.168.187 Dallas, United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

bb.a8.6132.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Jun 2020 14:40:29 GMT
server: nginx
status: 200
strict-transport-security: max-age=15768000
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 0

POST
H2 200 Snap Show response
create.leadid.com/2.7.0/ 0
298 B 102ms
102ms XHR
text/plain 54.173.215.17
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.7.0/Snap?msn=10&pid=cfb138ce-549c-4c30-a18d-614e1ee17bf1&token=6310A475-026F-D0EA-D804-B1CD910EA49E&_=830270152
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/55bc924f-7a64-632a-27e9-c00a43b0343d.js?snippet_version=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.173.215.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-215-17.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 23 Jun 2020 14:40:31 GMT
content-encoding: gzip
server: nginx/1.17.6
status: 200
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

227 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.harpsubstitute.com/	1970-01-20 03:59:55	Name: _ga Value: GA1.2.147439360.1592923219
harpsubstitute.com/	1970-01-23 02:07:43	Name: 6bdfac53cbfb648b7ebe7a1fe1b93f4d Value: %7B%22v%22%3A%225.5%22%2C%22a%22%3A771964299%2C%22b%22%3A%22e9cfafada0bf1aae5aebf5d549e6d30f%22%2C%22c%22%3A1592923219769%2C%22d%22%3A%2222a1fc9ee3ed183114dd41b0931ec2cb%22%2C%22e%22%3A%22%22%7D
.harpsubstitute.com/	1970-01-19 10:28:43	Name: _gat_UA-104373288-9 Value: 1
.harpsubstitute.com/	1970-01-19 10:30:09	Name: _gid Value: GA1.2.998842349.1592923219
.deviceid.trueleadid.com/	1970-01-25 20:28:19	Name: uuid Value: 639105b5f3524ae48db691ff6d1190bd
harpsubstitute.com/	1969-12-31 23:59:59	Name: leadid_token-29705C9D-232A-8A19-97CA-C832491B96A7-55BC924F-7A64-632A-27E9-C00A43B0343D Value: 6310A475-026F-D0EA-D804-B1CD910EA49E

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.useproof.com/proof.js?acc=TWoRTkvsVLQNe3zCfcg3pETq91r1(Line 1) Message: Proof v3.1.12
console-api	log	URL: https://harpsubstitute.com/js/app.js(Line 1031) Message:
console-api	error	URL: https://s3.amazonaws.com/trackpush/trackpush.min.js(Line 1) Message: [aimtell] Browser does not support push
console-api	log	URL: https://harpsubstitute.com/?publisher_id=1190&subid=SG9API_22nd(Line 1075) Message: https://cert.trustedform.com/e8b9fb09604672223db43a57de1457057df4d6a8

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.trustedform.com
cdn-3.convertexperiments.com
cdn.fcmrktplace.com
cdn.useproof.com
cdnjs.cloudflare.com
code.jquery.com
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
djjcyqvteia9v.cloudfront.net
ehawk.net
finance.mediaalpha.com
fonts.googleapis.com
fonts.gstatic.com
geoip-js.com
harpsubstitute.com
js.maxmind.com
newack.club
pushpros.tech
s3-us-west-2.amazonaws.com
s3.amazonaws.com
u9779597.ct.sendgrid.net
www.google-analytics.com
www.googletagmanager.com
www.reallygreatrate.com
143.204.238.189
143.204.94.82
162.242.135.68
167.89.118.35
2001:4de0:ac19::1:b:1a
23.62.118.34
2600:9000:2156:ee00:2:7bf5:a0c0:21
2606:4700:10::ac43:29e5
2606:4700:20::681a:30e
2606:4700::6810:252f
2606:4700::6810:85e5
2606:4700::6812:aef
2a00:1450:4001:802::2008
2a00:1450:4001:808::200a
2a00:1450:4001:817::200e
2a00:1450:4001:821::2003
2a00:d01:ff:905:94:228:142:86
50.97.168.187
52.217.41.6
52.218.232.8
52.24.167.168
54.173.215.17
54.243.138.231
95.215.210.129
0135e2e9e8402d3042377fb8fcba6fe26521209e26c2ae50a85e24d974fb1f8e
058986aa49aa8b9ae58d5c728d86f816f1fad9c527fcda566fef3c6c39c823d8
0f5bb6c07b7f3e42e2ad862ab10ea462c1f1fcc3e96899b63b519af160211d05
12d5f5436c92db2953a77e0c1d3d10ddf7ca6365129dbda3300e705d7d8bcb0d
17037d542b6031ffd87ba2a7948eb3380bb3bb3d241822ff1401a0e46cbc7702
1861008a1353e41c6d5d58c5211ba4e8b3f2b6b70857c8748e9650dc121c5a17
1a2a572f006b242096d76275e8c9edb114f9aa65cbd67fd1c4d57053da83932f
1ecfc83abd219e2c4fb7ad45669b8d34a2d1e576fc56d23d960a380edffb5750
1f7c1711bbcc552ffcfa2d4a1ce63f0e5fde356e71d9c2fd7d7358888b93e798
24ed9db3eb0d97ecf1f0832cbd30bd37744e0d2b520ccdad5af60f7a08a45b90
28a050e3bb0c1932abdde03a00adedf53cb095b71bed2041cc5ff29c34bbad8c
2bdf83f75f66adf883bffa8154a933820ebe1774462491fa9569ced274dcfb76
2e988639b9cf3eed8f9521702d16bbdcdcc6602fbdf82785aa0e11d2c557aa13
329e9a67933b05b6109d75174bdfcc80438c242e775b5b6a95f1353a726612ef
36036beb34f14874a1d5adcb40e2264c9e7b915a1b9ef9af5c4548a157f25d85
41810523dacc10e7bdcc782c009ed5c0e8e11e11ae233e360e913aad7dc89bd6
463b0ec64a3b1a3326d4150720d8188e59f5614ab306162e6c48f78142bb74ba
479bbacc482a04fafa069e27d88922ed314c9f7df86ebf8b117de571c4869512
4a046c518db7cc7a1d4c4b4373142fbe4d1cea90ff025f4cff9ec961363aab85
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5c06b6329970d1560039f39c4935a041d96fcf0f877b47951d8ece559a1b4dc6
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
609630696da97a52bd84b733404f83774ad969bf959b5b4da6a46b1feddca327
69760d497ac54eee0a7c6cdea04a2cb2f1721169a777220433ef552cda326527
6abe50353a2a5173c7ae19d47eefe442c6a27847760508c3d04240e9bbc490e5
6aefee02eadfc44105dba985d35f60a30f510ca16a80cda6c54a98b7905e3e58
6c78ce6b6d1928630b903084ea9d503643f303ba05455860cc7cd17f7687cc65
7656b5a72cee89a429742d2575df383f9d0a5a36464ab05ee13fb1dafeb73bdf
7be0ac99f2ea3e5f96e91fadfabfa6a74df8e9dde83f25bb847730cfd5b25310
81b970efb0c597b9e5d7def67dd00f07a17a319d965e2898974330c3df170fea
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83d4573c0d46d8b3ab186ebe6a6158db10dc4404f3daa3d34939df4ec36499ea
8535b3b2f13ac82fe4c0dd0dc58e136eb33ab996e1ccb098c8a9fdf391e1b0a4
86b9810f5af65c62a1d7c0ae9b8fcfbf88fec66b80b6ba723eb6b37eb4c3fef8
8e76eef62b062738a039caadccc53acc5729bae82c4291a420647a1a57c2e501
935c1c855f0827688ca668a51e15beb8754280c34843b9cc9038971b37cc7236
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a5d20d9f800889c15761ef2c05630291e949bb7f1ab654784cf37bf0fedfeea3
ab7954e1447f64d179eaec1e53a64438f59fc59a3d701897acab070e1138f849
affd3bf16b486f467118301191499eaca2bea9a5e1e792a5b642d0191377486c
b02261de48e43eb36ebd12bb35cc8cf835709afdafc45090f720268f47c0ecd1
b31dd5c68363ab900b9c0072b0f800e463c01a4d30b9318ae5407e7b3d4a8f2c
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
b977f453450222a069d89dd2e776f6f21f9fa42f6e15c03c7fe6ff34d9a2c159
bc8f52f0616202cd73dda803b41c7e4171da483c146594e5a9a64a2323a65191
c0504aaebc704c9e2f127b37b96aa475865d6dc9e8a7b3ebb84dabdaa87305ce
c20200c1fce72a3749a5a2fe92a2c63a7f313adfd8b68376d6c6d1d7a51bd04c
c44e103d43175772153ee7ec6de86dd20bd3bcdf8e4742f7436a70426b1472c3
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
cec51d1f5afeba765ab9602d837434702c09425a31ecf455f93b3f02e1a6d84a
cecb7574a7b590943facd083b1fa50a4d723e2aab07e11b7ceb2221778404e20
d6e34292d04cdc650fdbb9d914aa5b8e6ab5201e7cda5e90c2786bc6cfe195d8
d78ed93a873694116f57756b7b1a02c1f6bb7f16311435fd78f7e79d1a67307c
e075b9d33b31c068479eeff713f7eac09953f530db616177c8c63f2e575479ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9a022804abc1a1f59c15181c083016892735cf323fd6f80385abb6bf335c3cf
ecb97cf0b390d2c82d10e53ddc43860e281ee1679ac710588d054aa79e4b79dd
f33bd58eaa8862892bfaaf1d07b4010ec83175e0b2b85b4b96b75c08cfa4a662
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f826c601f6f8c59a9c7f600974e7315b807aae691cc0255aa9102f512b13f125
f958ea302a444495a64a523f633b078327c56f360cc3ba54326952708978002f
f9b5b46f7f48476e5b3dff899d98700e71eb06dea34acbe716f4e59f9e680060
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

harpsubstitute.com Open in urlscan Pro 162.242.135.68 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

86 Requests

100 %HTTPS

50 %IPv6

23 Domains

25 Subdomains

21 IPs

4 Countries

1272 kBTransfer

2519 kBSize

6 Cookies

5 Outgoing links

Page URL History

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

harpsubstitute.com Open in urlscan Pro
162.242.135.68 Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

100 %
HTTPS

50 %
IPv6

23
Domains

25
Subdomains

21
IPs

4
Countries

1272 kB
Transfer

2519 kB
Size

6
Cookies

86 HTTP transactions
0 data transactions