urlscan.io logo urlscan.io
SecurityTrails logo

www.getmyrefinance.com Open in urlscan Pro
34.225.232.90  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mygosecure.com/?a=76&oc=1189&c=3130&s1=GMR-Pops-Ron&s2=&s3=&s4=&s5=wKU39VQQ90C8TDI91HSJVSQS
Effective URL: https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
Submission: On November 09 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 2 countries across 15 domains to perform 45 HTTP transactions. The main IP is 34.225.232.90, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is www.getmyrefinance.com.
TLS certificate: Issued by Amazon on January 30th 2017. Valid for: a year.
This is the only time www.getmyrefinance.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 34.232.234.10 14618 (AMAZON-AES)
1 1 34.205.7.227 14618 (AMAZON-AES)
8 34.225.232.90 14618 (AMAZON-AES)
1 2400:cb00:204... 13335 (CLOUDFLAR...)
8 52.222.168.154 16509 (AMAZON-02)
2 34.200.85.68 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2400:cb00:204... 13335 (CLOUDFLAR...)
4 2a03:2880:f01... 32934 (FACEBOOK)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a03:2880:f12... 32934 (FACEBOOK)
1 52.222.168.224 16509 (AMAZON-02)
4 52.44.169.239 14618 (AMAZON-AES)
1 34.225.209.199 14618 (AMAZON-AES)
45 16
2    34.232.234.10 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-232-234-10.compute-1.amazonaws.com
mygosecure.com
lpnjump.com
1    34.205.7.227 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-205-7-227.compute-1.amazonaws.com
www.goodmeasure.link
8    34.225.232.90 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-225-232-90.compute-1.amazonaws.com
www.getmyrefinance.com
1    2400:cb00:2048:1::6819:7c63 (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)
code.ionicframework.com
8    52.222.168.154 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-168-154.fra54.r.cloudfront.net
dn3nmb5yt1ysw.cloudfront.net
2    34.200.85.68 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-200-85-68.compute-1.amazonaws.com
www.getmyrefinance.com
2    2a00:1450:4001:806::200a (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
fonts.googleapis.com
1    2a00:1450:4001:806::2008 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
www.googletagmanager.com
3    2a00:1450:4001:806::2003 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
fonts.gstatic.com
1    2400:cb00:2048:1::6819:7b63 (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)
code.ionicframework.com
4    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
2    2a00:1450:4001:806::200e (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
www.google-analytics.com
1    2a00:1450:400c:c04::9b (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
stats.g.doubleclick.net
5    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
1    52.222.168.224 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-168-224.fra54.r.cloudfront.net
d1tprjo2w7krrh.cloudfront.net
4    52.44.169.239 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-44-169-239.compute-1.amazonaws.com
create.leadid.com
1    34.225.209.199 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-225-209-199.compute-1.amazonaws.com
blacksmith.goodmeasure.io
Domain Requested by
10 www.getmyrefinance.com www.getmyrefinance.com
8 dn3nmb5yt1ysw.cloudfront.net www.getmyrefinance.com
5 www.facebook.com www.getmyrefinance.com
4 create.leadid.com d1tprjo2w7krrh.cloudfront.net
4 connect.facebook.net www.getmyrefinance.com
connect.facebook.net
3 fonts.gstatic.com www.getmyrefinance.com
2 www.google-analytics.com 1 redirects www.getmyrefinance.com
2 fonts.googleapis.com www.getmyrefinance.com
2 code.ionicframework.com www.getmyrefinance.com
1 blacksmith.goodmeasure.io
1 d1tprjo2w7krrh.cloudfront.net www.getmyrefinance.com
1 stats.g.doubleclick.net www.getmyrefinance.com
1 www.googletagmanager.com www.getmyrefinance.com
1 www.goodmeasure.link 1 redirects
1 lpnjump.com 1 redirects
1 mygosecure.com 1 redirects
0 d2m2wsoho8qq12.cloudfront.net Failed d1tprjo2w7krrh.cloudfront.net
45 17

This site contains links to these domains. Also see Links.

Domain
www.fanniemae.com
Subject Issuer Validity Valid
lnxtrk.net
Amazon		 2017-01-30 -
2018-02-28		 a year crt.sh
ionicframework.com
CloudFlare Inc ECC CA-2		 2017-03-07 -
2018-03-07		 a year crt.sh
*.cloudfront.net
Symantec Class 3 Secure Server CA - G4		 2016-10-26 -
2017-12-17		 a year crt.sh
*.googleapis.com
Google Internet Authority G2		 2017-11-01 -
2018-01-24		 3 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2017-11-01 -
2018-01-24		 3 months crt.sh
*.google.com
Google Internet Authority G2		 2017-11-01 -
2018-01-24		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2016-12-09 -
2018-01-25		 a year crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2017-11-01 -
2018-01-24		 3 months crt.sh
*.leadid.com
Go Daddy Secure Certificate Authority - G2		 2017-02-13 -
2018-04-14		 a year crt.sh

This page contains 4 frames:

Primary Page: https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
Frame ID: 23604.1
Requests: 42 HTTP requests in this frame

Frame: https://www.getmyrefinance.com/pixels?uuid=a84a8c12-980a-4c18-886e-e6e165e77ce0&cb=1510265670916
Frame ID: 23604.2
Requests: 1 HTTP requests in this frame

Frame: https://www.getmyrefinance.com/pixels?uuid=a84a8c12-980a-4c18-886e-e6e165e77ce0&conversion=1&cb=1510265670917
Frame ID: 23604.3
Requests: 1 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=CEC1E60C-A69E-4543-B4A0-357280EA1E0C&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.4.0&lck=4F5F9AC8-85C0-44E4-B195-5C860AF35787
Frame ID: 23604.4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://mygosecure.com/?a=76&oc=1189&c=3130&s1=GMR-Pops-Ron&s2=&s3=&s4=&s5=wKU39VQQ90C8TDI91HSJVSQS HTTP 302
    http://lpnjump.com/?a=76&oc=1189&c=3130&s1=GMR-Pops-Ron&s2=&s3=&s4=&s5=wKU39VQQ90C8TDI91HSJVSQS... HTTP 302
    https://www.goodmeasure.link/lnx/refinance?sourceid=76&sub_1=GMR-Pops-Ron&sub_2=&sub_3=&requestid=44937805 HTTP 302
    https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+ionicons(?:\.min)?\.css/i

Page Statistics

45
Requests

93 %
HTTPS

53 %
IPv6

15
Domains

17
Subdomains

16
IPs

2
Countries

1051 kB
Transfer

1629 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mygosecure.com/?a=76&oc=1189&c=3130&s1=GMR-Pops-Ron&s2=&s3=&s4=&s5=wKU39VQQ90C8TDI91HSJVSQS HTTP 302
    http://lpnjump.com/?a=76&oc=1189&c=3130&s1=GMR-Pops-Ron&s2=&s3=&s4=&s5=wKU39VQQ90C8TDI91HSJVSQS&ckmguid=eacf57f4-9b1c-4556-a78e-44d9bb73f257 HTTP 302
    https://www.goodmeasure.link/lnx/refinance?sourceid=76&sub_1=GMR-Pops-Ron&sub_2=&sub_3=&requestid=44937805 HTTP 302
    https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://www.google-analytics.com/r/collect?v=1&_v=j65&a=1149952962&t=pageview&_s=1&dl=https%3A%2F%2Fwww.getmyrefinance.com%2Ff%2Fe2%2F%3F_s%3D76%26sub_1%3DGMR-Pops-Ron%26sub_5%3D44937805%26requestid%3D44937805%26sourceid%3D76&ul=en-us&de=UTF-8&dt=Compare%20Home%20Mortgage%20Refinance%20Rates%20%7C%20Get%20My%20Refinance&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAAABI~&jid=293977164&gjid=452931740&cid=1786033107.1510265670&tid=UA-29775006-50&_gid=143967117.1510265670&_r=1&z=549112995 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-29775006-50&cid=1786033107.1510265670&jid=293977164&_gid=143967117.1510265670&gjid=452931740&_v=j65&z=549112995

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.getmyrefinance.com/f/e2/
Redirect Chain
  • http://mygosecure.com/?a=76&oc=1189&c=3130&s1=GMR-Pops-Ron&s2=&s3=&s4=&s5=wKU39VQQ90C8TDI91HSJVSQS
  • http://lpnjump.com/?a=76&oc=1189&c=3130&s1=GMR-Pops-Ron&s2=&s3=&s4=&s5=wKU39VQQ90C8TDI91HSJVSQS&ckmguid=eacf57f4-9b1c-4556-a78e-44d9bb73f257
  • https://www.goodmeasure.link/lnx/refinance?sourceid=76&sub_1=GMR-Pops-Ron&sub_2=&sub_3=&requestid=44937805
  • https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
34 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.232.90 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-225-232-90.compute-1.amazonaws.com
Software
/
Resource Hash
bae63f210ecc5cd88720d78aff8a9b458bfd8feac51c25077a3a5fa315696249

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.getmyrefinance.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 09 Nov 2017 22:14:29 GMT
content-encoding
gzip
last-modified
Mon, 02 Oct 2017 15:58:32 GMT
etag
"51721-11030886-1506959912000"
content-type
text/html
cache-control
public, max-age=3600
Connection
keep-alive
Content-Length
7977

Redirect headers

Location
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
Date
Thu, 09 Nov 2017 22:14:28 GMT
Connection
keep-alive
Content-Length
290
Vary
Accept
Content-Type
text/html; charset=utf-8
gmr.css
www.getmyrefinance.com/css/ 		129 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.getmyrefinance.com/css/gmr.css
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.232.90 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-225-232-90.compute-1.amazonaws.com
Software
/
Resource Hash
27afb66208080d9f913090a564bb81b07fda8b0652adc1f578465e4e87157952

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.getmyrefinance.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 09 Nov 2017 22:14:29 GMT
content-encoding
gzip
last-modified
Mon, 02 Oct 2017 15:58:32 GMT
etag
"51721-11030869-1506959912000"
content-type
text/css
cache-control
public, max-age=3600
Connection
keep-alive
Content-Length
19058
ionicons.min.css
code.ionicframework.com/ionicons/2.0.1/css/ 		50 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6819:7c63 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
92ac508220f5bb60ec94e07650528eb66625f82a4740ada068cde05365781286

Request headers

:path
/ionicons/2.0.1/css/ionicons.min.css
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
code.ionicframework.com
referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
:scheme
https
:method
GET
Referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

x-fastly-request-id
f8d28ffc803786874eb6497b3d6f51b9c5164cf7
date
Thu, 09 Nov 2017 22:14:29 GMT
content-encoding
gzip
cf-cache-status
MISS
access-control-allow-origin
*
x-cache
HIT
status
200
x-cache-hits
65
content-length
9682
x-served-by
cache-hhn1531-HHN
last-modified
Thu, 26 Oct 2017 14:18:49 GMT
server
cloudflare-nginx
x-github-request-id
C06A:1D7E:12E44C4D:1B0B89A7:59F1EEF3
x-timer
S1510265669.239797,VS0,VE0
vary
Accept-Encoding
content-type
text/css; charset=utf-8
via
1.1 varnish
cache-control
public, max-age=7200
set-cookie
__cfduid=de27c4761dd3da19c3d30f04ce1a373831510265669; expires=Fri, 09-Nov-18 22:14:29 GMT; path=/; domain=.ionicframework.com; HttpOnly
accept-ranges
bytes
cf-ray
3bb42010b8d926d2-FRA
expires
Fri, 10 Nov 2017 00:14:29 GMT
Cookie set tracking.js
www.getmyrefinance.com/ 		215 KB
215 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.getmyrefinance.com/tracking.js
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.232.90 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-225-232-90.compute-1.amazonaws.com
Software
/
Resource Hash
de372516af49a77090364803562822f0c4874479f9fbe2ca316f3193ee0b61d2

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.getmyrefinance.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 09 Nov 2017 22:14:29 GMT
Etag
a84a8c12-980a-4c18-886e-e6e165e77ce0/0.0.34
Content-Type
text/html; charset=utf-8
Set-Cookie
uuid=a84a8c12-980a-4c18-886e-e6e165e77ce0; Max-Age=2592000; Path=/; Expires=Sat, 09 Dec 2017 22:14:29 GMT
Cache-Control
private, must-revalidate post-check=1 pre-check=1
Connection
keep-alive
Content-Length
219691
Expires
0
refi-submit-loop-color.gif
dn3nmb5yt1ysw.cloudfront.net/images/common/ 		125 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dn3nmb5yt1ysw.cloudfront.net/images/common/refi-submit-loop-color.gif
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.168.154 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-168-154.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e89017e6d9e56bf06ddf30202428f7227c163c7eff22b18f1295a1d369534248

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
dn3nmb5yt1ysw.cloudfront.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Sun, 05 Nov 2017 19:53:30 GMT
Via
1.1 e4a44efc4b3241dc23019df63a1f645c.cloudfront.net (CloudFront)
Last-Modified
Tue, 16 Jun 2015 17:36:39 GMT
Server
AmazonS3
Age
6038
ETag
"ef05e1c9a0a01399a6fce89029e3495f"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
127612
X-Amz-Cf-Id
YWPsEKXLmM7-9TDfy4BsKwp_CXkU40fAGo-Ec_v0pwXHJKmmKxmPAQ==
scripts.js
www.getmyrefinance.com/js/ 		274 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.getmyrefinance.com/js/scripts.js
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.85.68 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-200-85-68.compute-1.amazonaws.com
Software
/
Resource Hash
9be1ea6051aea02f8bf627ddf688ae70ea57a464b21819117b745c0fad295be3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.getmyrefinance.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 09 Nov 2017 22:14:29 GMT
content-encoding
gzip
last-modified
Mon, 02 Oct 2017 15:58:32 GMT
etag
"51721-2677324-1506959912000"
content-type
application/javascript
cache-control
public, max-age=3600
Connection
keep-alive
Content-Length
89489
css
fonts.googleapis.com/ 		2 KB
567 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::200a , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
ESF /
Resource Hash
d51aad42ed7f937bdd4f4b0e8310e1db33b1f73b15fe161f560276bd871e95db
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/css?family=Lato:300,400,700
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
fonts.googleapis.com
referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
:scheme
https
:method
GET
Referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 09 Nov 2017 22:14:29 GMT
content-encoding
gzip
last-modified
Thu, 09 Nov 2017 22:14:29 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="41,39,38,37,35"
x-xss-protection
1; mode=block
expires
Thu, 09 Nov 2017 22:14:29 GMT
css
fonts.googleapis.com/ 		2 KB
613 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Slab:300
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::200a , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
ESF /
Resource Hash
941cc503df31552ac196bf2523d1c52b84269f35b1c58106ca5b2b353f720c0e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/css?family=Roboto+Slab:300
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
fonts.googleapis.com
referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
:scheme
https
:method
GET
Referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 09 Nov 2017 22:14:29 GMT
content-encoding
gzip
last-modified
Thu, 09 Nov 2017 22:14:29 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="41,39,38,37,35"
x-xss-protection
1; mode=block
expires
Thu, 09 Nov 2017 22:14:29 GMT
ionicons.min.css
code.ionicframework.com/ionicons/2.0.1/css/ 		0
0
leadData
www.getmyrefinance.com/ 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.getmyrefinance.com/leadData?uuid=a84a8c12-980a-4c18-886e-e6e165e77ce0
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/tracking.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.232.90 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-225-232-90.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.getmyrefinance.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
Cookie
uuid=a84a8c12-980a-4c18-886e-e6e165e77ce0
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

X-ClockName
21608c
Date
Thu, 09 Nov 2017 22:14:30 GMT
Connection
keep-alive
X-Clocks
MDU9Nw==
gtm.js
www.googletagmanager.com/ 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5QCHWF6
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:806::2008 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
7ecc2c3451a802daa94f11282c7cdc33b31c9b425d5bb1deceec651432abccf5
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

:path
/gtm.js?id=GTM-5QCHWF6
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.googletagmanager.com
referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
:scheme
https
:method
GET
Referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 09 Nov 2017 22:14:29 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
21167
x-xss-protection
1; mode=block
expires
Thu, 09 Nov 2017 22:14:29 GMT
get-my-refinance-logo-black.png
dn3nmb5yt1ysw.cloudfront.net/images/logos/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dn3nmb5yt1ysw.cloudfront.net/images/logos/get-my-refinance-logo-black.png
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.168.154 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-168-154.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8a763b56d3623402129d369636ce18253893ead112a9733a3ad81e6cbf9787a0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
dn3nmb5yt1ysw.cloudfront.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.getmyrefinance.com/css/gmr.css
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.getmyrefinance.com/css/gmr.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Sun, 05 Nov 2017 19:53:30 GMT
Via
1.1 b4b6d30e349cbed36f8141249dcef99f.cloudfront.net (CloudFront)
Last-Modified
Tue, 19 May 2015 21:46:18 GMT
Server
AmazonS3
Age
6038
ETag
"dda1dca74d5bebe8574c7cac88676e30"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12352
X-Amz-Cf-Id
UJR9buWvRI6mciog4VYkJPLF3KbFhbyD8RIsv-q_16Vv0gvQuUwMYw==
MgNNr5y1C_tIEuLEmicLmwLUuEpTyoUstqEm5AMlJo4.woff2
fonts.gstatic.com/s/lato/v14/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v14/MgNNr5y1C_tIEuLEmicLmwLUuEpTyoUstqEm5AMlJo4.woff2
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
a3b3c4f67bf2b44294215e2be76f12794e6b142edec201e199c93c38739f2bfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/s/lato/v14/MgNNr5y1C_tIEuLEmicLmwLUuEpTyoUstqEm5AMlJo4.woff2
pragma
no-cache
origin
https://www.getmyrefinance.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
fonts.gstatic.com
referer
https://fonts.googleapis.com/css?family=Lato:300,400,700
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:300,400,700
Origin
https://www.getmyrefinance.com

Response headers

date
Mon, 23 Oct 2017 16:22:10 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:24:00 GMT
server
sffe
age
1489939
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
14076
x-xss-protection
1; mode=block
expires
Tue, 23 Oct 2018 16:22:10 GMT
MDadn8DQ_3oT6kvnUq_2r_esZW2xOQ-xsNqO47m55DA.woff2
fonts.gstatic.com/s/lato/v14/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v14/MDadn8DQ_3oT6kvnUq_2r_esZW2xOQ-xsNqO47m55DA.woff2
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
52726fb580d6bffc46615863ddbf4c319524b5a68fb484be2972bdad4fd0310d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/s/lato/v14/MDadn8DQ_3oT6kvnUq_2r_esZW2xOQ-xsNqO47m55DA.woff2
pragma
no-cache
origin
https://www.getmyrefinance.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
fonts.gstatic.com
referer
https://fonts.googleapis.com/css?family=Lato:300,400,700
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:300,400,700
Origin
https://www.getmyrefinance.com

Response headers

date
Mon, 23 Oct 2017 16:30:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:23:19 GMT
server
sffe
age
1489453
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
13944
x-xss-protection
1; mode=block
expires
Tue, 23 Oct 2018 16:30:16 GMT
house-icon-refi-white.png
dn3nmb5yt1ysw.cloudfront.net/images/common/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dn3nmb5yt1ysw.cloudfront.net/images/common/house-icon-refi-white.png
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.168.154 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-168-154.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
377e74d94f8ee8dc4329e128992f726e2abb2f72389c215ddce332309da0f386

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
dn3nmb5yt1ysw.cloudfront.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.getmyrefinance.com/css/gmr.css
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.getmyrefinance.com/css/gmr.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Sun, 05 Nov 2017 19:53:30 GMT
Via
1.1 23d92aa442d5ae9ed0313643d8764687.cloudfront.net (CloudFront)
Last-Modified
Fri, 17 Jul 2015 19:27:17 GMT
Server
AmazonS3
Age
6038
ETag
"5584f2662a67fa05a4e83d50e7de9367"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36492
X-Amz-Cf-Id
4UxFtrV7GxIRzr66ysXRtWNVy8c1yA8BG1hvcRvfkwV4sqfYdZJEbg==
house-icon-forsale-dark.png
dn3nmb5yt1ysw.cloudfront.net/images/common/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dn3nmb5yt1ysw.cloudfront.net/images/common/house-icon-forsale-dark.png
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.168.154 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-168-154.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e1591f46ec1345804720502fe936742853d4205cc7a47e55585ea505ce45b892

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
dn3nmb5yt1ysw.cloudfront.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.getmyrefinance.com/css/gmr.css
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.getmyrefinance.com/css/gmr.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Wed, 08 Nov 2017 13:17:51 GMT
Via
1.1 b4b6d30e349cbed36f8141249dcef99f.cloudfront.net (CloudFront)
Last-Modified
Mon, 20 Jul 2015 15:55:21 GMT
Server
AmazonS3
Age
31784
ETag
"5d93c39b7eaa15995e105ccaf622c7a8"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
46457
X-Amz-Cf-Id
hZtlf3caUNgQnZjivE395oR56Q1HyZdnd_Z5pb7FuKcg97AzcURIMg==
primary-color.jpg
dn3nmb5yt1ysw.cloudfront.net/images/common/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dn3nmb5yt1ysw.cloudfront.net/images/common/primary-color.jpg
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.168.154 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-168-154.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1dcf008dc0c68133a23012ad030fd9522c163d98333835210eeb82cd8de60ce3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
dn3nmb5yt1ysw.cloudfront.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.getmyrefinance.com/css/gmr.css
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.getmyrefinance.com/css/gmr.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 09 Nov 2017 13:24:47 GMT
Via
1.1 fdb19a60fef99ccf6faacc3588fcd922.cloudfront.net (CloudFront)
Last-Modified
Mon, 15 Jun 2015 20:25:42 GMT
Server
AmazonS3
Age
31784
ETag
"f85a6ef6243f71f9e30d05c4dc95a274"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35763
X-Amz-Cf-Id
_ctgI_1_yEsHKFj0DKcZR1vp3O9pI-8H-AOBYUfll-fxSnlkB2ss4A==
multi-bw.jpg
dn3nmb5yt1ysw.cloudfront.net/images/common/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dn3nmb5yt1ysw.cloudfront.net/images/common/multi-bw.jpg
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.168.154 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-168-154.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
03ea084cca13780de106a935c01fb46bbc1e2d8a81680095f375b0006aa52f8d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
dn3nmb5yt1ysw.cloudfront.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.getmyrefinance.com/css/gmr.css
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.getmyrefinance.com/css/gmr.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Sun, 05 Nov 2017 19:53:31 GMT
Via
1.1 3df8c233328fbbb4fd91eb496d73f2d8.cloudfront.net (CloudFront)
Last-Modified
Mon, 15 Jun 2015 20:25:38 GMT
Server
AmazonS3
Age
6038
ETag
"df699984d376af7cf8994cf840f04fe0"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
52869
X-Amz-Cf-Id
HhIroYv4GlVJ45KFU50SDdESIvVPyOiqrb1iAy6JoH_LMdG7tgX2LA==
condo-bw.jpg
dn3nmb5yt1ysw.cloudfront.net/images/common/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dn3nmb5yt1ysw.cloudfront.net/images/common/condo-bw.jpg
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.168.154 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-168-154.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9fefba373e2d8f887fe9a7165e8b062b23eff486a2c4225f824fff48c97325fe

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
dn3nmb5yt1ysw.cloudfront.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.getmyrefinance.com/css/gmr.css
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.getmyrefinance.com/css/gmr.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Sun, 05 Nov 2017 19:53:31 GMT
Via
1.1 23d92aa442d5ae9ed0313643d8764687.cloudfront.net (CloudFront)
Last-Modified
Mon, 15 Jun 2015 20:25:35 GMT
Server
AmazonS3
Age
6038
ETag
"29f2359c6243d2d6301dc48180afd582"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
40716
X-Amz-Cf-Id
J-iGhzNeyHw1EwFCfKMm_u5UeIDsixXx9mW8F_qtYjP-C6Eb23m7-w==
mobile-bw.jpg
dn3nmb5yt1ysw.cloudfront.net/images/common/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dn3nmb5yt1ysw.cloudfront.net/images/common/mobile-bw.jpg
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.168.154 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-168-154.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
acd490a53b11adfda6357e73054ca7f08003ef1dc37ce1f7a87f1eafedda9e85

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
dn3nmb5yt1ysw.cloudfront.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.getmyrefinance.com/css/gmr.css
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.getmyrefinance.com/css/gmr.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Sun, 05 Nov 2017 19:53:32 GMT
Via
1.1 3df8c233328fbbb4fd91eb496d73f2d8.cloudfront.net (CloudFront)
Last-Modified
Mon, 15 Jun 2015 20:25:38 GMT
Server
AmazonS3
Age
6037
ETag
"5c575a9be716d8c709a87435427919a3"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28929
X-Amz-Cf-Id
1SxFzE2BLFFZK5lnB4MBJMIMzDRroytq4vUFCkiTvE409aeVZLLw7Q==
22JRxvfANxSmnAhzbFH8PgLUuEpTyoUstqEm5AMlJo4.woff2
fonts.gstatic.com/s/lato/v14/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v14/22JRxvfANxSmnAhzbFH8PgLUuEpTyoUstqEm5AMlJo4.woff2
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
5d7c184f73407fd0b6e92743095a0d2a5cb5d3b853ce898798c24ef87d622db1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/s/lato/v14/22JRxvfANxSmnAhzbFH8PgLUuEpTyoUstqEm5AMlJo4.woff2
pragma
no-cache
origin
https://www.getmyrefinance.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
fonts.gstatic.com
referer
https://fonts.googleapis.com/css?family=Lato:300,400,700
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:300,400,700
Origin
https://www.getmyrefinance.com

Response headers

date
Wed, 11 Oct 2017 18:45:14 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:23:55 GMT
server
sffe
age
2518155
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
13828
x-xss-protection
1; mode=block
expires
Thu, 11 Oct 2018 18:45:14 GMT
ionicons.ttf
code.ionicframework.com/ionicons/2.0.1/fonts/ 		184 KB
107 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://code.ionicframework.com/ionicons/2.0.1/fonts/ionicons.ttf?v=2.0.1
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6819:7b63 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
5e700835ec05293a3d0f9e354e7d038319d34521cd279e782198dff6d1dd58f2

Request headers

:path
/ionicons/2.0.1/fonts/ionicons.ttf?v=2.0.1
pragma
no-cache
origin
https://www.getmyrefinance.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
code.ionicframework.com
referer
https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Referer
https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
Origin
https://www.getmyrefinance.com

Response headers

x-fastly-request-id
c13e517b842d34e9ba77e8649e8cb524d58242a8
date
Thu, 09 Nov 2017 22:14:30 GMT
via
1.1 varnish
cf-cache-status
MISS
x-cache
HIT
status
200
x-cache-hits
15
content-encoding
gzip
x-served-by
cache-fra1240-FRA
last-modified
Thu, 26 Oct 2017 14:18:50 GMT
server
cloudflare-nginx
x-github-request-id
B230:7DE2:6DFEF2:A9A3B2:5A015BA2
x-timer
S1510265670.005249,VS0,VE0
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=7200
set-cookie
__cfduid=db334ebf7ba46acc4f0a79e62ae4370ed1510265670; expires=Fri, 09-Nov-18 22:14:30 GMT; path=/; domain=.ionicframework.com; HttpOnly
cf-ray
3bb420157a909726-FRA
expires
Fri, 10 Nov 2017 00:14:30 GMT
fbevents.js
connect.facebook.net/en_US/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
9ed8d0405bfd3dfc42779322685993a6a303579ebad7405b5ce42931416129ea
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

:path
/en_US/fbevents.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
connect.facebook.net
referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
:scheme
https
:method
GET
Referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

pragma
public
x-fb-debug
UKvPeIFbEs63XY49PRhuw7fg/S1ZMTIou0HyMem9VxcPkW+LU8LhAIyhL0/SAErAd3W7HwRAyRl0OBVNQC+Ndw==
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 09 Nov 2017 22:14:30 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
status
200
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
strict-transport-security
max-age=31536000; preload; includeSubDomains
vary
Accept-Encoding
content-length
10852
x-xss-protection
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
session
www.getmyrefinance.com/ 		540 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.getmyrefinance.com/session?uuid=a84a8c12-980a-4c18-886e-e6e165e77ce0
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/js/scripts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.85.68 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-200-85-68.compute-1.amazonaws.com
Software
/
Resource Hash
6cef6fd853b66bd47629d983d3ba1e847abe1cd14c24e18a54e99792259623a3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.getmyrefinance.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
X-Requested-With
XMLHttpRequest
Cookie
uuid=a84a8c12-980a-4c18-886e-e6e165e77ce0
Connection
keep-alive
Cache-Control
no-cache
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2017 22:14:30 GMT
ETag
W/"21c-ENW3RNfEtXnTiwgHLZk+lw"
Content-Type
application/json; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
540
Expires
0
decide
www.getmyrefinance.com/ 		2 B
2 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.getmyrefinance.com/decide?uuid=a84a8c12-980a-4c18-886e-e6e165e77ce0&origin=form&actionType=inject&templateId=RELSCa52
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/js/scripts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.232.90 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-225-232-90.compute-1.amazonaws.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.getmyrefinance.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
X-Requested-With
XMLHttpRequest
Cookie
uuid=a84a8c12-980a-4c18-886e-e6e165e77ce0
Connection
keep-alive
Cache-Control
no-cache
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2017 22:14:30 GMT
ETag
W/"2-11FxOYiYfpMxmANj4kGJzg"
Content-Type
application/json; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
2
Expires
0
analytics.js
www.google-analytics.com/ 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:806::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Golfe2 /
Resource Hash
45fa5c9e6fed4bf92ae35aec5d65164af6365cb957bbfeaa81c96d7aad186c5a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/analytics.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.google-analytics.com
referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
:scheme
https
:method
GET
Referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 20 Oct 2017 23:46:20 GMT
server
Golfe2
age
1008
date
Thu, 09 Nov 2017 21:57:42 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
14635
expires
Thu, 09 Nov 2017 23:57:42 GMT
leadData
www.getmyrefinance.com/ 		266 B
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.getmyrefinance.com/leadData?uuid=a84a8c12-980a-4c18-886e-e6e165e77ce0
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/js/scripts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.232.90 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-225-232-90.compute-1.amazonaws.com
Software
/
Resource Hash
e2e209c9f2768e22c690aa7850ee976889bfc285fc0b861b469b723880564c8d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.getmyrefinance.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
X-Requested-With
XMLHttpRequest
Cookie
uuid=a84a8c12-980a-4c18-886e-e6e165e77ce0
Connection
keep-alive
Cache-Control
no-cache
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

X-ClockName
2a2cdd
Pragma
no-cache
Date
Thu, 09 Nov 2017 22:14:30 GMT
ETag
W/"10a-ba0SzhQg+z6Y7RdO1NbqCg"
Content-Type
application/json; charset=utf-8
X-Clocks
MDU9Nw==
Cache-Control
no-cache, no-store, must-revalidate
X-WasSubmitted
0
Connection
keep-alive
Content-Length
266
Expires
0
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j65&a=1149952962&t=pageview&_s=1&dl=https%3A%2F%2Fwww.getmyrefinance.com%2Ff%2Fe2%2F%3F_s%3D76%26sub_1%3DGMR-Pops-Ron%26sub_5%3D44937805%26requesti...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-29775006-50&cid=1786033107.1510265670&jid=293977164&_gid=143967117.1510265670&gjid=452931740&_v=j65&z=549112995
35 B
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-29775006-50&cid=1786033107.1510265670&jid=293977164&_gid=143967117.1510265670&gjid=452931740&_v=j65&z=549112995
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:400c:c04::9b , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-29775006-50&cid=1786033107.1510265670&jid=293977164&_gid=143967117.1510265670&gjid=452931740&_v=j65&z=549112995
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
stats.g.doubleclick.net
referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
:scheme
https
:method
GET
Referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 09 Nov 2017 22:14:30 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2017 22:14:30 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-29775006-50&cid=1786033107.1510265670&jid=293977164&_gid=143967117.1510265670&gjid=452931740&_v=j65&z=549112995
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
417
expires
Fri, 01 Jan 1990 00:00:00 GMT
1198084236906326
connect.facebook.net/signals/config/ 		1 KB
840 B 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1198084236906326?v=2.8.1
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
321431863214da0c3da6e90eb68de5560504be27e394507fb65897787db5460a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

:path
/signals/config/1198084236906326?v=2.8.1
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
connect.facebook.net
referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
:scheme
https
:method
GET
Referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin Accept-Encoding
x-xss-protection
0
pragma
public
x-fb-debug
ZeCocQewF0ln4Z3xvGI/9d0teU+sucOqOeJ5vvk0b4db6L97Nyij41IFaqSVjj2n/KHCrddCE/ALhR9Hygjpaw==
x-frame-options
DENY
date
Thu, 09 Nov 2017 22:14:30 GMT
expect-ct
max-age=10, report-uri="http://reports.fb.com/expectct/"
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
access-control-allow-method
OPTIONS
expires
Sat, 01 Jan 2000 00:00:00 GMT
1345687412191082
connect.facebook.net/signals/config/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1345687412191082?v=2.8.1
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
6001acc03602271a1bc001aeb7ccdc7a39ebc4fc94ba5943e45226cb30ad8b50
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

:path
/signals/config/1345687412191082?v=2.8.1
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
connect.facebook.net
referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
:scheme
https
:method
GET
Referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin Accept-Encoding
x-xss-protection
0
pragma
public
x-fb-debug
M4fid1Q7SMlWWpnSCLpZo/J0Jruf/9CQ7k3gCq4+4ToO/b8/jNiP1XI0qMAU9BE7bjkFVI6JCXjfBp2gINS/xQ==
x-frame-options
DENY
date
Thu, 09 Nov 2017 22:14:31 GMT
expect-ct
max-age=10, report-uri="http://reports.fb.com/expectct/"
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
access-control-allow-method
OPTIONS
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1198084236906326&ev=PageView&dl=https%3A%2F%2Fwww.getmyrefinance.com%2Ff%2Fe2%2F%3F_s%3D76%26sub_1%3DGMR-Pops-Ron%26sub_5%3D44937805%26requestid%3D44937805%26sourceid%3D76&rl=&if=false&ts=1510265670889&v=2.8.1&ec=0&o=28&it=1510265670660
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

:path
/tr/?id=1198084236906326&ev=PageView&dl=https%3A%2F%2Fwww.getmyrefinance.com%2Ff%2Fe2%2F%3F_s%3D76%26sub_1%3DGMR-Pops-Ron%26sub_5%3D44937805%26requestid%3D44937805%26sourceid%3D76&rl=&if=false&ts=1510265670889&v=2.8.1&ec=0&o=28&it=1510265670660
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.facebook.com
referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
:scheme
https
:method
GET
Referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 09 Nov 2017 22:14:31 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
set-cookie
fr=0yFRd5juIaOM0RDTV..BaBNNH...1.0.BaBNNH.; expires=Wednesday, 07-Feb-2018 22:14:31 GMT; path=/; domain=.facebook.com; HttpOnly; secure
content-length
44
expires
Thu, 09 Nov 2017 22:14:31 GMT
pixels
www.getmyrefinance.com/ Frame 2360 		41 B
41 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.getmyrefinance.com/pixels?uuid=a84a8c12-980a-4c18-886e-e6e165e77ce0&cb=1510265670916
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/tracking.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.232.90 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-225-232-90.compute-1.amazonaws.com
Software
/
Resource Hash
22da7d45508222276b737ccd7f4b4be7d2b791ac65a7c8d3851e2ec1bdf00a76

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.getmyrefinance.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
Cookie
uuid=a84a8c12-980a-4c18-886e-e6e165e77ce0; _ga=GA1.3.1786033107.1510265670; _gid=GA1.3.143967117.1510265670; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
date
Thu, 09 Nov 2017 22:14:30 GMT
etag
W/"29-2070775220"
p3p
policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
content-type
text/html; charset=utf-8
Content-Length
41
Expires
0
pixels
www.getmyrefinance.com/ Frame 2360 		41 B
41 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.getmyrefinance.com/pixels?uuid=a84a8c12-980a-4c18-886e-e6e165e77ce0&conversion=1&cb=1510265670917
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/tracking.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.232.90 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-225-232-90.compute-1.amazonaws.com
Software
/
Resource Hash
22da7d45508222276b737ccd7f4b4be7d2b791ac65a7c8d3851e2ec1bdf00a76

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.getmyrefinance.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
Cookie
uuid=a84a8c12-980a-4c18-886e-e6e165e77ce0; _ga=GA1.3.1786033107.1510265670; _gid=GA1.3.143967117.1510265670; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
date
Thu, 09 Nov 2017 22:14:30 GMT
etag
W/"29-2070775220"
p3p
policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
content-type
text/html; charset=utf-8
Content-Length
41
Expires
0
1740593736157411
connect.facebook.net/signals/config/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1740593736157411?v=2.8.1
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
f5ebf7c62ae9f804a847508acdfcafe690b51975936afd80d91a76780ccb3916
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

:path
/signals/config/1740593736157411?v=2.8.1
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
connect.facebook.net
referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
:scheme
https
:method
GET
Referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin Accept-Encoding
x-xss-protection
0
pragma
public
x-fb-debug
Fj8J8JO9iQiSsLuKBTInL0Wr84ATTcU30qJg5rlV+zPp8Rv90mPxr68FLrkoEYM90EMtlWk6s2X6UgbLuPfdWA==
x-frame-options
DENY
date
Thu, 09 Nov 2017 22:14:31 GMT
expect-ct
max-age=10, report-uri="http://reports.fb.com/expectct/"
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
access-control-allow-method
OPTIONS
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1345687412191082&ev=PageView&dl=https%3A%2F%2Fwww.getmyrefinance.com%2Ff%2Fe2%2F%3F_s%3D76%26sub_1%3DGMR-Pops-Ron%26sub_5%3D44937805%26requestid%3D44937805%26sourceid%3D76&rl=&if=false&ts=1510265671122&v=2.8.1&ec=0&o=28&it=1510265670660
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

:path
/tr/?id=1345687412191082&ev=PageView&dl=https%3A%2F%2Fwww.getmyrefinance.com%2Ff%2Fe2%2F%3F_s%3D76%26sub_1%3DGMR-Pops-Ron%26sub_5%3D44937805%26requestid%3D44937805%26sourceid%3D76&rl=&if=false&ts=1510265671122&v=2.8.1&ec=0&o=28&it=1510265670660
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.facebook.com
referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
:scheme
https
:method
GET
Referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 09 Nov 2017 22:14:31 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
set-cookie
fr=0shMT66f76iEHhC1S..BaBNNH...1.0.BaBNNH.; expires=Wednesday, 07-Feb-2018 22:14:31 GMT; path=/; domain=.facebook.com; HttpOnly; secure
content-length
44
expires
Thu, 09 Nov 2017 22:14:31 GMT
/
www.facebook.com/tr/ 		44 B
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1740593736157411&ev=PageView&dl=https%3A%2F%2Fwww.getmyrefinance.com%2Ff%2Fe2%2F%3F_s%3D76%26sub_1%3DGMR-Pops-Ron%26sub_5%3D44937805%26requestid%3D44937805%26sourceid%3D76&rl=&if=false&ts=1510265671349&v=2.8.1&ec=0&o=28&it=1510265670660
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

:path
/tr/?id=1740593736157411&ev=PageView&dl=https%3A%2F%2Fwww.getmyrefinance.com%2Ff%2Fe2%2F%3F_s%3D76%26sub_1%3DGMR-Pops-Ron%26sub_5%3D44937805%26requestid%3D44937805%26sourceid%3D76&rl=&if=false&ts=1510265671349&v=2.8.1&ec=0&o=28&it=1510265670660
pragma
no-cache
cookie
fr=0shMT66f76iEHhC1S..BaBNNH...1.0.BaBNNH.
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.facebook.com
referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
:scheme
https
:method
GET
Referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 09 Nov 2017 22:14:31 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
set-cookie
content-length
44
expires
Thu, 09 Nov 2017 22:14:31 GMT
4f5f9ac8-85c0-44e4-b195-5c860af35787.js
d1tprjo2w7krrh.cloudfront.net/campaign/ 		123 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1tprjo2w7krrh.cloudfront.net/campaign/4f5f9ac8-85c0-44e4-b195-5c860af35787.js
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.168.224 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-168-224.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
de42e4e82346d2dbad8026cd7043baa70da054ed0824d7a44af548bdb40d4ceb

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
d1tprjo2w7krrh.cloudfront.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Wed, 08 Nov 2017 13:20:43 GMT
Via
1.1 93c5c2940efa6748481c787e7c245f82.cloudfront.net (CloudFront)
Last-Modified
Tue, 03 Oct 2017 15:04:40 GMT
Server
AmazonS3
ETag
"ad9418e2ec142cf54697a14a20b48f2b"
X-Cache
RefreshHit from cloudfront
x-amz-version-id
vR.AjYT7FYDO0R8XUoVm3qRLHdDVa0Ep
Cache-Control
max-age=1800
x-amz-replication-status
COMPLETED
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
126414
X-Amz-Cf-Id
yOYZ6CmaLePI2ngNHCnFB8Ca-U73KAJUFCHjG2tXfqF6PIDWr5YmSA==
Cookie set GenerateToken
create.leadid.com/2.4.0/ 		36 B
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.4.0/GenerateToken?msn=1&pid=6fc79e67-ff13-4cdb-b831-f57f33b7ab0a&_=547227537
Requested by
Host: d1tprjo2w7krrh.cloudfront.net
URL: https://d1tprjo2w7krrh.cloudfront.net/campaign/4f5f9ac8-85c0-44e4-b195-5c860af35787.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.169.239 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-44-169-239.compute-1.amazonaws.com
Software
nginx/1.10.1 / PHP/5.6.29
Resource Hash
cbe527fe5a67f6ddb336dc992f0ea7229e4b85c0b08128d9b82097cdac87fef2

Request headers

Pragma
no-cache
Origin
https://www.getmyrefinance.com
Accept-Encoding
gzip, deflate
Host
create.leadid.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Content-type
application/x-www-form-urlencoded
Accept
*/*
Cache-Control
no-cache
Referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
Connection
keep-alive
Content-Length
302
Referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
Origin
https://www.getmyrefinance.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Thu, 09 Nov 2017 22:14:32 GMT
Content-Encoding
gzip
Server
nginx/1.10.1
X-Powered-By
PHP/5.6.29
Access-Control-Max-Age
1728000
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Set-Cookie
rgisanonymous=false; expires=Sat, 09-Dec-2017 22:14:32 GMT; Max-Age=2592000 rguserid=7c9e931d-7d0a-4946-bef9-332c415eeee2; expires=Sat, 09-Dec-2017 22:14:32 GMT; Max-Age=2592000 rguuid=true; expires=Sat, 09-Dec-2017 22:14:32 GMT; Max-Age=2592000 rgisanonymous=true; expires=Sat, 09-Dec-2017 22:14:32 GMT; Max-Age=2592000
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
56
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setParams
blacksmith.goodmeasure.io/lnx/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://blacksmith.goodmeasure.io/lnx/setParams?apikey=0c9f7af76650464b956eb7f5c2f9ae20&requestid=44937805&o_session=1&gtmcb=1605214864
Protocol
HTTP/1.1
Server
34.225.209.199 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-225-209-199.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
image/webp,image/apng,image/*,*/*;q=0.8
Pragma
no-cache
Connection
keep-alive
Accept-Encoding
gzip, deflate
Host
blacksmith.goodmeasure.io
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 09 Nov 2017 22:14:32 GMT
Connection
keep-alive
Content-Length
0
Content-Type
application/json
/
www.facebook.com/tr/ 		44 B
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1345687412191082&ev=Microdata&dl=https%3A%2F%2Fwww.getmyrefinance.com%2Ff%2Fe2%2F%3F_s%3D76%26sub_1%3DGMR-Pops-Ron%26sub_5%3D44937805%26requestid%3D44937805%26sourceid%3D76&rl=&if=false&ts=1510265672624&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%7D&cd[Meta]=%7B%22title%22%3A%22Compare%20Home%20Mortgage%20Refinance%20Rates%20%7C%20Get%20My%20Refinance%22%2C%22meta%3Adescription%22%3A%22Get%20personalized%20home%20refinance%20rates%20with%20Get%20My%20Refinance%E2%80%99s%20lender%20comparison%20tool.%20It%E2%80%99s%20a%20quick%20and%20effective%20way%20to%20compare%20rates%20from%20all%20the%20top%20lenders.%22%7D&v=2.8.1&o=28
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

:path
/tr/?id=1345687412191082&ev=Microdata&dl=https%3A%2F%2Fwww.getmyrefinance.com%2Ff%2Fe2%2F%3F_s%3D76%26sub_1%3DGMR-Pops-Ron%26sub_5%3D44937805%26requestid%3D44937805%26sourceid%3D76&rl=&if=false&ts=1510265672624&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%7D&cd[Meta]=%7B%22title%22%3A%22Compare%20Home%20Mortgage%20Refinance%20Rates%20%7C%20Get%20My%20Refinance%22%2C%22meta%3Adescription%22%3A%22Get%20personalized%20home%20refinance%20rates%20with%20Get%20My%20Refinance%E2%80%99s%20lender%20comparison%20tool.%20It%E2%80%99s%20a%20quick%20and%20effective%20way%20to%20compare%20rates%20from%20all%20the%20top%20lenders.%22%7D&v=2.8.1&o=28
pragma
no-cache
cookie
fr=0shMT66f76iEHhC1S..BaBNNH...1.0.BaBNNH.
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.facebook.com
referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
:scheme
https
:method
GET
Referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 09 Nov 2017 22:14:32 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
set-cookie
content-length
44
expires
Thu, 09 Nov 2017 22:14:32 GMT
iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 2360 		0
0
Cookie set SaveDom
create.leadid.com/2.4.0/ 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.4.0/SaveDom?msn=2&pid=6fc79e67-ff13-4cdb-b831-f57f33b7ab0a&token=CEC1E60C-A69E-4543-B4A0-357280EA1E0C&_=547227538
Requested by
Host: d1tprjo2w7krrh.cloudfront.net
URL: https://d1tprjo2w7krrh.cloudfront.net/campaign/4f5f9ac8-85c0-44e4-b195-5c860af35787.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.169.239 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-44-169-239.compute-1.amazonaws.com
Software
nginx/1.10.1 / PHP/5.6.29
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Origin
https://www.getmyrefinance.com
Accept-Encoding
gzip, deflate
Host
create.leadid.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Content-type
application/x-www-form-urlencoded
Accept
*/*
Cache-Control
no-cache
Referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
Connection
keep-alive
Content-Length
559
Referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
Origin
https://www.getmyrefinance.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Thu, 09 Nov 2017 22:14:32 GMT
Content-Encoding
gzip
Server
nginx/1.10.1
X-Powered-By
PHP/5.6.29
Access-Control-Max-Age
1728000
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Set-Cookie
rgisanonymous=false; expires=Sat, 09-Dec-2017 22:14:32 GMT; Max-Age=2592000 rguserid=b623cc79-d89e-4b89-a71b-a741e2b67f6f; expires=Sat, 09-Dec-2017 22:14:32 GMT; Max-Age=2592000 rguuid=true; expires=Sat, 09-Dec-2017 22:14:32 GMT; Max-Age=2592000 rgisanonymous=true; expires=Sat, 09-Dec-2017 22:14:32 GMT; Max-Age=2592000
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cookie set InitFormData
create.leadid.com/2.4.0/ 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.4.0/InitFormData?msn=3&pid=6fc79e67-ff13-4cdb-b831-f57f33b7ab0a&token=CEC1E60C-A69E-4543-B4A0-357280EA1E0C&_=547227539
Requested by
Host: d1tprjo2w7krrh.cloudfront.net
URL: https://d1tprjo2w7krrh.cloudfront.net/campaign/4f5f9ac8-85c0-44e4-b195-5c860af35787.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.169.239 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-44-169-239.compute-1.amazonaws.com
Software
nginx/1.10.1 / PHP/5.6.29
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Origin
https://www.getmyrefinance.com
Accept-Encoding
gzip, deflate
Host
create.leadid.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Content-type
application/x-www-form-urlencoded
Accept
*/*
Cache-Control
no-cache
Referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
Connection
keep-alive
Content-Length
43106
Referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
Origin
https://www.getmyrefinance.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Thu, 09 Nov 2017 22:14:33 GMT
Content-Encoding
gzip
Server
nginx/1.10.1
X-Powered-By
PHP/5.6.29
Access-Control-Max-Age
1728000
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Set-Cookie
rgisanonymous=false; expires=Sat, 09-Dec-2017 22:14:33 GMT; Max-Age=2592000 rguserid=e2349407-ba42-4453-8994-be05d2305aca; expires=Sat, 09-Dec-2017 22:14:33 GMT; Max-Age=2592000 rguuid=true; expires=Sat, 09-Dec-2017 22:14:33 GMT; Max-Age=2592000 rgisanonymous=true; expires=Sat, 09-Dec-2017 22:14:33 GMT; Max-Age=2592000
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
/
www.facebook.com/tr/ 		44 B
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1740593736157411&ev=Microdata&dl=https%3A%2F%2Fwww.getmyrefinance.com%2Ff%2Fe2%2F%3F_s%3D76%26sub_1%3DGMR-Pops-Ron%26sub_5%3D44937805%26requestid%3D44937805%26sourceid%3D76&rl=&if=false&ts=1510265672865&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%7D&cd[Meta]=%7B%22title%22%3A%22Compare%20Home%20Mortgage%20Refinance%20Rates%20%7C%20Get%20My%20Refinance%22%2C%22meta%3Adescription%22%3A%22Get%20personalized%20home%20refinance%20rates%20with%20Get%20My%20Refinance%E2%80%99s%20lender%20comparison%20tool.%20It%E2%80%99s%20a%20quick%20and%20effective%20way%20to%20compare%20rates%20from%20all%20the%20top%20lenders.%22%7D&v=2.8.1&o=28
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

:path
/tr/?id=1740593736157411&ev=Microdata&dl=https%3A%2F%2Fwww.getmyrefinance.com%2Ff%2Fe2%2F%3F_s%3D76%26sub_1%3DGMR-Pops-Ron%26sub_5%3D44937805%26requestid%3D44937805%26sourceid%3D76&rl=&if=false&ts=1510265672865&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%7D&cd[Meta]=%7B%22title%22%3A%22Compare%20Home%20Mortgage%20Refinance%20Rates%20%7C%20Get%20My%20Refinance%22%2C%22meta%3Adescription%22%3A%22Get%20personalized%20home%20refinance%20rates%20with%20Get%20My%20Refinance%E2%80%99s%20lender%20comparison%20tool.%20It%E2%80%99s%20a%20quick%20and%20effective%20way%20to%20compare%20rates%20from%20all%20the%20top%20lenders.%22%7D&v=2.8.1&o=28
pragma
no-cache
cookie
fr=0shMT66f76iEHhC1S..BaBNNH...1.0.BaBNNH.
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.facebook.com
referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
:scheme
https
:method
GET
Referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 09 Nov 2017 22:14:32 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
set-cookie
content-length
44
expires
Thu, 09 Nov 2017 22:14:32 GMT
Cookie set Snap
create.leadid.com/2.4.0/ 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.4.0/Snap?msn=4&pid=6fc79e67-ff13-4cdb-b831-f57f33b7ab0a&token=CEC1E60C-A69E-4543-B4A0-357280EA1E0C&_=547227540
Requested by
Host: d1tprjo2w7krrh.cloudfront.net
URL: https://d1tprjo2w7krrh.cloudfront.net/campaign/4f5f9ac8-85c0-44e4-b195-5c860af35787.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.169.239 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-44-169-239.compute-1.amazonaws.com
Software
nginx/1.10.1 / PHP/5.6.29
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Origin
https://www.getmyrefinance.com
Accept-Encoding
gzip, deflate
Host
create.leadid.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Content-type
application/x-www-form-urlencoded
Accept
*/*
Cache-Control
no-cache
Referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
Connection
keep-alive
Content-Length
77700
Referer
https://www.getmyrefinance.com/f/e2/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44937805&requestid=44937805&sourceid=76
Origin
https://www.getmyrefinance.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Thu, 09 Nov 2017 22:14:33 GMT
Content-Encoding
gzip
Server
nginx/1.10.1
X-Powered-By
PHP/5.6.29
Access-Control-Max-Age
1728000
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Set-Cookie
rgisanonymous=false; expires=Sat, 09-Dec-2017 22:14:33 GMT; Max-Age=2592000 rguserid=3b84bc04-790b-43eb-8bf0-a80944a23593; expires=Sat, 09-Dec-2017 22:14:33 GMT; Max-Age=2592000 rguuid=true; expires=Sat, 09-Dec-2017 22:14:33 GMT; Max-Age=2592000 rgisanonymous=true; expires=Sat, 09-Dec-2017 22:14:33 GMT; Max-Age=2592000
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
code.ionicframework.com
URL
http://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
Domain
d2m2wsoho8qq12.cloudfront.net
URL
https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=CEC1E60C-A69E-4543-B4A0-357280EA1E0C&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.4.0&lck=4F5F9AC8-85C0-44E4-B195-5C860AF35787

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Domain/Path Name / Value
.www.getmyrefinance.com/ Name: _gat
Value: 1
.www.getmyrefinance.com/ Name: _gid
Value: GA1.3.143967117.1510265670
.www.getmyrefinance.com/ Name: _ga
Value: GA1.3.1786033107.1510265670
www.getmyrefinance.com/ Name: uuid
Value: a84a8c12-980a-4c18-886e-e6e165e77ce0

85 Console Messages

Source Level URL
Text
console-api log URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
is click
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api log URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
is click
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
populateOptions
console-api log URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
is click
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
populateOptions
console-api log URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
is click
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
populateOptions
console-api log URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
is click
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
populateOptions
console-api log URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
is click
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
populateOptions
console-api log URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
is click
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
populateOptions
console-api log URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
is click
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
populateOptions
console-api log URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
is click
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
populateOptions
console-api log URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
is click
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
populateOptions
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
populateOptions
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
populateOptions
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
populateOptions
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
populateOptions
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
populateOptions
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
populateOptions
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
populateOptions
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
populateOptions
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
populateOptions
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
populateOptions
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blacksmith.goodmeasure.io
code.ionicframework.com
connect.facebook.net
create.leadid.com
d1tprjo2w7krrh.cloudfront.net
d2m2wsoho8qq12.cloudfront.net
dn3nmb5yt1ysw.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
lpnjump.com
mygosecure.com
stats.g.doubleclick.net
www.facebook.com
www.getmyrefinance.com
www.goodmeasure.link
www.google-analytics.com
www.googletagmanager.com
code.ionicframework.com
d2m2wsoho8qq12.cloudfront.net
2400:cb00:2048:1::6819:7b63
2400:cb00:2048:1::6819:7c63
2a00:1450:4001:806::2003
2a00:1450:4001:806::2008
2a00:1450:4001:806::200a
2a00:1450:4001:806::200e
2a00:1450:400c:c04::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.200.85.68
34.205.7.227
34.225.209.199
34.225.232.90
34.232.234.10
52.222.168.154
52.222.168.224
52.44.169.239
03ea084cca13780de106a935c01fb46bbc1e2d8a81680095f375b0006aa52f8d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1dcf008dc0c68133a23012ad030fd9522c163d98333835210eeb82cd8de60ce3
22da7d45508222276b737ccd7f4b4be7d2b791ac65a7c8d3851e2ec1bdf00a76
27afb66208080d9f913090a564bb81b07fda8b0652adc1f578465e4e87157952
321431863214da0c3da6e90eb68de5560504be27e394507fb65897787db5460a
377e74d94f8ee8dc4329e128992f726e2abb2f72389c215ddce332309da0f386
45fa5c9e6fed4bf92ae35aec5d65164af6365cb957bbfeaa81c96d7aad186c5a
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
52726fb580d6bffc46615863ddbf4c319524b5a68fb484be2972bdad4fd0310d
5d7c184f73407fd0b6e92743095a0d2a5cb5d3b853ce898798c24ef87d622db1
5e700835ec05293a3d0f9e354e7d038319d34521cd279e782198dff6d1dd58f2
6001acc03602271a1bc001aeb7ccdc7a39ebc4fc94ba5943e45226cb30ad8b50
6cef6fd853b66bd47629d983d3ba1e847abe1cd14c24e18a54e99792259623a3
7ecc2c3451a802daa94f11282c7cdc33b31c9b425d5bb1deceec651432abccf5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a763b56d3623402129d369636ce18253893ead112a9733a3ad81e6cbf9787a0
92ac508220f5bb60ec94e07650528eb66625f82a4740ada068cde05365781286
941cc503df31552ac196bf2523d1c52b84269f35b1c58106ca5b2b353f720c0e
9be1ea6051aea02f8bf627ddf688ae70ea57a464b21819117b745c0fad295be3
9ed8d0405bfd3dfc42779322685993a6a303579ebad7405b5ce42931416129ea
9fefba373e2d8f887fe9a7165e8b062b23eff486a2c4225f824fff48c97325fe
a3b3c4f67bf2b44294215e2be76f12794e6b142edec201e199c93c38739f2bfc
acd490a53b11adfda6357e73054ca7f08003ef1dc37ce1f7a87f1eafedda9e85
bae63f210ecc5cd88720d78aff8a9b458bfd8feac51c25077a3a5fa315696249
cbe527fe5a67f6ddb336dc992f0ea7229e4b85c0b08128d9b82097cdac87fef2
d51aad42ed7f937bdd4f4b0e8310e1db33b1f73b15fe161f560276bd871e95db
de372516af49a77090364803562822f0c4874479f9fbe2ca316f3193ee0b61d2
de42e4e82346d2dbad8026cd7043baa70da054ed0824d7a44af548bdb40d4ceb
e1591f46ec1345804720502fe936742853d4205cc7a47e55585ea505ce45b892
e2e209c9f2768e22c690aa7850ee976889bfc285fc0b861b469b723880564c8d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e89017e6d9e56bf06ddf30202428f7227c163c7eff22b18f1295a1d369534248
f5ebf7c62ae9f804a847508acdfcafe690b51975936afd80d91a76780ccb3916