govloanchoices.com Open in urlscan Pro
2606:4700:3036::6815:fb5 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://govloanchoices.com/
Effective URL:
https://govloanchoices.com/
Submission: On March 16 via manual (March 16th 2022, 9:39:16 pm UTC) from US — Scanned from DE

Summary HTTP 63 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 23 IPs in 3 countries across 19 domains to perform 63 HTTP transactions. The main IP is 2606:4700:3036::6815:fb5, located in United States and belongs to CLOUDFLARENET, US. The main domain is govloanchoices.com.
TLS certificate: Issued by E1 on January 25th 2022. Valid for: 3 months.

This is the only time govloanchoices.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 23	2606:4700:303... 2606:4700:3036::6815:fb5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.90.154.82 104.90.154.82	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2606:4700:303... 2606:4700:3032::ac43:dff2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:252f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.213.110.193 54.213.110.193	16509 (AMAZON-02) (AMAZON-02)
1	2a00:d01:ff:9... 2a00:d01:ff:905:94:228:142:86	41887 (PROLOCATI...) (PROLOCATION Prolocation)
1	52.92.164.50 52.92.164.50	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:26b6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	104.248.186.70 104.248.186.70	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	165.227.241.154 165.227.241.154	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2 6	3.211.150.49 3.211.150.49	14618 (AMAZON-AES) (AMAZON-AES)
3	2600:9000:223... 2600:9000:223d:ee00:1c:7f1a:6680:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:bef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	52.206.89.160 52.206.89.160	14618 (AMAZON-AES) (AMAZON-AES)
1	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.101.72 143.204.101.72	16509 (AMAZON-02) (AMAZON-02)
1	52.55.210.128 52.55.210.128	14618 (AMAZON-AES) (AMAZON-AES)
63	23

23 2606:4700:3036::6815:fb5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

govloanchoices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.90.154.82 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-154-82.deploy.static.akamaitechnologies.com

cdn-3.convertexperiments.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3032::ac43:dff2 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.useproof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.useproof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:252f (United States)

ASN13335 (CLOUDFLARENET, US)

js.maxmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.213.110.193 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-213-110-193.us-west-2.compute.amazonaws.com

cdn.fcmrktplace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:d01:ff:905:94:228:142:86 (Netherlands)

ASN41887 (PROLOCATION Prolocation, NL)

www.ehawk.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.164.50 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com

rgrassets.s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:26b6 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.248.186.70 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

cp.reallygreatrate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 165.227.241.154 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

www.reallygreatrate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
reallygreatrate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.211.150.49 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-150-49.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223d:ee00:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bef (United States)

ASN13335 (CLOUDFLARENET, US)

geoip-js.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.206.89.160 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-89-160.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

analytics.proofapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-72.fra50.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.55.210.128 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-210-128.compute-1.amazonaws.com

deviceid.trueleadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	govloanchoices.com 1 redirects govloanchoices.com	728 KB
9	trustedform.com 2 redirects api.trustedform.com — Cisco Umbrella Rank: 21163 cdn.trustedform.com — Cisco Umbrella Rank: 22616	73 KB
8	leadid.com create.leadid.com — Cisco Umbrella Rank: 13526	5 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	161 KB
4	useproof.com cdn.useproof.com — Cisco Umbrella Rank: 54965 api.useproof.com — Cisco Umbrella Rank: 53497	602 KB
3	reallygreatrate.com cp.reallygreatrate.com www.reallygreatrate.com reallygreatrate.com	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	fcmrktplace.com cdn.fcmrktplace.com — Cisco Umbrella Rank: 133714	5 KB
1	trueleadid.com deviceid.trueleadid.com — Cisco Umbrella Rank: 1928	2 KB
1	cloudfront.net d2m2wsoho8qq12.cloudfront.net	2 KB
1	proofapi.com analytics.proofapi.com — Cisco Umbrella Rank: 64287	807 B
1	geoip-js.com geoip-js.com — Cisco Umbrella Rank: 13617	461 B
1	lidstatic.com create.lidstatic.com — Cisco Umbrella Rank: 22844	39 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	38 KB
1	amazonaws.com rgrassets.s3-us-west-2.amazonaws.com	6 KB
1	ehawk.net www.ehawk.net	44 KB
1	maxmind.com js.maxmind.com — Cisco Umbrella Rank: 20718	2 KB
1	convertexperiments.com cdn-3.convertexperiments.com — Cisco Umbrella Rank: 14881	223 B
63	19

	Domain	Requested by
23	govloanchoices.com	1 redirects govloanchoices.com cdn.trustedform.com
8	create.leadid.com	rgrassets.s3-us-west-2.amazonaws.com deviceid.trueleadid.com
6	api.trustedform.com	2 redirects api.trustedform.com cdn.trustedform.com
3	cdn.trustedform.com	govloanchoices.com api.trustedform.com
3	fonts.gstatic.com	fonts.googleapis.com
3	cdn.useproof.com	govloanchoices.com cdn.useproof.com
2	www.google-analytics.com	www.googletagmanager.com rgrassets.s3-us-west-2.amazonaws.com
2	cdn.fcmrktplace.com	govloanchoices.com
1	deviceid.trueleadid.com	d2m2wsoho8qq12.cloudfront.net
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	analytics.proofapi.com	cdn.useproof.com
1	api.useproof.com	cdn.useproof.com
1	geoip-js.com	rgrassets.s3-us-west-2.amazonaws.com
1	reallygreatrate.com	rgrassets.s3-us-west-2.amazonaws.com
1	www.reallygreatrate.com	rgrassets.s3-us-west-2.amazonaws.com
1	cp.reallygreatrate.com	rgrassets.s3-us-west-2.amazonaws.com
1	www.gstatic.com	cdn.useproof.com
1	create.lidstatic.com	govloanchoices.com
1	fonts.googleapis.com	govloanchoices.com
1	www.googletagmanager.com	govloanchoices.com
1	rgrassets.s3-us-west-2.amazonaws.com	govloanchoices.com
1	www.ehawk.net	govloanchoices.com
1	js.maxmind.com	govloanchoices.com
1	cdn-3.convertexperiments.com	govloanchoices.com
63	24

This site contains links to these domains. Also see Links.

Domain
www.cnbc.com
www.nmlsconsumeraccess.org
www.refiexpert.net
privacyportal-eu-cdn.onetrust.com
portal.reallygreatrate.com
www.onetrust.com

Subject Issuer	Validity	Valid
*.govloanchoices.com E1	`2022-01-25` - `2022-04-25`	3 months	crt.sh
*.convertexperiments.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-18` - `2022-06-17`	a year	crt.sh
*.maxmind.com Sectigo RSA Organization Validation Secure Server CA	`2021-10-27` - `2022-11-08`	a year	crt.sh
*.fcmrktplace.com Amazon	`2022-02-06` - `2023-03-07`	a year	crt.sh
*.ehawk.net Sectigo RSA Domain Validation Secure Server CA	`2022-01-04` - `2023-01-14`	a year	crt.sh
*.s3-us-west-2.amazonaws.com Amazon	`2021-12-17` - `2022-11-29`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
lidstatic.com Cloudflare Inc ECC CA-3	`2021-04-30` - `2022-04-29`	a year	crt.sh
cp.reallygreatrate.com R3	`2022-02-05` - `2022-05-06`	3 months	crt.sh
reallygreatrate.com E1	`2022-03-12` - `2022-06-10`	3 months	crt.sh
create.leadid.com Amazon	`2021-10-22` - `2022-11-19`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
deviceid.trueleadid.com Amazon	`2022-01-07` - `2023-02-05`	a year	crt.sh
*.trustedform.com Amazon	`2021-10-12` - `2022-11-09`	a year	crt.sh
cdn.trustedform.com Amazon	`2021-05-14` - `2022-06-12`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://govloanchoices.com/
Frame ID: 4714E66F5E617C4A40FCF53651E9EC9C
Requests: 53 HTTP requests in this frame

Frame: https://cdn.useproof.com/proxy/index.html
Frame ID: F118A4F84F9425655EB28AB82CBBB3FE
Requests: 5 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=32F8ECB1-BFE4-5EC0-1209-EABB375256A2&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=26C0F338-132A-760D-25DE-705DBD2DE30B&lac=29705C9D-232A-8A19-97CA-C832491B96A7
Frame ID: 47259BD43219247B6D646EEBAA57134B
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=32F8ECB1-BFE4-5EC0-1209-EABB375256A2&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=26C0F338-132A-760D-25DE-705DBD2DE30B&lac=29705C9D-232A-8A19-97CA-C832491B96A7
Frame ID: E45C2D11A5D4BAB7F5D1D360D0971F94
Requests: 2 HTTP requests in this frame

Frame: https://api.trustedform.com/certs
Frame ID: A60E06AF4B2CBEBBDDB0470E53FD0419
Requests: 1 HTTP requests in this frame

Frame: https://api.trustedform.com/certs/3e3857cdd6d742de856de5bc442c78d5bb1f7b1a/snapshot
Frame ID: 8A0DC936B7D4E0FD2A45609A19D4F7BC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GovLoanChoices.com

Page URL History Show full URLs

http://govloanchoices.com/ HTTP 301
https://govloanchoices.com/ Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/(?:([\d.]+)/)?firebase(?:\.min)?\.js
/firebasejs/([\d.]+)/firebase

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

63
Requests

97 %
HTTPS

59 %
IPv6

19
Domains

24
Subdomains

23
IPs

3
Countries

1740 kB
Transfer

2612 kB
Size

6
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cnbc.com/2019/06/03/as-mortgage-rates-plunge-millions-more-homeowners-can-benefit-from-refinancing.html
Title: CNBC

Search URL Search Domain Scan URL

URL: https://www.nmlsconsumeraccess.org/
Title: Nationwide Mortgage Licensing System (NMLS) ID # 2721.

Search URL Search Domain Scan URL

URL: http://www.refiexpert.net/
Title: Licenses and Disclosures

Search URL Search Domain Scan URL

URL: https://privacyportal-eu-cdn.onetrust.com/dsarwebform/942fbf02-bbfe-4a5d-808d-080b06c5651c/3fdf8f1d-7ab3-4a99-bb4e-24965500290d.html
Title: Do Not Sell My Info

Search URL Search Domain Scan URL

URL: https://portal.reallygreatrate.com/api/refinance/partners-list.php
Title: partners

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/ccpa-id-verification/
Title: here

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://govloanchoices.com/ HTTP 301
https://govloanchoices.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16474667485990.5814974177859284 HTTP 301
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16474667485990.5814974177859284

Request Chain 34

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=TrustedFormToken&l=16474667486400.9423242824612521 HTTP 301
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=TrustedFormToken&l=16474667486400.9423242824612521

63 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
govloanchoices.com/
Redirect Chain

http://govloanchoices.com/
https://govloanchoices.com/

86 KB
25 KB

275ms
216ms

Document
text/html

2606:4700:3036::6815:fb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://govloanchoices.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:fb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1d322ce85bac822b41bd469b6e5d451a9afad0d6858f00fb41e544dce7f537a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 16 Mar 2022 21:39:07 GMT
content-type: text/html
last-modified: Mon, 07 Mar 2022 13:08:44 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k6e%2BH3amjHwtX6sXxiu1T71TrXJPfIcSQOeuTtCEZKtbweHciMWl0BprWuIyUimxGn1i%2FsSrbflUpcTpdx05NNN76oI%2Fh9yRj%2Bj8%2BoVHrh4BJct5zwwhc0lnxFuSsCe1UqJcjKwTXGjizcBgvaJqvd8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6ed0a3c48b0d7397-MRS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date: Wed, 16 Mar 2022 21:39:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 16 Mar 2022 22:39:07 GMT
Location: https://govloanchoices.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KVLk6FUFkqQXsFc5WL8jQg2xZRAgINJx0HiI5tPpCv2zislAEofRdjdroGxuLGVgmHDL0%2BGTHL2cQXt6nF4RSuXn2zgbgWuhIGETx%2Bsk0wiMpyhArWgfZq898AzgvhnQn8l3b2bE3kmluAcimRBq5DY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6ed0a3c3d8c073af-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 10025084-10024924.js Show response
cdn-3.convertexperiments.com/js/ 2 B
223 B 45ms
21ms Script
application/javascript 104.90.154.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-3.convertexperiments.com/js/10025084-10024924.js

Requested by

Host: govloanchoices.com
URL: https://govloanchoices.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.90.154.82 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-90-154-82.deploy.static.akamaitechnologies.com

Software

Resource Hash

a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://govloanchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 21:39:07 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=231
strict-transport-security: max-age=15768000
content-length: 22
x-privacy-policy: You can find our privacy policy at https://www.convert.com/privacy-notice/

GET
H2 200 proof.js Show response
cdn.useproof.com/ 486 KB
487 KB 101ms
36ms Script
application/javascript 2606:4700:3032::ac43:dff2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proof.js?acc=TWoRTkvsVLQNe3zCfcg3pETq91r1
Requested by: Host: govloanchoices.com
URL: https://govloanchoices.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:dff2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://govloanchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 21:39:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18160004
cf-ray: 6ed0a3c66f103742-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 497733
x-amz-id-2: irt7BE9FfM4btCYBoVjTGuOFXVrDuBTOuPxhberG4iw5eNj01UA0d1XytOxw3z7WMGTbRFPfzRw=
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
server: cloudflare
etag: "0426397a9b31146729ac86c5be8595d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QmSj4Kws9OiVXHCx9TzMYfkrks3weB%2FOH0RxTiqNEfHNx0dsvyKBz4u0Bhn5m2%2FqDLCuv7BcKLkyR8%2BmtKqpZv8tSGkprogSe%2FqWEyNi%2BscAP%2BqLevVrgxDrNYycQAdtv2keixrRopb4R9t%2BxNAH"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: JC7ZPJ5TJXEPK4XY
cache-control: public, max-age=315360000, no-transform
x-amz-version-id: F0WxJo6k6ZqSk5t4_qZ.mqlg1RkwiqAq
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 geoip2.js Show response
js.maxmind.com/js/apis/geoip2/v2.1/ 3 KB
2 KB 76ms
36ms Script
application/javascript 2606:4700::6810:252f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.maxmind.com/js/apis/geoip2/v2.1/geoip2.js
Requested by: Host: govloanchoices.com
URL: https://govloanchoices.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:252f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fe5fb2d025e0a2a028376783078622313bb93ec4a64cae7a8f6c0463507b2b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://govloanchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 21:39:07 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 16 Mar 2022 16:29:58 GMT
server: cloudflare
age: 378
etag: W/"62321086-d69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 6ed0a3c63f3c01eb-ZRH
expires: Thu, 17 Mar 2022 01:39:07 GMT

GET
H2 200 bundle.css
govloanchoices.com/ 49 KB
10 KB 202ms
201ms Stylesheet
text/css 2606:4700:3036::6815:fb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://govloanchoices.com/bundle.css
Requested by: Host: govloanchoices.com
URL: https://govloanchoices.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:fb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7883c55c1521ce0341c6d33ddc4fbf2455374102675bb98e54a552a66f89c7d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://govloanchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 21:39:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 21 Jan 2022 18:16:44 GMT
server: cloudflare
etag: W/"c5bb-5d61b9f07b12f-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FArw9uUWn1XkcpFHQFTV%2FbLBte%2FYrH77ztUVxXTVwqhH64%2Ftq8f8pRgNW2VFvEAQ%2FY5XYwvW8TZxhwqDbJAVsjQOIIOPIT4Z4e0ayAI2RI3%2B576Yo0V4IBBRP79F6yxAPklEg4nshwwX%2FsRv9MnhDQ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ed0a3c60f497397-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 logo-main.png
govloanchoices.com/src/images/ 14 KB
14 KB 245ms
243ms Image
image/png 2606:4700:3036::6815:fb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://govloanchoices.com/src/images/logo-main.png
Requested by: Host: govloanchoices.com
URL: https://govloanchoices.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:fb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4004573735e421c1638ea50b804f621f06277d46010417d33593573b199a1ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://govloanchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 21:39:08 GMT
cf-cache-status: HIT
last-modified: Fri, 21 Jan 2022 18:16:22 GMT
server: cloudflare
etag: "3683-5d61b9dbda9be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8yea%2BapRWNsR2XlbeOJj57E5FflIxSXJpz%2FpCJoanC6W3E%2FO%2B4pzUetXZC6A3kM8RNrNfilyZyXeawwNdAXSMz83S283WMqoeZyqdb30xKAhaU0FCI%2B1x0u0fk83bXKP7dUj5yeGVrVjWtx6AY0wssY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6ed0a3c67acb7361-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13955

GET
H3 200 icon-1.png
govloanchoices.com/src/images/ 25 KB
25 KB 245ms
244ms Image
image/png 2606:4700:3036::6815:fb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://govloanchoices.com/src/images/icon-1.png
Requested by: Host: govloanchoices.com
URL: https://govloanchoices.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:fb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de2d4d9df8e880001121eb73e34157a7b0b5c0f311a96574b5a7e79d036dad32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://govloanchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 21:39:08 GMT
cf-cache-status: HIT
last-modified: Fri, 21 Jan 2022 18:16:19 GMT
server: cloudflare
etag: "62ac-5d61b9d935d39"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0CHLRJBNsaY8KgRS3N%2FHwklZ6UUWuV%2BOcPxhAOFsL5RguwqQpAD0bwMTDYpaAWsjpyLJv5jPnLeLdWnqll6a1Nf%2Ftz91eEiHby7HVwVW84SwwLLtjHj%2FlgWYfZb9qoDAJwF0xb4OGjNy%2B9n2%2BYGAJBA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6ed0a3c67acf7361-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25260

GET
H3 200 icon-2.png
govloanchoices.com/src/images/ 24 KB
24 KB 220ms
218ms Image
image/png 2606:4700:3036::6815:fb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://govloanchoices.com/src/images/icon-2.png
Requested by: Host: govloanchoices.com
URL: https://govloanchoices.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:fb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0cba038cc37604e34105a423a8cb63d4ab3691833b811e2e35a148bde000c17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://govloanchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 21:39:08 GMT
cf-cache-status: HIT
last-modified: Fri, 21 Jan 2022 18:16:20 GMT
server: cloudflare
etag: "5f93-5d61b9d9bd92d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7UkzZ4ahYF92EaDnDZaDNAsK%2B56%2BrOTXBtZNjA3TDeVrUR9ARk4cMBFMFT9FP6XMNR9cHAP%2Bjz5bIHpVHOdKaKJaurWkksTfOcjUi7%2FCE7LEnyxthhs4Ejfllf5dy%2FZT1FW08tQG976R%2BiqhmjtSfe0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6ed0a3c67ad07361-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24467

GET
H3 200 icon-3.png
govloanchoices.com/src/images/ 23 KB
23 KB 220ms
219ms Image
image/png 2606:4700:3036::6815:fb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://govloanchoices.com/src/images/icon-3.png
Requested by: Host: govloanchoices.com
URL: https://govloanchoices.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:fb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7a6a6c23567f3e5cd14b97d60603c840fa1c7e2b763ac024bb453119c257b03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://govloanchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 21:39:08 GMT
cf-cache-status: HIT
last-modified: Fri, 21 Jan 2022 18:16:20 GMT
server: cloudflare
etag: "5ad4-5d61b9da44581"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2BGEp4g3dEHX2kmbPbz5gV2nnx8pK5RkZPUT3%2Fk6Np8Ks%2FQUsjFdk7TuYT5A1CXcijtkiSzEmr6GtwukUEcgH%2Fo9CTvb9A6XOSg3WKhdHeMVuM%2FyUSUHApIQMu97hEgdEH2Vzt3cEJNMCcN9dcOblwQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6ed0a3c67ad27361-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23252

GET
H3 200 icon-4.png
govloanchoices.com/src/images/ 26 KB
26 KB 197ms
195ms Image
image/png 2606:4700:3036::6815:fb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://govloanchoices.com/src/images/icon-4.png
Requested by: Host: govloanchoices.com
URL: https://govloanchoices.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:fb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d03cd65c51db081fa1ee7873e0bb2ccbbc8478ce11446e7d5c48bf72e77b958e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://govloanchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 21:39:08 GMT
cf-cache-status: HIT
last-modified: Fri, 21 Jan 2022 18:16:23 GMT
server: cloudflare
etag: "6707-5d61b9dcc7ec1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tT0AU4ttPQo5S6adRYwjxuakDBln2ccngT9%2BKKrP9vcXtvTnM7UM32Ern2UWc01HDj3k4%2Fy5owXfsCe3JiGohkHq%2B%2FJ%2Bnywsrcpa9eiCyq22JO8bOKJhPdnsgOv6K4fFxnPVva3HIWIXdbHsLD2ajP8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6ed0a3c67ad37361-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26375

GET
H3 200 logo-popup.png
govloanchoices.com/src/images/ 15 KB
15 KB 294ms
293ms Image
image/png 2606:4700:3036::6815:fb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://govloanchoices.com/src/images/logo-popup.png
Requested by: Host: govloanchoices.com
URL: https://govloanchoices.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:fb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ca5e4dc374c8492fbedd13adc234e0c9e7390cebe54ec59edbb745121d50b4c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://govloanchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 21:39:08 GMT
cf-cache-status: HIT
last-modified: Fri, 21 Jan 2022 18:16:22 GMT
server: cloudflare
etag: "3a1e-5d61b9db97394"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bA9fre2J1d5kPwcKxWOGXQEEkEGEOeQ30zLubXZqs1JWRBAoAeq%2BwGQ6URKfxXbHWRALJ6tNSMkoo9eCNZBeFPzEACpsIFAMuTlUJWOovdGEw%2FdzdDALxRWQAa8INzu8rltywgFHGBRQHh5g%2FPf7Q3o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6ed0a3c67ad47361-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14878

GET
H3 200 icon-locked.png
govloanchoices.com/src/images/ 835 B
1 KB 294ms
293ms Image
image/png 2606:4700:3036::6815:fb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://govloanchoices.com/src/images/icon-locked.png
Requested by: Host: govloanchoices.com
URL: https://govloanchoices.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:fb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22d9df11f578b317e91e8963cebeb1b72bfc29c90d7b7e23e723a539f4fcb2f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://govloanchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 21:39:08 GMT
cf-cache-status: HIT
last-modified: Fri, 21 Jan 2022 18:16:21 GMT
server: cloudflare
etag: "343-5d61b9db52dca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gb1O7fFLR%2FdNf36MKlLCACyRbA5zgyZHEPebO6W3AIYyQxcmA7mQD4Ss699FEEhTv5l8qUQmggxfVknfS8iXVFTc8R9F5%2BQJ%2BlEWzP4mP4HqLede7OvWbNdu%2BJdNpoM%2FvoKTwUNSddPRmyU3giDs%2FyI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6ed0a3c67ad67361-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 835

GET
H3 200 tooltip.png
govloanchoices.com/src/images/ 2 KB
2 KB 295ms
293ms Image
image/png 2606:4700:3036::6815:fb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://govloanchoices.com/src/images/tooltip.png
Requested by: Host: govloanchoices.com
URL: https://govloanchoices.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:fb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 503be85dc7326172b1a697f13bfc0e3284486a9252d945f8e4a796c01dce75be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://govloanchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 21:39:08 GMT
cf-cache-status: HIT
last-modified: Fri, 21 Jan 2022 18:16:19 GMT
server: cloudflare
etag: "6af-5d61b9d97a303"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HOK2819CmfDXi6S%2F5YB2QvvXAr4DOOe2qyLRoZs7PCsf%2BjEqcTaqja3qpBOcsTGpKSq7oxbD2DP0Bf%2FJ%2FmxPd5hz837Py3F0ZBB17DzZVhg5AqIFHdTXHDqXCQ4fIzfFk4a5mKocRsN%2BaX4b1WQbhMQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6ed0a3c67ad87361-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1711

GET
H3 200 email-decode.min.js Show response
govloanchoices.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 32ms
32ms Script
application/javascript 2606:4700:3036::6815:fb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://govloanchoices.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: govloanchoices.com
URL: https://govloanchoices.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:fb5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://govloanchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 21:39:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Mar 2022 18:25:01 GMT
server: cloudflare
etag: W/"622f887d-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fan2UxOixnb9Hs344GBefKOXLxcezBkJUiFsQ4nwVl4S3mq30rz%2BvROw0Mf7WM7KBjuURoRf31xkMsQrL5Fr7lkvVNePzfwzBfkl0hgJyQnxsOnSJO45u3bUXRXx%2Ffzl5x0OKkLkj%2BsRezt95kdx%2BA8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ed0a3c67ac07361-MRS
vary: Accept-Encoding
expires: Fri, 18 Mar 2022 21:39:07 GMT

GET
H2 200 clicksnet.js Show response
cdn.fcmrktplace.com/scripts/ 9 KB
3 KB 496ms
156ms Script
application/javascript 54.213.110.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fcmrktplace.com/scripts/clicksnet.js
Requested by: Host: govloanchoices.com
URL: https://govloanchoices.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.213.110.193 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-213-110-193.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 7656b5a72cee89a429742d2575df383f9d0a5a36464ab05ee13fb1dafeb73bdf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://govloanchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 21:39:08 GMT
content-encoding: gzip
etag: "80348a6b4b2d41:0"
last-modified: Wed, 23 Jan 2019 00:43:25 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
vary: Accept-Encoding
p3p: Policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
accept-ranges: bytes
content-type: application/javascript
content-length: 2860

GET
H2 200 clicksnet_mortgage.js Show response
cdn.fcmrktplace.com/scripts/ 5 KB
2 KB 495ms
156ms Script
application/javascript 54.213.110.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fcmrktplace.com/scripts/clicksnet_mortgage.js
Requested by: Host: govloanchoices.com
URL: https://govloanchoices.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.213.110.193 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-213-110-193.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 479bbacc482a04fafa069e27d88922ed314c9f7df86ebf8b117de571c4869512

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://govloanchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 21:39:08 GMT
content-encoding: gzip
etag: "80348a6b4b2d41:0"
last-modified: Wed, 23 Jan 2019 00:43:25 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
vary: Accept-Encoding
p3p: Policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
accept-ranges: bytes
content-type: application/javascript
content-length: 1559

GET
H/1.1 200
OK EHawkTalon.js Show response
www.ehawk.net/downloads/ 43 KB
44 KB 152ms
23ms Script
application/javascript 2a00:d01:ff:905:94:228:142:86
PROLOCATION Prolo...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ehawk.net/downloads/EHawkTalon.js

Requested by

Host: govloanchoices.com
URL: https://govloanchoices.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:d01:ff:905:94:228:142:86 , Netherlands, ASN41887 (PROLOCATION Prolocation, NL),

Reverse DNS

Software

Apache /

Resource Hash

54234f4ebe24f0a0058c5a4301ba3356fa0e138d3adfa12cac7b144667da104d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://govloanchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 21:39:08 GMT
Last-Modified: Fri, 31 Jul 2020 12:49:25 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=30
Content-Length: 44465
Expires: Fri, 15 Apr 2022 21:39:08 GMT

GET
H/1.1 200
OK pixel.min.js Show response
rgrassets.s3-us-west-2.amazonaws.com/ 6 KB
6 KB 664ms
172ms Script
application/javascript 52.92.164.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rgrassets.s3-us-west-2.amazonaws.com/pixel.min.js
Requested by: Host: govloanchoices.com
URL: https://govloanchoices.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.164.50 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 439a62706891e1d3726121a56316cdc8b545114ec209a7dab5abc374c7059a6f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://govloanchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 21:39:09 GMT
Last-Modified: Thu, 24 Jun 2021 21:27:48 GMT
Server: AmazonS3
x-amz-request-id: 0M98TS86W572MV8Y
ETag: "f953ea772cefd2eb9d63972a17357053"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 6065
x-amz-id-2: 3GXlVh2ieuLC/UTwrTUsyhkSE5lfJuE2ys/zjSeFDZSNYWnkNsME+DJ+63FiWuSwtmZYsJUB0OM=

GET
H3 200 1.a1dd40bc.chunk.js Show response
govloanchoices.com/js/ 265 KB
91 KB 325ms
323ms Script
application/javascript 2606:4700:3036::6815:fb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://govloanchoices.com/js/1.a1dd40bc.chunk.js
Requested by: Host: govloanchoices.com
URL: https://govloanchoices.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:fb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70ff119eeb7365facd3ee07dcfba4c31e3c1b8c057551e9cc8e1adaa9a1f0532

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://govloanchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 21:39:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 07 Mar 2022 13:08:49 GMT
server: cloudflare
etag: W/"4222b-5d9a090b82851-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XxPBRxqGY1ZILGQmbyw2fNFkolO9hRNISMtFWCQszOkkJVS5%2FVEUs8JHHQqon9x3axHF7%2FxpgV16HxH0%2B0CoHXOaqNAUrZE0djk4AcAk89RnQxsgbck8hx8ZNzZ2h%2BEasV1xzgNqbMe6MZlZ%2B3sMcmM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ed0a3c67ac37361-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 app.4bc744d2.js Show response
govloanchoices.com/js/ 42 KB
8 KB 245ms
243ms Script
application/javascript 2606:4700:3036::6815:fb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://govloanchoices.com/js/app.4bc744d2.js
Requested by: Host: govloanchoices.com
URL: https://govloanchoices.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:fb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dffcba66b4a58ee6c8a86c4cb1ca722c510fab2d72b506a792124c2fbcd8699c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://govloanchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 21:39:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 07 Mar 2022 13:08:49 GMT
server: cloudflare
etag: W/"a69d-5d9a090b818b1-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1f2Aqy%2FL%2B8JbE3xseIo7DycoJpd4xfvaTzazxC9j%2BD5C9d5Pot%2FIErMMLFmzqq5kIWQ3mmm7YhH8bcb4FZDhFdETzCCKIVxgF84ptxWLFghSzKPYt%2BSgRhepjPEH1onAUdWq66Gtp%2F4M6VfVh8ucDAw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ed0a3c67ac57361-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 101 KB
38 KB 45ms
23ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TPZLZTQ

Requested by

Host: govloanchoices.com
URL: https://govloanchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8620c572b94e3875ce7e7dc5462a926e9ca2317747f2d8b98ec6b12e6bdd72d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://govloanchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 21:39:07 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38535
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 16 Mar 2022 21:39:07 GMT

GET
H2 200 index.html Show response
cdn.useproof.com/proxy/ Frame F118 325 B
814 B 478ms
452ms Document
text/html 2606:4700:3032::ac43:dff2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proxy/index.html
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proof.js?acc=TWoRTkvsVLQNe3zCfcg3pETq91r1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:dff2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0adeedede6d3bdf7e7258108ead2ed80af83b9fec8ba560d29fce2f3a957a261

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://govloanchoices.com/

Response headers

date: Wed, 16 Mar 2022 21:39:08 GMT
content-type: text/html
content-length: 325
x-amz-id-2: Jt5EMpr8aNhWUsul2Ui/8cIxitzQwYKVoFR6BewSqcv5lQeJ2Hv4xyR38b9WckGcSYXz/Z2gk70=
x-amz-request-id: 0M97QNE9WAGCDMY0
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
etag: "f92252b1f21fd30ac52b59395971ecdb"
cache-control: max-age=315360000, no-transform, public
x-amz-version-id: 6OysE9MvUGgGn.qn_BXpeYijOLHR8713
accept-ranges: bytes
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ogKPZHRBBqioFbm%2FCapUGzJY65Ez6iI%2B%2BSjmlPO5BVQgRQkvpgEgWOVcDXoh3ZKxWy0Tj95VCA1ZBdGHLLxLuAgx19yGpFBOa4LQacXGlAR7LD07r9piR1u0wvb%2Fw5WQMiESftbCuCvTCqdGPwib"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6ed0a3c77aff3742-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 38ms
15ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500,700

Requested by

Host: govloanchoices.com
URL: https://govloanchoices.com/bundle.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cf624cca88c1828e4dc1a61151d2ce6e826191ba2223f4cf4cdacc1d8a52981b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://govloanchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 20:07:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 16 Mar 2022 21:39:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Mar 2022 21:39:08 GMT

GET
H3 200 hero.jpg
govloanchoices.com/src/images/ 328 KB
328 KB 240ms
240ms Image
image/jpeg 2606:4700:3036::6815:fb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://govloanchoices.com/src/images/hero.jpg
Requested by: Host: govloanchoices.com
URL: https://govloanchoices.com/bundle.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:fb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76b6bea9281a31fdbb407f9b0c59ccfee7c064e52e8b79bab8da0bdaaeea0036

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://govloanchoices.com/bundle.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 21:39:08 GMT
cf-cache-status: MISS
last-modified: Fri, 21 Jan 2022 18:16:23 GMT
server: cloudflare
etag: "51ec0-5d61b9dc84897"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2F3bqVRWtLZjWz%2FG8r7f%2Bn860wWAl6rZd1ZJIw9XRFNVjZDEdHqyumSX6LA%2F0I6ogXxMNJJKHRE9Hf9g1K8oPVWv4uDcbfle8outEUHV9nDeDMQ4P1MAJIHJX5yHR5HsuSx5%2FBFZliivKIKJQNrBPuE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6ed0a3c7cd857361-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 335552

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 27ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://govloanchoices.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 20:07:55 GMT
x-content-type-options: nosniff
age: 91873
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Mar 2023 20:07:55 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 29ms
8ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://govloanchoices.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 18:59:49 GMT
x-content-type-options: nosniff
age: 95959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Mar 2023 18:59:49 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 33ms
12ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://govloanchoices.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 05:33:18 GMT
x-content-type-options: nosniff
age: 57950
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 05:33:18 GMT

GET
H2 200 26c0f338-132a-760d-25de-705dbd2de30b.js Show response
create.lidstatic.com/campaign/ 123 KB
39 KB 495ms
443ms Script
text/javascript 2606:4700:10::6816:26b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/26c0f338-132a-760d-25de-705dbd2de30b.js?snippet_version=2
Requested by: Host: govloanchoices.com
URL: https://govloanchoices.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:26b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08db9ffa193c261766f76c722540879248703d7bac8d187808e02e15a0ea1a94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://govloanchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 21:39:08 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Fri, 12 Nov 2021 00:39:48 GMT
server: cloudflare
x-amz-request-id: NC4HSM73MQ3Z6GAR
etag: W/"a732778e37f4ef404aaa73eb8a4901f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1800
x-amz-replication-status: COMPLETED
cf-ray: 6ed0a3c83cd82397-ZRH
x-amz-version-id: kQEy_K.I3p.hvoh35ZH2ft8_LUFwfiV_
x-amz-id-2: 8X/UdIMhvIaOb8iD3hPjoWTc2j4wLWeqsr1CT3ghKcy/dxsYMkONjt3Rgq4lxTuNqFHl4IP8px8=

GET
H2 200 firebase.js Show response
www.gstatic.com/firebasejs/4.5.0/ Frame F118 389 KB
114 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/4.5.0/firebase.js

Requested by

Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a45658988e9ccf8d151c181ca1ce06731abd20a469ea9b6210b31cfcaffa91e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.useproof.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 05:40:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57535
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116073
x-xss-protection: 0
last-modified: Tue, 03 Oct 2017 14:56:39 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Mar 2023 05:40:13 GMT

GET
H2 200 proxy.js Show response
cdn.useproof.com/proxy/ Frame F118 112 KB
112 KB 31ms
30ms Script
application/javascript 2606:4700:3032::ac43:dff2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proxy/proxy.js
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:dff2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4d712c5a2901b92d4baa6e18554c3db8e5ce1d8f4d3189054e39489b37c982c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.useproof.com/proxy/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 21:39:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28312691
cf-ray: 6ed0a3ca6a5c3742-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 114404
x-amz-id-2: ifARLgNNuBpEppLB18aLAF07XAug3PSr04+Ew9oDa9ioyLeC/NdewiCObPFDx51bvfBtXQa+0DU=
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
server: cloudflare
etag: "9f4d60f4f2b143cadacb2b8b3a901401"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U2ZkFU9w%2FBcOHcF0SY%2Bj9RjXvXBzP4GreLfYQx34ZYZdv0Sfov7L92ryAFjhAkdS53LBKlmKvunYISgFv%2B%2Beh0zZfSDrga2yW7HDqB3UGu9QdCgWSfApjVDgo5fz0hRNteHiFE8%2BgS3PKKfQfD7I"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: EP4VJYPHD8TD4E5N
cache-control: public, max-age=315360000, no-transform
x-amz-version-id: FhtEkyvjyNE68BTwRHm.pMLrP83vtI4K
accept-ranges: bytes
content-type: application/javascript
cf-bgj: minify

GET
H/1.1 200
OK GLC Show response
cp.reallygreatrate.com/pixel/view/632/REFINANCE/ 0
676 B 512ms
168ms XHR
text/html 104.248.186.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cp.reallygreatrate.com/pixel/view/632/REFINANCE/GLC
Requested by: Host: rgrassets.s3-us-west-2.amazonaws.com
URL: https://rgrassets.s3-us-west-2.amazonaws.com/pixel.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.248.186.70 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://govloanchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Mar 2022 21:39:09 GMT
Content-Encoding: gzip
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://govloanchoices.com
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: 1
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK / Show response
www.reallygreatrate.com/api/user/ip_address/ 30 B
328 B 666ms
164ms XHR
application/json 165.227.241.154
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.reallygreatrate.com/api/user/ip_address/
Requested by: Host: rgrassets.s3-us-west-2.amazonaws.com
URL: https://rgrassets.s3-us-west-2.amazonaws.com/pixel.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 165.227.241.154 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 377e0d879762c70e9e14ee2f543e5fba2713a477a6f11d047843888e143df633

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://govloanchoices.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 16 Mar 2022 21:39:09 GMT
cache-control: private
server: nginx/1.10.3 (Ubuntu)
transfer-encoding: chunked
content-type: application/json

GET
H2

200

bootstrap.js Show response
cdn.trustedform.com/
Redirect Chain

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16474667485990.5814974177859284
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16474667485990.5814974177859284

29 KB
11 KB

181ms
146ms

Script
application/javascript

2600:9000:223d:ee00:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16474667485990.5814974177859284
Requested by: Host: govloanchoices.com
URL: https://govloanchoices.com/
Protocol: H2
Server: 2600:9000:223d:ee00:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0c6d702c6b2789ee8a91cd9b659945c1f1c8071a4e7c90b7b47efeaaffe2ccf0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://govloanchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 21:39:10 GMT
content-encoding: gzip
last-modified: Wed, 02 Mar 2022 18:19:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
etag: W/"fe100d2fd65619e6b88a416388da9714"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront)
x-amz-version-id: BZL_3A6V8DHT.vaLP1MLeMehgpRiLT29
x-amz-cf-id: eecR1Bog0YboHb92DmeWloF-B8jhNaRvhmzqharDh0o1aPWh-oBJcA==

Redirect headers

location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16474667485990.5814974177859284
date: Wed, 16 Mar 2022 21:39:08 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H/1.1 200
OK / Show response
reallygreatrate.com/api/hdi/ 16 B
647 B 515ms
179ms XHR
application/json 165.227.241.154
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://reallygreatrate.com/api/hdi/?upload_type=GLC&publisher_id=632
Requested by: Host: rgrassets.s3-us-west-2.amazonaws.com
URL: https://rgrassets.s3-us-west-2.amazonaws.com/pixel.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 165.227.241.154 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: b76b82ca5652ae1c9329babf0060b82911598b9c3b31ac64710538cabd7552f7

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://govloanchoices.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 21:39:09 GMT
server: nginx/1.10.3 (Ubuntu)
transfer-encoding: chunked
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0,private
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPZLZTQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://govloanchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5662
date: Wed, 16 Mar 2022 20:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 16 Mar 2022 22:04:46 GMT

GET
H2

200

bootstrap.js Show response
cdn.trustedform.com/
Redirect Chain

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=TrustedFormToken&l=16474667486400.9423242824612521
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=TrustedFormToken&l=16474667486400.9423242824612521

29 KB
12 KB

172ms
137ms

Script
application/javascript

2600:9000:223d:ee00:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=TrustedFormToken&l=16474667486400.9423242824612521
Requested by: Host: govloanchoices.com
URL: https://govloanchoices.com/
Protocol: H2
Server: 2600:9000:223d:ee00:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0c6d702c6b2789ee8a91cd9b659945c1f1c8071a4e7c90b7b47efeaaffe2ccf0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://govloanchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 21:39:10 GMT
content-encoding: gzip
last-modified: Wed, 02 Mar 2022 18:19:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
etag: W/"fe100d2fd65619e6b88a416388da9714"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront)
x-amz-version-id: BZL_3A6V8DHT.vaLP1MLeMehgpRiLT29
x-amz-cf-id: LM_8dEDXMqiqdkkbyWw-CODvfLmmV-KaPg0V-ORRQ3KxseNlQJdyqg==

Redirect headers

location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=TrustedFormToken&l=16474667486400.9423242824612521
date: Wed, 16 Mar 2022 21:39:08 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H2 401 me Show response
geoip-js.com/geoip/v2.1/city/ 186 B
461 B 89ms
52ms XHR
application/vnd.maxmind.com-error+json 2606:4700::6812:bef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geoip-js.com/geoip/v2.1/city/me?referrer=https%3A%2F%2Fgovloanchoices.com

Requested by

Host: rgrassets.s3-us-west-2.amazonaws.com
URL: https://rgrassets.s3-us-west-2.amazonaws.com/pixel.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

420cb1127cfdefa2bb7e1b9cf7edb91cd515c5136904ff1d4e13495b7437cf2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://govloanchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 21:39:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/vnd.maxmind.com-error+json; charset=UTF-8; version=2.1
access-control-allow-origin: *
cf-ray: 6ed0a3cb4c040204-ZRH
content-length: 186

GET
H2 200 TWoRTkvsVLQNe3zCfcg3pETq91r1 Show response
api.useproof.com/pixel/ Frame F118 218 B
1 KB 227ms
164ms XHR
application/json 2606:4700:3032::ac43:dff2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.useproof.com/pixel/TWoRTkvsVLQNe3zCfcg3pETq91r1?url=https:%2F%2Fgovloanchoices.com%2F
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:dff2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acadd8ff94144ad2624c91ed2bd6a0fa399398481bfbc9f80b18b31e7584cb3f

Request headers

Accept: application/json, text/plain, */*
Referer: https://cdn.useproof.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 21:39:08 GMT
via: 1.1 4a0cc1ef0dc7ada28fa94de0447121fe.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 218
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amzn-remapped-date: Wed, 16 Mar 2022 21:39:08 GMT
x-amz-cf-pop: MRS52-C1
x-amzn-requestid: b064b2b4-0156-4533-9f6e-af5412a93a6b
surrogate-control: no-store
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
content-encoding: br
x-amz-apigw-id: PGLXhH6qoAMFiyA=
pragma: no-cache
server: cloudflare
etag: W/"da-KGVPCnx+vZ/0sREwqJRtqI6XOcA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dKAZPi8QuuCldYOQY0rQXaoTwTOiovN358LezbaFQV5ajdKeI2rn%2BZR8k6lRq%2BieZz6jUwwaKNTntfXs73jL69odmGXUvb22AOSvMey2Mqes1Fk1qyE248QqUSZ%2FvV9yVZyxXFVZhS7fNHoQtTsG"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 6ed0a3cb8a415fc5-MRS
x-amz-cf-id: aMmzwKKv0BoJhW1Ft03hJ6Qg0Nang9xJKsUjs4PUOBkg-AOtTzrkwA==
x-amzn-remapped-connection: keep-alive
expires: 0

POST
H2 200 GenerateToken Show response
create.leadid.com/2.11.9/ 36 B
659 B 392ms
179ms XHR
text/plain 52.206.89.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/GenerateToken?msn=1&pid=1c645eb9-1c3b-4e21-8c66-10fe76a39464&_=88290128

Requested by

Host: rgrassets.s3-us-west-2.amazonaws.com
URL: https://rgrassets.s3-us-west-2.amazonaws.com/pixel.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.206.89.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-206-89-160.compute-1.amazonaws.com

Software

nginx /

Resource Hash

6e8ae5225176e49951889c94a6442111ea991f60e936b493355ddc770b6b6438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://govloanchoices.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 16 Mar 2022 21:39:09 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 29ms
14ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=14960772&t=event&ni=0&_s=1&dl=https%3A%2F%2Fgovloanchoices.com%2F&ul=en-us&de=UTF-8&dt=GovLoanChoices.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=GLO%20Landing&ea=GLO%20Landing&el=GLO%20Landing&_u=YEBAAEABAAAAAC~&jid=1937802124&gjid=340538366&cid=1959282976.1647466749&tid=UA-104373288-19&_gid=902213161.1647466749&_r=1&gtm=2wg3e0TPZLZTQ&z=1577168697

Requested by

Host: rgrassets.s3-us-west-2.amazonaws.com
URL: https://rgrassets.s3-us-west-2.amazonaws.com/pixel.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://govloanchoices.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 21:39:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://govloanchoices.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track Show response
analytics.proofapi.com/ Frame F118 87 B
807 B 291ms
228ms XHR
application/json 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.proofapi.com/track?e=%257B%2522pixelId%2522%253A%2522TWoRTkvsVLQNe3zCfcg3pETq91r1%2522%252C%2522pixelVersion%2522%253A%25223.1.13%2522%252C%2522visitorId%2522%253A%25224eb5c69b-3925-48fc-930d-1854e60634d1%2522%252C%2522captureIds%2522%253A%255B%255D%252C%2522integrationType%2522%253A%2522auto-lead-capture%2522%252C%2522localeSetting%2522%253A%2522en%2522%252C%2522os%2522%253A%2522Windows%2522%252C%2522browser%2522%253A%2522Chrome%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fgovloanchoices.com%252F%2522%252C%2522cleanUrl%2522%253A%2522govloanchoices.com%252F%2522%252C%2522domain%2522%253A%2522govloanchoices.com%2522%252C%2522pageviews%2522%253A1%252C%2522initialLandingPage%2522%253A%2522https%253A%252F%252Fgovloanchoices.com%252F%2522%257D
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c50bf779882e37bcbc25c1cbc3d6b040cddf0634a925388bfe604985abf162f7

Request headers

Accept: application/json, text/plain, */*
Referer: https://cdn.useproof.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 21:39:09 GMT
via: 1.1 vegur
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"57-QmppFAESGPBOkcOo3WwnrjvdNZQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aKPEC58Pm3P1wCk5rf7f2d2lM%2BHwKq184Ka7ci%2B2jdWTEGUUZijSnStWokPxpOt2EBzr6PkmcpVhUW1Q%2FtuH21I%2BydcUGseDDGULKkKboJJciXXshFkH1LLZYhLp4E5HOqJvHSlQbUDIp47q3leYElwsvFU%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cdn.useproof.com
access-control-allow-credentials: true
cf-ray: 6ed0a3cd88d05fd6-MRS
access-control-allow-headers: X-Requested-With,content-type

GET
H/1.1 200
OK iframe.html Show response
d2m2wsoho8qq12.cloudfront.net/ Frame 4725 3 KB
2 KB 49ms
8ms Document
text/html 143.204.101.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=32F8ECB1-BFE4-5EC0-1209-EABB375256A2&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=26C0F338-132A-760D-25DE-705DBD2DE30B&lac=29705C9D-232A-8A19-97CA-C832491B96A7

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/26c0f338-132a-760d-25de-705dbd2de30b.js?snippet_version=2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.72 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-72.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://govloanchoices.com/

Response headers

Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Mon, 07 Mar 2022 16:33:09 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Date: Tue, 15 Mar 2022 22:10:17 GMT
ETag: W/"622633c5-dbb"
X-Cache: Hit from cloudfront
Via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: yZjIeUxVRxn-yWN0NLQdlHu9ABUg4C2I5PyRLk7SRIITUfUToRK4bQ==
Age: 84532

POST
H2 200 SaveDom Show response
create.leadid.com/2.11.9/ 0
622 B 104ms
103ms XHR
text/plain 52.206.89.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/SaveDom?msn=2&pid=1c645eb9-1c3b-4e21-8c66-10fe76a39464&token=32F8ECB1-BFE4-5EC0-1209-EABB375256A2&_=88290129

Requested by

Host: rgrassets.s3-us-west-2.amazonaws.com
URL: https://rgrassets.s3-us-west-2.amazonaws.com/pixel.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.206.89.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-206-89-160.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://govloanchoices.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 16 Mar 2022 21:39:09 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.9/ 0
622 B 198ms
198ms XHR
text/plain 52.206.89.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/InitFormData?msn=3&pid=1c645eb9-1c3b-4e21-8c66-10fe76a39464&token=32F8ECB1-BFE4-5EC0-1209-EABB375256A2&_=88290130

Requested by

Host: rgrassets.s3-us-west-2.amazonaws.com
URL: https://rgrassets.s3-us-west-2.amazonaws.com/pixel.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.206.89.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-206-89-160.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://govloanchoices.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 16 Mar 2022 21:39:09 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 iframe.html Show response
deviceid.trueleadid.com/ Frame E45C 4 KB
2 KB 340ms
98ms Document
text/html 52.55.210.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://deviceid.trueleadid.com/iframe.html?token=32F8ECB1-BFE4-5EC0-1209-EABB375256A2&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=26C0F338-132A-760D-25DE-705DBD2DE30B&lac=29705C9D-232A-8A19-97CA-C832491B96A7
Requested by: Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=32F8ECB1-BFE4-5EC0-1209-EABB375256A2&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=26C0F338-132A-760D-25DE-705DBD2DE30B&lac=29705C9D-232A-8A19-97CA-C832491B96A7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.55.210.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-210-128.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d2m2wsoho8qq12.cloudfront.net/

Response headers

date: Wed, 16 Mar 2022 21:39:09 GMT
content-type: text/html
server: nginx
last-modified: Fri, 31 Dec 2021 14:51:34 GMT
etag: W/"61cf18f6-1049"
expires: Thu, 17 Mar 2022 21:39:09 GMT
cache-control: max-age=86400 public
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
content-encoding: gzip

POST
H2 200 Snap Show response
create.leadid.com/2.11.9/ 0
622 B 200ms
103ms XHR
text/plain 52.206.89.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/Snap?msn=4&pid=1c645eb9-1c3b-4e21-8c66-10fe76a39464&token=32F8ECB1-BFE4-5EC0-1209-EABB375256A2&_=88290131

Requested by

Host: rgrassets.s3-us-west-2.amazonaws.com
URL: https://rgrassets.s3-us-west-2.amazonaws.com/pixel.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.206.89.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-206-89-160.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://govloanchoices.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 16 Mar 2022 21:39:09 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 SaveDeviceId.js Show response
create.leadid.com/2.11.9/ Frame E45C 0
626 B 296ms
101ms Script
text/javascript 52.206.89.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/SaveDeviceId.js?lac=29705C9D-232A-8A19-97CA-C832491B96A7&lck=26C0F338-132A-760D-25DE-705DBD2DE30B&methods=48&token=32F8ECB1-BFE4-5EC0-1209-EABB375256A2&uuid=9e3ee7941cf2405ab20493ec9480a354

Requested by

Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=32F8ECB1-BFE4-5EC0-1209-EABB375256A2&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=26C0F338-132A-760D-25DE-705DBD2DE30B&lac=29705C9D-232A-8A19-97CA-C832491B96A7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.206.89.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-206-89-160.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://deviceid.trueleadid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 21:39:09 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 201 certs Show response
api.trustedform.com/ Frame A60E 494 B
705 B 293ms
99ms XHR
application/json 3.211.150.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=TrustedFormToken&l=16474667486400.9423242824612521
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.211.150.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-150-49.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 00068584d744d3caba34566492e95250e1c042dc0eee0497e70840fe138c9976

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 16 Mar 2022 21:39:10 GMT
server: Cowboy
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 494

GET
H2 200 trustedform-1.8.21.js Show response
cdn.trustedform.com/ 130 KB
49 KB 7ms
7ms Script
application/javascript 2600:9000:223d:ee00:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/trustedform-1.8.21.js
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=TrustedFormToken&l=16474667486400.9423242824612521
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:ee00:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 43fafa76ab432509b01df432fc7512b0c17d3f2ed0252256708870de1cc6f178

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://govloanchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: c1adlu5LKebPvf8lu2cpG8on1F5T9CGl
content-encoding: gzip
last-modified: Wed, 02 Mar 2022 18:19:23 GMT
server: AmazonS3
age: 7
etag: W/"ad4c4346cf98d4dc3a1e8aa75b5afcc6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront)
date: Wed, 16 Mar 2022 21:39:05 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: C-vgC9Q8-2XSYVggyXIX2rYWq4Lsqc94nJxWD5bmmgkEElbwTTh0rQ==

POST
H2 204 snapshot Show response
api.trustedform.com/certs/3e3857cdd6d742de856de5bc442c78d5bb1f7b1a/ Frame 8A0D 0
159 B 292ms
292ms XHR
text/plain 3.211.150.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/3e3857cdd6d742de856de5bc442c78d5bb1f7b1a/snapshot
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.21.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.211.150.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-150-49.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 16 Mar 2022 21:39:10 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: Cowboy
access-control-expose-headers

GET
H3 200 logo-main.png
govloanchoices.com/src/images/ 14 KB
14 KB 31ms
31ms Image
image/png 2606:4700:3036::6815:fb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://govloanchoices.com/src/images/logo-main.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.21.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:fb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4004573735e421c1638ea50b804f621f06277d46010417d33593573b199a1ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://govloanchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 21:39:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13955
last-modified: Fri, 21 Jan 2022 18:16:22 GMT
server: cloudflare
etag: "3683-5d61b9dbda9be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=phJu90z8WkwsCV8eCHmH%2FU%2BI00ddZZqCDtq36cQ9ERwHnptQzTVQqCx3mahzBBE9lQSBGhkopealy1cGBD3%2Fnly6YxBhTy4i4TKiXTfaUCKxOx9YNKNBGztgFbQN4iodJdcdjyN34jn2ohOEqqO5wGc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6ed0a3d52d317361-MRS

GET
H3 200 icon-1.png
govloanchoices.com/src/images/ 25 KB
25 KB 30ms
30ms Image
image/png 2606:4700:3036::6815:fb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://govloanchoices.com/src/images/icon-1.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.21.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:fb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de2d4d9df8e880001121eb73e34157a7b0b5c0f311a96574b5a7e79d036dad32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://govloanchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 21:39:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25260
last-modified: Fri, 21 Jan 2022 18:16:19 GMT
server: cloudflare
etag: "62ac-5d61b9d935d39"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gX2k29fD%2FWHz58ouTnocJ5CJSbuW4Xsyu2z6I3hYoQ6VBz2GpFxjz3wo5JkuXVuHNN3ZMJIBS6FJU717yGVcueEkp404v50wEkf3skElcY9sTkz6pLfBDKKX8gHp6R8riVDJBPyBamC31FnPsFIBZME%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6ed0a3d52d347361-MRS

GET
H3 200 icon-2.png
govloanchoices.com/src/images/ 24 KB
24 KB 36ms
36ms Image
image/png 2606:4700:3036::6815:fb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://govloanchoices.com/src/images/icon-2.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.21.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:fb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0cba038cc37604e34105a423a8cb63d4ab3691833b811e2e35a148bde000c17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://govloanchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 21:39:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24467
last-modified: Fri, 21 Jan 2022 18:16:20 GMT
server: cloudflare
etag: "5f93-5d61b9d9bd92d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hIoK7mZl1Qk6c5JM29GDRSCcftBI45wnJ63yfDaWc6jFgvr6QsM2OFmB5MpaitI6sz3c6gfQZb81R1QFdXoWZfC2cXFChJlNB9JbicHftTKCi9pzYTC2sQY4HmIwFW8CVsmZJZrswQv9I2MI7mOWyo8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6ed0a3d52d367361-MRS

GET
H3 200 icon-3.png
govloanchoices.com/src/images/ 23 KB
23 KB 31ms
31ms Image
image/png 2606:4700:3036::6815:fb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://govloanchoices.com/src/images/icon-3.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.21.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:fb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7a6a6c23567f3e5cd14b97d60603c840fa1c7e2b763ac024bb453119c257b03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://govloanchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 21:39:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23252
last-modified: Fri, 21 Jan 2022 18:16:20 GMT
server: cloudflare
etag: "5ad4-5d61b9da44581"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ik%2BktcvipuhmSpYo8BI3Aixfhb0aE3jQNm%2FRUU2y2ximrYYus89J0JtJMZ3z4R4atJVmdGvY%2BywqT7eDce4W5G3KQOfkYbl9G%2BWh5urhT0h%2F%2FtvwrpKUPLxBAbYvcofom4T0oWWZc3rZOSbK9vFqq5I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6ed0a3d52d377361-MRS

GET
H3 200 icon-4.png
govloanchoices.com/src/images/ 26 KB
26 KB 32ms
32ms Image
image/png 2606:4700:3036::6815:fb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://govloanchoices.com/src/images/icon-4.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.21.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:fb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d03cd65c51db081fa1ee7873e0bb2ccbbc8478ce11446e7d5c48bf72e77b958e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://govloanchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 21:39:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26375
last-modified: Fri, 21 Jan 2022 18:16:23 GMT
server: cloudflare
etag: "6707-5d61b9dcc7ec1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=voFgItlqZHaM1r7nQK2FDi88gHD%2BUKPaIji4SxaMQB3%2FqUYBFWcwBLMXppf4ukB6yYgXAZOG0y3LEDJ9bUvEtnS9grzTnAzKGxr3Vf3gNjwjfio1Fz8fd0oT7bG9Pzjdmq5lZ8Hel0dGkI2uJ3MtNuY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6ed0a3d52d3a7361-MRS

GET
H3 200 logo-popup.png
govloanchoices.com/src/images/ 15 KB
15 KB 33ms
33ms Image
image/png 2606:4700:3036::6815:fb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://govloanchoices.com/src/images/logo-popup.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.21.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:fb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ca5e4dc374c8492fbedd13adc234e0c9e7390cebe54ec59edbb745121d50b4c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://govloanchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 21:39:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14878
last-modified: Fri, 21 Jan 2022 18:16:22 GMT
server: cloudflare
etag: "3a1e-5d61b9db97394"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=30RJcFKyusZv%2FzGXk%2BEKZecSIoeRwz84ee2Z0BAOwLZdGmXLfeokqAqCYIo9gEDuAqPQ9YOUYT37CNSXMarwJsz9xsiHAJNrJq3unlPuOAkP86KHPBThLUL8%2BCG4NjFaVl%2FHync0fehNuqZFynYlgLk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6ed0a3d52d3d7361-MRS

GET
H3 200 icon-locked.png
govloanchoices.com/src/images/ 835 B
1 KB 34ms
34ms Image
image/png 2606:4700:3036::6815:fb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://govloanchoices.com/src/images/icon-locked.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.21.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:fb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22d9df11f578b317e91e8963cebeb1b72bfc29c90d7b7e23e723a539f4fcb2f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://govloanchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 21:39:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 835
last-modified: Fri, 21 Jan 2022 18:16:21 GMT
server: cloudflare
etag: "343-5d61b9db52dca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FaFcalmB8doNr%2FHooX72dX%2Bk8lwoXBVyO6qRzHntDDyd6%2B1HBWxSQ9%2FuNAhBX9vEkMcajJk9bGImSyHZpcWOlRLfygVTLj714OiMP24AjrymTB1ZvLZIrdBEqczQwsuLVfqTzoXMBfM8M6rLTsxcWQg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6ed0a3d52d3f7361-MRS

GET
H3 200 tooltip.png
govloanchoices.com/src/images/ 2 KB
2 KB 36ms
36ms Image
image/png 2606:4700:3036::6815:fb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://govloanchoices.com/src/images/tooltip.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.21.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:fb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 503be85dc7326172b1a697f13bfc0e3284486a9252d945f8e4a796c01dce75be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://govloanchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 21:39:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1711
last-modified: Fri, 21 Jan 2022 18:16:19 GMT
server: cloudflare
etag: "6af-5d61b9d97a303"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6AzKEIPe8iaWLSWnLTKimkfSowj7nGU0KAIWPBnd1nM6YMzeZCZWvz3GIUROmZe1WPjie3dpgT4VWRZYUZMkwjs5R26IDFKe8t3oa58fiSafe0EsDvDs6drQDiC4v1WH%2FHdRV6gG3SsG1f74HUsd%2Fso%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6ed0a3d53d497361-MRS

POST
H2 204 fingerprints Show response
api.trustedform.com/certs/3e3857cdd6d742de856de5bc442c78d5bb1f7b1a/ Frame 8A0D 0
159 B 277ms
277ms XHR
text/plain 3.211.150.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/3e3857cdd6d742de856de5bc442c78d5bb1f7b1a/fingerprints
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.21.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.211.150.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-150-49.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 16 Mar 2022 21:39:10 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: Cowboy
access-control-expose-headers

GET
DATA 200
OK truncated
/ 10 KB
10 KB Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0fa4e662b0b08681283c555584cee05dcc9042496f65efd38b65a4fdbe5758ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: text/javascript

POST
H2 200 Snap Show response
create.leadid.com/2.11.9/ 0
621 B 202ms
101ms XHR
text/plain 52.206.89.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/Snap?msn=5&pid=1c645eb9-1c3b-4e21-8c66-10fe76a39464&token=32F8ECB1-BFE4-5EC0-1209-EABB375256A2&_=88290132

Requested by

Host: rgrassets.s3-us-west-2.amazonaws.com
URL: https://rgrassets.s3-us-west-2.amazonaws.com/pixel.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.206.89.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-206-89-160.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://govloanchoices.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 16 Mar 2022 21:39:10 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.9/ 0
621 B 102ms
102ms XHR
text/plain 52.206.89.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/InitFormData?msn=6&pid=1c645eb9-1c3b-4e21-8c66-10fe76a39464&token=32F8ECB1-BFE4-5EC0-1209-EABB375256A2&_=88290133

Requested by

Host: rgrassets.s3-us-west-2.amazonaws.com
URL: https://rgrassets.s3-us-west-2.amazonaws.com/pixel.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.206.89.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-206-89-160.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://govloanchoices.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 16 Mar 2022 21:39:10 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 Snap Show response
create.leadid.com/2.11.9/ 0
622 B 198ms
101ms XHR
text/plain 52.206.89.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/Snap?msn=7&pid=1c645eb9-1c3b-4e21-8c66-10fe76a39464&token=32F8ECB1-BFE4-5EC0-1209-EABB375256A2&_=88290134

Requested by

Host: rgrassets.s3-us-west-2.amazonaws.com
URL: https://rgrassets.s3-us-west-2.amazonaws.com/pixel.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.206.89.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-206-89-160.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://govloanchoices.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 16 Mar 2022 21:39:11 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 events
api.trustedform.com/certs/3e3857cdd6d742de856de5bc442c78d5bb1f7b1a/ 0
159 B 98ms
98ms Ping
text/plain 3.211.150.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/3e3857cdd6d742de856de5bc442c78d5bb1f7b1a/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.21.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.211.150.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-150-49.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://govloanchoices.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 16 Mar 2022 21:39:15 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: Cowboy
access-control-expose-headers

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.govloanchoices.com/	1970-01-20 19:08:58	Name: _ga Value: GA1.2.1959282976.1647466749
.govloanchoices.com/	1970-01-20 01:39:13	Name: _gid Value: GA1.2.902213161.1647466749
.govloanchoices.com/	1970-01-20 01:37:46	Name: _gat_UA-104373288-19 Value: 1
govloanchoices.com/	1970-01-23 17:18:05	Name: 6bdfac53cbfb648b7ebe7a1fe1b93f4d Value: %7B%22v%22%3A%225.8%22%2C%22a%22%3A683674553%2C%22b%22%3A%2223f6d223aeacde6a26ef301c0e54e25e%22%2C%22c%22%3A1647466748961%2C%22d%22%3A%228965ea3e199fdc1409bd55e4e1d6925f%22%2C%22e%22%3A%22%22%7D
govloanchoices.com/	1970-01-20 01:37:47	Name: leadid_token-29705C9D-232A-8A19-97CA-C832491B96A7-26C0F338-132A-760D-25DE-705DBD2DE30B Value: 32F8ECB1-BFE4-5EC0-1209-EABB375256A2
.deviceid.trueleadid.com/	1970-01-25 20:28:19	Name: uuid Value: 9e3ee7941cf2405ab20493ec9480a354

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://geoip-js.com/geoip/v2.1/city/me?referrer=https%3A%2F%2Fgovloanchoices.com Message: Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.proofapi.com
api.trustedform.com
api.useproof.com
cdn-3.convertexperiments.com
cdn.fcmrktplace.com
cdn.trustedform.com
cdn.useproof.com
cp.reallygreatrate.com
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
fonts.googleapis.com
fonts.gstatic.com
geoip-js.com
govloanchoices.com
js.maxmind.com
reallygreatrate.com
rgrassets.s3-us-west-2.amazonaws.com
www.ehawk.net
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
www.reallygreatrate.com
104.248.186.70
104.90.154.82
143.204.101.72
165.227.241.154
2600:9000:223d:ee00:1c:7f1a:6680:93a1
2606:4700:10::6816:26b6
2606:4700:3032::ac43:dff2
2606:4700:3036::6815:fb5
2606:4700::6810:252f
2606:4700::6812:bef
2a00:1450:4001:808::200e
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2008
2a00:1450:4001:811::2003
2a00:1450:4001:830::200a
2a00:d01:ff:905:94:228:142:86
2a06:98c1:3121::7
3.211.150.49
52.206.89.160
52.55.210.128
52.92.164.50
54.213.110.193
00068584d744d3caba34566492e95250e1c042dc0eee0497e70840fe138c9976
08db9ffa193c261766f76c722540879248703d7bac8d187808e02e15a0ea1a94
0adeedede6d3bdf7e7258108ead2ed80af83b9fec8ba560d29fce2f3a957a261
0c6d702c6b2789ee8a91cd9b659945c1f1c8071a4e7c90b7b47efeaaffe2ccf0
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0fa4e662b0b08681283c555584cee05dcc9042496f65efd38b65a4fdbe5758ba
22d9df11f578b317e91e8963cebeb1b72bfc29c90d7b7e23e723a539f4fcb2f7
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2fe5fb2d025e0a2a028376783078622313bb93ec4a64cae7a8f6c0463507b2b1
377e0d879762c70e9e14ee2f543e5fba2713a477a6f11d047843888e143df633
418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf
420cb1127cfdefa2bb7e1b9cf7edb91cd515c5136904ff1d4e13495b7437cf2f
439a62706891e1d3726121a56316cdc8b545114ec209a7dab5abc374c7059a6f
43fafa76ab432509b01df432fc7512b0c17d3f2ed0252256708870de1cc6f178
479bbacc482a04fafa069e27d88922ed314c9f7df86ebf8b117de571c4869512
503be85dc7326172b1a697f13bfc0e3284486a9252d945f8e4a796c01dce75be
54234f4ebe24f0a0058c5a4301ba3356fa0e138d3adfa12cac7b144667da104d
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
6a45658988e9ccf8d151c181ca1ce06731abd20a469ea9b6210b31cfcaffa91e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e8ae5225176e49951889c94a6442111ea991f60e936b493355ddc770b6b6438
70ff119eeb7365facd3ee07dcfba4c31e3c1b8c057551e9cc8e1adaa9a1f0532
7656b5a72cee89a429742d2575df383f9d0a5a36464ab05ee13fb1dafeb73bdf
76b6bea9281a31fdbb407f9b0c59ccfee7c064e52e8b79bab8da0bdaaeea0036
7883c55c1521ce0341c6d33ddc4fbf2455374102675bb98e54a552a66f89c7d4
7ca5e4dc374c8492fbedd13adc234e0c9e7390cebe54ec59edbb745121d50b4c
8620c572b94e3875ce7e7dc5462a926e9ca2317747f2d8b98ec6b12e6bdd72d0
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a4004573735e421c1638ea50b804f621f06277d46010417d33593573b199a1ad
acadd8ff94144ad2624c91ed2bd6a0fa399398481bfbc9f80b18b31e7584cb3f
b1d322ce85bac822b41bd469b6e5d451a9afad0d6858f00fb41e544dce7f537a
b76b82ca5652ae1c9329babf0060b82911598b9c3b31ac64710538cabd7552f7
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
c50bf779882e37bcbc25c1cbc3d6b040cddf0634a925388bfe604985abf162f7
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf624cca88c1828e4dc1a61151d2ce6e826191ba2223f4cf4cdacc1d8a52981b
d03cd65c51db081fa1ee7873e0bb2ccbbc8478ce11446e7d5c48bf72e77b958e
d0cba038cc37604e34105a423a8cb63d4ab3691833b811e2e35a148bde000c17
de2d4d9df8e880001121eb73e34157a7b0b5c0f311a96574b5a7e79d036dad32
dffcba66b4a58ee6c8a86c4cb1ca722c510fab2d72b506a792124c2fbcd8699c
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7a6a6c23567f3e5cd14b97d60603c840fa1c7e2b763ac024bb453119c257b03
f4d712c5a2901b92d4baa6e18554c3db8e5ce1d8f4d3189054e39489b37c982c

govloanchoices.com Open in urlscan Pro 2606:4700:3036::6815:fb5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

63 Requests

97 %HTTPS

59 %IPv6

19 Domains

24 Subdomains

23 IPs

3 Countries

1740 kBTransfer

2612 kBSize

6 Cookies

6 Outgoing links

Page URL History

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

govloanchoices.com Open in urlscan Pro
2606:4700:3036::6815:fb5 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

97 %
HTTPS

59 %
IPv6

19
Domains

24
Subdomains

23
IPs

3
Countries

1740 kB
Transfer

2612 kB
Size

6
Cookies

63 HTTP transactions
1 data transactions