urlscan.io logo urlscan.io
SecurityTrails logo

harpsubstitute.com Open in urlscan Pro
172.67.193.205  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://hottoil.xyz/
Effective URL: https://harpsubstitute.com/?publisher_id=1190&subid=
Submission: On September 29 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 4 countries across 21 domains to perform 106 HTTP transactions. The main IP is 172.67.193.205, located in United States and belongs to CLOUDFLARENET, US. The main domain is harpsubstitute.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 8th 2021. Valid for: a year.
This is the only time harpsubstitute.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 95.215.210.10 49055 (NEWIT-AS)
54 172.67.193.205 13335 (CLOUDFLAR...)
1 104.111.248.13 16625 (AKAMAI-AS)
1 104.16.37.47 13335 (CLOUDFLAR...)
3 172.67.223.242 13335 (CLOUDFLAR...)
1 52.218.169.8 16509 (AMAZON-02)
1 69.16.175.10 20446 (HIGHWINDS3)
1 54.243.53.47 14618 (AMAZON-AES)
2 52.38.97.1 16509 (AMAZON-02)
2 142.250.185.234 15169 (GOOGLE)
1 142.250.185.232 15169 (GOOGLE)
2 142.250.186.163 15169 (GOOGLE)
1 104.22.39.182 13335 (CLOUDFLAR...)
13 184.73.20.15 14618 (AMAZON-AES)
1 10 34.200.112.176 14618 (AMAZON-AES)
2 52.222.236.52 16509 (AMAZON-02)
1 13.32.118.20 16509 (AMAZON-02)
3 165.227.241.154 14061 (DIGITALOC...)
1 104.18.11.239 13335 (CLOUDFLAR...)
2 142.250.185.206 15169 (GOOGLE)
1 34.199.156.149 14618 (AMAZON-AES)
1 142.250.181.227 15169 (GOOGLE)
2 104.21.4.14 13335 (CLOUDFLAR...)
1 104.21.35.233 13335 (CLOUDFLAR...)
106 23
1    95.215.210.10 (Novosibirsk, Russian Federation)

ASN49055 (NEWIT-AS, RU)
hottoil.xyz
54    172.67.193.205 (United States)

ASN13335 (CLOUDFLARENET, US)
harpsubstitute.com
1    104.111.248.13 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-248-13.deploy.static.akamaitechnologies.com
cdn-3.convertexperiments.com
1    104.16.37.47 (None, )

ASN13335 (CLOUDFLARENET, US)
js.maxmind.com
3    172.67.223.242 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.useproof.com
1    52.218.169.8 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com
s3-us-west-2.amazonaws.com
1    69.16.175.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: hwcdn.net
code.jquery.com
1    54.243.53.47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-53-47.compute-1.amazonaws.com
finance.mediaalpha.com
2    52.38.97.1 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-38-97-1.us-west-2.compute.amazonaws.com
cdn.fcmrktplace.com
2    142.250.185.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net
fonts.googleapis.com
1    142.250.185.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f8.1e100.net
www.googletagmanager.com
2    142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net
fonts.gstatic.com
1    104.22.39.182 (None, )

ASN13335 (CLOUDFLARENET, US)
create.lidstatic.com
13    184.73.20.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-20-15.compute-1.amazonaws.com
create.leadid.com
10    34.200.112.176 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-112-176.compute-1.amazonaws.com
api.trustedform.com
2    52.222.236.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-52.fra56.r.cloudfront.net
cdn.trustedform.com
1    13.32.118.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-118-20.fra60.r.cloudfront.net
d2m2wsoho8qq12.cloudfront.net
3    165.227.241.154 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
reallygreatrate.com
1    104.18.11.239 (None, )

ASN13335 (CLOUDFLARENET, US)
geoip-js.com
2    142.250.185.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f14.1e100.net
www.google-analytics.com
1    34.199.156.149 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-156-149.compute-1.amazonaws.com
deviceid.trueleadid.com
1    142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net
www.gstatic.com
2    104.21.4.14 (None, )

ASN13335 (CLOUDFLARENET, US)
api.useproof.com
1    104.21.35.233 (None, )

ASN13335 (CLOUDFLARENET, US)
analytics.proofapi.com
Domain Requested by
54 harpsubstitute.com harpsubstitute.com
code.jquery.com
cdn.trustedform.com
13 create.leadid.com create.lidstatic.com
deviceid.trueleadid.com
10 api.trustedform.com 1 redirects api.trustedform.com
cdn.trustedform.com
3 reallygreatrate.com harpsubstitute.com
3 cdn.useproof.com harpsubstitute.com
cdn.useproof.com
2 api.useproof.com cdn.useproof.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 cdn.trustedform.com harpsubstitute.com
api.trustedform.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com harpsubstitute.com
2 cdn.fcmrktplace.com harpsubstitute.com
1 analytics.proofapi.com cdn.useproof.com
1 www.gstatic.com cdn.useproof.com
1 deviceid.trueleadid.com d2m2wsoho8qq12.cloudfront.net
1 geoip-js.com js.maxmind.com
1 d2m2wsoho8qq12.cloudfront.net create.lidstatic.com
1 create.lidstatic.com harpsubstitute.com
1 www.googletagmanager.com harpsubstitute.com
1 finance.mediaalpha.com harpsubstitute.com
1 code.jquery.com harpsubstitute.com
1 s3-us-west-2.amazonaws.com harpsubstitute.com
1 js.maxmind.com harpsubstitute.com
1 cdn-3.convertexperiments.com harpsubstitute.com
1 hottoil.xyz 1 redirects
106 24
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-04-08 -
2022-04-07		 a year crt.sh
*.convertexperiments.com
DigiCert SHA2 Secure Server CA		 2021-04-21 -
2022-04-26		 a year crt.sh
*.maxmind.com
Sectigo RSA Organization Validation Secure Server CA		 2020-10-07 -
2021-11-06		 a year crt.sh
*.s3-us-west-2.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-06-23 -
2022-07-24		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
mediaalpha.com
Amazon		 2021-08-10 -
2022-09-08		 a year crt.sh
*.fcmrktplace.com
Amazon		 2021-03-08 -
2022-04-06		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
lidstatic.com
Cloudflare Inc ECC CA-3		 2021-04-30 -
2022-04-29		 a year crt.sh
create.leadid.com
Amazon		 2021-04-24 -
2022-05-23		 a year crt.sh
cdn.trustedform.com
Amazon		 2021-05-14 -
2022-06-12		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
www.reallygreatrate.com
Go Daddy Secure Certificate Authority - G2		 2021-01-06 -
2022-02-07		 a year crt.sh
deviceid.trueleadid.com
Amazon		 2021-02-06 -
2022-03-07		 a year crt.sh
*.trustedform.com
Amazon		 2020-11-11 -
2021-12-10		 a year crt.sh

This page contains 4 frames:

Primary Page: https://harpsubstitute.com/?publisher_id=1190&subid=
Frame ID: 75AE743BCD75E30E083C8194BDB1CD89
Requests: 97 HTTP requests in this frame

Frame: https://cdn.useproof.com/proxy/index.html
Frame ID: 76C54710FAC165B76A8C9D81AB314F00
Requests: 6 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=90F97643-62DB-E298-0147-9CE8D846F5E8&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.7&lck=55BC924F-7A64-632A-27E9-C00A43B0343D&lac=29705C9D-232A-8A19-97CA-C832491B96A7
Frame ID: E17F7D8D1E34343CCE60E158C55E167F
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=90F97643-62DB-E298-0147-9CE8D846F5E8&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.7&lck=55BC924F-7A64-632A-27E9-C00A43B0343D&lac=29705C9D-232A-8A19-97CA-C832491B96A7
Frame ID: 3AAC6E62829D64068B5428F79DFF2CC0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Harp Substitute

Page URL History Show full URLs

  1. http://hottoil.xyz/ HTTP 302
    https://harpsubstitute.com/?publisher_id=1190&subid= Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /(?:([\d.]+)/)?firebase(?:\.min)?\.js
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+lightbox(?:\.min)?\.css
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

106
Requests

100 %
HTTPS

0 %
IPv6

21
Domains

24
Subdomains

23
IPs

4
Countries

1483 kB
Transfer

2622 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://hottoil.xyz/ HTTP 302
    https://harpsubstitute.com/?publisher_id=1190&subid= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49
  • https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16328845669450.8190913435572382 HTTP 301
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16328845669450.8190913435572382

106 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
harpsubstitute.com/
Redirect Chain
  • http://hottoil.xyz/
  • https://harpsubstitute.com/?publisher_id=1190&subid=
89 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://harpsubstitute.com/?publisher_id=1190&subid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5b72a06b840b4d784f8415b538811ec646956f8155e3511a009bf8926f65f0c

Request headers

:method
GET
:authority
harpsubstitute.com
:scheme
https
:path
/?publisher_id=1190&subid=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 29 Sep 2021 03:02:46 GMT
content-type
text/html
last-modified
Fri, 30 Jul 2021 22:08:02 GMT
vary
Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
expires
0
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jFQwpJkxn%2FS%2BGb7sBnAlDn47DUnyzQ4MgDcnvnQp0BZ1qe8LY1ECLQ3Xi%2F%2FWgfldczTI2f9HGA7YIiWb%2FTo9XLbx3wOg9sGdKWDRfNrleJoZ5yqbL0qQTM5BhB7S6eOsmCM8sto%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6961f97aff88411f-PRG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date
Wed, 29 Sep 2021 03:02:46 GMT
Server
Apache/2.4.6 (CentOS) PHP/7.3.19
X-Powered-By
PHP/7.3.19
Location
https://harpsubstitute.com?publisher_id=1190&subid=
Content-Length
0
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
glyphicons-halflings-regular.woff2
harpsubstitute.com/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://harpsubstitute.com/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

:path
/fonts/glyphicons-halflings-regular.woff2
pragma
no-cache
origin
https://harpsubstitute.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
Origin
https://harpsubstitute.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:46 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18028
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:17:22 GMT
server
cloudflare
etag
"466c-5bf4f4fa0d3ba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KdGtXKLd2jWukWLu8qMYBGqQudw2rTqWxkTHFeh4xltLdMWAtctVw2HAQ4Bexa4I1OIjBHjTuy9KrJJAjKaVK4sNgzL7W%2FY1Fb4ppizVGj5RI2ZjGhsM9G6cCh8udBY2HyqGl10%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
6961f97c5fcd411f-PRG
expires
0
10025084-10024636.js
cdn-3.convertexperiments.com/js/ 		27 B
248 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-3.convertexperiments.com/js/10025084-10024636.js
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.248.13 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-248-13.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d4aa7a4a0b23c0e7ce0b8af8f3fcc0f8d43975482e645af0eff7df6305fa2e47
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:46 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=145
strict-transport-security
max-age=15768000
content-length
47
x-privacy-policy
You can find our privacy policy at https://www.convert.com/privacy-notice/
bootstrap.min.css
harpsubstitute.com/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://harpsubstitute.com/css/bootstrap.min.css
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

:path
/css/bootstrap.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:46 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:16:58 GMT
server
cloudflare
etag
W/"1d970-5bf4f4e3161d5-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YBJ1RKGzmsWUhe6hFfPNXPTCNrSzcElZT8nyiLLRQ3MnMRGutJbR2Y24vwnvcrXpOODoQmKHXRTrCKgitiOSbqh0e%2FL9Dq302iBtCjwJ4WyJNIJ7oDs%2Fh9pEaJadIFJjrrf6neU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
cf-ray
6961f97c5fce411f-PRG
expires
0
style.css
harpsubstitute.com/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://harpsubstitute.com/css/style.css
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e988639b9cf3eed8f9521702d16bbdcdcc6602fbdf82785aa0e11d2c557aa13

Request headers

:path
/css/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:46 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:17:00 GMT
server
cloudflare
etag
W/"35e4-5bf4f4e4c9ad5-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5TrZZeFEvyQ%2B6ph0cCKltzF0jcPvw6X0OAhptBiKnJyRFdkla9uVLTCrAhjnfzc4V4CFriesZUpkVWEEzqsHI0nqGbRxLUX9ytTNUgZAwIUC7NxYMwAd7iJb7YQqhPtwmnkU05A%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
cf-ray
6961f97c5fcf411f-PRG
expires
0
jquery.lightbox.css
harpsubstitute.com/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://harpsubstitute.com/css/jquery.lightbox.css
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c20200c1fce72a3749a5a2fe92a2c63a7f313adfd8b68376d6c6d1d7a51bd04c

Request headers

:path
/css/jquery.lightbox.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:46 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:16:59 GMT
server
cloudflare
etag
W/"135b-5bf4f4e3a7a0a-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RBWyiVSy0jnd6c4kS7SqtvAwsPN%2Fxlj31cZaPp7Qe5JRuU1s6p7q7H0SSgoayXT%2BdLpLRRpzQl0tN6PGUFMP1V%2FPc1%2FQvbgehqIhBelIgkK16dvuW0N%2FKnZG1HLFhLHeO5QNnzg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
cf-ray
6961f97c5fd0411f-PRG
expires
0
style.confirm.css
harpsubstitute.com/css/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://harpsubstitute.com/css/style.confirm.css
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7be0ac99f2ea3e5f96e91fadfabfa6a74df8e9dde83f25bb847730cfd5b25310

Request headers

:path
/css/style.confirm.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:46 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:16:59 GMT
server
cloudflare
etag
W/"20ea-5bf4f4e4382a0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hj7jgWTHkDF5qvItP1UQgb7WU3O9QnZOCFITEkFLYK%2Fg0umWs5nSofwP3fsl2m7O2SHQeXzP7zrf2Jft4LQT009TJUgJSDIz3NhIoeQ3HvShHZv1Oo24fUZi%2BQjWbk6eiTcDqEg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
cf-ray
6961f97c5fd1411f-PRG
expires
0
animate.css
harpsubstitute.com/css/ 		71 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://harpsubstitute.com/css/animate.css
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b02261de48e43eb36ebd12bb35cc8cf835709afdafc45090f720268f47c0ecd1

Request headers

:path
/css/animate.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:46 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:16:58 GMT
server
cloudflare
etag
W/"11a42-5bf4f4e287880-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TgvtYKdYwX7JZSH14igzU9A6R5QTBiDIWXx%2FULsODCrUIZrUFrEX3zT1H64%2BTO5xiHM%2Bs6%2BQzZ7iP2aQGp53qH6bjqn1jk%2BHsX3%2BkGv%2FEOApY84%2F8Qefc3R1%2BAt0H%2F0LKSVGi7g%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
cf-ray
6961f97c5fd2411f-PRG
expires
0
sh_confirm.css
harpsubstitute.com/css/ 		569 B
553 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://harpsubstitute.com/css/sh_confirm.css
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cecb7574a7b590943facd083b1fa50a4d723e2aab07e11b7ceb2221778404e20

Request headers

:path
/css/sh_confirm.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:46 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:16:59 GMT
server
cloudflare
etag
W/"239-5bf4f4e3efe55-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s1d2PAAPKHpAEHXU2Hv4KBN5t%2FvMYRuHm%2F7vQQauR7CF19CxxM8KDmosLgaYjFFMQlAbbabT9ROOjQ32E7RMrRjf7EvZCJsXow5he8z9U5AM%2Bcw4QAWv%2FZGOHH6iKnDGE0aGpJI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
cf-ray
6961f97c5fd4411f-PRG
expires
0
geoip2.js
js.maxmind.com/js/apis/geoip2/v2.1/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.maxmind.com/js/apis/geoip2/v2.1/geoip2.js
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.37.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fe5fb2d025e0a2a028376783078622313bb93ec4a64cae7a8f6c0463507b2b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:46 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Sep 2021 19:18:30 GMT
server
cloudflare
age
585
etag
W/"61536a86-d69"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=43200
cf-ray
6961f97c98dd2b71-FRA
expires
Wed, 29 Sep 2021 15:02:46 GMT
proof.js
cdn.useproof.com/ 		486 KB
487 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.useproof.com/proof.js?acc=TWoRTkvsVLQNe3zCfcg3pETq91r1
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.223.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2863250
cf-ray
6961f97e49682798-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
497733
x-amz-id-2
NnyUKTaqcOPRuJw6Le6UVxhDMxVrdy9xQUOqZfTfe+Y0nHECwyzLohbswZFp3cqzpN2YAD3VoLQ=
last-modified
Mon, 29 Jun 2020 14:15:25 GMT
server
cloudflare
etag
"0426397a9b31146729ac86c5be8595d3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FMyudWGkgzrbDV83V%2BZ2CBkEQL1VxphtkCSXj9JN%2FjvwQuhbcBwUOqFXX%2Ff8qcw5XY0XKAboq7YZm8puN81M%2BBcL2ZtRFsqsyEhHAdlAITnlf%2F9OVhPJQbSPfQaEwFHezHTG"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
4QYRHFJJ37GYVXV2
cache-control
public, max-age=315360000, no-transform
x-amz-version-id
F0WxJo6k6ZqSk5t4_qZ.mqlg1RkwiqAq
accept-ranges
bytes
content-type
application/javascript
ajax-loader.gif
harpsubstitute.com/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/ajax-loader.gif
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24ed9db3eb0d97ecf1f0832cbd30bd37744e0d2b520ccdad5af60f7a08a45b90

Request headers

:path
/images/ajax-loader.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:46 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19110
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:18:19 GMT
server
cloudflare
etag
"4aa6-5bf4f52fa5746"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u0ReRPr3XSP1nymlzBGu01yZcax6du%2BRBJg1IOrhW6gsEVy65rsm%2FDBWaicHJqV7RFb4bwFvk6TdTXK0nkiRQ60U3UKk9yPT%2FjNYm%2FTuhB%2FrTSNC5IBTq5jCR1PMZJI%2BsuIttoA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
6961f97deb604125-PRG
expires
0
logo.png
harpsubstitute.com/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/logo.png
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5a31df4fd9b613ba62b7a8d1329687f7fddf1405e0f88478873106132ea216f

Request headers

:path
/images/logo.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:46 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4715
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:18:31 GMT
server
cloudflare
etag
"126b-5bf4f53bdc854"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qjltfVOHezJIA%2BRYGN85jKTf2VA8mr%2BL8bU9hdvjK16kWr1O06lvLyKSeIy2yp3FagMxCTvzQ5n18hCceIUMQtdgzOCyuAul0sV0ykJa%2BPxF0H9mzeQ9EvrcLWuZuxM8CFWONkA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
6961f97deb614125-PRG
expires
0
single-family.png
harpsubstitute.com/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/single-family.png
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee855c03ff68d56d694f797b269f1741916f49dc1669b462bbeb9300f5525fd5

Request headers

:path
/images/single-family.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:46 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9347
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:18:37 GMT
server
cloudflare
etag
"2483-5bf4f541a122e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8BlWzaBMCg1cY4nRPTnMt82ipDPK0wsDH1cL4aEThC8Pl%2BkBm8ZtupZzkLR4DXu7cfJcF83wDCmf3h4o0McReePO2z%2FCeeGeou8tm6MOVk9wZW3ceo%2FMJqxkdh8GqWCZYZQXjFE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
6961f97deb624125-PRG
expires
0
multi-family.png
harpsubstitute.com/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/multi-family.png
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd6c567369b1170df3dce198008dffd26680609dac9d8a3532c79335696d058e

Request headers

:path
/images/multi-family.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:46 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8109
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:18:33 GMT
server
cloudflare
etag
"1fad-5bf4f53d8b334"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nTWIycYfrqOvLUOE4AutMy2OqIA7HrzW9WPdspOzFWKxS7aPlTHUce1RgKOsvvl143c08wFZBIPRltvBSBcjLWu2uBEaBOEyrYnhGwBe%2F1KtWtmaRY54wRqeA5J0IysaY1JGYMU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
6961f97deb634125-PRG
expires
0
condo.png
harpsubstitute.com/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/condo.png
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99209fd93a657cd31de8a66da57ed9eba7cdee3802d219a72f3ab040652060ec

Request headers

:path
/images/condo.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:46 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10408
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:18:23 GMT
server
cloudflare
etag
"28a8-5bf4f53423e30"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JJwFiEwTyNTcMY2rpyXKhubFO7gtsteNr3uydVzJOXt8A%2FfsozLGDrksN2MekamxL%2Bg7h9Qssc9bAr12RWGKXQg%2FdU3OjjOLjJQepm6wuCWC1u6zES0IcsYutuiko%2F%2FshdDEwik%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
6961f97deb644125-PRG
expires
0
mobile-home.png
harpsubstitute.com/images/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/mobile-home.png
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f33bd58eaa8862892bfaaf1d07b4010ec83175e0b2b85b4b96b75c08cfa4a662

Request headers

:path
/images/mobile-home.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:46 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
21294
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:18:32 GMT
server
cloudflare
etag
"532e-5bf4f53cb4594"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3IOPYGGTg5wHsog6o1rrbIxkeafn1uFnCjnUF3v2EKpECwTxFcu65oZ8Cewxqb2f4AFuyoTcpcZR6IoAb%2BrFV9TI9hk7U8kkTdJZLWeLs1GAkTK5yY20cX%2F65eEiBk27C3DdoSA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
6961f97deb654125-PRG
expires
0
credit1_sls.png
harpsubstitute.com/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/credit1_sls.png
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2b8dd7ad58cd78f041a5f1b9cefc383ae93c31c2f6109c4796c9309e84edbba

Request headers

:path
/images/credit1_sls.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:46 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1962
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:18:26 GMT
server
cloudflare
etag
"7aa-5bf4f53662205"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2BFZx8cq1O4Kydm2sWRmwiyQ7E6Rfwy4XUNc6d1n4MZfo4thdeWM%2Bz2WYa2doXKbuWv3D%2BdCenA8SpfsgZjoFYg64ZtM95zGiEUq8KX5ABYpktWvMzPjWmVL1f9HKjXk3mDPIJA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
6961f97deb664125-PRG
expires
0
credit2_sls.png
harpsubstitute.com/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/credit2_sls.png
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
005a62b1fb7c1cbfa9029e92f4d9fb116ac1c0227a1f897385eb5c5edb6616d8

Request headers

:path
/images/credit2_sls.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:46 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2197
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:18:26 GMT
server
cloudflare
etag
"895-5bf4f536f1afa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w4ORX43NoiPGwsq2XrNNSNozgwuxS8ZfvE5E8GBYla%2BGy8TDhZj%2BuTSo1mR0Cw82V8gObg3EyymCyvYIjLbcD4Ucayq7dmcXCDZU4e79zDX9vaYZEtXQM6zye07vLbIuoUkYy8c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
6961f97deb674125-PRG
expires
0
credit3_sls.png
harpsubstitute.com/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/credit3_sls.png
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96826e8521715e333d75aa855eeaffb6f72c08c3bd757b6f6f70d8adad936d53

Request headers

:path
/images/credit3_sls.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:46 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2280
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:18:27 GMT
server
cloudflare
etag
"8e8-5bf4f53783330"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6AQqSrl89fz2Btc2sEbH3YDYU2%2BbWfxU08Hrsc4nIaQ%2BiJevCT9s6gZphPLjHWdyhExSo%2Bdsz8kDGWYh5qhAZJPzEhS4u4V7vnU2vpecsaCWeKi%2BZropwlttPo4kYXwHZW2%2BsnM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
6961f97deb684125-PRG
expires
0
credit4_sls.png
harpsubstitute.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/credit4_sls.png
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c881b0c2f14538c1171bf1ebe6e63440f6aa4d9100ad45ec857a201fbcab7c3

Request headers

:path
/images/credit4_sls.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:46 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1922
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:18:27 GMT
server
cloudflare
etag
"782-5bf4f53811c85"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0p%2BAuaind07rjnnQxnfAD%2BHhG%2BD0EQU2qZMw0gxn%2BZibDfpqUxzPf7B2HVdX9Gyk%2FXrN42B3AmAmzMD0aYNNitRLQR587wdNHNNq03GQqy4cMvfvUcSB8gbF5TMmdXqKmBFkHCI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
6961f97deb694125-PRG
expires
0
brand.png
harpsubstitute.com/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/brand.png
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26f76ed947ed29163c4f8ee4821e085b6362f837175f8b940e088f5b63ae4c08

Request headers

:path
/images/brand.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:46 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
7143
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:18:21 GMT
server
cloudflare
etag
"1be7-5bf4f531e4abb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9EeDK3dSyOGFMQZTFDWiPkT244t2I5BcTFfQc7Igo2pnD3w5NBJgW3QMqRdtN5mxs7E7I%2FpLPKE0JoYTqPYd4udYyk7%2FQVxH2OtPoEl6OBYCghzpwcC8IEJAdVUeVwL444%2B7Nz0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
6961f97deb6a4125-PRG
expires
0
getemails.js
s3-us-west-2.amazonaws.com/files.getemails.com/account/V3VHEYD/source/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-us-west-2.amazonaws.com/files.getemails.com/account/V3VHEYD/source/getemails.js
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.169.8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
email-decode.min.js
harpsubstitute.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://harpsubstitute.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 21 Sep 2021 15:51:34 GMT
server
cloudflare
etag
W/"6149ff86-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IMId%2Bidr%2BdMcFllYoyFB6TWjmjXcDOyMMGgM0iIEabJYl3PXdO0Z4rpEeFvnJZcC3Eq1Rt13Xnlb3qHCDvQi0rJ9TpaamBhhWnAnb2Gfr7D95l8bi%2FuraaoTxLUOvK6i5CyhgHg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6961f97d9b364125-PRG
vary
Accept-Encoding
expires
Fri, 01 Oct 2021 03:02:46 GMT
jquery-1.12.0.min.js
code.jquery.com/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.12.0.min.js
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:46 GMT
content-encoding
gzip
last-modified
Fri, 08 Jan 2016 19:57:42 GMT
server
nginx
etag
W/"569014b6-17c52"
vary
Accept-Encoding
x-hw
1632884566.dop240.fr8.t,1632884566.cds271.fr8.hn,1632884566.cds284.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33820
rhinoslider-1.05.min.js
harpsubstitute.com/js/ 		39 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://harpsubstitute.com/js/rhinoslider-1.05.min.js
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bdf83f75f66adf883bffa8154a933820ebe1774462491fa9569ced274dcfb76

Request headers

:path
/js/rhinoslider-1.05.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:46 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:18:45 GMT
server
cloudflare
etag
W/"9d51-5bf4f548f04c3-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n8syjD1TtsFvXzxBSovg%2FBcDL7X5X5DINhhBjQH0QaBAoX%2BvQ4Mz5jRlSGd53LIp0Vfl8p9IgKt%2BeQJHxOEMdUQ7JIAH5uEr7xtUNWWQ4Rjn9r15j3WYgqC6ldwoPZE%2BWrelts0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
6961f97ddb504125-PRG
expires
0
angular.min.js
harpsubstitute.com/js/ 		104 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://harpsubstitute.com/js/angular.min.js
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28a050e3bb0c1932abdde03a00adedf53cb095b71bed2041cc5ff29c34bbad8c

Request headers

:path
/js/angular.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:46 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:18:40 GMT
server
cloudflare
etag
W/"19ed2-5bf4f54403829-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q09QOZFdxZ82m5RSGkAItRq%2F0Qn%2FVguC9ZsffrEzM4iN7k5gwTYzULv50GNvgosfmpLywKMAkAkwW3aZiDXBWc9PuqGuVRm7SP80QzEqHns9%2FxJx7eSQIJR5uny7B4gA6smzyCE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
6961f97ddb514125-PRG
expires
0
bootstrap.min.js
harpsubstitute.com/js/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://harpsubstitute.com/js/bootstrap.min.js
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

:path
/js/bootstrap.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:46 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:18:41 GMT
server
cloudflare
etag
W/"90b5-5bf4f544fd84e-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vDaaCuyXHlpLYIJSkrUVSeBzPvQ8RAm393fhnU3hZTUi%2F1BnZg2BSeq4ploA5fu9qNtC5YFrsHrUogRgc2LG9zBflJBQV5MYpm8lIXPNxvALd9I%2FtJ8%2BhF2D8EDtgjqFom%2B0NTU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
6961f97deb544125-PRG
expires
0
jquery.inputmask.bundle.min.js
harpsubstitute.com/js/ 		74 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://harpsubstitute.com/js/jquery.inputmask.bundle.min.js
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f7c1711bbcc552ffcfa2d4a1ce63f0e5fde356e71d9c2fd7d7358888b93e798

Request headers

:path
/js/jquery.inputmask.bundle.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:46 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:18:43 GMT
server
cloudflare
etag
W/"1299b-5bf4f546ad2cd-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9hsVYueTy42VSuVqESkl5a3dJhakDpabKhzCdsyL2oUC5Zsx%2BcT8Ge7nbto3Z6ACb5A03bh546b2YAjOmA4Xip2utLTCESh9fkLXZ%2B5aIFtvVAsCq8LncNNS6REro62TA3LLkbE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
6961f97deb554125-PRG
expires
0
jquery.lightbox.js
harpsubstitute.com/js/ 		48 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://harpsubstitute.com/js/jquery.lightbox.js
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c78ce6b6d1928630b903084ea9d503643f303ba05455860cc7cd17f7687cc65

Request headers

:path
/js/jquery.lightbox.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:46 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:18:43 GMT
server
cloudflare
etag
W/"be42-5bf4f5471a8dd-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DgxFRlS5kX%2B5BkwEU8npP97anBqsoXrYWqAUdQ0qG%2FYC3aAKP6VASyLXpIuRZ0M97OA2OD3%2FXyGDkSb4VcmXqPsYCiLqIq0Xg2TP5U4QMWO%2B0vV%2B23jfx5X8OXPqbP2Js7oSKWY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
6961f97deb564125-PRG
expires
0
main.js
harpsubstitute.com/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://harpsubstitute.com/js/main.js
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81b970efb0c597b9e5d7def67dd00f07a17a319d965e2898974330c3df170fea

Request headers

:path
/js/main.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:46 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:18:44 GMT
server
cloudflare
etag
W/"9af-5bf4f547cf398-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GrU1HH5rv%2F8M%2FaDptam12dkDd5UhMdXDJMpYQbDNzlc%2BPoMytR%2FrpTRYEYidhlYnNF4WpUUbBAgFDncFuvAcT3wjlCoivvC1UhFSJixPJ2QemJzjHkB%2BQJFhCZXkY3Q%2FMLkr%2FcM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
6961f97deb574125-PRG
expires
0
mousewheel.js
harpsubstitute.com/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://harpsubstitute.com/js/mousewheel.js
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9a022804abc1a1f59c15181c083016892735cf323fd6f80385abb6bf335c3cf

Request headers

:path
/js/mousewheel.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:46 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:18:44 GMT
server
cloudflare
etag
W/"571-5bf4f5485fc2d-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=214X5qsLF9FfE%2BAOdvo2ef8ciQgrMEr7JzQnqRsDQYjvp1YeL7XiJ0%2Fo%2FjkDIqZB%2FBN0AD51N3xL2Fd4XMrAlycH9jla3I1cAtVi60p7HAj7%2FzdGRVKSYRB9NvYQdz2iZjlIRA4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
6961f97deb584125-PRG
expires
0
easing.js
harpsubstitute.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://harpsubstitute.com/js/easing.js
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f958ea302a444495a64a523f633b078327c56f360cc3ba54326952708978002f

Request headers

:path
/js/easing.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:46 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:18:41 GMT
server
cloudflare
etag
W/"21fa-5bf4f54545c98-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WiNTIAKu8nwp0pztqzQ0Pp9f0Sf5%2BWShVAXQ1aIBS%2F4ktNknMzf7NGWgVYNdqAWU%2FalKqK5Fh3R8uopjk4EoJ%2BB0od57ihCeE5kPrdPTZIwFetDIBbjpTFmdlLwsReFBUbGURdI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
6961f97deb594125-PRG
expires
0
scripts.js
harpsubstitute.com/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://harpsubstitute.com/js/scripts.js
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd745ef776c8d3a107316d4a9c9e400a14d84333350ad376affec70b7d1c8783

Request headers

:path
/js/scripts.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:46 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:18:45 GMT
server
cloudflare
etag
W/"14c3-5bf4f5493890e-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fi%2F86XcD2hzbYJvKJA3n88iXDeL%2BNGwsaLb6f1paAusjnZjV0sBpaSchg6u9PgVM7YMyZDU3rEnd18x9saTMX5zvbeIdEBpYIPme4y8565d9WsjK5ahj%2B8pmiXelpEv%2FFt%2FNtc4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
6961f97deb5a4125-PRG
expires
0
config.js
harpsubstitute.com/ 		53 B
667 B 		Script
General
Check archive.org
Download Go to
Full URL
https://harpsubstitute.com/config.js
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c3df32678f6314598c045f335d183bc774c3aafd3f996c525a2c50fdcb0432

Request headers

:path
/config.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:46 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
no-cache
last-modified
Wed, 08 Sep 2021 19:21:15 GMT
server
cloudflare
etag
W/"35-5cb80c935be99"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K701jTEOKt0HjS4WD5zpggbIg0Gmr3GaPm2Y%2BIv3FxoihGjgLsxOJ0euX84VhIodfGjSqGpYqJWqXmcIZ7RoS%2Fr4wcUonPmZBXhxVDHs%2FRjUsbgziUEI6iEbwBdn76XG8Ujb5XY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
6961f97deb5c4125-PRG
expires
0
app.js
harpsubstitute.com/js/ 		73 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://harpsubstitute.com/js/app.js
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68866699268a1bc9c878ee2403f34a336103e70be1819b81a87b15fce47491ae

Request headers

:path
/js/app.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:46 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
no-cache
last-modified
Wed, 08 Sep 2021 19:21:15 GMT
server
cloudflare
etag
W/"124c3-5cb80c92e8ac8-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UJD40AeBqVBGU10D68kXTF%2FWOiCZaJrq4ZMdOULn%2BIVNladI60HJjpflYD3qaomaaHD7UYNrcH5%2FeESv19%2FpUVjuEg9pbrYppYvUhWSRlpONs%2Fiq8Pl0ihRRxEvjwPrWKHj%2FPJE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
6961f97deb5d4125-PRG
expires
0
postscribe.min.js
harpsubstitute.com/js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://harpsubstitute.com/js/postscribe.min.js
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a

Request headers

:path
/js/postscribe.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:46 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:18:45 GMT
server
cloudflare
etag
W/"45f4-5bf4f548a70d8-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GngC5Q5hLXEKmqUHyyb0j1N5CtLfd%2Fb8F3QMGggQmSPxl6nTS5fVHg1%2BkvC5vTNXbrsQwBxcb%2FqnehoPY0x2M5W4F%2F7XUWKnnnCLBYhGU67fJGXOmYJ5mcuhnre8gIRqvnnwLRQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
6961f97deb5e4125-PRG
expires
0
serve.js
finance.mediaalpha.com/js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://finance.mediaalpha.com/js/serve.js
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.53.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-53-47.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e40f2cf09acd9102b0395a54666be4b1e9cd345c217df3dc3acbb2f2af23edb9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 03:02:47 GMT
Content-Encoding
gzip
Server
Apache
Connection
keep-alive
Content-Length
2357
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
clicksnet.js
cdn.fcmrktplace.com/scripts/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fcmrktplace.com/scripts/clicksnet.js
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.38.97.1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-38-97-1.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
7656b5a72cee89a429742d2575df383f9d0a5a36464ab05ee13fb1dafeb73bdf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:47 GMT
content-encoding
gzip
etag
"80348a6b4b2d41:0"
last-modified
Wed, 23 Jan 2019 00:43:25 GMT
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
vary
Accept-Encoding
p3p
Policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
*
accept-ranges
bytes
content-type
application/javascript
content-length
2860
clicksnet_mortgage.js
cdn.fcmrktplace.com/scripts/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fcmrktplace.com/scripts/clicksnet_mortgage.js
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.38.97.1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-38-97-1.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
479bbacc482a04fafa069e27d88922ed314c9f7df86ebf8b117de571c4869512

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:47 GMT
content-encoding
gzip
etag
"80348a6b4b2d41:0"
last-modified
Wed, 23 Jan 2019 00:43:25 GMT
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
vary
Accept-Encoding
p3p
Policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
*
accept-ranges
bytes
content-type
application/javascript
content-length
1559
EHawkTalon.js
harpsubstitute.com/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://harpsubstitute.com/EHawkTalon.js
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54234f4ebe24f0a0058c5a4301ba3356fa0e138d3adfa12cac7b144667da104d

Request headers

:path
/EHawkTalon.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:46 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:16:57 GMT
server
cloudflare
etag
W/"adb1-5bf4f4e1afb40-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=05jtAlHTBmWrM1LThgiTxzaz6zAbw5r4lwBWL5gm753AqVap5k1EjfZe8nKeoWm8AGxtzmKs5ZfUSMvji%2BPX1ukiHDemD%2B1FVVY50BR0NZxv74tHD1uBTWi8P3EKmGAYbmQJKPI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
6961f97deb5f4125-PRG
expires
0
css
fonts.googleapis.com/ 		10 KB
818 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
ESF /
Resource Hash
8c0e5c2f898c9c6ae0c1aff2eca3068d28c9545f8b8c4458d912b27f93d7280a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 29 Sep 2021 01:13:40 GMT
server
ESF
date
Wed, 29 Sep 2021 03:02:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Sep 2021 03:02:46 GMT
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:100,300,400,500,700
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
ESF /
Resource Hash
f75b37f91918bb7ed4b9dfd87bf01fb968e18829477651c429b1cf4999c0ed62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 29 Sep 2021 03:02:46 GMT
server
ESF
date
Wed, 29 Sep 2021 03:02:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Sep 2021 03:02:46 GMT
gtm.js
www.googletagmanager.com/ 		106 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KFG2H9Z
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
f2202edb77a3b9062499cf7fc6f7b1eb4f4a65b5c22184d481cb4f05c9b681fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:46 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40655
x-xss-protection
0
expires
Wed, 29 Sep 2021 03:02:46 GMT
arrow.png
harpsubstitute.com/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/arrow.png
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0504aaebc704c9e2f127b37b96aa475865d6dc9e8a7b3ebb84dabdaa87305ce

Request headers

:path
/images/arrow.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/css/style.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:46 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1170
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:18:19 GMT
server
cloudflare
etag
"492-5bf4f5307c4e6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3AYSErsDA88QEFsKsRU4LuFO%2FMzU658t9C9l%2FJV%2BUNzHx5a4lASUXLFpckfGP93YZW28Kf%2BJrVtJbjgJhHbvo761wAXSTcHln1degJSAMMKAS3lniB2RLNvkOwvPpQ8szTifh9M%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
6961f97deb6c4125-PRG
expires
0
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://harpsubstitute.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 17:03:52 GMT
x-content-type-options
nosniff
age
467934
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44760
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:50:17 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 23 Sep 2022 17:03:52 GMT
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v22/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:100,300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://harpsubstitute.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 20:10:53 GMT
x-content-type-options
nosniff
age
111113
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47312
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 19:40:30 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 Sep 2022 20:10:53 GMT
55bc924f-7a64-632a-27e9-c00a43b0343d.js
create.lidstatic.com/campaign/ 		123 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://create.lidstatic.com/campaign/55bc924f-7a64-632a-27e9-c00a43b0343d.js?snippet_version=2
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.39.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1c9ec5085e8d8fddfe1ccadf65bb79bfb91720dabce0d3a528a26295007a551

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:46 GMT
content-encoding
gzip
cf-cache-status
HIT
age
364
x-amz-replication-status
COMPLETED
x-amz-request-id
JZW68ZCWX4A15XRC
x-amz-id-2
k881JY+6Fdm1pnzBdV8B2BLjUxqs1lHBNIIA6un/E11m2LGWz6EiPho4/AnsVBJFw/SGCX9gLXk=
last-modified
Tue, 25 May 2021 13:50:37 GMT
server
cloudflare
etag
W/"c306863fc506e8d0c2e410020199d5dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=1800
x-amz-version-id
vO4KUSN0tZJrwhMkHNuNGNPkubvigmvk
cf-ray
6961f97e5eca4ecd-FRA
GenerateToken
create.leadid.com/2.11.7/ 		36 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.7/GenerateToken?msn=1&pid=4a476def-1d0c-43ba-bd7c-bf4a0f846df8&_=356970468
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/55bc924f-7a64-632a-27e9-c00a43b0343d.js?snippet_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.20.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-20-15.compute-1.amazonaws.com
Software
nginx/1.17.6 / PHP/7.1.33
Resource Hash
100590955cc7ec8ece5c04d7343c069368171a40bf5c7c5f639ded0f0f679cd7

Request headers

Referer
https://harpsubstitute.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 29 Sep 2021 03:02:47 GMT
content-encoding
gzip
server
nginx/1.17.6
x-powered-by
PHP/7.1.33
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
index.html
cdn.useproof.com/proxy/ Frame 76C5 		325 B
800 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.useproof.com/proxy/index.html
Requested by
Host: cdn.useproof.com
URL: https://cdn.useproof.com/proof.js?acc=TWoRTkvsVLQNe3zCfcg3pETq91r1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.223.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0adeedede6d3bdf7e7258108ead2ed80af83b9fec8ba560d29fce2f3a957a261

Request headers

:method
GET
:authority
cdn.useproof.com
:scheme
https
:path
/proxy/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://harpsubstitute.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/

Response headers

date
Wed, 29 Sep 2021 03:02:47 GMT
content-type
text/html
content-length
325
x-amz-id-2
4iFTxMMFvKvtF5wafmCOxv1oIUf5epTNp/p/OvxkP7sQwsF0VKei6r2tbw+Zwu+BA96K+Nu08LI=
x-amz-request-id
0DDDYN5KX33DR58H
last-modified
Mon, 29 Jun 2020 14:15:25 GMT
etag
"f92252b1f21fd30ac52b59395971ecdb"
cache-control
max-age=315360000, no-transform, public
x-amz-version-id
6OysE9MvUGgGn.qn_BXpeYijOLHR8713
accept-ranges
bytes
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b32GVLctmJwBnwJMCam9s1f%2FsgTyqUAuTypWKRAbBydAhJxPxxlGH2T9L5wKl5KxIcczs10ApuBwxwWcXGXr7NX9O8P9NFbMSLmrDCfPzHab128pNYBRFcCAovUAqdyDe11w"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6961f97f399f2798-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
bootstrap.js
cdn.trustedform.com/
Redirect Chain
  • https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16328845669450.8190913435572382
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16328845669450.8190913435572382
14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16328845669450.8190913435572382
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-52.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9f74593149adc21c135cc88bba9dfb21d71504ae0f2f558e0f2fe227ff98b380

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:48 GMT
content-encoding
gzip
last-modified
Wed, 01 Sep 2021 19:54:35 GMT
server
AmazonS3
x-edge-origin-shield-skipped
0
etag
W/"676b14012df40978e4f1e696cb3be8f4"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 3d34e163f3f1a0c4a397ad818b79a810.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
x-amz-version-id
TWI9lv7C1jqnWDzOe6KyGpneY2VFzHrx
x-amz-cf-id
6d55zhHwgLGVMz9WHn9B6lseYDF2OzbOuGnyQTvfi5wPr57kxO7nPA==

Redirect headers

location
https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16328845669450.8190913435572382
date
Wed, 29 Sep 2021 03:02:47 GMT
server
awselb/2.0
content-length
134
content-type
text/html
iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame E17F 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=90F97643-62DB-E298-0147-9CE8D846F5E8&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.7&lck=55BC924F-7A64-632A-27E9-C00A43B0343D&lac=29705C9D-232A-8A19-97CA-C832491B96A7
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/55bc924f-7a64-632a-27e9-c00a43b0343d.js?snippet_version=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-20.fra60.r.cloudfront.net
Software
nginx/1.17.6 /
Resource Hash
4e2d95df10e65f48daac2dcbad2cc0ef091610b5d5f77e4be8ad56a2e5aed241

Request headers

Host
d2m2wsoho8qq12.cloudfront.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://harpsubstitute.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/

Response headers

Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Date
Tue, 28 Sep 2021 14:10:16 GMT
Server
nginx/1.17.6
Last-Modified
Tue, 28 Sep 2021 11:32:53 GMT
ETag
W/"6152fd65-da5"
P3P
CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
Content-Encoding
gzip
X-Cache
Hit from cloudfront
Via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P1
X-Amz-Cf-Id
_ntUmMYPcFcgX5EfqjIUZQ7iZaQoWpK4isqpni3x_EHyl0wKRueOdg==
Age
46351
SaveDom
create.leadid.com/2.11.7/ 		0
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.7/SaveDom?msn=2&pid=4a476def-1d0c-43ba-bd7c-bf4a0f846df8&token=90F97643-62DB-E298-0147-9CE8D846F5E8&_=356970469
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/55bc924f-7a64-632a-27e9-c00a43b0343d.js?snippet_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.20.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-20-15.compute-1.amazonaws.com
Software
nginx/1.17.6 / PHP/7.1.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://harpsubstitute.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 29 Sep 2021 03:02:47 GMT
content-encoding
gzip
server
nginx/1.17.6
x-powered-by
PHP/7.1.33
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
InitFormData
create.leadid.com/2.11.7/ 		0
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.7/InitFormData?msn=3&pid=4a476def-1d0c-43ba-bd7c-bf4a0f846df8&token=90F97643-62DB-E298-0147-9CE8D846F5E8&_=356970470
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/55bc924f-7a64-632a-27e9-c00a43b0343d.js?snippet_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.20.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-20-15.compute-1.amazonaws.com
Software
nginx/1.17.6 / PHP/7.1.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://harpsubstitute.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 29 Sep 2021 03:02:47 GMT
content-encoding
gzip
server
nginx/1.17.6
x-powered-by
PHP/7.1.33
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
/
reallygreatrate.com/api/hdi/ 		16 B
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://reallygreatrate.com/api/hdi/?upload_type=HS&publisher_id=1190&lead_type=Refinance
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/js/angular.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
165.227.241.154 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
510c3b9ba6dafaba1460203b83d14970c5229bb3ac92daedf0a2f0668a52c30c

Request headers

Accept
application/json, text/plain, */*
Referer
https://harpsubstitute.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 03:02:47 GMT
server
nginx/1.10.3 (Ubuntu)
transfer-encoding
chunked
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 19 Nov 1981 08:52:00 GMT
/
reallygreatrate.com/api/user/ip_address/ 		32 B
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://reallygreatrate.com/api/user/ip_address/
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/js/angular.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
165.227.241.154 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
52e4c7adc85effe14df8672ee8517b8b5a8b8ac0834006b9deb793af41644228

Request headers

Accept
application/json, text/plain, */*
Referer
https://harpsubstitute.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 29 Sep 2021 03:02:47 GMT
cache-control
private
server
nginx/1.10.3 (Ubuntu)
transfer-encoding
chunked
content-type
application/json
index.php
reallygreatrate.com/api/prepop/ 		69 B
564 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://reallygreatrate.com/api/prepop/index.php?token=undefined&lead_type=refinance&action=d
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/js/angular.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
165.227.241.154 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
12d5f5436c92db2953a77e0c1d3d10ddf7ca6365129dbda3300e705d7d8bcb0d

Request headers

Accept
application/json, text/plain, */*
Referer
https://harpsubstitute.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 03:02:47 GMT
content-encoding
gzip
server
nginx/1.10.3 (Ubuntu)
transfer-encoding
chunked
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 19 Nov 1981 08:52:00 GMT
single-family.png
harpsubstitute.com/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/single-family.png
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.12.0.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee855c03ff68d56d694f797b269f1741916f49dc1669b462bbeb9300f5525fd5

Request headers

:path
/images/single-family.png
pragma
no-cache
cookie
leadid_token-29705C9D-232A-8A19-97CA-C832491B96A7-55BC924F-7A64-632A-27E9-C00A43B0343D=90F97643-62DB-E298-0147-9CE8D846F5E8
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:47 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9347
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:18:37 GMT
server
cloudflare
etag
"2483-5bf4f541a122e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bZQSL447fPcaF12H6anrEsihLcVvoUKfw2Uo%2BW6P2%2B%2B5wmTlbzh2XT%2B407t93xOElSwOjD5sr2ulxyPVBNPkId3gfNnaH9IeTdw8C7jnIuBTJsotjVI04XnEw4DYsmhhzMvp1aQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
6961f9827c964125-PRG
expires
0
multi-family.png
harpsubstitute.com/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/multi-family.png
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.12.0.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd6c567369b1170df3dce198008dffd26680609dac9d8a3532c79335696d058e

Request headers

:path
/images/multi-family.png
pragma
no-cache
cookie
leadid_token-29705C9D-232A-8A19-97CA-C832491B96A7-55BC924F-7A64-632A-27E9-C00A43B0343D=90F97643-62DB-E298-0147-9CE8D846F5E8
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:47 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8109
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:18:33 GMT
server
cloudflare
etag
"1fad-5bf4f53d8b334"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cbuiM0Gdo3DGXhf%2B2tkGkvH9XM3GHn2DzAiHXpNLeKuacfbX%2FnV%2B3mWE7XteWbqD%2BnDGDKkYXxtYTO3BYVpsDIql7WzLowM3eh%2BpWDlhrWCmWEhdSt6PvtCCNQc%2BXchR7xGQWkM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
6961f9827c974125-PRG
expires
0
condo.png
harpsubstitute.com/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/condo.png
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.12.0.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99209fd93a657cd31de8a66da57ed9eba7cdee3802d219a72f3ab040652060ec

Request headers

:path
/images/condo.png
pragma
no-cache
cookie
leadid_token-29705C9D-232A-8A19-97CA-C832491B96A7-55BC924F-7A64-632A-27E9-C00A43B0343D=90F97643-62DB-E298-0147-9CE8D846F5E8
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:47 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10408
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:18:23 GMT
server
cloudflare
etag
"28a8-5bf4f53423e30"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TNmfsa1kYXJUZ748uteyo4MpDOCyjfA4TAyZY%2F2zoG%2FwaFD4m9lQWroKGn7GvFRvP6%2BHsPcQI9%2FTmT7x8f8pKUBwdy%2B%2Bml8WaLULgcL%2F3HFu71JWFMSI51LnUrqsJhrA5aAuvyg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
6961f9827c984125-PRG
expires
0
mobile-home.png
harpsubstitute.com/images/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/mobile-home.png
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.12.0.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f33bd58eaa8862892bfaaf1d07b4010ec83175e0b2b85b4b96b75c08cfa4a662

Request headers

:path
/images/mobile-home.png
pragma
no-cache
cookie
leadid_token-29705C9D-232A-8A19-97CA-C832491B96A7-55BC924F-7A64-632A-27E9-C00A43B0343D=90F97643-62DB-E298-0147-9CE8D846F5E8
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:47 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
21294
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:18:32 GMT
server
cloudflare
etag
"532e-5bf4f53cb4594"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=acU5wamhVgWzMP3ndg0HuSznUsGVTv8LssQ43IdLhm9qPIJPiENzqfzyzgh4aLoovVKcHn5YD0EiiTTVr28lwYcbPyGFIa73aY6XnObZWia1l35x850ouOlOaeI%2BoorRWqFZhWE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
6961f9827c994125-PRG
expires
0
credit1_sls.png
harpsubstitute.com/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/credit1_sls.png
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.12.0.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2b8dd7ad58cd78f041a5f1b9cefc383ae93c31c2f6109c4796c9309e84edbba

Request headers

:path
/images/credit1_sls.png
pragma
no-cache
cookie
leadid_token-29705C9D-232A-8A19-97CA-C832491B96A7-55BC924F-7A64-632A-27E9-C00A43B0343D=90F97643-62DB-E298-0147-9CE8D846F5E8
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:47 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1962
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:18:26 GMT
server
cloudflare
etag
"7aa-5bf4f53662205"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=abis8geeWJzkgVrSlroFSRWdb7fCUYqH0oHN1p1qtj3hhnZoMZIdGbHcIRzfHfYOS3%2F7X9LJoocgvR%2F7emVtf2%2F%2Fs1WJr2M8R4BzFGTl5FnPiyjn%2F7p2TusX7PDymdOdJOOxOxM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
6961f9827c9a4125-PRG
expires
0
credit2_sls.png
harpsubstitute.com/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/credit2_sls.png
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.12.0.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
005a62b1fb7c1cbfa9029e92f4d9fb116ac1c0227a1f897385eb5c5edb6616d8

Request headers

:path
/images/credit2_sls.png
pragma
no-cache
cookie
leadid_token-29705C9D-232A-8A19-97CA-C832491B96A7-55BC924F-7A64-632A-27E9-C00A43B0343D=90F97643-62DB-E298-0147-9CE8D846F5E8
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:47 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2197
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:18:26 GMT
server
cloudflare
etag
"895-5bf4f536f1afa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2B7PMXkf5WIkwPbNNZw46wxy%2FjR7%2BZLp3SzQK9FlYvl3wfpgvPz%2F1T20rlbUJGpjJIlrLVsGvHEhsXMYTjiAYJq9pQH%2FFsNN8EapEFqwXsRD%2FtFVuPwXXOxFnkarJeKldDPIh3Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
6961f9827c9b4125-PRG
expires
0
credit3_sls.png
harpsubstitute.com/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/credit3_sls.png
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.12.0.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96826e8521715e333d75aa855eeaffb6f72c08c3bd757b6f6f70d8adad936d53

Request headers

:path
/images/credit3_sls.png
pragma
no-cache
cookie
leadid_token-29705C9D-232A-8A19-97CA-C832491B96A7-55BC924F-7A64-632A-27E9-C00A43B0343D=90F97643-62DB-E298-0147-9CE8D846F5E8
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:47 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2280
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:18:27 GMT
server
cloudflare
etag
"8e8-5bf4f53783330"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fes%2BFdVEGHK4CrLwgLQ%2B0tOuffthzqRAq1etTxBAgdNc0FoZaZ4Xww%2FFehRdFJ2jPpBRZbVK%2BO1qGSy1j%2BOXV%2FEvGlqzLrHesg8lFmIFa9O2MVxz6pzkj7kh31itqyxgSF4%2BDzI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
6961f9827c9c4125-PRG
expires
0
credit4_sls.png
harpsubstitute.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/credit4_sls.png
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.12.0.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c881b0c2f14538c1171bf1ebe6e63440f6aa4d9100ad45ec857a201fbcab7c3

Request headers

:path
/images/credit4_sls.png
pragma
no-cache
cookie
leadid_token-29705C9D-232A-8A19-97CA-C832491B96A7-55BC924F-7A64-632A-27E9-C00A43B0343D=90F97643-62DB-E298-0147-9CE8D846F5E8
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:47 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1922
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:18:27 GMT
server
cloudflare
etag
"782-5bf4f53811c85"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l88WCoZ7Ra%2B7fDTTndHkzD4rX%2FHD2IEl1sKpK2%2FGEBqDk7OjnLb%2BZlN78%2BDMvas9FfWBpuK5QuyGjOty5uv7TZj0yHf8dlu2mcM8rWjtxeObMnX2YwJvhA%2BAVS5hqL6EXS440nY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
6961f9827c9d4125-PRG
expires
0
me
geoip-js.com/geoip/v2.1/city/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip-js.com/geoip/v2.1/city/me?referrer=https%3A%2F%2Fharpsubstitute.com
Requested by
Host: js.maxmind.com
URL: https://js.maxmind.com/js/apis/geoip2/v2.1/geoip2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.239 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f55940c0634522ce92139a11a2fca5d5bd810c8f23ee327ddb2ef5179144e2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/vnd.maxmind.com-city+json; charset=UTF-8; version=2.1
access-control-allow-origin
*
cf-ray
6961f982c8356939-FRA
content-length
1418
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFG2H9Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
950
date
Wed, 29 Sep 2021 02:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Wed, 29 Sep 2021 04:46:57 GMT
iframe.html
deviceid.trueleadid.com/ Frame 3AAC 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://deviceid.trueleadid.com/iframe.html?token=90F97643-62DB-E298-0147-9CE8D846F5E8&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.7&lck=55BC924F-7A64-632A-27E9-C00A43B0343D&lac=29705C9D-232A-8A19-97CA-C832491B96A7
Requested by
Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=90F97643-62DB-E298-0147-9CE8D846F5E8&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.7&lck=55BC924F-7A64-632A-27E9-C00A43B0343D&lac=29705C9D-232A-8A19-97CA-C832491B96A7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.156.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-156-149.compute-1.amazonaws.com
Software
nginx /
Resource Hash
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

:method
GET
:authority
deviceid.trueleadid.com
:scheme
https
:path
/iframe.html?token=90F97643-62DB-E298-0147-9CE8D846F5E8&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.7&lck=55BC924F-7A64-632A-27E9-C00A43B0343D&lac=29705C9D-232A-8A19-97CA-C832491B96A7
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://d2m2wsoho8qq12.cloudfront.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://d2m2wsoho8qq12.cloudfront.net/

Response headers

date
Wed, 29 Sep 2021 03:02:47 GMT
content-type
text/html
server
nginx
last-modified
Thu, 16 Sep 2021 02:33:38 GMT
etag
W/"6142ad02-1049"
expires
Thu, 30 Sep 2021 03:02:47 GMT
cache-control
max-age=86400 public
p3p
CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
content-encoding
gzip
firebase.js
www.gstatic.com/firebasejs/4.5.0/ Frame 76C5 		389 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/4.5.0/firebase.js
Requested by
Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
6a45658988e9ccf8d151c181ca1ce06731abd20a469ea9b6210b31cfcaffa91e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.useproof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:05:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
82661
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116073
x-xss-protection
0
last-modified
Tue, 03 Oct 2017 14:56:39 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Sep 2022 04:05:06 GMT
proxy.js
cdn.useproof.com/proxy/ Frame 76C5 		112 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.useproof.com/proxy/proxy.js
Requested by
Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.223.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4d712c5a2901b92d4baa6e18554c3db8e5ce1d8f4d3189054e39489b37c982c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.useproof.com/proxy/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:47 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13728497
cf-ray
6961f982ba9d2798-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
114404
x-amz-id-2
WZB0TENQvpGrkRvkcs1a2wYfAphBqvk5t92rWyvscZ9PDQdp/tVCN8/szAiAmtUlZHxuUWNKp5o=
last-modified
Mon, 29 Jun 2020 14:15:25 GMT
server
cloudflare
etag
"9f4d60f4f2b143cadacb2b8b3a901401"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0exQ33ym0RoQtTnZLq2ef9kIpAut4CCrrTuVTPVM2GznsUqfRj5uxqZbKztDFw1b0XOCY3kCNqYXSerKFrXF2t%2Bck8sf6GIVeOObPQdU16nG2SDOxJhl8PfSQlRoZoinsurP"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
8KVM40SHRNED1N9Q
cache-control
public, max-age=315360000, no-transform
x-amz-version-id
FhtEkyvjyNE68BTwRHm.pMLrP83vtI4K
accept-ranges
bytes
content-type
application/javascript
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=508455247&t=event&ni=1&_s=1&dl=https%3A%2F%2Fharpsubstitute.com%2F%3Fpublisher_id%3D1190%26subid%3D&ul=en-us&de=UTF-8&dt=Harp%20Substitute&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=HS%20Landing&ea=HS%20Landing&el=HS%20Landing&_u=YEBAAEABAAAAAC~&jid=754419457&gjid=1980548488&cid=187538781.1632884568&tid=UA-104373288-9&_gid=839598256.1632884568&_r=1&gtm=2wg9r0KFG2H9Z&z=372973066
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://harpsubstitute.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 03:02:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://harpsubstitute.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
TWoRTkvsVLQNe3zCfcg3pETq91r1
api.useproof.com/pixel/ Frame 76C5 		881 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.useproof.com/pixel/TWoRTkvsVLQNe3zCfcg3pETq91r1?url=https:%2F%2Fharpsubstitute.com%2F%3Fpublisher_id%3D1190%26subid%3D
Requested by
Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.4.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe33bcbc643486416822bd1c0a33d0dd8b10484b88c8c7c2c57c6743a36d0aef

Request headers

Accept
application/json, text/plain, */*
Referer
https://cdn.useproof.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:47 GMT
via
1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
881
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amzn-remapped-date
Wed, 29 Sep 2021 03:02:47 GMT
x-amz-cf-pop
FRA6-C1
x-amzn-requestid
58222836-fd80-402f-873a-69c622e1190e
surrogate-control
no-store
x-cache
Miss from cloudfront
cf-cache-status
DYNAMIC
content-encoding
br
x-amz-apigw-id
GZ6VuGoDIAMF8Iw=
pragma
no-cache
server
cloudflare
etag
W/"371-Kx5Qp4Tm6wTftZiUAWx5qET6/Io"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FzaxpLvLheR6RkZWO%2F8K1P1ecEfLUy2qCNo1rsWLL5foK%2FFgPiamzsNt3ivdxBqjYVdH6jAiWBACFqKOn%2F4WuaXpTc14k1aXy8vU4o377PiSxVeW2hGnbuYZLKpbbS4CuPKl"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray
6961f983be0d2b59-FRA
x-amz-cf-id
byLwHiTMSavezLCOKjZl5f-MkG1vOgD_pmO1vH_fopmO0cOnHcqGQg==
x-amzn-remapped-connection
keep-alive
expires
0
helveticaltstd-boldcond.woff
harpsubstitute.com/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://harpsubstitute.com/fonts/helveticaltstd-boldcond.woff
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/css/style.confirm.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86b9810f5af65c62a1d7c0ae9b8fcfbf88fec66b80b6ba723eb6b37eb4c3fef8

Request headers

sec-fetch-mode
cors
origin
https://harpsubstitute.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
leadid_token-29705C9D-232A-8A19-97CA-C832491B96A7-55BC924F-7A64-632A-27E9-C00A43B0343D=90F97643-62DB-E298-0147-9CE8D846F5E8; _ga=GA1.2.187538781.1632884568; _gid=GA1.2.839598256.1632884568; _gat_UA-104373288-9=1
:path
/fonts/helveticaltstd-boldcond.woff
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/css/style.confirm.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://harpsubstitute.com/css/style.confirm.css
Origin
https://harpsubstitute.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:47 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:17:25 GMT
server
cloudflare
etag
W/"4610-5bf4f4fc2850a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WLT7rEGHDJ6HLV%2FRkRXpZueSH1j0mfzj4pQmjd5XWgVUOZciwehhNZIVnJbXMXfSvleyEH0moYswt8vqRdWx3UdH%2F22%2BZtdf9%2BafB6R4OGNfPzLj7Nb1E5UZJxHlP%2FEQ7GHpkpY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
no-cache, no-store, must-revalidate
cf-ray
6961f9848d404125-PRG
expires
0
track
analytics.proofapi.com/ Frame 76C5 		66 B
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.proofapi.com/track?e=%257B%2522pixelId%2522%253A%2522TWoRTkvsVLQNe3zCfcg3pETq91r1%2522%252C%2522pixelVersion%2522%253A%25223.1.13%2522%252C%2522visitorId%2522%253A%252279d92d0f-b418-48a0-9669-49cf9f7020b6%2522%252C%2522captureIds%2522%253A%255B%2522-LcWwTO6U_79pIDK1S7q%2522%255D%252C%2522integrationType%2522%253A%2522auto-lead-capture%2522%252C%2522notificationId%2522%253A%2522-LcWwTO6U_79pIDK1S7q%2522%252C%2522campaignVariant%2522%253A%2522-LrjfxvzUGAMnz5uQUdr%2522%252C%2522campaignVersion%2522%253A7%252C%2522localeSetting%2522%253A%2522en%2522%252C%2522os%2522%253A%2522Windows%2522%252C%2522browser%2522%253A%2522Chrome%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fharpsubstitute.com%252F%253Fpublisher_id%253D1190%2526subid%253D%2522%252C%2522cleanUrl%2522%253A%2522harpsubstitute.com%252F%2522%252C%2522domain%2522%253A%2522harpsubstitute.com%2522%252C%2522activityNotifications%2522%253Atrue%252C%2522hotStreaks%2522%253Atrue%252C%2522pageviews%2522%253A1%252C%2522initialLandingPage%2522%253A%2522https%253A%252F%252Fharpsubstitute.com%252F%253Fpublisher_id%253D1190%2526subid%253D%2522%252C%2522actionBlurb%2522%253A%2522Inquired%2520about%2520current%2520mortgage%2520rates!%2522%252C%2522showFor%2522%253A5%252C%2522spacing%2522%253A10%252C%2522delay%2522%253A3%252C%2522activityLimit%2522%253A5%252C%2522activityMinimum%2522%253A3%252C%2522hideAnon%2522%253Atrue%252C%2522hideOwnConversion%2522%253Atrue%252C%2522restartActivityList%2522%253Atrue%257D
Requested by
Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.35.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a975f7e324140fd47a3f6348a1149e909a390318d0177609b0a5ae255f1469e6

Request headers

Accept
application/json, text/plain, */*
Referer
https://cdn.useproof.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:48 GMT
via
1.1 vegur
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
access-control-allow-methods
GET, POST, OPTIONS
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
etag
W/"42-yi7F/D9fC7GZX0Vs159BDtYTOnc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2BWUrTV%2BNiX0%2F7pXRHI8e1tLyfe2dd5o%2F3G0BnRHdCiszNeIBX6%2FB0cjQdEEIXNC4uSaKMDaa9lY1pUVpX6tKUw5eQ%2BTAxvuJgMO0kkaMsHTHhlygPqGMmfFiSJiBg9mDJoCWKs6m%2BNS"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cdn.useproof.com
access-control-allow-credentials
true
cf-ray
6961f985b8394113-PRG
access-control-allow-headers
X-Requested-With,content-type
SaveDeviceId.js
create.leadid.com/2.11.7/ Frame 3AAC 		0
302 B 		Script
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.7/SaveDeviceId.js?lac=29705C9D-232A-8A19-97CA-C832491B96A7&lck=55BC924F-7A64-632A-27E9-C00A43B0343D&methods=48&token=90F97643-62DB-E298-0147-9CE8D846F5E8&uuid=8b19438ff0b74a3187090d8068a93c0b
Requested by
Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=90F97643-62DB-E298-0147-9CE8D846F5E8&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.7&lck=55BC924F-7A64-632A-27E9-C00A43B0343D&lac=29705C9D-232A-8A19-97CA-C832491B96A7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.20.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-20-15.compute-1.amazonaws.com
Software
nginx/1.17.6 / PHP/7.1.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://deviceid.trueleadid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:48 GMT
content-encoding
gzip
server
nginx/1.17.6
x-powered-by
PHP/7.1.33
access-control-max-age
1728000
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
InitFormData
create.leadid.com/2.11.7/ 		0
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.7/InitFormData?msn=4&pid=4a476def-1d0c-43ba-bd7c-bf4a0f846df8&token=90F97643-62DB-E298-0147-9CE8D846F5E8&_=356970471
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/55bc924f-7a64-632a-27e9-c00a43b0343d.js?snippet_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.20.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-20-15.compute-1.amazonaws.com
Software
nginx/1.17.6 / PHP/7.1.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://harpsubstitute.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 29 Sep 2021 03:02:48 GMT
content-encoding
gzip
server
nginx/1.17.6
x-powered-by
PHP/7.1.33
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
certs
api.trustedform.com/ 		475 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16328845669450.8190913435572382
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.112.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-112-176.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
f1851c5bea8d6bdde1e9cb4f5976a54d98ccea19fe7227c9f58726ad775ee841

Request headers

Referer
https://harpsubstitute.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 29 Sep 2021 03:02:48 GMT
server
Cowboy
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
475
TWoRTkvsVLQNe3zCfcg3pETq91r1
api.useproof.com/reporting/captures/ Frame 76C5 		1 KB
958 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.useproof.com/reporting/captures/TWoRTkvsVLQNe3zCfcg3pETq91r1?pixelId=TWoRTkvsVLQNe3zCfcg3pETq91r1&integrationId=-LcWwTO6U_79pIDK1S7q&limit=5&hideAnon=true
Requested by
Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.4.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c77171508d473ff7ddf3acd5e1b62e4184eeafcb03882a32f39d434f9ccb57c

Request headers

Accept
application/json, text/plain, */*
Referer
https://cdn.useproof.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:48 GMT
via
1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
1514
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amzn-remapped-date
Wed, 29 Sep 2021 03:02:48 GMT
x-amz-cf-pop
FRA6-C1
x-amzn-requestid
0594f032-c876-4afe-8cb8-d14f48d26f2f
surrogate-control
no-store
x-cache
Miss from cloudfront
cf-cache-status
DYNAMIC
content-encoding
br
x-amz-apigw-id
GZ6V0GJIIAMF_tg=
pragma
no-cache
server
cloudflare
etag
W/"5ea-Ic8Rmm2NK+d7ZVDegvqVoHFpxSk"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W46u7jBxe%2Fgcnm7XbaPQftrqc3klgC8Zs%2FzVEosS3wGTTdU0a91lQZxCY4AVfRaI1GAxTttxgS%2B1Qttrt1SHzjaJGlNM8ygRyudlBR7F3AYmuOyY1zhDNPP3XO5J0ivGSBwt"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray
6961f98778ae2b59-FRA
x-amz-cf-id
gk-SkmIjHwgrEbgQe80uEpldwIPcO0FAa6VE-GJYFWFq97uLZr2gHQ==
x-amzn-remapped-connection
keep-alive
expires
0
trustedform-1.5.8.js
cdn.trustedform.com/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustedform.com/trustedform-1.5.8.js
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16328845669450.8190913435572382
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-52.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2325fcd937bca9732281e9f4f8960d8fb5aed726265ceb609a77f50cd7039148

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
srRHaEKZoYw77hmUBlWTeIw_odvirpEk
content-encoding
gzip
last-modified
Wed, 01 Sep 2021 19:52:13 GMT
server
AmazonS3
age
29
etag
W/"0ea185cf3ab4939007594db03e431e63"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 3d34e163f3f1a0c4a397ad818b79a810.cloudfront.net (CloudFront)
date
Wed, 29 Sep 2021 03:02:20 GMT
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
jevnSYM4etN4iEWRAsYL_YZ-nO4PX17lfsfC91KZaIxz3YSOxq-SSw==
snapshot
api.trustedform.com/certs/1524bd4ed96bd1ee32e3ee1d875e4e113a811cc1/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/1524bd4ed96bd1ee32e3ee1d875e4e113a811cc1/snapshot
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.5.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.112.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-112-176.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://harpsubstitute.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 29 Sep 2021 03:02:48 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
Cowboy
access-control-expose-headers
ajax-loader.gif
harpsubstitute.com/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/ajax-loader.gif
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.5.8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24ed9db3eb0d97ecf1f0832cbd30bd37744e0d2b520ccdad5af60f7a08a45b90

Request headers

:path
/images/ajax-loader.gif
pragma
no-cache
cookie
leadid_token-29705C9D-232A-8A19-97CA-C832491B96A7-55BC924F-7A64-632A-27E9-C00A43B0343D=90F97643-62DB-E298-0147-9CE8D846F5E8; _ga=GA1.2.187538781.1632884568; _gid=GA1.2.839598256.1632884568; _gat_UA-104373288-9=1; 6bdfac53cbfb648b7ebe7a1fe1b93f4d=%7B%22v%22%3A%225.8%22%2C%22a%22%3A2771584742%2C%22b%22%3A%22c33e02b12344aa3ff1095ac14734f9c2%22%2C%22c%22%3A1632884567872%2C%22d%22%3A%22ccb87c2de1b59668f9f03de88a0d940e%22%2C%22e%22%3A%22%22%7D
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:48 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19110
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:18:19 GMT
server
cloudflare
etag
"4aa6-5bf4f52fa5746"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s7vYexyp89Ewy6y0OVNZ%2BW57tBB0NvlFHA%2FAx9SzbQSsm3eDwlDtEfoSHy57ayRBiMSkfUsAhnKx4fE2KwKg1YNYfEIyzAOlMRaAx0Q%2FpSGw8BtytWJgsqRNLdHCNsZVrBG5AOk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
6961f98a6f694125-PRG
expires
0
logo.png
harpsubstitute.com/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/logo.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.5.8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5a31df4fd9b613ba62b7a8d1329687f7fddf1405e0f88478873106132ea216f

Request headers

:path
/images/logo.png
pragma
no-cache
cookie
leadid_token-29705C9D-232A-8A19-97CA-C832491B96A7-55BC924F-7A64-632A-27E9-C00A43B0343D=90F97643-62DB-E298-0147-9CE8D846F5E8; _ga=GA1.2.187538781.1632884568; _gid=GA1.2.839598256.1632884568; _gat_UA-104373288-9=1; 6bdfac53cbfb648b7ebe7a1fe1b93f4d=%7B%22v%22%3A%225.8%22%2C%22a%22%3A2771584742%2C%22b%22%3A%22c33e02b12344aa3ff1095ac14734f9c2%22%2C%22c%22%3A1632884567872%2C%22d%22%3A%22ccb87c2de1b59668f9f03de88a0d940e%22%2C%22e%22%3A%22%22%7D
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:48 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4715
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:18:31 GMT
server
cloudflare
etag
"126b-5bf4f53bdc854"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F1%2BK3CdUyLO4G6LH3oYZ8YzQy3%2FGbzOhnAMw%2BzzHc%2BUrNqfIONOkFU7QNo74X52KVMJoePXtFPwFVQLCB9BvkYrsCleeW83aupUEFhTKD8nObGx9yh2RLao6%2BYoQwsOcxNfuc7c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
6961f98a6f6a4125-PRG
expires
0
single-family.png
harpsubstitute.com/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/single-family.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.5.8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee855c03ff68d56d694f797b269f1741916f49dc1669b462bbeb9300f5525fd5

Request headers

:path
/images/single-family.png
pragma
no-cache
cookie
leadid_token-29705C9D-232A-8A19-97CA-C832491B96A7-55BC924F-7A64-632A-27E9-C00A43B0343D=90F97643-62DB-E298-0147-9CE8D846F5E8; _ga=GA1.2.187538781.1632884568; _gid=GA1.2.839598256.1632884568; _gat_UA-104373288-9=1; 6bdfac53cbfb648b7ebe7a1fe1b93f4d=%7B%22v%22%3A%225.8%22%2C%22a%22%3A2771584742%2C%22b%22%3A%22c33e02b12344aa3ff1095ac14734f9c2%22%2C%22c%22%3A1632884567872%2C%22d%22%3A%22ccb87c2de1b59668f9f03de88a0d940e%22%2C%22e%22%3A%22%22%7D
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:48 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9347
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:18:37 GMT
server
cloudflare
etag
"2483-5bf4f541a122e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GA0pjDMZbzNlMS4bsUa7jgWMduNZyFj6JaBmjjKuGYIFa8fL9Si2B7MVVj7Nqo1Y6UZXjuK%2FDvW0wHUGjYxMbLgn8oXB%2Bra4gXnzw2hrkstGZS%2F0qE35arF9fXGnBZSA8rNWjUE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
6961f98a6f6b4125-PRG
expires
0
multi-family.png
harpsubstitute.com/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/multi-family.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.5.8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd6c567369b1170df3dce198008dffd26680609dac9d8a3532c79335696d058e

Request headers

:path
/images/multi-family.png
pragma
no-cache
cookie
leadid_token-29705C9D-232A-8A19-97CA-C832491B96A7-55BC924F-7A64-632A-27E9-C00A43B0343D=90F97643-62DB-E298-0147-9CE8D846F5E8; _ga=GA1.2.187538781.1632884568; _gid=GA1.2.839598256.1632884568; _gat_UA-104373288-9=1; 6bdfac53cbfb648b7ebe7a1fe1b93f4d=%7B%22v%22%3A%225.8%22%2C%22a%22%3A2771584742%2C%22b%22%3A%22c33e02b12344aa3ff1095ac14734f9c2%22%2C%22c%22%3A1632884567872%2C%22d%22%3A%22ccb87c2de1b59668f9f03de88a0d940e%22%2C%22e%22%3A%22%22%7D
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:48 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8109
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:18:33 GMT
server
cloudflare
etag
"1fad-5bf4f53d8b334"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yvzBwOC%2BWlkqTCLTroBc1rBWbOkywPXs8eUpMeh4slu7f7Nfx3PuNlYuISRFmA9BD9Mn6GxZe2SzUJSfiaK3ouMptkRSChCxKqoNj6tQV%2BnyKbdUkgpAn9j%2FwhCN9yRtmHbCm9M%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
6961f98a6f6c4125-PRG
expires
0
condo.png
harpsubstitute.com/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/condo.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.5.8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99209fd93a657cd31de8a66da57ed9eba7cdee3802d219a72f3ab040652060ec

Request headers

:path
/images/condo.png
pragma
no-cache
cookie
leadid_token-29705C9D-232A-8A19-97CA-C832491B96A7-55BC924F-7A64-632A-27E9-C00A43B0343D=90F97643-62DB-E298-0147-9CE8D846F5E8; _ga=GA1.2.187538781.1632884568; _gid=GA1.2.839598256.1632884568; _gat_UA-104373288-9=1; 6bdfac53cbfb648b7ebe7a1fe1b93f4d=%7B%22v%22%3A%225.8%22%2C%22a%22%3A2771584742%2C%22b%22%3A%22c33e02b12344aa3ff1095ac14734f9c2%22%2C%22c%22%3A1632884567872%2C%22d%22%3A%22ccb87c2de1b59668f9f03de88a0d940e%22%2C%22e%22%3A%22%22%7D
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:48 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10408
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:18:23 GMT
server
cloudflare
etag
"28a8-5bf4f53423e30"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t7fxt%2B8vuINqZE6r2qPEqZjVuP1hPtJy8UhONYZzh%2B5ElvOlWh1QPM7%2BFGzKT2V45ueT6QRGVzSSujLmVrNdGy8gmA718N2aUJhifji7HQEDR7vZ%2BhX9x3jyKeNZLbpubH3mfp8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
6961f98a6f6d4125-PRG
expires
0
mobile-home.png
harpsubstitute.com/images/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/mobile-home.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.5.8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f33bd58eaa8862892bfaaf1d07b4010ec83175e0b2b85b4b96b75c08cfa4a662

Request headers

:path
/images/mobile-home.png
pragma
no-cache
cookie
leadid_token-29705C9D-232A-8A19-97CA-C832491B96A7-55BC924F-7A64-632A-27E9-C00A43B0343D=90F97643-62DB-E298-0147-9CE8D846F5E8; _ga=GA1.2.187538781.1632884568; _gid=GA1.2.839598256.1632884568; _gat_UA-104373288-9=1; 6bdfac53cbfb648b7ebe7a1fe1b93f4d=%7B%22v%22%3A%225.8%22%2C%22a%22%3A2771584742%2C%22b%22%3A%22c33e02b12344aa3ff1095ac14734f9c2%22%2C%22c%22%3A1632884567872%2C%22d%22%3A%22ccb87c2de1b59668f9f03de88a0d940e%22%2C%22e%22%3A%22%22%7D
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:48 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
21294
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:18:32 GMT
server
cloudflare
etag
"532e-5bf4f53cb4594"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GGord%2FSsEWXijYJ9XXVb4IiIK8%2F965SMWQidAv977QBDhiurRzyOfoFMK5yvCR6GoYt8cZU1x2sCMcEPyT9RKEn4G9qc2k5VGUMcblDm8UljlokrdS8QQ%2BGLmGoX30mak0MQ%2Fr4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
6961f98a6f6e4125-PRG
expires
0
credit1_sls.png
harpsubstitute.com/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/credit1_sls.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.5.8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2b8dd7ad58cd78f041a5f1b9cefc383ae93c31c2f6109c4796c9309e84edbba

Request headers

:path
/images/credit1_sls.png
pragma
no-cache
cookie
leadid_token-29705C9D-232A-8A19-97CA-C832491B96A7-55BC924F-7A64-632A-27E9-C00A43B0343D=90F97643-62DB-E298-0147-9CE8D846F5E8; _ga=GA1.2.187538781.1632884568; _gid=GA1.2.839598256.1632884568; _gat_UA-104373288-9=1; 6bdfac53cbfb648b7ebe7a1fe1b93f4d=%7B%22v%22%3A%225.8%22%2C%22a%22%3A2771584742%2C%22b%22%3A%22c33e02b12344aa3ff1095ac14734f9c2%22%2C%22c%22%3A1632884567872%2C%22d%22%3A%22ccb87c2de1b59668f9f03de88a0d940e%22%2C%22e%22%3A%22%22%7D
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:48 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1962
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:18:26 GMT
server
cloudflare
etag
"7aa-5bf4f53662205"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qoPvKkciijPdq2GiatpDrzIhEy05AtyM5pvSKe%2FAp%2BiC1V2fPHJEMv2LhgotrUvoDEhHI7%2B%2FzAlc1TIoXfiy29r4zMbJMLSb9Mzt4AFmt3nGgS%2BWSMQUbIbV9YnkZ7j%2FcsWkRtc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
6961f98a6f6f4125-PRG
expires
0
credit2_sls.png
harpsubstitute.com/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/credit2_sls.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.5.8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
005a62b1fb7c1cbfa9029e92f4d9fb116ac1c0227a1f897385eb5c5edb6616d8

Request headers

:path
/images/credit2_sls.png
pragma
no-cache
cookie
leadid_token-29705C9D-232A-8A19-97CA-C832491B96A7-55BC924F-7A64-632A-27E9-C00A43B0343D=90F97643-62DB-E298-0147-9CE8D846F5E8; _ga=GA1.2.187538781.1632884568; _gid=GA1.2.839598256.1632884568; _gat_UA-104373288-9=1; 6bdfac53cbfb648b7ebe7a1fe1b93f4d=%7B%22v%22%3A%225.8%22%2C%22a%22%3A2771584742%2C%22b%22%3A%22c33e02b12344aa3ff1095ac14734f9c2%22%2C%22c%22%3A1632884567872%2C%22d%22%3A%22ccb87c2de1b59668f9f03de88a0d940e%22%2C%22e%22%3A%22%22%7D
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:48 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2197
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:18:26 GMT
server
cloudflare
etag
"895-5bf4f536f1afa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=24fbg0KGbBZ%2FTkEH5qM43xUZfgqYE9o9%2B8r7e3b6pe8Mf0VoV0T3SDtZCUZjRylPLKsPagLx%2FDuiWVRlkUU8xHguGKL02TwkoKDGkIYtDE8B1lZGP3kaCNgdWOrU85%2FmqA2dlSs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
6961f98a6f704125-PRG
expires
0
credit3_sls.png
harpsubstitute.com/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/credit3_sls.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.5.8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96826e8521715e333d75aa855eeaffb6f72c08c3bd757b6f6f70d8adad936d53

Request headers

:path
/images/credit3_sls.png
pragma
no-cache
cookie
leadid_token-29705C9D-232A-8A19-97CA-C832491B96A7-55BC924F-7A64-632A-27E9-C00A43B0343D=90F97643-62DB-E298-0147-9CE8D846F5E8; _ga=GA1.2.187538781.1632884568; _gid=GA1.2.839598256.1632884568; _gat_UA-104373288-9=1; 6bdfac53cbfb648b7ebe7a1fe1b93f4d=%7B%22v%22%3A%225.8%22%2C%22a%22%3A2771584742%2C%22b%22%3A%22c33e02b12344aa3ff1095ac14734f9c2%22%2C%22c%22%3A1632884567872%2C%22d%22%3A%22ccb87c2de1b59668f9f03de88a0d940e%22%2C%22e%22%3A%22%22%7D
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:48 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2280
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:18:27 GMT
server
cloudflare
etag
"8e8-5bf4f53783330"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sFTXXjnzjkMOTR%2BXXFx3qo6I3qMKFr0TDFX7eRbf8DTXHExeJKfjuu6AqYt2XfNfyaaERqqmOjv6nWRPA9mBcAzYMQHVTtUYYi8Ewj07zMFmJx0DEOlHU7cnmpIzd9%2Bm4hFNptQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
6961f98a6f714125-PRG
expires
0
credit4_sls.png
harpsubstitute.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/credit4_sls.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.5.8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c881b0c2f14538c1171bf1ebe6e63440f6aa4d9100ad45ec857a201fbcab7c3

Request headers

:path
/images/credit4_sls.png
pragma
no-cache
cookie
leadid_token-29705C9D-232A-8A19-97CA-C832491B96A7-55BC924F-7A64-632A-27E9-C00A43B0343D=90F97643-62DB-E298-0147-9CE8D846F5E8; _ga=GA1.2.187538781.1632884568; _gid=GA1.2.839598256.1632884568; _gat_UA-104373288-9=1; 6bdfac53cbfb648b7ebe7a1fe1b93f4d=%7B%22v%22%3A%225.8%22%2C%22a%22%3A2771584742%2C%22b%22%3A%22c33e02b12344aa3ff1095ac14734f9c2%22%2C%22c%22%3A1632884567872%2C%22d%22%3A%22ccb87c2de1b59668f9f03de88a0d940e%22%2C%22e%22%3A%22%22%7D
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:48 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1922
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:18:27 GMT
server
cloudflare
etag
"782-5bf4f53811c85"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kl5KMnrdiLg9e%2Fr6x9q3EzJekFXSQ9TBGT4j4paIeq17nokQHQwM5gJmYor9KNqt27pSyT2nFkStYuLtd9Rvjhkca%2FowpPVr6mSLanfWqR6VKQUXPAxncgW95AI7plW57Gk6Nfs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
6961f98a6f724125-PRG
expires
0
brand.png
harpsubstitute.com/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/brand.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.5.8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26f76ed947ed29163c4f8ee4821e085b6362f837175f8b940e088f5b63ae4c08

Request headers

:path
/images/brand.png
pragma
no-cache
cookie
leadid_token-29705C9D-232A-8A19-97CA-C832491B96A7-55BC924F-7A64-632A-27E9-C00A43B0343D=90F97643-62DB-E298-0147-9CE8D846F5E8; _ga=GA1.2.187538781.1632884568; _gid=GA1.2.839598256.1632884568; _gat_UA-104373288-9=1; 6bdfac53cbfb648b7ebe7a1fe1b93f4d=%7B%22v%22%3A%225.8%22%2C%22a%22%3A2771584742%2C%22b%22%3A%22c33e02b12344aa3ff1095ac14734f9c2%22%2C%22c%22%3A1632884567872%2C%22d%22%3A%22ccb87c2de1b59668f9f03de88a0d940e%22%2C%22e%22%3A%22%22%7D
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
harpsubstitute.com
referer
https://harpsubstitute.com/?publisher_id=1190&subid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:02:48 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
7143
pragma
no-cache
last-modified
Tue, 06 Apr 2021 15:18:21 GMT
server
cloudflare
etag
"1be7-5bf4f531e4abb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=117pbBUm13gVWfxGXE%2B4ZfIIi4fwgHk%2FmF7MyYwL6XaPTCk9kjHJ0atgTd5yxyOQ5jbO%2BCdQ7QKSzhI%2FSDM5J6z3e8Js%2F3lZWFErOGhB4d6KPEw0WiPMjxGXOsBcxbvCjY1lKoY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
6961f98a6f734125-PRG
expires
0
fingerprints
api.trustedform.com/certs/1524bd4ed96bd1ee32e3ee1d875e4e113a811cc1/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/1524bd4ed96bd1ee32e3ee1d875e4e113a811cc1/fingerprints
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.5.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.112.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-112-176.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://harpsubstitute.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 29 Sep 2021 03:02:48 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
Cowboy
access-control-expose-headers
Snap
create.leadid.com/2.11.7/ 		0
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.7/Snap?msn=5&pid=4a476def-1d0c-43ba-bd7c-bf4a0f846df8&token=90F97643-62DB-E298-0147-9CE8D846F5E8&_=356970472
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/55bc924f-7a64-632a-27e9-c00a43b0343d.js?snippet_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.20.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-20-15.compute-1.amazonaws.com
Software
nginx/1.17.6 / PHP/7.1.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://harpsubstitute.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 29 Sep 2021 03:02:49 GMT
content-encoding
gzip
server
nginx/1.17.6
x-powered-by
PHP/7.1.33
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
Snap
create.leadid.com/2.11.7/ 		0
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.7/Snap?msn=6&pid=4a476def-1d0c-43ba-bd7c-bf4a0f846df8&token=90F97643-62DB-E298-0147-9CE8D846F5E8&_=356970473
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/55bc924f-7a64-632a-27e9-c00a43b0343d.js?snippet_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.20.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-20-15.compute-1.amazonaws.com
Software
nginx/1.17.6 / PHP/7.1.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://harpsubstitute.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 29 Sep 2021 03:02:49 GMT
content-encoding
gzip
server
nginx/1.17.6
x-powered-by
PHP/7.1.33
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
events
api.trustedform.com/certs/1524bd4ed96bd1ee32e3ee1d875e4e113a811cc1/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/1524bd4ed96bd1ee32e3ee1d875e4e113a811cc1/events
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.5.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.112.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-112-176.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://harpsubstitute.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 29 Sep 2021 03:02:49 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
Cowboy
access-control-expose-headers
InitFormData
create.leadid.com/2.11.7/ 		0
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.7/InitFormData?msn=7&pid=4a476def-1d0c-43ba-bd7c-bf4a0f846df8&token=90F97643-62DB-E298-0147-9CE8D846F5E8&_=356970474
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/55bc924f-7a64-632a-27e9-c00a43b0343d.js?snippet_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.20.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-20-15.compute-1.amazonaws.com
Software
nginx/1.17.6 / PHP/7.1.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://harpsubstitute.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 29 Sep 2021 03:02:49 GMT
content-encoding
gzip
server
nginx/1.17.6
x-powered-by
PHP/7.1.33
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
Snap
create.leadid.com/2.11.7/ 		0
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.7/Snap?msn=8&pid=4a476def-1d0c-43ba-bd7c-bf4a0f846df8&token=90F97643-62DB-E298-0147-9CE8D846F5E8&_=356970475
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/55bc924f-7a64-632a-27e9-c00a43b0343d.js?snippet_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.20.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-20-15.compute-1.amazonaws.com
Software
nginx/1.17.6 / PHP/7.1.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://harpsubstitute.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 29 Sep 2021 03:02:51 GMT
content-encoding
gzip
server
nginx/1.17.6
x-powered-by
PHP/7.1.33
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
events
api.trustedform.com/certs/1524bd4ed96bd1ee32e3ee1d875e4e113a811cc1/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/1524bd4ed96bd1ee32e3ee1d875e4e113a811cc1/events
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.5.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.112.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-112-176.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://harpsubstitute.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 29 Sep 2021 03:02:50 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
Cowboy
access-control-expose-headers
Snap
create.leadid.com/2.11.7/ 		0
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.7/Snap?msn=9&pid=4a476def-1d0c-43ba-bd7c-bf4a0f846df8&token=90F97643-62DB-E298-0147-9CE8D846F5E8&_=356970476
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/55bc924f-7a64-632a-27e9-c00a43b0343d.js?snippet_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.20.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-20-15.compute-1.amazonaws.com
Software
nginx/1.17.6 / PHP/7.1.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://harpsubstitute.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 29 Sep 2021 03:02:52 GMT
content-encoding
gzip
server
nginx/1.17.6
x-powered-by
PHP/7.1.33
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
events
api.trustedform.com/certs/1524bd4ed96bd1ee32e3ee1d875e4e113a811cc1/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/1524bd4ed96bd1ee32e3ee1d875e4e113a811cc1/events
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.5.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.112.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-112-176.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://harpsubstitute.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 29 Sep 2021 03:02:52 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
Cowboy
access-control-expose-headers
Snap
create.leadid.com/2.11.7/ 		0
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.7/Snap?msn=10&pid=4a476def-1d0c-43ba-bd7c-bf4a0f846df8&token=90F97643-62DB-E298-0147-9CE8D846F5E8&_=356970477
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/55bc924f-7a64-632a-27e9-c00a43b0343d.js?snippet_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.20.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-20-15.compute-1.amazonaws.com
Software
nginx/1.17.6 / PHP/7.1.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://harpsubstitute.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 29 Sep 2021 03:02:53 GMT
content-encoding
gzip
server
nginx/1.17.6
x-powered-by
PHP/7.1.33
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
events
api.trustedform.com/certs/1524bd4ed96bd1ee32e3ee1d875e4e113a811cc1/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/1524bd4ed96bd1ee32e3ee1d875e4e113a811cc1/events
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.5.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.112.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-112-176.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://harpsubstitute.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 29 Sep 2021 03:02:53 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
Cowboy
access-control-expose-headers
Snap
create.leadid.com/2.11.7/ 		0
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.7/Snap?msn=11&pid=4a476def-1d0c-43ba-bd7c-bf4a0f846df8&token=90F97643-62DB-E298-0147-9CE8D846F5E8&_=356970478
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/55bc924f-7a64-632a-27e9-c00a43b0343d.js?snippet_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.20.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-20-15.compute-1.amazonaws.com
Software
nginx/1.17.6 / PHP/7.1.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://harpsubstitute.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 29 Sep 2021 03:02:57 GMT
content-encoding
gzip
server
nginx/1.17.6
x-powered-by
PHP/7.1.33
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
events
api.trustedform.com/certs/1524bd4ed96bd1ee32e3ee1d875e4e113a811cc1/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/1524bd4ed96bd1ee32e3ee1d875e4e113a811cc1/events
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.5.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.112.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-112-176.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://harpsubstitute.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 29 Sep 2021 03:02:57 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
Cowboy
access-control-expose-headers
Snap
create.leadid.com/2.11.7/ 		0
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.7/Snap?msn=12&pid=4a476def-1d0c-43ba-bd7c-bf4a0f846df8&token=90F97643-62DB-E298-0147-9CE8D846F5E8&_=356970479
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/55bc924f-7a64-632a-27e9-c00a43b0343d.js?snippet_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.20.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-20-15.compute-1.amazonaws.com
Software
nginx/1.17.6 / PHP/7.1.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://harpsubstitute.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 29 Sep 2021 03:02:59 GMT
content-encoding
gzip
server
nginx/1.17.6
x-powered-by
PHP/7.1.33
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
events
api.trustedform.com/certs/1524bd4ed96bd1ee32e3ee1d875e4e113a811cc1/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/1524bd4ed96bd1ee32e3ee1d875e4e113a811cc1/events
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.5.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.112.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-112-176.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://harpsubstitute.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 29 Sep 2021 03:02:59 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
Cowboy
access-control-expose-headers

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect boolean| originAgentCluster boolean| convert_fire object| geoip2 object| dataLayer function| $ function| jQuery object| google_tag_manager object| LeadiDconfig object| LeadiD function| setImmediate function| clearImmediate boolean| proofInitialized object| angular object| jQuery112008252783431203945 function| Inputmask function| buttonclick function| spanclick function| ValidateForm function| property_type function| credit_score function| property_value function| loan_amount function| fha_loan function| cashout function| veteran function| va_loan function| elect_bill1 function| validate_address function| validate function| validateOptEmails function| validateEmail function| hasClass object| config function| getUrlVars function| getUrlParam function| RGRCallBack function| mobileTabletCheck function| postscribe function| customRadio function| fillState object| dt string| month string| day string| year string| currentDate object| scrollbox function| trustedFormCertUrlCallback object| __maxch__thunk object| MediaAlphaExchange function| MediaAlphaExchange__success function| MediaAlphaExchange__error function| MediaAlphaExchange__click function| MediaAlphaExchange__load undefined| targetID undefined| targetElt string| label string| id boolean| sensitiveData object| defaultStyleFrame function| clicksNetGetProtocol function| clicksNetGetQueryStringParam function| clicksNetGetElementsByClassName boolean| cf_mort_src_script_was_added boolean| cf_add_adapt_src_script_was_added function| mortCallback function| cf_add_missing_src_scripts function| GenerateMissingScript function| loadScriptWithSrc function| stripAndExecuteScript function| addClass function| removeClass function| clicksNetAddExpandButtonListeners function| eHawkTalon function| EHTalon function| Fingerprint boolean| isBlink string| tmpShiftValue string| tmpParts object| google_tag_data string| GoogleAnalyticsObject function| ga object| trustedForm function| trustedFormStartRecording function| trustedFormStopRecording object| gaplugins object| gaGlobal object| gaData number| chk string| e_hawkTalonStr

6 Cookies

Domain/Path Name / Value
harpsubstitute.com/ Name: leadid_token-29705C9D-232A-8A19-97CA-C832491B96A7-55BC924F-7A64-632A-27E9-C00A43B0343D
Value: 90F97643-62DB-E298-0147-9CE8D846F5E8
.harpsubstitute.com/ Name: _ga
Value: GA1.2.187538781.1632884568
.harpsubstitute.com/ Name: _gid
Value: GA1.2.839598256.1632884568
.harpsubstitute.com/ Name: _gat_UA-104373288-9
Value: 1
harpsubstitute.com/ Name: 6bdfac53cbfb648b7ebe7a1fe1b93f4d
Value: %7B%22v%22%3A%225.8%22%2C%22a%22%3A2771584742%2C%22b%22%3A%22c33e02b12344aa3ff1095ac14734f9c2%22%2C%22c%22%3A1632884567872%2C%22d%22%3A%22ccb87c2de1b59668f9f03de88a0d940e%22%2C%22e%22%3A%22%22%7D
.deviceid.trueleadid.com/ Name: uuid
Value: 8b19438ff0b74a3187090d8068a93c0b

1 Console Messages

Source Level URL
Text
network error URL: https://s3-us-west-2.amazonaws.com/files.getemails.com/account/V3VHEYD/source/getemails.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.proofapi.com
api.trustedform.com
api.useproof.com
cdn-3.convertexperiments.com
cdn.fcmrktplace.com
cdn.trustedform.com
cdn.useproof.com
code.jquery.com
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
finance.mediaalpha.com
fonts.googleapis.com
fonts.gstatic.com
geoip-js.com
harpsubstitute.com
hottoil.xyz
js.maxmind.com
reallygreatrate.com
s3-us-west-2.amazonaws.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
104.111.248.13
104.16.37.47
104.18.11.239
104.21.35.233
104.21.4.14
104.22.39.182
13.32.118.20
142.250.181.227
142.250.185.206
142.250.185.232
142.250.185.234
142.250.186.163
165.227.241.154
172.67.193.205
172.67.223.242
184.73.20.15
34.199.156.149
34.200.112.176
52.218.169.8
52.222.236.52
52.38.97.1
54.243.53.47
69.16.175.10
95.215.210.10
005a62b1fb7c1cbfa9029e92f4d9fb116ac1c0227a1f897385eb5c5edb6616d8
0adeedede6d3bdf7e7258108ead2ed80af83b9fec8ba560d29fce2f3a957a261
0f55940c0634522ce92139a11a2fca5d5bd810c8f23ee327ddb2ef5179144e2f
100590955cc7ec8ece5c04d7343c069368171a40bf5c7c5f639ded0f0f679cd7
12d5f5436c92db2953a77e0c1d3d10ddf7ca6365129dbda3300e705d7d8bcb0d
1f7c1711bbcc552ffcfa2d4a1ce63f0e5fde356e71d9c2fd7d7358888b93e798
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
2325fcd937bca9732281e9f4f8960d8fb5aed726265ceb609a77f50cd7039148
24ed9db3eb0d97ecf1f0832cbd30bd37744e0d2b520ccdad5af60f7a08a45b90
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26f76ed947ed29163c4f8ee4821e085b6362f837175f8b940e088f5b63ae4c08
28a050e3bb0c1932abdde03a00adedf53cb095b71bed2041cc5ff29c34bbad8c
2bdf83f75f66adf883bffa8154a933820ebe1774462491fa9569ced274dcfb76
2c881b0c2f14538c1171bf1ebe6e63440f6aa4d9100ad45ec857a201fbcab7c3
2e988639b9cf3eed8f9521702d16bbdcdcc6602fbdf82785aa0e11d2c557aa13
2fe5fb2d025e0a2a028376783078622313bb93ec4a64cae7a8f6c0463507b2b1
33c3df32678f6314598c045f335d183bc774c3aafd3f996c525a2c50fdcb0432
418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf
479bbacc482a04fafa069e27d88922ed314c9f7df86ebf8b117de571c4869512
4e2d95df10e65f48daac2dcbad2cc0ef091610b5d5f77e4be8ad56a2e5aed241
510c3b9ba6dafaba1460203b83d14970c5229bb3ac92daedf0a2f0668a52c30c
52e4c7adc85effe14df8672ee8517b8b5a8b8ac0834006b9deb793af41644228
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
54234f4ebe24f0a0058c5a4301ba3356fa0e138d3adfa12cac7b144667da104d
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
68866699268a1bc9c878ee2403f34a336103e70be1819b81a87b15fce47491ae
6a45658988e9ccf8d151c181ca1ce06731abd20a469ea9b6210b31cfcaffa91e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c78ce6b6d1928630b903084ea9d503643f303ba05455860cc7cd17f7687cc65
7656b5a72cee89a429742d2575df383f9d0a5a36464ab05ee13fb1dafeb73bdf
7be0ac99f2ea3e5f96e91fadfabfa6a74df8e9dde83f25bb847730cfd5b25310
81b970efb0c597b9e5d7def67dd00f07a17a319d965e2898974330c3df170fea
86b9810f5af65c62a1d7c0ae9b8fcfbf88fec66b80b6ba723eb6b37eb4c3fef8
8c0e5c2f898c9c6ae0c1aff2eca3068d28c9545f8b8c4458d912b27f93d7280a
8c77171508d473ff7ddf3acd5e1b62e4184eeafcb03882a32f39d434f9ccb57c
96826e8521715e333d75aa855eeaffb6f72c08c3bd757b6f6f70d8adad936d53
99209fd93a657cd31de8a66da57ed9eba7cdee3802d219a72f3ab040652060ec
9f74593149adc21c135cc88bba9dfb21d71504ae0f2f558e0f2fe227ff98b380
a5a31df4fd9b613ba62b7a8d1329687f7fddf1405e0f88478873106132ea216f
a975f7e324140fd47a3f6348a1149e909a390318d0177609b0a5ae255f1469e6
b02261de48e43eb36ebd12bb35cc8cf835709afdafc45090f720268f47c0ecd1
c0504aaebc704c9e2f127b37b96aa475865d6dc9e8a7b3ebb84dabdaa87305ce
c20200c1fce72a3749a5a2fe92a2c63a7f313adfd8b68376d6c6d1d7a51bd04c
c2b8dd7ad58cd78f041a5f1b9cefc383ae93c31c2f6109c4796c9309e84edbba
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
cecb7574a7b590943facd083b1fa50a4d723e2aab07e11b7ceb2221778404e20
d4aa7a4a0b23c0e7ce0b8af8f3fcc0f8d43975482e645af0eff7df6305fa2e47
d5b72a06b840b4d784f8415b538811ec646956f8155e3511a009bf8926f65f0c
e1c9ec5085e8d8fddfe1ccadf65bb79bfb91720dabce0d3a528a26295007a551
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40f2cf09acd9102b0395a54666be4b1e9cd345c217df3dc3acbb2f2af23edb9
e9a022804abc1a1f59c15181c083016892735cf323fd6f80385abb6bf335c3cf
ee855c03ff68d56d694f797b269f1741916f49dc1669b462bbeb9300f5525fd5
f1851c5bea8d6bdde1e9cb4f5976a54d98ccea19fe7227c9f58726ad775ee841
f2202edb77a3b9062499cf7fc6f7b1eb4f4a65b5c22184d481cb4f05c9b681fc
f33bd58eaa8862892bfaaf1d07b4010ec83175e0b2b85b4b96b75c08cfa4a662
f4d712c5a2901b92d4baa6e18554c3db8e5ce1d8f4d3189054e39489b37c982c
f75b37f91918bb7ed4b9dfd87bf01fb968e18829477651c429b1cf4999c0ed62
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f958ea302a444495a64a523f633b078327c56f360cc3ba54326952708978002f
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd6c567369b1170df3dce198008dffd26680609dac9d8a3532c79335696d058e
fd745ef776c8d3a107316d4a9c9e400a14d84333350ad376affec70b7d1c8783
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
fe33bcbc643486416822bd1c0a33d0dd8b10484b88c8c7c2c57c6743a36d0aef