urlscan.io logo urlscan.io
SecurityTrails logo

refinance.lowermybills.com Open in urlscan Pro
35.164.48.254  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://storage.googleapis.com/01439e9df401e2e/alinkasa.html#/rd/c16328xfsOp51557277QETy612moe2504kwXo1095
Effective URL: https://refinance.lowermybills.com/questions
Submission Tags: scam/phishing e-mail links
Submission: On October 25 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 7 countries across 22 domains to perform 122 HTTP transactions. The main IP is 35.164.48.254, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is refinance.lowermybills.com.
TLS certificate: Issued by Thawte RSA CA 2018 on July 21st 2021. Valid for: a year.
This is the only time refinance.lowermybills.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 172.217.16.144 15169 (GOOGLE)
1 2 185.177.57.143 44901 (BELCLOUD)
1 191.101.232.101 61317 (ASDETUK w...)
1 1 54.173.50.35 14618 (AMAZON-AES)
1 1 52.40.27.155 16509 (AMAZON-02)
7 35.164.48.254 16509 (AMAZON-02)
20 2.16.186.232 20940 (AKAMAI-ASN1)
2 2.16.186.210 20940 (AKAMAI-ASN1)
4 172.217.23.106 15169 (GOOGLE)
2 13.225.79.159 16509 (AMAZON-02)
4 142.250.185.99 15169 (GOOGLE)
15 216.58.212.136 15169 (GOOGLE)
1 95.217.106.21 24940 (HETZNER-AS)
3 13.107.21.200 8068 (MICROSOFT...)
4 151.101.1.44 54113 (FASTLY)
1 151.101.12.157 54113 (FASTLY)
4 142.250.185.162 15169 (GOOGLE)
4 6 142.250.186.134 15169 (GOOGLE)
1 104.244.42.195 13414 (TWITTER)
4 16 142.250.185.226 15169 (GOOGLE)
16 142.250.186.100 15169 (GOOGLE)
1 172.217.18.98 15169 (GOOGLE)
1 212.82.100.181 34010 (YAHOO-IRD)
1 5.9.20.98 24940 (HETZNER-AS)
2 172.217.16.142 15169 (GOOGLE)
5 3.233.145.245 14618 (AMAZON-AES)
1 104.244.42.133 13414 (TWITTER)
1 74.125.133.157 15169 (GOOGLE)
4 141.226.228.48 200478 (TABOOLA-AS)
1 18.205.221.158 ()
1 13.225.78.123 ()
122 30
1    172.217.16.144 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f16.1e100.net
storage.googleapis.com
2    185.177.57.143 (Bulgaria)

ASN44901 (BELCLOUD, BG)
PTR: agiuvdbcxdirh.com
jarjav.com
1    191.101.232.101 (Los Angeles, United States)

ASN61317 (ASDETUK www.heficed.com, GB)
nameluxuries.com
1    54.173.50.35 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-50-35.compute-1.amazonaws.com
cdmtrk.com
1    52.40.27.155 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-40-27-155.us-west-2.compute.amazonaws.com
www.lowermybills.com
7    35.164.48.254 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-164-48-254.us-west-2.compute.amazonaws.com
refinance.lowermybills.com
20    2.16.186.232 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-232.deploy.static.akamaitechnologies.com
static-lre.lowermybills.com
content.lowermybills.com
cdn.lowermybills.com
2    2.16.186.210 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-210.deploy.static.akamaitechnologies.com
cdn-refinance.lowermybills.com
4    172.217.23.106 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f10.1e100.net
fonts.googleapis.com
2    13.225.79.159 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-79-159.fra2.r.cloudfront.net
www.datadoghq-browser-agent.com
4    142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net
fonts.gstatic.com
15    216.58.212.136 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f8.1e100.net
www.googletagmanager.com
1    95.217.106.21 (Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.21.106.217.95.clients.your-server.de
ads.revjet.com
3    13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
4    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
1    151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
4    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
www.googleadservices.com
6    142.250.186.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net
852807.fls.doubleclick.net
ad.doubleclick.net
1    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
16    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
googleads.g.doubleclick.net
16    142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net
www.google.com
1    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net
adservice.google.com
1    212.82.100.181 (Switzerland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
sp.analytics.yahoo.com
1    5.9.20.98 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.98.20.9.5.clients.your-server.de
pix.revjet.com
2    172.217.16.142 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f142.1e100.net
www.google-analytics.com
5    3.233.145.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-145-245.compute-1.amazonaws.com
rum-http-intake.logs.datadoghq.com
1    104.244.42.133 (United States)

ASN13414 (TWITTER, US)
t.co
1    74.125.133.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f157.1e100.net
stats.g.doubleclick.net
4    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
1    18.205.221.158 (None, )

ASN- ()
session-replay.browser-intake-datadoghq.com
1    13.225.78.123 (None, )

ASN- ()
privacy-policy.truste.com
Domain Requested by
16 www.google.com
16 googleads.g.doubleclick.net 4 redirects www.googleadservices.com
15 www.googletagmanager.com cdn-refinance.lowermybills.com
www.googletagmanager.com
10 content.lowermybills.com refinance.lowermybills.com
static-lre.lowermybills.com
8 static-lre.lowermybills.com refinance.lowermybills.com
7 refinance.lowermybills.com nameluxuries.com
static-lre.lowermybills.com
www.datadoghq-browser-agent.com
5 rum-http-intake.logs.datadoghq.com www.datadoghq-browser-agent.com
4 trc-events.taboola.com cdn.taboola.com
4 852807.fls.doubleclick.net 2 redirects refinance.lowermybills.com
4 www.googleadservices.com cdn-refinance.lowermybills.com
www.googletagmanager.com
www.googleadservices.com
4 fonts.gstatic.com fonts.googleapis.com
4 fonts.googleapis.com refinance.lowermybills.com
3 bat.bing.com storage.googleapis.com
bat.bing.com
2 trc.taboola.com cdn.taboola.com
2 www.google-analytics.com www.googletagmanager.com
www.datadoghq-browser-agent.com
2 ad.doubleclick.net 2 redirects
2 cdn.taboola.com storage.googleapis.com
cdn.taboola.com
2 cdn.lowermybills.com cdn-refinance.lowermybills.com
refinance.lowermybills.com
2 www.datadoghq-browser-agent.com refinance.lowermybills.com
2 cdn-refinance.lowermybills.com refinance.lowermybills.com
2 jarjav.com 1 redirects storage.googleapis.com
1 privacy-policy.truste.com static-lre.lowermybills.com
1 session-replay.browser-intake-datadoghq.com www.datadoghq-browser-agent.com
1 stats.g.doubleclick.net www.datadoghq-browser-agent.com
1 t.co refinance.lowermybills.com
1 pix.revjet.com ads.revjet.com
1 sp.analytics.yahoo.com refinance.lowermybills.com
1 adservice.google.com refinance.lowermybills.com
1 analytics.twitter.com refinance.lowermybills.com
1 static.ads-twitter.com storage.googleapis.com
1 ads.revjet.com storage.googleapis.com
1 www.lowermybills.com 1 redirects
1 cdmtrk.com 1 redirects
1 nameluxuries.com jarjav.com
1 storage.googleapis.com
122 35

This site contains links to these domains. Also see Links.

Domain
www.fhfaoig.gov
loanlookup.freddiemac.com
www.knowyouroptions.com
Subject Issuer Validity Valid
*.storage.googleapis.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
nameluxuries.com
R3		 2021-09-27 -
2021-12-26		 3 months crt.sh
refinance.lowermybills.com
Thawte RSA CA 2018		 2021-07-21 -
2022-07-26		 a year crt.sh
cdn.lowermybills.com
R3		 2021-09-02 -
2021-12-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.datadoghq-browser-agent.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-17 -
2022-03-17		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.revjet.com
Sectigo RSA Domain Validation Secure Server CA		 2020-03-12 -
2022-04-10		 2 years crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-09-30 -
2022-03-30		 6 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-05-24 -
2021-11-17		 6 months crt.sh
*.logs.datadoghq.com
Sectigo RSA Domain Validation Secure Server CA		 2020-05-31 -
2022-05-31		 2 years crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.browser-intake-datadoghq.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-08-25 -
2022-08-25		 a year crt.sh
*.truste.com
Amazon		 2021-02-16 -
2022-03-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://refinance.lowermybills.com/questions
Frame ID: 8E944F834B231FBB5008A1206A76D231
Requests: 104 HTTP requests in this frame

Frame: https://cdn.lowermybills.com/lending-images/presentations/common/navapi/deviceAtlasLmb.min.js
Frame ID: E51E6DF8A0258000969523B52D73459D
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Refinance Mortgage, Refinancing Rates, Mortgage Rates - LowerMyBills

Page URL History Show full URLs

  1. https://storage.googleapis.com/01439e9df401e2e/alinkasa.html Page URL
  2. http://jarjav.com/rd//rd/c16328xfsOp51557277QETy612moe2504kwXo1095 Page URL
  3. http://jarjav.com/track//rd/c16328xfsOp51557277QETy612moe2504kwXo1095 HTTP 302
    https://nameluxuries.com/0/2/6333/07e9aedf03f7b41c4dec11d99d70f8d4/16/1095-16328/51557277-612-2504 Page URL
  4. https://cdmtrk.com/?E=Fg2gvGAiMXXBm2TINU5%2bJw%3d%3d&s1=350394&s2=622492148 HTTP 302
    https://www.lowermybills.com/lending/home-refinance/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246 HTTP 301
    https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246 Page URL
  5. https://refinance.lowermybills.com/questions Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

122
Requests

97 %
HTTPS

0 %
IPv6

22
Domains

35
Subdomains

30
IPs

7
Countries

1497 kB
Transfer

4097 kB
Size

21
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://storage.googleapis.com/01439e9df401e2e/alinkasa.html Page URL
  2. http://jarjav.com/rd//rd/c16328xfsOp51557277QETy612moe2504kwXo1095 Page URL
  3. http://jarjav.com/track//rd/c16328xfsOp51557277QETy612moe2504kwXo1095 HTTP 302
    https://nameluxuries.com/0/2/6333/07e9aedf03f7b41c4dec11d99d70f8d4/16/1095-16328/51557277-612-2504 Page URL
  4. https://cdmtrk.com/?E=Fg2gvGAiMXXBm2TINU5%2bJw%3d%3d&s1=350394&s2=622492148 HTTP 302
    https://www.lowermybills.com/lending/home-refinance/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246 HTTP 301
    https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246 Page URL
  5. https://refinance.lowermybills.com/questions Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • http://jarjav.com/track//rd/c16328xfsOp51557277QETy612moe2504kwXo1095 HTTP 302
  • https://nameluxuries.com/0/2/6333/07e9aedf03f7b41c4dec11d99d70f8d4/16/1095-16328/51557277-612-2504
Request Chain 3
  • https://cdmtrk.com/?E=Fg2gvGAiMXXBm2TINU5%2bJw%3d%3d&s1=350394&s2=622492148 HTTP 302
  • https://www.lowermybills.com/lending/home-refinance/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246 HTTP 301
  • https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
Request Chain 35
  • https://852807.fls.doubleclick.net/activityi;src=852807;type=lrepa937;cat=lrere295;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord= HTTP 302
  • https://852807.fls.doubleclick.net/activityi;dc_pre=CLeQ-_mz5vMCFYVEHQkd7JAMuA;src=852807;type=lrepa937;cat=lrere295;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=
Request Chain 37
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/973523572/?value=0&label=l0DICKT_tQcQ9JSb0AM&guid=ON&script=0 HTTP 302
  • https://www.google.com/pagead/1p-user-list/973523572/?value=0&label=l0DICKT_tQcQ9JSb0AM&guid=ON&script=0&is_vtc=1&random=3141183519
Request Chain 38
  • https://852807.fls.doubleclick.net/activityi;src=852807;type=lrepa937;cat=lrere295;ord=9aeb49ea-3538-4a8c-9de6-e9b04f4989f9 HTTP 302
  • https://852807.fls.doubleclick.net/activityi;dc_pre=CMOR-_mz5vMCFQBEHQkdjAcC7w;src=852807;type=lrepa937;cat=lrere295;ord=9aeb49ea-3538-4a8c-9de6-e9b04f4989f9
Request Chain 39
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1066568174/?value=1.00&currency_code=USD&label=raBACLrR_VoQ7pPK_AM&guid=ON&script=0 HTTP 302
  • https://www.google.com/pagead/1p-user-list/1066568174/?value=1.00&currency_code=USD&label=raBACLrR_VoQ7pPK_AM&guid=ON&script=0&is_vtc=1&random=2695954411
Request Chain 40
  • https://ad.doubleclick.net/ddm/activity/src=4818226;type=invmedia;cat=esvbxzky;ord=1 HTTP 302
  • https://ad.doubleclick.net/ddm/activity/src=4818226;dc_pre=CMLc_Pmz5vMCFV1CkQUdnb0HbA;type=invmedia;cat=esvbxzky;ord=1 HTTP 302
  • https://adservice.google.com/ddm/fls/z/src=4818226;dc_pre=CMLc_Pmz5vMCFV1CkQUdnb0HbA;type=invmedia;cat=esvbxzky;ord=1
Request Chain 71
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/849970183/?random=631434505&cv=9&fst=1635193895043&num=1&label=DKgWCPPcgqEBEIeIppUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&auid=2107755975.1635193895&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=JxR3Yf7WEtmQgAeS577wBg&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/849970183/?random=631434505&cv=9&fst=1635193895043&num=1&label=DKgWCPPcgqEBEIeIppUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&auid=2107755975.1635193895&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=JxR3Yf7WEtmQgAeS577wBg&cid=CAQSKQCNIrLMrV_PWlIddm6w3_sAAgIXBRXz8c18GUazWl59knrHcrHTRCa2&random=3875949639&resp=GooglemKTybQhCsO
Request Chain 72
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/735544455/?random=849029805&cv=9&fst=1635193895066&num=1&label=iteKCOibgqIBEIeJ3t4C&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&auid=2107755975.1635193895&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=JxR3YZ7YEsmp7gPUr4LgCQ&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/735544455/?random=849029805&cv=9&fst=1635193895066&num=1&label=iteKCOibgqIBEIeJ3t4C&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&auid=2107755975.1635193895&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=JxR3YZ7YEsmp7gPUr4LgCQ&cid=CAQSKQCNIrLMqAeHS4YmKhFDHfSZUsG4lKb-tpW_LrMUIGCR8TFfLVp8gpMJ&random=3744190372&resp=GooglemKTybQhCsO

122 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
alinkasa.html
storage.googleapis.com/01439e9df401e2e/ 		178 B
754 B 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/01439e9df401e2e/alinkasa.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.144 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f16.1e100.net
Software
UploadServer /
Resource Hash
445e34c47c631f49e4613b4d4339d2abbc434108af1c779214da08fe8bd6f516

Request headers

:method
GET
:authority
storage.googleapis.com
:scheme
https
:path
/01439e9df401e2e/alinkasa.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

x-guploader-uploadid
ADPycdslkKwSR4y61GLdFrjsXEX6ZSIm6djmRBRlgGz23n-VRRwWR33jjnM9RyuqMKhTM8gP1fRnv9tdMHl8nwad4Xs
expires
Mon, 25 Oct 2021 21:20:39 GMT
date
Mon, 25 Oct 2021 20:20:39 GMT
last-modified
Mon, 21 Jun 2021 16:14:48 GMT
etag
"72dacaa8278b63d31ce32cb68cf3e072"
x-goog-generation
1624292088016195
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
178
content-type
text/html
x-goog-hash
crc32c=Ck/U+w== md5=ctrKqCeLY9Mc4yy2jPPgcg==
x-goog-storage-class
STANDARD
accept-ranges
bytes
content-length
178
server
UploadServer
age
650
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
c16328xfsOp51557277QETy612moe2504kwXo1095
jarjav.com/rd//rd/ 		235 B
352 B 		Document
General
Check archive.org
Download Go to
Full URL
http://jarjav.com/rd//rd/c16328xfsOp51557277QETy612moe2504kwXo1095
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/01439e9df401e2e/alinkasa.html
Protocol
HTTP/1.1
Server
185.177.57.143 , Bulgaria, ASN44901 (BELCLOUD, BG),
Reverse DNS
agiuvdbcxdirh.com
Software
/
Resource Hash

Request headers

Host
jarjav.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Content-Type
text/html; charset=utf-8
Date
Mon, 25 Oct 2021 20:31:29 GMT
Content-Length
235
51557277-612-2504
nameluxuries.com/0/2/6333/07e9aedf03f7b41c4dec11d99d70f8d4/16/1095-16328/
Redirect Chain
  • http://jarjav.com/track//rd/c16328xfsOp51557277QETy612moe2504kwXo1095
  • https://nameluxuries.com/0/2/6333/07e9aedf03f7b41c4dec11d99d70f8d4/16/1095-16328/51557277-612-2504
138 B
513 B 		Document
General
Check archive.org
Download Go to
Full URL
https://nameluxuries.com/0/2/6333/07e9aedf03f7b41c4dec11d99d70f8d4/16/1095-16328/51557277-612-2504
Requested by
Host: jarjav.com
URL: http://jarjav.com/rd//rd/c16328xfsOp51557277QETy612moe2504kwXo1095
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
191.101.232.101 Los Angeles, United States, ASN61317 (ASDETUK www.heficed.com, GB),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Host
nameluxuries.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
http://jarjav.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://jarjav.com/rd//rd/c16328xfsOp51557277QETy612moe2504kwXo1095

Response headers

date
Mon, 25 Oct 2021 20:31:31 GMT
content-type
text/html; charset=UTF-8
server
Apache
set-cookie
uid1262=622492148-20211025163130-a876858cb149efbf254fd58758567505-; domain=; expires=Wed, 24-Nov-2021 20:31:31 GMT; path=/; SameSite=None; Secure
content-encoding
gzip
transfer-encoding
chunked
vary
Accept-Encoding

Redirect headers

Content-Type
text/html; charset=utf-8
Location
https://nameluxuries.com/0/2/6333/07e9aedf03f7b41c4dec11d99d70f8d4/16/1095-16328/51557277-612-2504
Date
Mon, 25 Oct 2021 20:31:29 GMT
Content-Length
121
Cookie set /
refinance.lowermybills.com/
Redirect Chain
  • https://cdmtrk.com/?E=Fg2gvGAiMXXBm2TINU5%2bJw%3d%3d&s1=350394&s2=622492148
  • https://www.lowermybills.com/lending/home-refinance/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
  • https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
Requested by
Host: nameluxuries.com
URL: https://nameluxuries.com/0/2/6333/07e9aedf03f7b41c4dec11d99d70f8d4/16/1095-16328/51557277-612-2504
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.164.48.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-164-48-254.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
3abc9eb2a584311acee3b5dd1f779e251936d5c9ca10c290438d041ed0947e49
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
refinance.lowermybills.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://nameluxuries.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nameluxuries.com/0/2/6333/07e9aedf03f7b41c4dec11d99d70f8d4/16/1095-16328/51557277-612-2504

Response headers

Date
Mon, 25 Oct 2021 20:31:33 GMT
Content-Type
text/html; charset=utf-8
Content-Length
9530
Connection
keep-alive
X-DNS-Prefetch-Control
off
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Download-Options
noopen
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Cache-Control
no-store
Set-Cookie
visitorId=9aeb49ea-3538-4a8c-9de6-e9b04f4989f9; Path=/; Expires=Tue, 25 Oct 2022 20:31:33 GMT sourceId=lmb-53705-112246; Path=/; Expires=Mon, 01 Nov 2021 20:31:33 GMT connect.sid=s%3A8l6rPotq_qqTTLjjksxuYzUA6UfXI0pe.G1W9AmlqFiUa901xSwFxhc%2BcQ%2BhxtMax82VYUxH9YLo; Path=/; Expires=Mon, 01 Nov 2021 20:31:33 GMT; HttpOnly BIGipServerpl.prod-lrelpwapp-lnd=!KSCkB3NCFu6uuIxRHhj5eaSY0gTQ+AOcuDWjcBZeZvP84bpF9/VNN2wFIp4PZ8P67BwbBd1dw9lXFJA=; path=/; Httponly; Secure TS014fdca0=012d8c2fc353e368e6d05801063787db0b2339bf42156ef51e54e0d02e0259ffb1feeee70de79f54d478b65432dfe89fd0a44f2b12; Path=/
ETag
W/"253a-LuEOcgFDwRA/EGbLuhNeDsbpIjM"
P3P
CP="NON DSP COR LAW CONi TELi OUR SAM IND CNT"

Redirect headers

Location
https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
Server
BigIP
Connection
Keep-Alive
Content-Length
0
main.e12635025c9fb5cfff6b.css
static-lre.lowermybills.com/ 		35 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-lre.lowermybills.com/main.e12635025c9fb5cfff6b.css
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.232 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-232.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
922010a894024fc34925fafe378edfee4578db4a81bfbb2a517974bf505b51dd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
99ZLQMy65refd8OEXZJR9QoamkJihNOm
content-encoding
br
last-modified
Fri, 22 Oct 2021 23:33:16 GMT
x-amz-cf-pop
SFO5-C3
etag
"53b1451a84c1fffb08e1a7511f4a708a"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2343660
date
Mon, 25 Oct 2021 20:31:34 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
7372
x-amz-cf-id
VjvyFsqrQJIr-5HlncttLKpAX4b0jRJLdLDzVhQZ_4PTTloqGmJHQQ==
pixel-ca687c5134383c510e1c.js
cdn-refinance.lowermybills.com/ 		280 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-refinance.lowermybills.com/pixel-ca687c5134383c510e1c.js
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.210 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-210.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b09e2cd396fb96094ce9ce509862f223b83c6a8427900690eb7368251a28978c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
etag
W/"45f7b-17caa55acd6"
x-dns-prefetch-control
off
p3p
CP="NON DSP COR LAW CONi TELi OUR SAM IND CNT"
content-length
33187
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 22 Oct 2021 23:28:34 GMT
x-frame-options
SAMEORIGIN
date
Mon, 25 Oct 2021 20:31:34 GMT
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
x-content-type-options
nosniff
deviceatlas-1.6.min.js
content.lowermybills.com/deviceatlas-1.6/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.lowermybills.com/deviceatlas-1.6/deviceatlas-1.6.min.js
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.232 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-232.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d60aa838e099599b51126886e7fa0334ad2022c7b4f76977c86f45463b55bfe9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:31:34 GMT
content-encoding
gzip
last-modified
Fri, 22 Oct 2021 21:32:39 GMT
x-amz-cf-pop
FRA53-C1
etag
"67510dbcee1857a225b8f76bdc940c26"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=485856
accept-ranges
bytes
content-length
2759
x-amz-cf-id
9x0R_sFUhSqUnWRqd4quO57c2QGv8R1opxoJvr3IQbppkL7A9fsk5A==
css
fonts.googleapis.com/ 		820 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Shadows+Into+Light+Two&display=swap
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f10.1e100.net
Software
ESF /
Resource Hash
5d67b40783f583fa48ec3a8d7346bb2a7396407bb7fb4b5ad6a5bb3cab2dd53b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 25 Oct 2021 20:20:30 GMT
server
ESF
date
Mon, 25 Oct 2021 20:31:34 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Mon, 25 Oct 2021 20:31:34 GMT
css2
fonts.googleapis.com/ 		5 KB
699 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;700&display=swap
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f10.1e100.net
Software
ESF /
Resource Hash
d9c65db554d57f17a964bee80b4c94050e40f3a692852cf0ca2fdb9612c83273
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 25 Oct 2021 19:38:20 GMT
server
ESF
date
Mon, 25 Oct 2021 20:31:34 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Mon, 25 Oct 2021 20:31:34 GMT
continue.png
content.lowermybills.com/lre/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.lowermybills.com/lre/continue.png
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.232 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-232.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9b899e50c2015a1c2e3c6b10138755b33f249afcb60b340cbde60c89785d7e18

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:31:34 GMT
cache-control
private, no-transform, max-age=1383442
last-modified
Tue, 14 Sep 2021 20:47:11 GMT
content-type
image/webp
etag
"d028d77ea5b3745697cc424d3f465bc9"
content-length
4932
expires
Wed, 10 Nov 2021 20:48:56 GMT
main.e12635025c9fb5cfff6b.js
static-lre.lowermybills.com/ 		122 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-lre.lowermybills.com/main.e12635025c9fb5cfff6b.js
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.232 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-232.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d2f7a02c2194d538a9c82cf7c44ebb4baa5e5643bcb535ad88c3869779faa6f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
stpP5gCopyqn5KQsYDXDGrmcAST6Yq3W
content-encoding
br
last-modified
Fri, 22 Oct 2021 23:37:25 GMT
x-amz-cf-pop
ATL56-C3
etag
"e29e8990862f8fb9eee65e482694bf0f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2343929
date
Mon, 25 Oct 2021 20:31:34 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
24740
x-amz-cf-id
3VP58VAWzO5QfJ_ruG6KyJkykOcycqxXBwaiFQMn6ysg2ZevLOAZZQ==
manifest.7c87aba7f3ef7da22937.js
static-lre.lowermybills.com/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-lre.lowermybills.com/manifest.7c87aba7f3ef7da22937.js
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.232 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-232.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b2a80cfc9dff72482f2d291da5f9f4524621b12ed20159b07ea7379329ce0169

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
3TELm6YFfP_yisUarAtwT0WqHReMJhnW
content-encoding
br
last-modified
Fri, 22 Oct 2021 23:33:39 GMT
x-amz-cf-pop
SEA19-C1
etag
"08827b954aeef269cd3a652eee38c960"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2343656
date
Mon, 25 Oct 2021 20:31:34 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
4194
x-amz-cf-id
Z17CrMU1azXfB6dJQc6cjakuvdlMh_Wg8sth9sOY1BD8diheSiggJg==
vendor.022a7bf0aee7569059b4.js
static-lre.lowermybills.com/ 		333 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-lre.lowermybills.com/vendor.022a7bf0aee7569059b4.js
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.232 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-232.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
655145296c4f196f46dcdca8d90fa529af07d249242722119c30d90be8b77612

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
ACS1YI43AKmP3Sq47GugkxBslPNqHKe9
content-encoding
br
last-modified
Thu, 07 Oct 2021 12:36:16 GMT
x-amz-cf-pop
SFO5-C3
etag
"c9cafa0bd6dfb95727fcf555f843a69c"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
cache-control
max-age=1008245
date
Mon, 25 Oct 2021 20:31:34 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
92178
x-amz-cf-id
e_vBps1tLYSIVju-PHjdySNjL3LV_oHhss5GZ2MZindfiMp0mXNdRw==
datadog-rum-v3.js
www.datadoghq-browser-agent.com/ 		112 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.79.159 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-79-159.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7202824f39f82ba4c8f5cd454cc3e68e2b33112667e759b81aec57b374c42dfe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:30:39 GMT
content-encoding
br
last-modified
Mon, 18 Oct 2021 12:17:42 GMT
server
AmazonS3
age
55
etag
W/"0e1bb4ae12d194c53e58fde424cc8cb5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
cache-control
max-age=14400, s-maxage=60
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
24-gmWXZGf9p_TeeZwXm81GUisz4OypiH_1ZDjSC7WI7D_mWReoiYw==
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://refinance.lowermybills.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 13:18:36 GMT
x-content-type-options
nosniff
age
457978
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19844
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:10 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 20 Oct 2022 13:18:36 GMT
Cookie set store-info-redis
refinance.lowermybills.com/ 		2 B
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://refinance.lowermybills.com/store-info-redis
Requested by
Host: static-lre.lowermybills.com
URL: https://static-lre.lowermybills.com/vendor.022a7bf0aee7569059b4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.164.48.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-164-48-254.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Origin
https://refinance.lowermybills.com
Accept-Encoding
gzip, deflate, br
Accept-Language
de-DE,de;q=0.9
Sec-Fetch-Dest
empty
Cookie
visitorId=9aeb49ea-3538-4a8c-9de6-e9b04f4989f9; sourceId=lmb-53705-112246; connect.sid=s%3A8l6rPotq_qqTTLjjksxuYzUA6UfXI0pe.G1W9AmlqFiUa901xSwFxhc%2BcQ%2BhxtMax82VYUxH9YLo; BIGipServerpl.prod-lrelpwapp-lnd=!KSCkB3NCFu6uuIxRHhj5eaSY0gTQ+AOcuDWjcBZeZvP84bpF9/VNN2wFIp4PZ8P67BwbBd1dw9lXFJA=; TS014fdca0=012d8c2fc353e368e6d05801063787db0b2339bf42156ef51e54e0d02e0259ffb1feeee70de79f54d478b65432dfe89fd0a44f2b12; DAPROPS="sjs.webGlRenderer:Intel Iris OpenGL Engine|bjs.accessDom:1|bcookieSupport:1|bcss.animations:1|bcss.columns:1|bcss.transforms:1|bcss.transitions:1|sdevicePixelRatio:1|idisplayColorDepth:24|bflashCapable:0|bhtml.audio:1|bhtml.canvas:1|bhtml.inlinesvg:1|bhtml.svg:1|bhtml.video:1|bjs.applicationCache:0|bjs.deviceMotion:1|bjs.deviceOrientation:0|bjs.geoLocation:1|bjs.indexedDB:1|bjs.json:1|bjs.localStorage:1|bjs.modifyCss:1|bjs.modifyDom:1|bjs.querySelector:1|bjs.sessionStorage:1|bjs.supportBasicJavaScript:1|bjs.supportConsoleLog:1|bjs.supportEventListener:1|bjs.supportEvents:1|bjs.touchEvents:0|bjs.webGl:1|bjs.webSockets:1|bjs.webSqlDatabase:0|bjs.webWorkers:1|bjs.xhr:1|buserMedia:1|bjs.battery:0"
Connection
keep-alive
Content-Length
2
Pragma
no-cache
Host
refinance.lowermybills.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json;charset=UTF-8
Accept
application/json, text/plain, */*
Cache-Control
no-cache
Referer
https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
Sec-Fetch-Site
same-origin
Accept
application/json, text/plain, */*
Referer
https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Date
Mon, 25 Oct 2021 20:31:34 GMT
Referrer-Policy
same-origin
X-DNS-Prefetch-Control
off
ETag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
P3P
CP="NON DSP COR LAW CONi TELi OUR SAM IND CNT"
Set-Cookie
connect.sid=s%3A8l6rPotq_qqTTLjjksxuYzUA6UfXI0pe.G1W9AmlqFiUa901xSwFxhc%2BcQ%2BhxtMax82VYUxH9YLo; Path=/; Expires=Mon, 01 Nov 2021 20:31:34 GMT; HttpOnly TS014fdca0=012d8c2fc353e368e6d05801063787db0b2339bf42156ef51e54e0d02e0259ffb1feeee70de79f54d478b65432dfe89fd0a44f2b12; Path=/
X-XSS-Protection
1; mode=block
Cache-Control
no-store
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
application/json; charset=utf-8
Content-Length
2
X-Content-Type-Options
nosniff
visitor
refinance.lowermybills.com/ 		191 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://refinance.lowermybills.com/visitor
Requested by
Host: static-lre.lowermybills.com
URL: https://static-lre.lowermybills.com/vendor.022a7bf0aee7569059b4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.164.48.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-164-48-254.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
88e09a080d10edd61b81cb065800e79a526358e6f2beca67a80412ef5eaf071f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Origin
https://refinance.lowermybills.com
Accept-Encoding
gzip, deflate, br
Accept-Language
de-DE,de;q=0.9
Sec-Fetch-Dest
empty
Cookie
visitorId=9aeb49ea-3538-4a8c-9de6-e9b04f4989f9; sourceId=lmb-53705-112246; connect.sid=s%3A8l6rPotq_qqTTLjjksxuYzUA6UfXI0pe.G1W9AmlqFiUa901xSwFxhc%2BcQ%2BhxtMax82VYUxH9YLo; BIGipServerpl.prod-lrelpwapp-lnd=!KSCkB3NCFu6uuIxRHhj5eaSY0gTQ+AOcuDWjcBZeZvP84bpF9/VNN2wFIp4PZ8P67BwbBd1dw9lXFJA=; TS014fdca0=012d8c2fc353e368e6d05801063787db0b2339bf42156ef51e54e0d02e0259ffb1feeee70de79f54d478b65432dfe89fd0a44f2b12; DAPROPS="sjs.webGlRenderer:Intel Iris OpenGL Engine|bjs.accessDom:1|bcookieSupport:1|bcss.animations:1|bcss.columns:1|bcss.transforms:1|bcss.transitions:1|sdevicePixelRatio:1|idisplayColorDepth:24|bflashCapable:0|bhtml.audio:1|bhtml.canvas:1|bhtml.inlinesvg:1|bhtml.svg:1|bhtml.video:1|bjs.applicationCache:0|bjs.deviceMotion:1|bjs.deviceOrientation:0|bjs.geoLocation:1|bjs.indexedDB:1|bjs.json:1|bjs.localStorage:1|bjs.modifyCss:1|bjs.modifyDom:1|bjs.querySelector:1|bjs.sessionStorage:1|bjs.supportBasicJavaScript:1|bjs.supportConsoleLog:1|bjs.supportEventListener:1|bjs.supportEvents:1|bjs.touchEvents:0|bjs.webGl:1|bjs.webSockets:1|bjs.webSqlDatabase:0|bjs.webWorkers:1|bjs.xhr:1|buserMedia:1|bjs.battery:0"
Connection
keep-alive
Content-Length
1198
Pragma
no-cache
Host
refinance.lowermybills.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json;charset=UTF-8
Accept
application/json, text/plain, */*
Cache-Control
no-cache
Referer
https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
Sec-Fetch-Site
same-origin
Accept
application/json, text/plain, */*
Referer
https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Date
Mon, 25 Oct 2021 20:31:34 GMT
Referrer-Policy
same-origin
X-DNS-Prefetch-Control
off
ETag
W/"bf-3c6p1oOUcVTZjmEsb6JDeGOlm+A"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
P3P
CP="NON DSP COR LAW CONi TELi OUR SAM IND CNT"
X-XSS-Protection
1; mode=block
Cache-Control
no-store
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
application/json; charset=utf-8
Content-Length
191
X-Content-Type-Options
nosniff
deviceAtlasLmb.min.js
cdn.lowermybills.com/lending-images/presentations/common/navapi/ Frame E51E 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.lowermybills.com/lending-images/presentations/common/navapi/deviceAtlasLmb.min.js
Requested by
Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-ca687c5134383c510e1c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.232 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-232.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0cff5de0a6dddcb01b664acb7cce79cd85b5a941e7e8f74423c8024e60704005
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.lowermybills.com app.optimizely.com analytics.google.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="NON DSP COR LAW CONi TELi OUR SAM IND CNT"
content-length
2867
x-xss-protection
1; mode=block
last-modified
Fri, 21 May 2021 02:42:28 GMT
x-frame-options
SAMEORIGIN
date
Mon, 25 Oct 2021 20:31:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=15552000
etag
"fed6c65f5b084671-20fc-5c2ce02c32fd8"
content-security-policy
frame-ancestors 'self' *.lowermybills.com app.optimizely.com analytics.google.com
accept-ranges
bytes
expires
Sat, 23 Apr 2022 20:31:34 GMT
js
www.googletagmanager.com/gtag/ 		132 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-849970183
Requested by
Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-ca687c5134383c510e1c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.136 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
9f36a055fc21c4e9ecc2f2e173d7bb413b3eb335d4952e11b0eea5f8fd775487
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:31:34 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
50437
x-xss-protection
0
last-modified
Mon, 25 Oct 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 25 Oct 2021 20:31:34 GMT
js
www.googletagmanager.com/gtag/ 		132 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-755089552
Requested by
Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-ca687c5134383c510e1c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.136 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
387f3766d2fc6766de3cf6bfa2e12fbb77feb52a02dad93e4df2db7c360080df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:31:34 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
50382
x-xss-protection
0
last-modified
Mon, 25 Oct 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 25 Oct 2021 20:31:34 GMT
js
www.googletagmanager.com/gtag/ 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-72055405-1
Requested by
Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-ca687c5134383c510e1c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.136 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ba759cda5ce091039d6dba3aeaffeafa9f3346519a230c1f3246791e5dfa4bec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:31:34 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35773
x-xss-protection
0
last-modified
Mon, 25 Oct 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 25 Oct 2021 20:31:34 GMT
js
www.googletagmanager.com/gtag/ 		132 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1066568174
Requested by
Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-ca687c5134383c510e1c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.136 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
5e5028bf8a9bd712920649dc8facef5899a162a2a28177bf7e916e4719c15ce5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:31:34 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
50460
x-xss-protection
0
last-modified
Mon, 25 Oct 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 25 Oct 2021 20:31:34 GMT
analytics
ads.revjet.com/ Frame E51E 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.revjet.com/analytics?acu=3370
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/01439e9df401e2e/alinkasa.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
95.217.106.21 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.21.106.217.95.clients.your-server.de
Software
nginx /
Resource Hash
2d84cdbfaf9b2bc0ba30bc5f67e45d03b265b52c3cfe24353e09175b1fb0fdfb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:31:34 GMT
content-encoding
gzip
last-modified
Wed, 20 Oct 2021 19:41:00 GMT
server
nginx
etag
W/"617070cc-4c14"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
expires
Mon, 25 Oct 2021 20:41:34 GMT
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-882032010
Requested by
Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-ca687c5134383c510e1c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.136 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
d62fc11a6230a64558bb85803876d21fe3192d2f7e347856879d0ef57ce5a6ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:31:34 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
39192
x-xss-protection
0
last-modified
Mon, 25 Oct 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 25 Oct 2021 20:31:34 GMT
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-934858762
Requested by
Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-ca687c5134383c510e1c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.136 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
cec0eb8c1baba61bb7dee6ebe19f916fc382ce92623ffe597d825f4f6d5570f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:31:34 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
39199
x-xss-protection
0
last-modified
Mon, 25 Oct 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 25 Oct 2021 20:31:34 GMT
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-950054130
Requested by
Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-ca687c5134383c510e1c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.136 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
4f63020fd7d71a0016944275892c73da57a708fe51511d51eba00df594c1443b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:31:34 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
39194
x-xss-protection
0
last-modified
Mon, 25 Oct 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 25 Oct 2021 20:31:34 GMT
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-966730890
Requested by
Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-ca687c5134383c510e1c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.136 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
1df0f2cf89eb44a31b7f24408d34a40dc2ea82c0ccfc583277a877beab10db11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:31:34 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
39195
x-xss-protection
0
last-modified
Mon, 25 Oct 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 25 Oct 2021 20:31:34 GMT
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-735544455
Requested by
Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-ca687c5134383c510e1c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.136 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
d9610fadce2a8993234add945441149d1da71a0bb4a2f5bbde16a55c47c874ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:31:34 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
39197
x-xss-protection
0
last-modified
Mon, 25 Oct 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 25 Oct 2021 20:31:34 GMT
bat.js
bat.bing.com/ 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/01439e9df401e2e/alinkasa.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d891455e32c9a425e36e190047b1f58abeb7e3709eff687134ddea7ac9cfdd3b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:31:34 GMT
content-encoding
gzip
last-modified
Wed, 06 Oct 2021 19:11:47 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 599CDDC9845B492589CF510B651ED731 Ref B: PRG01EDGE1007 Ref C: 2021-10-25T20:31:34Z
etag
"805b72e6bad71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
10001
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-874461485
Requested by
Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-ca687c5134383c510e1c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.136 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
939bee1d5dbb9bf486ec62083f1e7e97b22041c4781c73690ddc790f6b10d531
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:31:34 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
39199
x-xss-protection
0
last-modified
Mon, 25 Oct 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 25 Oct 2021 20:31:34 GMT
js
www.googletagmanager.com/gtag/ 		87 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-852807
Requested by
Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-ca687c5134383c510e1c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.136 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
142e5960a9ce0a343a3e6daf94476cee65e4fb9259f1e2da668efe3e6dec5f81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:31:34 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35654
x-xss-protection
0
last-modified
Mon, 25 Oct 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 25 Oct 2021 20:31:34 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1007280/ Frame E51E 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1007280/tfa.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/01439e9df401e2e/alinkasa.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
abaa56c87ad50bd81c7a1aa002149fb1d552938440426660d29eef4b421ccc13

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
1yf5v7IbQqPYthmmNseTQCGtWLF1Q47h
content-encoding
gzip
etag
"43c3e2dfd2a3ad006b33d518e7792f3a"
age
0
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
24754
x-amz-id-2
2AdrvJFZDG2koriNCT42mB2UK8lGiKVyD/vlBqU42och7HXi1teb4AVUDbsFNIoJK1VJkE+VEwE=
x-served-by
cache-hhn4042-HHN
last-modified
Mon, 09 Aug 2021 10:26:05 GMT
server
AmazonS3
x-timer
S1635193895.811840,VS0,VE108
date
Mon, 25 Oct 2021 20:31:34 GMT
vary
Accept-Encoding
x-amz-request-id
58MG9Z55F46JF933
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
0
x-cache-hits
1
uwt.js
static.ads-twitter.com/ Frame E51E 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/01439e9df401e2e/alinkasa.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:31:34 GMT
content-encoding
gzip
last-modified
Mon, 20 Sep 2021 23:58:10 GMT
etag
"8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-geo-cc_and_ra
DE-ST
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
5410
x-served-by
cache-iad-kiad7000060-IAD, cache-fra19140-FRA
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-968462554
Requested by
Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-ca687c5134383c510e1c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.136 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
4b1b21b0ab4690640b83bdfc913cc58e39095fd558c90f91457044e6a3c5a418
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:31:34 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
39239
x-xss-protection
0
last-modified
Mon, 25 Oct 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 25 Oct 2021 20:31:34 GMT
conversion.js
www.googleadservices.com/pagead/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: cdn-refinance.lowermybills.com
URL: https://cdn-refinance.lowermybills.com/pixel-ca687c5134383c510e1c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
72e6e98b1391dd750f3b44019ac52c993b93bb0fed404b5149ae5a8af9660d59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:31:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17678
x-xss-protection
0
server
cafe
etag
12763723626733652640
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 25 Oct 2021 20:31:34 GMT
activityi;dc_pre=CLeQ-_mz5vMCFYVEHQkd7JAMuA;src=852807;type=lrepa937;cat=lrere295;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D...
852807.fls.doubleclick.net/ Frame E51E
Redirect Chain
  • https://852807.fls.doubleclick.net/activityi;src=852807;type=lrepa937;cat=lrere295;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7...
  • https://852807.fls.doubleclick.net/activityi;dc_pre=CLeQ-_mz5vMCFYVEHQkd7JAMuA;src=852807;type=lrepa937;cat=lrere295;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;g...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://852807.fls.doubleclick.net/activityi;dc_pre=CLeQ-_mz5vMCFYVEHQkd7JAMuA;src=852807;type=lrepa937;cat=lrere295;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

date
Mon, 25 Oct 2021 20:31:34 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
location
https://852807.fls.doubleclick.net/activityi;dc_pre=CLeQ-_mz5vMCFYVEHQkd7JAMuA;src=852807;type=lrepa937;cat=lrere295;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsct
analytics.twitter.com/i/ Frame E51E 		43 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?txn_id=l5ksy&p_id=Twitter
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:31:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
107
pragma
no-cache
last-modified
Mon, 25 Oct 2021 20:31:34 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
0bf26444738c7d23da62cd9454eeaa78442ab989c278e6dc5b77176ea56bf923
x-transaction
4d644adebd61f82e
expires
Tue, 31 Mar 1981 05:00:00 GMT
/
www.google.com/pagead/1p-user-list/973523572/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/973523572/?value=0&label=l0DICKT_tQcQ9JSb0AM&guid=ON&script=0
  • https://www.google.com/pagead/1p-user-list/973523572/?value=0&label=l0DICKT_tQcQ9JSb0AM&guid=ON&script=0&is_vtc=1&random=3141183519
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/973523572/?value=0&label=l0DICKT_tQcQ9JSb0AM&guid=ON&script=0&is_vtc=1&random=3141183519
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Oct 2021 20:31:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Oct 2021 20:31:34 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
location
https://www.google.com/pagead/1p-user-list/973523572/?value=0&label=l0DICKT_tQcQ9JSb0AM&guid=ON&script=0&is_vtc=1&random=3141183519
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activityi;dc_pre=CMOR-_mz5vMCFQBEHQkdjAcC7w;src=852807;type=lrepa937;cat=lrere295;ord=9aeb49ea-3538-4a8c-9de6-e9b04f4989f9
852807.fls.doubleclick.net/ Frame E51E
Redirect Chain
  • https://852807.fls.doubleclick.net/activityi;src=852807;type=lrepa937;cat=lrere295;ord=9aeb49ea-3538-4a8c-9de6-e9b04f4989f9?
  • https://852807.fls.doubleclick.net/activityi;dc_pre=CMOR-_mz5vMCFQBEHQkdjAcC7w;src=852807;type=lrepa937;cat=lrere295;ord=9aeb49ea-3538-4a8c-9de6-e9b04f4989f9?
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://852807.fls.doubleclick.net/activityi;dc_pre=CMOR-_mz5vMCFQBEHQkdjAcC7w;src=852807;type=lrepa937;cat=lrere295;ord=9aeb49ea-3538-4a8c-9de6-e9b04f4989f9?
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

date
Mon, 25 Oct 2021 20:31:34 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
location
https://852807.fls.doubleclick.net/activityi;dc_pre=CMOR-_mz5vMCFQBEHQkdjAcC7w;src=852807;type=lrepa937;cat=lrere295;ord=9aeb49ea-3538-4a8c-9de6-e9b04f4989f9?
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1066568174/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1066568174/?value=1.00&currency_code=USD&label=raBACLrR_VoQ7pPK_AM&guid=ON&script=0
  • https://www.google.com/pagead/1p-user-list/1066568174/?value=1.00&currency_code=USD&label=raBACLrR_VoQ7pPK_AM&guid=ON&script=0&is_vtc=1&random=2695954411
42 B
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1066568174/?value=1.00&currency_code=USD&label=raBACLrR_VoQ7pPK_AM&guid=ON&script=0&is_vtc=1&random=2695954411
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Oct 2021 20:31:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Oct 2021 20:31:34 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
location
https://www.google.com/pagead/1p-user-list/1066568174/?value=1.00&currency_code=USD&label=raBACLrR_VoQ7pPK_AM&guid=ON&script=0&is_vtc=1&random=2695954411
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
src=4818226;dc_pre=CMLc_Pmz5vMCFV1CkQUdnb0HbA;type=invmedia;cat=esvbxzky;ord=1
adservice.google.com/ddm/fls/z/ Frame E51E
Redirect Chain
  • https://ad.doubleclick.net/ddm/activity/src=4818226;type=invmedia;cat=esvbxzky;ord=1?
  • https://ad.doubleclick.net/ddm/activity/src=4818226;dc_pre=CMLc_Pmz5vMCFV1CkQUdnb0HbA;type=invmedia;cat=esvbxzky;ord=1?
  • https://adservice.google.com/ddm/fls/z/src=4818226;dc_pre=CMLc_Pmz5vMCFV1CkQUdnb0HbA;type=invmedia;cat=esvbxzky;ord=1
42 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/src=4818226;dc_pre=CMLc_Pmz5vMCFV1CkQUdnb0HbA;type=invmedia;cat=esvbxzky;ord=1
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Oct 2021 20:31:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Oct 2021 20:31:35 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://adservice.google.com/ddm/fls/z/src=4818226;dc_pre=CMLc_Pmz5vMCFV1CkQUdnb0HbA;type=invmedia;cat=esvbxzky;ord=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
spp.pl
sp.analytics.yahoo.com/ Frame E51E 		43 B
964 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10070325&ec=LRELP
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 25 Oct 2021 20:31:34 GMT
X-Content-Type-Options
nosniff
Age
0
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Server
ATS
X-Frame-Options
DENY
Expect-CT
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Cache-Control
no-cache, private, must-revalidate
Accept-Ranges
bytes
Expires
Mon, 25 Oct 2021 20:31:34 GMT
8b99922b-063d-4dfd-8c83-7e0e08a4e42a
https://refinance.lowermybills.com/ 		25 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://refinance.lowermybills.com/8b99922b-063d-4dfd-8c83-7e0e08a4e42a
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a0f183e6a929b72ff7756f11df64e56ea8941d4a7a9d6b6aa5339e0d6845dc0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length
26035
conversion_async.js
www.googleadservices.com/pagead/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-755089552
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
0b52dc3851559db81b5517ed0d7f0ae732f1f758f09834c62d09c02189ca2155
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:31:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14435
x-xss-protection
0
server
cafe
etag
3499052782129861849
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 25 Oct 2021 20:31:34 GMT
pd2120
pix.revjet.com/track/ Frame E51E 		46 B
424 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pix.revjet.com/track/pd2120?__noscript=false&__cbf=revjet.callbacks.cb1635193894747&location=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&referrer=https%3A%2F%2Fnameluxuries.com%2F&creditProfile=&firstMortgageBalance=&firstMortgageInterestRate=&hasFHALoan=&homeValue=&loanToValue=&propertyCity=&propertyDescription=&propertyState=&propertyZipCode=&rateType=&typeOfLoan=&loanRefiPurpose=
Requested by
Host: ads.revjet.com
URL: https://ads.revjet.com/analytics?acu=3370
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.9.20.98 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.98.20.9.5.clients.your-server.de
Software
/
Resource Hash
edb855f9e67a8f23f6f615a7e793b0480c59f7ea76c1c4827d4c6cdab302f292

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 25 Oct 2021 20:31:34 GMT
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length
46
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-72055405-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f142.1e100.net
Software
Golfe2 /
Resource Hash
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Oct 2021 16:47:48 GMT
server
Golfe2
age
1829
date
Mon, 25 Oct 2021 20:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19887
expires
Mon, 25 Oct 2021 22:01:06 GMT
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-966730890&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-755089552
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.136 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
08feaee96f5b485df12a0cc0d3a2c37421614d9080d8d49d02ded97f50c37d67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:31:34 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
39204
x-xss-protection
0
last-modified
Mon, 25 Oct 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 25 Oct 2021 20:31:34 GMT
js
www.googletagmanager.com/gtag/ 		132 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-849970183&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-755089552
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.136 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e4c194d98ac39681cfa6a117dcf406e8a9cffc576fe07bd1e8060981f3defb39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:31:34 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
50444
x-xss-protection
0
last-modified
Mon, 25 Oct 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 25 Oct 2021 20:31:34 GMT
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-735544455&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-755089552
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.136 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
cfa0ad76afe7611f5a41c4cc23fab2ddd00fd29c7b319ca5d4df97b5d7a5abb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:31:34 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
39208
x-xss-protection
0
last-modified
Mon, 25 Oct 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 25 Oct 2021 20:31:34 GMT
5189243.js
bat.bing.com/p/action/ 		0
113 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5189243.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 25 Oct 2021 20:31:34 GMT
cache-control
private,max-age=1800
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 70647AD0F3EC4F928D2CBFB36D4950FC Ref B: PRG01EDGE1007 Ref C: 2021-10-25T20:31:34Z
x-powered-by
ARR/3.0
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5189243&Ver=2&mid=f7df1045-1190-4527-88d5-e94250bacf27&sid=8bdef85035d211ecb540ed431359737d&vid=8bdf345035d211ecb0ef1bd207cfd971&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Refinance%20Mortgage,%20Refinancing%20Rates,%20Mortgage%20Rates%20-%20LowerMyBills&kw=refinance,%20mortgage,%20mortgages,%20refinancing,%20mortgage%20rates,%20refinance%20mortgage,%20refinance%20rates,%20refinancing%20rates,%20refinancing%20home,%20home%20loan,%20home%20loans,%20equity%20loans,%20home%20equity%20loans,%20home%20equity%20loan,%20second%20mortgage,%20home%20equity%20loan%20rates,%20credit%20card%20consolidation,%20debt%20loans,%20credit%20card%20debt%20consolidation,%20bad%20credit%20loans,%20debt%20free,%20bad%20credit,%20debt%20help,%20debt%20solutions,%20money%20management,%20credit%20card%20debt,%20personal%20loan,%20bad%20credit%20mortgage,%20mortgage%20calculator&p=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&r=https%3A%2F%2Fnameluxuries.com%2F&lt=3546&evt=pageLoad&msclkid=N&sv=1&rn=785105
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Oct 2021 20:31:34 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B5C5FA9BC99D4CF3BB27004B39B41105 Ref B: PRG01EDGE1007 Ref C: 2021-10-25T20:31:34Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubdff5c93c0a8137997d0bc115c7949e0c
rum-http-intake.logs.datadoghq.com/v1/input/ 		2 B
94 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rum-http-intake.logs.datadoghq.com/v1/input/pubdff5c93c0a8137997d0bc115c7949e0c?ddsource=browser&ddtags=sdk_version%3A3.6.12%2Cenv%3Aprod%2Cservice%3Alre-lp-webapp%2Cversion%3A1.0.3%20d-I8603TB3D&batch_time=1635193894776
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.145.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-145-245.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 25 Oct 2021 20:31:35 GMT
content-length
2
content-type
application/json
adsct
t.co/i/ Frame E51E 		43 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nyhmx&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&event_id=4fe630d1-fe2e-4150-b8e6-ca81d9821cef&tw_document_href=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:31:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
112
pragma
no-cache
last-modified
Mon, 25 Oct 2021 20:31:35 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
405e0a3c6f6d48409c73a43ea3c275f1eee67415c3dfb1dd6a1acae777d76dc5
x-transaction
c08c4af18ce18e63
expires
Tue, 31 Mar 1981 05:00:00 GMT
track
refinance.lowermybills.com/ 		256 B
771 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://refinance.lowermybills.com/track
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.164.48.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-164-48-254.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ac40ea05dec4a849c515623b9cf79db51255953a76e801e6dbaf8ff4ede72656
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Origin
https://refinance.lowermybills.com
Accept-Encoding
gzip, deflate, br
Accept-Language
de-DE,de;q=0.9
Sec-Fetch-Dest
empty
Cookie
visitorId=9aeb49ea-3538-4a8c-9de6-e9b04f4989f9; sourceId=lmb-53705-112246; connect.sid=s%3A8l6rPotq_qqTTLjjksxuYzUA6UfXI0pe.G1W9AmlqFiUa901xSwFxhc%2BcQ%2BhxtMax82VYUxH9YLo; BIGipServerpl.prod-lrelpwapp-lnd=!KSCkB3NCFu6uuIxRHhj5eaSY0gTQ+AOcuDWjcBZeZvP84bpF9/VNN2wFIp4PZ8P67BwbBd1dw9lXFJA=; TS014fdca0=012d8c2fc353e368e6d05801063787db0b2339bf42156ef51e54e0d02e0259ffb1feeee70de79f54d478b65432dfe89fd0a44f2b12; DAPROPS="sjs.webGlRenderer:Intel Iris OpenGL Engine|bjs.accessDom:1|bcookieSupport:1|bcss.animations:1|bcss.columns:1|bcss.transforms:1|bcss.transitions:1|sdevicePixelRatio:1|idisplayColorDepth:24|bflashCapable:0|bhtml.audio:1|bhtml.canvas:1|bhtml.inlinesvg:1|bhtml.svg:1|bhtml.video:1|bjs.applicationCache:0|bjs.deviceMotion:1|bjs.deviceOrientation:0|bjs.geoLocation:1|bjs.indexedDB:1|bjs.json:1|bjs.localStorage:1|bjs.modifyCss:1|bjs.modifyDom:1|bjs.querySelector:1|bjs.sessionStorage:1|bjs.supportBasicJavaScript:1|bjs.supportConsoleLog:1|bjs.supportEventListener:1|bjs.supportEvents:1|bjs.touchEvents:0|bjs.webGl:1|bjs.webSockets:1|bjs.webSqlDatabase:0|bjs.webWorkers:1|bjs.xhr:1|buserMedia:1|bjs.battery:0"; _dd_s=rum=1&id=af41608d-159e-44c5-999b-b44eb3696d3c&created=1635193894543&expire=1635194794543; _gcl_au=1.1.2107755975.1635193895; _uetsid=8bdef85035d211ecb540ed431359737d; _uetvid=8bdf345035d211ecb0ef1bd207cfd971
Connection
keep-alive
Content-Length
377
Pragma
no-cache
Host
refinance.lowermybills.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json;charset=UTF-8
Accept
application/json, text/plain, */*
Cache-Control
no-cache
Referer
https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
Sec-Fetch-Site
same-origin
Accept
application/json, text/plain, */*
Referer
https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Date
Mon, 25 Oct 2021 20:31:35 GMT
Referrer-Policy
same-origin
X-DNS-Prefetch-Control
off
ETag
W/"100-vNXXzzkHkuPQicVixh49FZSnWO8"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
P3P
CP="NON DSP COR LAW CONi TELi OUR SAM IND CNT"
X-XSS-Protection
1; mode=block
Cache-Control
no-store
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
application/json; charset=utf-8
Content-Length
256
X-Content-Type-Options
nosniff
json
trc.taboola.com/1007280/trc/3/ Frame E51E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1007280/trc/3/json?tim=1635193895025&data=%7B%22id%22%3A42%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1635193895018%2C%22cv%22%3A%2220210809-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246%22%2C%22e%22%3A%22https%3A%2F%2Fnameluxuries.com%2F%22%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dcoredigital-sc%3Aabp%3D1%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1635193895024%2C%22ref%22%3A%22https%3A%2F%2Fnameluxuries.com%2F%22%2C%22item-url%22%3A%22https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1007280/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5b970fb18ab1c54748c3a53ab9e7e2d8bf5a1d557f38728a110c4cd7893ae77c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms
18
date
Mon, 25 Oct 2021 20:31:35 GMT
content-encoding
gzip
server
nginx
x-timer
S1635193895.251716,VS0,VE18
x-served-by
cache-hhn4042-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/950054130/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/950054130/?random=1635193895035&cv=9&fst=1635193895035&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
512baacd6cf32dc83b6ea04c18a6801cef1c39a82476b1cf38dcb879a0326a33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Oct 2021 20:31:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1087
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/849970183/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/849970183/?random=1635193895042&cv=9&fst=1635193895042&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
c8592ab3df2191a56de88b14bb4cc909a53a6020e92b7f3979f40e98c60f3b53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Oct 2021 20:31:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1092
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/849970183/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/849970183/?random=1635193895043&cv=9&fst=1635193895043&num=1&label=DKgWCPPcgqEBEIeIppUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&auid=2107755975.1635193895&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
b50302ba69880f2961a1ee870aeea0d20b551e9e5e095c3d46c2464d55a3dca7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Oct 2021 20:31:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1234
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/934858762/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/934858762/?random=1635193895053&cv=9&fst=1635193895053&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
1254c38a132383513216c19961b78a582b41cd62c8d6aa8db8de32cfa7b6733c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Oct 2021 20:31:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1093
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1066568174/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1066568174/?random=1635193895054&cv=9&fst=1635193895054&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
bbc2aa89633a96e429372f938d86ca3973de457ede8793082bfd16e0bac6f446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Oct 2021 20:31:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1092
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/882032010/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/882032010/?random=1635193895055&cv=9&fst=1635193895055&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
f42235daa8e73093d924b4cacb61873f8d28192ad9dc54973691cbdf28b5025c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Oct 2021 20:31:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1090
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/874461485/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/874461485/?random=1635193895058&cv=9&fst=1635193895058&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
f68b97fe083abc21ebd8d9ab401fef37ae6e90b7c77f0daa9881bfb03ab1b3eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Oct 2021 20:31:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1093
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/755089552/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/755089552/?random=1635193895060&cv=9&fst=1635193895060&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
57b07685881886bb6b4ae58da88a10f38db1d9d33ab1aad0407077fd427b345f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Oct 2021 20:31:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1090
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/966730890/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/966730890/?random=1635193895061&cv=9&fst=1635193895061&num=1&value=1&currency_code=USD&label=SuU3CIKMzqoBEIrJ_MwD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
1908c528dc5fbd0ed5122f02c9fabb1693a65c440858e43c9e58701374d84bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Oct 2021 20:31:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1164
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/966730890/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/966730890/?random=1635193895062&cv=9&fst=1635193895062&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
8d8da86c43cf070ea497bc465bcbfb97d2ee60c7b3d087914872c3960dd3db39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Oct 2021 20:31:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1099
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/966730890/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/966730890/?random=1635193895063&cv=9&fst=1635193895063&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
912ff634327aea654e244d74ba1a387141ba6e3f68a0d94614c6563e14d6242a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Oct 2021 20:31:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1100
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/968462554/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/968462554/?random=1635193895064&cv=9&fst=1635193895064&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&hn=www.googleadservices.com&gbcov=0&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
8dab4d0c909d5c749686407079e93dbbdddcbf09bf2018e5cc62a406c961b273
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Oct 2021 20:31:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1092
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/735544455/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/735544455/?random=1635193895066&cv=9&fst=1635193895066&num=1&label=iteKCOibgqIBEIeJ3t4C&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&auid=2107755975.1635193895&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
8003f9f74c4575c83a2b13c651f406952a3e2fc7dfeb936116eb1fc17c9c6689
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Oct 2021 20:31:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1234
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/735544455/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/735544455/?random=1635193895073&cv=9&fst=1635193895073&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
505270093df8867b73647c7258e42dc42d82f14036b7ab4c6a36f0fad80b5dbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Oct 2021 20:31:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1092
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j94&a=550584854&t=pageview&_s=1&dl=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&dr=https%3A%2F%2Fnameluxuries.com%2F&ul=en-us&de=UTF-8&dt=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1835225416&gjid=836633848&cid=1277804896.1635193895&tid=UA-72055405-1&_gid=1742725861.1635193895&_r=1&gtm=2ouak0&z=672934453
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f142.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 25 Oct 2021 20:31:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://refinance.lowermybills.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
trc.taboola.com/1390358/trc/3/ Frame E51E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1390358/trc/3/json?tim=1635193895115&data=%7B%22id%22%3A158%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1635193895018%2C%22cv%22%3A%2220210809-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246%22%2C%22e%22%3A%22https%3A%2F%2Fnameluxuries.com%2F%22%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dcoredigital-sc%3Aabp%3D1%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1635193895028%2C%22ref%22%3A%22https%3A%2F%2Fnameluxuries.com%2F%22%2C%22item-url%22%3A%22https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246%22%2C%22tos%22%3A5%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1007280/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6ca27ac7c95f9369602c9e7155bdbd0932e5f5996d6286655f8609b4f6ed952f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms
41
date
Mon, 25 Oct 2021 20:31:35 GMT
content-encoding
gzip
server
nginx
x-timer
S1635193895.328561,VS0,VE41
x-served-by
cache-hhn4042-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
/
www.google.com/pagead/1p-conversion/849970183/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/849970183/?random=631434505&cv=9&fst=1635193895043&num=1&label=DKgWCPPcgqEBEIeIppUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200...
  • https://www.google.com/pagead/1p-conversion/849970183/?random=631434505&cv=9&fst=1635193895043&num=1&label=DKgWCPPcgqEBEIeIppUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-conversion/849970183/?random=631434505&cv=9&fst=1635193895043&num=1&label=DKgWCPPcgqEBEIeIppUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&auid=2107755975.1635193895&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=JxR3Yf7WEtmQgAeS577wBg&cid=CAQSKQCNIrLMrV_PWlIddm6w3_sAAgIXBRXz8c18GUazWl59knrHcrHTRCa2&random=3875949639&resp=GooglemKTybQhCsO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Oct 2021 20:31:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Oct 2021 20:31:35 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
location
https://www.google.com/pagead/1p-conversion/849970183/?random=631434505&cv=9&fst=1635193895043&num=1&label=DKgWCPPcgqEBEIeIppUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&auid=2107755975.1635193895&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=JxR3Yf7WEtmQgAeS577wBg&cid=CAQSKQCNIrLMrV_PWlIddm6w3_sAAgIXBRXz8c18GUazWl59knrHcrHTRCa2&random=3875949639&resp=GooglemKTybQhCsO
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-conversion/735544455/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/735544455/?random=849029805&cv=9&fst=1635193895066&num=1&label=iteKCOibgqIBEIeJ3t4C&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200...
  • https://www.google.com/pagead/1p-conversion/735544455/?random=849029805&cv=9&fst=1635193895066&num=1&label=iteKCOibgqIBEIeJ3t4C&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-conversion/735544455/?random=849029805&cv=9&fst=1635193895066&num=1&label=iteKCOibgqIBEIeJ3t4C&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&auid=2107755975.1635193895&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=JxR3YZ7YEsmp7gPUr4LgCQ&cid=CAQSKQCNIrLMqAeHS4YmKhFDHfSZUsG4lKb-tpW_LrMUIGCR8TFfLVp8gpMJ&random=3744190372&resp=GooglemKTybQhCsO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Oct 2021 20:31:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Oct 2021 20:31:35 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
location
https://www.google.com/pagead/1p-conversion/735544455/?random=849029805&cv=9&fst=1635193895066&num=1&label=iteKCOibgqIBEIeJ3t4C&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&auid=2107755975.1635193895&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=JxR3YZ7YEsmp7gPUr4LgCQ&cid=CAQSKQCNIrLMqAeHS4YmKhFDHfSZUsG4lKb-tpW_LrMUIGCR8TFfLVp8gpMJ&random=3744190372&resp=GooglemKTybQhCsO
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-72055405-1&cid=1277804896.1635193895&jid=1835225416&gjid=836633848&_gid=1742725861.1635193895&_u=YEBAAUAAAAAAAC~&z=233577123
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 25 Oct 2021 20:31:35 GMT
content-type
text/plain
access-control-allow-origin
https://refinance.lowermybills.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
cds-pips.js
cdn.taboola.com/scripts/ Frame E51E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1007280/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding
gzip
etag
"3aa74dbf5cd656dbb65deda2d238ddbd"
age
182
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
911
x-amz-id-2
qLA+ntpX0xsn1M4H/vpvkV0o8w6UGkVVXckTk0W0F2Kr9YHvQvZKGJImLauo/YXexJMT5LeMdnk=
x-served-by
cache-hhn4042-HHN
last-modified
Wed, 14 Jul 2021 05:06:01 GMT
server
AmazonS3
x-timer
S1635193895.378827,VS0,VE0
date
Mon, 25 Oct 2021 20:31:35 GMT
vary
Accept-Encoding
x-amz-request-id
4KMJJDXMWM2DB40W
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
0
x-cache-hits
328
pubdff5c93c0a8137997d0bc115c7949e0c
rum-http-intake.logs.datadoghq.com/v1/input/ 		2 B
93 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rum-http-intake.logs.datadoghq.com/v1/input/pubdff5c93c0a8137997d0bc115c7949e0c?ddsource=browser&ddtags=sdk_version%3A3.6.12%2Cenv%3Aprod%2Cservice%3Alre-lp-webapp%2Cversion%3A1.0.3%20d-I8603TB3D&batch_time=1635193895373
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.145.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-145-245.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 25 Oct 2021 20:31:35 GMT
content-length
2
content-type
application/json
/
www.google.com/pagead/1p-user-list/950054130/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/950054130/?random=1635193895035&cv=9&fst=1635192000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=2152137489&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Oct 2021 20:31:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/849970183/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/849970183/?random=1635193895042&cv=9&fst=1635192000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=662787307&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Oct 2021 20:31:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/882032010/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/882032010/?random=1635193895055&cv=9&fst=1635192000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=259700734&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Oct 2021 20:31:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/755089552/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/755089552/?random=1635193895060&cv=9&fst=1635192000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=915077498&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Oct 2021 20:31:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1066568174/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1066568174/?random=1635193895054&cv=9&fst=1635192000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=1265175535&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Oct 2021 20:31:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/874461485/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/874461485/?random=1635193895058&cv=9&fst=1635192000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=3695516788&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Oct 2021 20:31:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/968462554/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/968462554/?random=1635193895064&cv=9&fst=1635192000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=4014630968&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Oct 2021 20:31:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/735544455/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/735544455/?random=1635193895073&cv=9&fst=1635192000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=828849388&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Oct 2021 20:31:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/934858762/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/934858762/?random=1635193895053&cv=9&fst=1635192000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=3049632598&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Oct 2021 20:31:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/966730890/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/966730890/?random=1635193895063&cv=9&fst=1635192000000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=3658387254&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Oct 2021 20:31:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/966730890/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/966730890/?random=1635193895061&cv=9&fst=1635192000000&num=1&value=1&currency_code=USD&label=SuU3CIKMzqoBEIrJ_MwD&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=3878824957&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Oct 2021 20:31:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/966730890/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/966730890/?random=1635193895062&cv=9&fst=1635192000000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246&ref=https%3A%2F%2Fnameluxuries.com%2F&tiba=Refinance%20Mortgage%2C%20Refinancing%20Rates%2C%20Mortgage%20Rates%20-%20LowerMyBills&async=1&fmt=3&is_vtc=1&random=2225399326&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Oct 2021 20:31:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubdff5c93c0a8137997d0bc115c7949e0c
rum-http-intake.logs.datadoghq.com/v1/input/ 		2 B
93 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rum-http-intake.logs.datadoghq.com/v1/input/pubdff5c93c0a8137997d0bc115c7949e0c?ddsource=browser&ddtags=sdk_version%3A3.6.12%2Cenv%3Aprod%2Cservice%3Alre-lp-webapp%2Cversion%3A1.0.3%20d-I8603TB3D&batch_time=1635193895419
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.145.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-145-245.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 25 Oct 2021 20:31:35 GMT
content-length
2
content-type
application/json
pubdff5c93c0a8137997d0bc115c7949e0c
rum-http-intake.logs.datadoghq.com/v1/input/ 		2 B
93 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rum-http-intake.logs.datadoghq.com/v1/input/pubdff5c93c0a8137997d0bc115c7949e0c?ddsource=browser&ddtags=sdk_version%3A3.6.12%2Cenv%3Aprod%2Cservice%3Alre-lp-webapp%2Cversion%3A1.0.3%20d-I8603TB3D&batch_time=1635193895427
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.145.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-145-245.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 25 Oct 2021 20:31:35 GMT
content-length
2
content-type
application/json
unip
trc-events.taboola.com/1007280/log/3/ Frame E51E 		0
255 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1007280/log/3/unip?en=pre_d_eng_tb&tos=1557&scd=0&ssd=1&est=1635193895021&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1635193896580&vi=1635193895018&ri=906c260dde13f86337f9c522a06c0c3b&ui=7e134732-3e1d-42da-a1e6-1c36dc377ac0-tuct87099a7&ref=https%3A%2F%2Fnameluxuries.com%2F&cv=20210809-3-RELEASE&item-url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1007280/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
https://refinance.lowermybills.com
pragma
no-cache
date
Mon, 25 Oct 2021 20:31:36 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1390358/log/3/ Frame E51E 		0
254 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1390358/log/3/unip?en=pre_d_eng_tb&tos=1558&scd=0&ssd=1&est=1635193895021&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1635193896581&vi=1635193895018&ri=023349a90877c0fed83ebc4d06744bc2&sd=v2_514a20c20e1648220d8ae8437db00fdc_7e134732-3e1d-42da-a1e6-1c36dc377ac0-tuct87099a7_1635193895_1635193895_CNCP0B4Qlu5UGOrwmsnLLyABKAEwODib4wlAjYoQSJSy2QNQp-wQWABgAGjr5LqW88T3vnFwAA&ui=7e134732-3e1d-42da-a1e6-1c36dc377ac0-tuct87099a7&ref=https%3A%2F%2Fnameluxuries.com%2F&cv=20210809-3-RELEASE&item-url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1007280/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
https://refinance.lowermybills.com
pragma
no-cache
date
Mon, 25 Oct 2021 20:31:36 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
track
refinance.lowermybills.com/ 		257 B
772 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://refinance.lowermybills.com/track
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.164.48.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-164-48-254.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Origin
https://refinance.lowermybills.com
Accept-Encoding
gzip, deflate, br
Accept-Language
de-DE,de;q=0.9
Sec-Fetch-Dest
empty
Cookie
visitorId=9aeb49ea-3538-4a8c-9de6-e9b04f4989f9; sourceId=lmb-53705-112246; connect.sid=s%3A8l6rPotq_qqTTLjjksxuYzUA6UfXI0pe.G1W9AmlqFiUa901xSwFxhc%2BcQ%2BhxtMax82VYUxH9YLo; BIGipServerpl.prod-lrelpwapp-lnd=!KSCkB3NCFu6uuIxRHhj5eaSY0gTQ+AOcuDWjcBZeZvP84bpF9/VNN2wFIp4PZ8P67BwbBd1dw9lXFJA=; TS014fdca0=012d8c2fc353e368e6d05801063787db0b2339bf42156ef51e54e0d02e0259ffb1feeee70de79f54d478b65432dfe89fd0a44f2b12; DAPROPS="sjs.webGlRenderer:Intel Iris OpenGL Engine|bjs.accessDom:1|bcookieSupport:1|bcss.animations:1|bcss.columns:1|bcss.transforms:1|bcss.transitions:1|sdevicePixelRatio:1|idisplayColorDepth:24|bflashCapable:0|bhtml.audio:1|bhtml.canvas:1|bhtml.inlinesvg:1|bhtml.svg:1|bhtml.video:1|bjs.applicationCache:0|bjs.deviceMotion:1|bjs.deviceOrientation:0|bjs.geoLocation:1|bjs.indexedDB:1|bjs.json:1|bjs.localStorage:1|bjs.modifyCss:1|bjs.modifyDom:1|bjs.querySelector:1|bjs.sessionStorage:1|bjs.supportBasicJavaScript:1|bjs.supportConsoleLog:1|bjs.supportEventListener:1|bjs.supportEvents:1|bjs.touchEvents:0|bjs.webGl:1|bjs.webSockets:1|bjs.webSqlDatabase:0|bjs.webWorkers:1|bjs.xhr:1|buserMedia:1|bjs.battery:0"; _dd_s=rum=1&id=af41608d-159e-44c5-999b-b44eb3696d3c&created=1635193894543&expire=1635194794543; _gcl_au=1.1.2107755975.1635193895; _uetsid=8bdef85035d211ecb540ed431359737d; _uetvid=8bdf345035d211ecb0ef1bd207cfd971; _ga=GA1.2.1277804896.1635193895; _gid=GA1.2.1742725861.1635193895; _gat_gtag_UA_72055405_1=1
Connection
keep-alive
Content-Length
379
Pragma
no-cache
Host
refinance.lowermybills.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json;charset=UTF-8
Accept
application/json, text/plain, */*
Cache-Control
no-cache
Referer
https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
Sec-Fetch-Site
same-origin
Accept
application/json, text/plain, */*
Referer
https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Date
Mon, 25 Oct 2021 20:31:39 GMT
Referrer-Policy
same-origin
X-DNS-Prefetch-Control
off
ETag
W/"101-RJBRelqlBr1hxN8JWVmFi54VY6E"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
P3P
CP="NON DSP COR LAW CONi TELi OUR SAM IND CNT"
X-XSS-Protection
1; mode=block
Cache-Control
no-store
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
application/json; charset=utf-8
Content-Length
257
X-Content-Type-Options
nosniff
unip
trc-events.taboola.com/1007280/log/3/ Frame E51E 		0
254 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1007280/log/3/unip?en=pre_d_eng_tb&tos=4559&scd=0&ssd=1&est=1635193895021&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1635193899581&vi=1635193895018&ri=906c260dde13f86337f9c522a06c0c3b&ui=7e134732-3e1d-42da-a1e6-1c36dc377ac0-tuct87099a7&ref=https%3A%2F%2Fnameluxuries.com%2F&cv=20210809-3-RELEASE&item-url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1007280/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
https://refinance.lowermybills.com
pragma
no-cache
date
Mon, 25 Oct 2021 20:31:39 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1390358/log/3/ Frame E51E 		0
254 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1390358/log/3/unip?en=pre_d_eng_tb&tos=4559&scd=0&ssd=1&est=1635193895021&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1635193899582&vi=1635193895018&ri=023349a90877c0fed83ebc4d06744bc2&sd=v2_514a20c20e1648220d8ae8437db00fdc_7e134732-3e1d-42da-a1e6-1c36dc377ac0-tuct87099a7_1635193895_1635193895_CNCP0B4Qlu5UGOrwmsnLLyABKAEwODib4wlAjYoQSJSy2QNQp-wQWABgAGjr5LqW88T3vnFwAA&ui=7e134732-3e1d-42da-a1e6-1c36dc377ac0-tuct87099a7&ref=https%3A%2F%2Fnameluxuries.com%2F&cv=20210809-3-RELEASE&item-url=https%3A%2F%2Frefinance.lowermybills.com%2F%3Fpkey1%3D%26pkey2%3D%26pkey3%3D%26sourceid%3Dlmb-53705-112246
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1007280/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
https://refinance.lowermybills.com
pragma
no-cache
date
Mon, 25 Oct 2021 20:31:39 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
pubdff5c93c0a8137997d0bc115c7949e0c
rum-http-intake.logs.datadoghq.com/v1/input/ 		2 B
93 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rum-http-intake.logs.datadoghq.com/v1/input/pubdff5c93c0a8137997d0bc115c7949e0c?ddsource=browser&ddtags=sdk_version%3A3.6.12%2Cenv%3Aprod%2Cservice%3Alre-lp-webapp%2Cversion%3A1.0.3%20d-I8603TB3D&batch_time=1635193899694
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.145.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-145-245.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 25 Oct 2021 20:31:39 GMT
content-length
2
content-type
application/json
Primary Request Cookie set questions
refinance.lowermybills.com/ 		19 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://refinance.lowermybills.com/questions
Requested by
Host: static-lre.lowermybills.com
URL: https://static-lre.lowermybills.com/main.e12635025c9fb5cfff6b.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.164.48.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-164-48-254.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
c09fda3a899dd912dc95cca00d0ec7fa5e1aa97cea16adf4b80b86ec2a3b68b0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
refinance.lowermybills.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246
Accept-Encoding
gzip, deflate, br
Cookie
visitorId=9aeb49ea-3538-4a8c-9de6-e9b04f4989f9; sourceId=lmb-53705-112246; connect.sid=s%3A8l6rPotq_qqTTLjjksxuYzUA6UfXI0pe.G1W9AmlqFiUa901xSwFxhc%2BcQ%2BhxtMax82VYUxH9YLo; BIGipServerpl.prod-lrelpwapp-lnd=!KSCkB3NCFu6uuIxRHhj5eaSY0gTQ+AOcuDWjcBZeZvP84bpF9/VNN2wFIp4PZ8P67BwbBd1dw9lXFJA=; TS014fdca0=012d8c2fc353e368e6d05801063787db0b2339bf42156ef51e54e0d02e0259ffb1feeee70de79f54d478b65432dfe89fd0a44f2b12; DAPROPS="sjs.webGlRenderer:Intel Iris OpenGL Engine|bjs.accessDom:1|bcookieSupport:1|bcss.animations:1|bcss.columns:1|bcss.transforms:1|bcss.transitions:1|sdevicePixelRatio:1|idisplayColorDepth:24|bflashCapable:0|bhtml.audio:1|bhtml.canvas:1|bhtml.inlinesvg:1|bhtml.svg:1|bhtml.video:1|bjs.applicationCache:0|bjs.deviceMotion:1|bjs.deviceOrientation:0|bjs.geoLocation:1|bjs.indexedDB:1|bjs.json:1|bjs.localStorage:1|bjs.modifyCss:1|bjs.modifyDom:1|bjs.querySelector:1|bjs.sessionStorage:1|bjs.supportBasicJavaScript:1|bjs.supportConsoleLog:1|bjs.supportEventListener:1|bjs.supportEvents:1|bjs.touchEvents:0|bjs.webGl:1|bjs.webSockets:1|bjs.webSqlDatabase:0|bjs.webWorkers:1|bjs.xhr:1|buserMedia:1|bjs.battery:0"; _dd_s=rum=1&id=af41608d-159e-44c5-999b-b44eb3696d3c&created=1635193894543&expire=1635194794543; _gcl_au=1.1.2107755975.1635193895; _uetsid=8bdef85035d211ecb540ed431359737d; _uetvid=8bdf345035d211ecb0ef1bd207cfd971; _ga=GA1.2.1277804896.1635193895; _gid=GA1.2.1742725861.1635193895; _gat_gtag_UA_72055405_1=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246

Response headers

Date
Mon, 25 Oct 2021 20:31:40 GMT
Content-Type
text/html; charset=utf-8
Content-Length
19408
Connection
keep-alive
X-DNS-Prefetch-Control
off
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Download-Options
noopen
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Cache-Control
no-store
ETag
W/"4bd0-N/u12ULiy+yQcEbk8c3uUcm9H1U"
Set-Cookie
connect.sid=s%3A8l6rPotq_qqTTLjjksxuYzUA6UfXI0pe.G1W9AmlqFiUa901xSwFxhc%2BcQ%2BhxtMax82VYUxH9YLo; Path=/; Expires=Mon, 01 Nov 2021 20:31:40 GMT; HttpOnly TS014fdca0=012d8c2fc353e368e6d05801063787db0b2339bf42156ef51e54e0d02e0259ffb1feeee70de79f54d478b65432dfe89fd0a44f2b12; Path=/
P3P
CP="NON DSP COR LAW CONi TELi OUR SAM IND CNT"
replay
session-replay.browser-intake-datadoghq.com/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://session-replay.browser-intake-datadoghq.com/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A3.6.12%2Cenv%3Aprod%2Cservice%3Alre-lp-webapp%2Cversion%3A1.0.3%20d-I8603TB3D&dd-api-key=pubdff5c93c0a8137997d0bc115c7949e0c&dd-evp-origin-version=3.6.12&dd-evp-origin=browser&dd-request-id=c3d4e8f5-9a33-419a-a110-ed0366901133
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.205.221.158 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryPBT7v9qjHtff3Fkx

Response headers

access-control-allow-origin
*
0
bat.bing.com/actionp/ 		0
0
main.e12635025c9fb5cfff6b.css
static-lre.lowermybills.com/ 		35 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-lre.lowermybills.com/main.e12635025c9fb5cfff6b.css
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/questions
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.232 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-232.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
922010a894024fc34925fafe378edfee4578db4a81bfbb2a517974bf505b51dd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
99ZLQMy65refd8OEXZJR9QoamkJihNOm
content-encoding
br
last-modified
Fri, 22 Oct 2021 23:33:16 GMT
x-amz-cf-pop
SFO5-C3
etag
"53b1451a84c1fffb08e1a7511f4a708a"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2343654
date
Mon, 25 Oct 2021 20:31:40 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
7372
x-amz-cf-id
VjvyFsqrQJIr-5HlncttLKpAX4b0jRJLdLDzVhQZ_4PTTloqGmJHQQ==
pixel-ca687c5134383c510e1c.js
cdn-refinance.lowermybills.com/ 		280 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-refinance.lowermybills.com/pixel-ca687c5134383c510e1c.js
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/questions
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.210 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-210.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b09e2cd396fb96094ce9ce509862f223b83c6a8427900690eb7368251a28978c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
etag
W/"45f7b-17caa55acd6"
x-dns-prefetch-control
off
p3p
CP="NON DSP COR LAW CONi TELi OUR SAM IND CNT"
content-length
33187
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 22 Oct 2021 23:28:34 GMT
x-frame-options
SAMEORIGIN
date
Mon, 25 Oct 2021 20:31:40 GMT
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
x-content-type-options
nosniff
deviceatlas-1.6.min.js
content.lowermybills.com/deviceatlas-1.6/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.lowermybills.com/deviceatlas-1.6/deviceatlas-1.6.min.js
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/questions
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.232 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-232.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d60aa838e099599b51126886e7fa0334ad2022c7b4f76977c86f45463b55bfe9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:31:40 GMT
content-encoding
gzip
last-modified
Fri, 22 Oct 2021 21:32:39 GMT
x-amz-cf-pop
FRA53-C1
etag
"67510dbcee1857a225b8f76bdc940c26"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=485850
accept-ranges
bytes
content-length
2759
x-amz-cf-id
9x0R_sFUhSqUnWRqd4quO57c2QGv8R1opxoJvr3IQbppkL7A9fsk5A==
css
fonts.googleapis.com/ 		820 B
414 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Shadows+Into+Light+Two&display=swap
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/questions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f10.1e100.net
Software
ESF /
Resource Hash
5d67b40783f583fa48ec3a8d7346bb2a7396407bb7fb4b5ad6a5bb3cab2dd53b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 25 Oct 2021 20:31:40 GMT
server
ESF
date
Mon, 25 Oct 2021 20:31:40 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Mon, 25 Oct 2021 20:31:40 GMT
css2
fonts.googleapis.com/ 		5 KB
626 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;700&display=swap
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/questions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f10.1e100.net
Software
ESF /
Resource Hash
d9c65db554d57f17a964bee80b4c94050e40f3a692852cf0ca2fdb9612c83273
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 25 Oct 2021 20:26:46 GMT
server
ESF
date
Mon, 25 Oct 2021 20:31:40 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Mon, 25 Oct 2021 20:31:40 GMT
redarrow1.png
cdn.lowermybills.com/lending-images/2019/arrow/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.lowermybills.com/lending-images/2019/arrow/redarrow1.png
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/questions
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.232 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-232.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
1d7015c13fd51bf12eb98c6e4af1822cdfb32610540bf83730fed28917aadd84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:31:40 GMT
x-check-cacheable
YES
x-serial
1412
etag
"d5b3fa4bcaafbe7-1a00-5c2cdd20bb4a0"
content-type
image/png
cache-control
no-transform, max-age=15552000
last-modified
Fri, 21 May 2021 08:04:09 GMT
content-length
2687
server
Akamai Image Manager
expires
Sat, 23 Apr 2022 20:31:40 GMT
main.e12635025c9fb5cfff6b.js
static-lre.lowermybills.com/ 		122 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-lre.lowermybills.com/main.e12635025c9fb5cfff6b.js
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/questions
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.232 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-232.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d2f7a02c2194d538a9c82cf7c44ebb4baa5e5643bcb535ad88c3869779faa6f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
stpP5gCopyqn5KQsYDXDGrmcAST6Yq3W
content-encoding
br
last-modified
Fri, 22 Oct 2021 23:37:25 GMT
x-amz-cf-pop
ATL56-C3
etag
"e29e8990862f8fb9eee65e482694bf0f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2343923
date
Mon, 25 Oct 2021 20:31:40 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
24740
x-amz-cf-id
3VP58VAWzO5QfJ_ruG6KyJkykOcycqxXBwaiFQMn6ysg2ZevLOAZZQ==
manifest.7c87aba7f3ef7da22937.js
static-lre.lowermybills.com/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-lre.lowermybills.com/manifest.7c87aba7f3ef7da22937.js
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/questions
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.232 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-232.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b2a80cfc9dff72482f2d291da5f9f4524621b12ed20159b07ea7379329ce0169

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
3TELm6YFfP_yisUarAtwT0WqHReMJhnW
content-encoding
br
last-modified
Fri, 22 Oct 2021 23:33:39 GMT
x-amz-cf-pop
SEA19-C1
etag
"08827b954aeef269cd3a652eee38c960"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2343650
date
Mon, 25 Oct 2021 20:31:40 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
4194
x-amz-cf-id
Z17CrMU1azXfB6dJQc6cjakuvdlMh_Wg8sth9sOY1BD8diheSiggJg==
vendor.022a7bf0aee7569059b4.js
static-lre.lowermybills.com/ 		333 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-lre.lowermybills.com/vendor.022a7bf0aee7569059b4.js
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/questions
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.232 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-232.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
655145296c4f196f46dcdca8d90fa529af07d249242722119c30d90be8b77612

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
ACS1YI43AKmP3Sq47GugkxBslPNqHKe9
content-encoding
br
last-modified
Thu, 07 Oct 2021 12:36:16 GMT
x-amz-cf-pop
SFO5-C3
etag
"c9cafa0bd6dfb95727fcf555f843a69c"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
cache-control
max-age=1008239
date
Mon, 25 Oct 2021 20:31:40 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
92178
x-amz-cf-id
e_vBps1tLYSIVju-PHjdySNjL3LV_oHhss5GZ2MZindfiMp0mXNdRw==
datadog-rum-v3.js
www.datadoghq-browser-agent.com/ 		112 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Requested by
Host: refinance.lowermybills.com
URL: https://refinance.lowermybills.com/questions
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.79.159 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-79-159.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7202824f39f82ba4c8f5cd454cc3e68e2b33112667e759b81aec57b374c42dfe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:31:39 GMT
content-encoding
br
last-modified
Mon, 18 Oct 2021 12:17:42 GMT
server
AmazonS3
age
8
etag
W/"0e1bb4ae12d194c53e58fde424cc8cb5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
cache-control
max-age=14400, s-maxage=60
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
7GLMf6s9QURV_jNgFDG8uQ7Cm8B1QbjX26QZ_N4NtEWAzkTMTyiLdQ==
lend16007_goldscale.png
content.lowermybills.com/lre/ 		168 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.lowermybills.com/lre/lend16007_goldscale.png
Requested by
Host: static-lre.lowermybills.com
URL: https://static-lre.lowermybills.com/main.e12635025c9fb5cfff6b.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.232 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-232.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fbac76ee986c65d9c1822b2392d8bc22c6aec8626a6ebc7fa9fc96c63f77fd3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static-lre.lowermybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:31:40 GMT
cache-control
private, no-transform, max-age=852074
last-modified
Tue, 05 Oct 2021 17:13:15 GMT
content-type
image/webp
etag
"70836be8dfb4a77c709d02a054f1a98e"
content-length
168
expires
Thu, 04 Nov 2021 17:12:54 GMT
home-desktop.jpg
content.lowermybills.com/lre/ 		199 KB
199 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.lowermybills.com/lre/home-desktop.jpg
Requested by
Host: static-lre.lowermybills.com
URL: https://static-lre.lowermybills.com/main.e12635025c9fb5cfff6b.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.232 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-232.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
127cae9821853edc1953090239e5ae0297c4626b184280bb894cbfef9f947f30

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static-lre.lowermybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:31:40 GMT
last-modified
Tue, 05 Oct 2021 17:11:17 GMT
x-serial
123
etag
"ac3af3174e2b972e0adcd85fb89d7ba1"
content-type
image/jpeg
x-check-cacheable
YES
cache-control
private, no-transform, max-age=851979
content-length
203332
expires
Thu, 04 Nov 2021 17:11:19 GMT
sprite_lp.png
content.lowermybills.com/lre/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.lowermybills.com/lre/sprite_lp.png
Requested by
Host: static-lre.lowermybills.com
URL: https://static-lre.lowermybills.com/main.e12635025c9fb5cfff6b.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.232 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-232.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3255db2fb88891ee1add7804275d722bdd4e1eb438c51927d08c0dd67c1c558f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static-lre.lowermybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:31:40 GMT
cache-control
private, no-transform, max-age=851978
last-modified
Tue, 05 Oct 2021 17:09:37 GMT
content-type
image/webp
etag
"c8a52138ef54bb2745413f072f32e23a"
content-length
17424
expires
Thu, 04 Nov 2021 17:11:18 GMT
hud_logo.gif
content.lowermybills.com/lre/ 		738 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.lowermybills.com/lre/hud_logo.gif
Requested by
Host: static-lre.lowermybills.com
URL: https://static-lre.lowermybills.com/main.e12635025c9fb5cfff6b.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.232 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-232.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d8b1f3575dd2b0024383a4f47725654257a4b4ec1015595ade984a80804a56ce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static-lre.lowermybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:31:40 GMT
cache-control
private, no-transform, max-age=1738814
last-modified
Fri, 15 Oct 2021 23:31:54 GMT
content-type
image/webp
etag
"c9c9a78e117c3c6b24c9ba244ee59280"
content-length
738
expires
Sun, 14 Nov 2021 23:31:54 GMT
seal
privacy-policy.truste.com/privacy-seal/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://privacy-policy.truste.com/privacy-seal/seal?rid=36759420-4093-4a7b-bf8a-2029fcf0dd2d
Requested by
Host: static-lre.lowermybills.com
URL: https://static-lre.lowermybills.com/main.e12635025c9fb5cfff6b.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.123 -, , ASN (),
Reverse DNS
Software
TXS /
Resource Hash
4b8271a7147141530b4450016f74d728419e6cea808360acdf2c25ce1ab6cf96
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static-lre.lowermybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 25 Oct 2021 05:55:56 GMT
Via
1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff, nosniff
Age
52544
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
14237
X-Xss-Protection
1; mode=block, 1; mode=block
Server
TXS
ETag
W/"14237-1594834154000"
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
max-age=0
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
X-Amz-Cf-Id
bxLEudGTERj-bQwkbHNsqxe-IBGFVnQcYCu_9rGXOBIDurDmWg-Fqw==
misc_thawte.jpg
content.lowermybills.com/lre/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.lowermybills.com/lre/misc_thawte.jpg
Requested by
Host: static-lre.lowermybills.com
URL: https://static-lre.lowermybills.com/main.e12635025c9fb5cfff6b.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.232 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-232.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9985336660219f2aa5e5c8f21d7f5456aee6c69afb706d3a9c9322ad5d601a76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static-lre.lowermybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:31:40 GMT
cache-control
private, no-transform, max-age=2412993
last-modified
Sat, 23 Oct 2021 18:45:37 GMT
content-type
image/webp
etag
"fce9074d37a5424c838ef468af0c2392"
content-length
1064
expires
Mon, 22 Nov 2021 18:48:13 GMT
bbb_ReliabilitySeal4.png
content.lowermybills.com/lre/ 		792 B
973 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.lowermybills.com/lre/bbb_ReliabilitySeal4.png
Requested by
Host: static-lre.lowermybills.com
URL: https://static-lre.lowermybills.com/main.e12635025c9fb5cfff6b.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.232 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-232.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e1b5ecbe1f536ff0fef14eabe281e525514e533dc65d179493ee770857893943

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static-lre.lowermybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:31:40 GMT
cache-control
private, no-transform, max-age=851846
last-modified
Tue, 05 Oct 2021 17:07:59 GMT
content-type
image/webp
etag
"6090dac9efe433facd03c240a291865e"
content-length
792
expires
Thu, 04 Nov 2021 17:09:06 GMT
mortgageBankersAssoc.jpg
content.lowermybills.com/lre/ 		792 B
1004 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.lowermybills.com/lre/mortgageBankersAssoc.jpg
Requested by
Host: static-lre.lowermybills.com
URL: https://static-lre.lowermybills.com/main.e12635025c9fb5cfff6b.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.232 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-232.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1c0676327f2e8a36f4566392aaec15036da66d48fda332ae8b6c6af30dc3c485

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static-lre.lowermybills.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:31:40 GMT
last-modified
Fri, 17 Sep 2021 00:35:09 GMT
x-serial
1626
etag
"fac151fb09dc6ee89e43925ed2c85572"
content-type
image/webp
x-check-cacheable
YES
cache-control
private, no-transform, max-age=1569643
content-length
792
expires
Sat, 13 Nov 2021 00:32:23 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://refinance.lowermybills.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:28:30 GMT
x-content-type-options
nosniff
age
424990
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
20040
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:44 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 20 Oct 2022 22:28:30 GMT
4iC86LVlZsRSjQhpWGedwyOoW-0A6_kpsyNmpAzHGQ.woff2
fonts.gstatic.com/s/shadowsintolighttwo/v8/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/shadowsintolighttwo/v8/4iC86LVlZsRSjQhpWGedwyOoW-0A6_kpsyNmpAzHGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Shadows+Into+Light+Two&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
9881a70e1ba7b9c3409931942e5c9870d9295667ee29e9a84f7437543a94d0d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://refinance.lowermybills.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 03:38:59 GMT
x-content-type-options
nosniff
age
406361
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15856
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 03:47:57 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 21 Oct 2022 03:38:59 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://refinance.lowermybills.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 13:18:36 GMT
x-content-type-options
nosniff
age
457984
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19844
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:10 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 20 Oct 2022 13:18:36 GMT
track
refinance.lowermybills.com/ 		259 B
774 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://refinance.lowermybills.com/track
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.164.48.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-164-48-254.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
f10392463385bd72002263b446627c31a58a7ef10a7b819ca0e49d3dd2d1ae1b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Origin
https://refinance.lowermybills.com
Accept-Encoding
gzip, deflate, br
Accept-Language
de-DE,de;q=0.9
Sec-Fetch-Dest
empty
Cookie
visitorId=9aeb49ea-3538-4a8c-9de6-e9b04f4989f9; sourceId=lmb-53705-112246; connect.sid=s%3A8l6rPotq_qqTTLjjksxuYzUA6UfXI0pe.G1W9AmlqFiUa901xSwFxhc%2BcQ%2BhxtMax82VYUxH9YLo; BIGipServerpl.prod-lrelpwapp-lnd=!KSCkB3NCFu6uuIxRHhj5eaSY0gTQ+AOcuDWjcBZeZvP84bpF9/VNN2wFIp4PZ8P67BwbBd1dw9lXFJA=; TS014fdca0=012d8c2fc353e368e6d05801063787db0b2339bf42156ef51e54e0d02e0259ffb1feeee70de79f54d478b65432dfe89fd0a44f2b12; DAPROPS="sjs.webGlRenderer:Intel Iris OpenGL Engine|bjs.accessDom:1|bcookieSupport:1|bcss.animations:1|bcss.columns:1|bcss.transforms:1|bcss.transitions:1|sdevicePixelRatio:1|idisplayColorDepth:24|bflashCapable:0|bhtml.audio:1|bhtml.canvas:1|bhtml.inlinesvg:1|bhtml.svg:1|bhtml.video:1|bjs.applicationCache:0|bjs.deviceMotion:1|bjs.deviceOrientation:0|bjs.geoLocation:1|bjs.indexedDB:1|bjs.json:1|bjs.localStorage:1|bjs.modifyCss:1|bjs.modifyDom:1|bjs.querySelector:1|bjs.sessionStorage:1|bjs.supportBasicJavaScript:1|bjs.supportConsoleLog:1|bjs.supportEventListener:1|bjs.supportEvents:1|bjs.touchEvents:0|bjs.webGl:1|bjs.webSockets:1|bjs.webSqlDatabase:0|bjs.webWorkers:1|bjs.xhr:1|buserMedia:1|bjs.battery:0"; _gcl_au=1.1.2107755975.1635193895; _uetsid=8bdef85035d211ecb540ed431359737d; _uetvid=8bdf345035d211ecb0ef1bd207cfd971; _ga=GA1.2.1277804896.1635193895; _gid=GA1.2.1742725861.1635193895; _gat_gtag_UA_72055405_1=1; _dd_s=rum=1&id=af41608d-159e-44c5-999b-b44eb3696d3c&created=1635193894543&expire=1635194800271
Connection
keep-alive
Content-Length
381
Pragma
no-cache
Host
refinance.lowermybills.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json;charset=UTF-8
Accept
application/json, text/plain, */*
Cache-Control
no-cache
Referer
https://refinance.lowermybills.com/questions
Sec-Fetch-Site
same-origin
Accept
application/json, text/plain, */*
Referer
https://refinance.lowermybills.com/questions
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Date
Mon, 25 Oct 2021 20:31:40 GMT
Referrer-Policy
same-origin
X-DNS-Prefetch-Control
off
ETag
W/"103-qn2DpD7+Dbq4a7900zy7e+W5lvg"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
P3P
CP="NON DSP COR LAW CONi TELi OUR SAM IND CNT"
X-XSS-Protection
1; mode=block
Cache-Control
no-store
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
application/json; charset=utf-8
Content-Length
259
X-Content-Type-Options
nosniff
fef5a9f3-2f36-4b00-bdb8-9db68443096a
https://refinance.lowermybills.com/ 		25 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://refinance.lowermybills.com/fef5a9f3-2f36-4b00-bdb8-9db68443096a
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a0f183e6a929b72ff7756f11df64e56ea8941d4a7a9d6b6aa5339e0d6845dc0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinance.lowermybills.com/questions
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length
26035

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bat.bing.com
URL
https://bat.bing.com/actionp/0?ti=5189243&Ver=2&mid=f7df1045-1190-4527-88d5-e94250bacf27&sid=8bdef85035d211ecb540ed431359737d&vid=8bdf345035d211ecb0ef1bd207cfd971&vids=1&evt=pageHide

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster object| regeneratorRuntime object| dataLayer function| gtag object| pixel object| DeviceAtlas object| DD_RUM object| webpackChunklre_webapp function| webpackHotUpdatelre_webapp string| app_version object| uetq object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| UET function| UET_init function| UET_push function| GooglemKTybQhCsO number| google_conversion_id object| google_conversion_format object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_enable_display_cookie_match object| google_gtag_event_data boolean| google_remarketing_only object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| google_custom_params object| google_conversion_date object| google_conversion_time object| google_conversion_js_version object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments function| google_trackConversion object| GooglebQhCsO object| gaplugins object| gaGlobal object| gaData

21 Cookies

Domain/Path Name / Value
nameluxuries.com/ Name: uid1262
Value: 622492148-20211025163130-a876858cb149efbf254fd58758567505-
.cdmtrk.com/ Name: sid
Value: wGo3tjKOm08m2C39ApP20QPV1IPzGZR6cKHHziWz3DmT/XzJJA07FA==
.cdmtrk.com/ Name: trk
Value: b/wRdUyvtpsm2C39ApP20QPV1IPzGZR6cKHHziWz3DmT/XzJJA07FA==
refinance.lowermybills.com/ Name: visitorId
Value: 9aeb49ea-3538-4a8c-9de6-e9b04f4989f9
refinance.lowermybills.com/ Name: sourceId
Value: lmb-53705-112246
refinance.lowermybills.com/ Name: connect.sid
Value: s%3A8l6rPotq_qqTTLjjksxuYzUA6UfXI0pe.G1W9AmlqFiUa901xSwFxhc%2BcQ%2BhxtMax82VYUxH9YLo
refinance.lowermybills.com/ Name: BIGipServerpl.prod-lrelpwapp-lnd
Value: !KSCkB3NCFu6uuIxRHhj5eaSY0gTQ+AOcuDWjcBZeZvP84bpF9/VNN2wFIp4PZ8P67BwbBd1dw9lXFJA=
refinance.lowermybills.com/ Name: TS014fdca0
Value: 012d8c2fc353e368e6d05801063787db0b2339bf42156ef51e54e0d02e0259ffb1feeee70de79f54d478b65432dfe89fd0a44f2b12
refinance.lowermybills.com/ Name: DAPROPS
Value: "sjs.webGlRenderer:Intel Iris OpenGL Engine|bjs.accessDom:1|bcookieSupport:1|bcss.animations:1|bcss.columns:1|bcss.transforms:1|bcss.transitions:1|sdevicePixelRatio:1|idisplayColorDepth:24|bflashCapable:0|bhtml.audio:1|bhtml.canvas:1|bhtml.inlinesvg:1|bhtml.svg:1|bhtml.video:1|bjs.applicationCache:0|bjs.deviceMotion:1|bjs.deviceOrientation:0|bjs.geoLocation:1|bjs.indexedDB:1|bjs.json:1|bjs.localStorage:1|bjs.modifyCss:1|bjs.modifyDom:1|bjs.querySelector:1|bjs.sessionStorage:1|bjs.supportBasicJavaScript:1|bjs.supportConsoleLog:1|bjs.supportEventListener:1|bjs.supportEvents:1|bjs.touchEvents:0|bjs.webGl:1|bjs.webSockets:1|bjs.webSqlDatabase:0|bjs.webWorkers:1|bjs.xhr:1|buserMedia:1|bjs.battery:0"
refinance.lowermybills.com/ Name: _dd_s
Value: rum=1&id=af41608d-159e-44c5-999b-b44eb3696d3c&created=1635193894543&expire=1635194794543
.lowermybills.com/ Name: _gcl_au
Value: 1.1.2107755975.1635193895
.bing.com/ Name: MUID
Value: 145C54156B2D6FC0098644CE6A6F6E06
.lowermybills.com/ Name: _uetsid
Value: 8bdef85035d211ecb540ed431359737d
.lowermybills.com/ Name: _uetvid
Value: 8bdf345035d211ecb0ef1bd207cfd971
.revjet.com/ Name: trx
Value: 5308468547467786325
.twitter.com/ Name: personalization_id
Value: "v1_vkAtRFoOINyVt+fiEZSjdw=="
.yahoo.com/ Name: A3
Value: d=AQABBCYUd2ECEPAAnElHqhXeVIrV2DyxUE8FEgEBAQFleGGAYQAAAAAA_SMAAA&S=AQAAAh3JxhUBLBNywCrrsy7DJxc
.doubleclick.net/ Name: IDE
Value: AHWqTUluU5gKqvZUddmKJ4H7rgt7fAEMEKKIGmxIC-lv6RyTNt30poJHBy0X_NnAB_c
.lowermybills.com/ Name: _ga
Value: GA1.2.1277804896.1635193895
.lowermybills.com/ Name: _gid
Value: GA1.2.1742725861.1635193895
.lowermybills.com/ Name: _gat_gtag_UA_72055405_1
Value: 1

2 Console Messages

Source Level URL
Text
rendering warning URL: https://refinance.lowermybills.com/?pkey1=&pkey2=&pkey3=&sourceid=lmb-53705-112246(Line 4)
Message:
Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.
rendering warning URL: https://refinance.lowermybills.com/questions(Line 4)
Message:
Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

852807.fls.doubleclick.net
ad.doubleclick.net
ads.revjet.com
adservice.google.com
analytics.twitter.com
bat.bing.com
cdmtrk.com
cdn-refinance.lowermybills.com
cdn.lowermybills.com
cdn.taboola.com
content.lowermybills.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
jarjav.com
nameluxuries.com
pix.revjet.com
privacy-policy.truste.com
refinance.lowermybills.com
rum-http-intake.logs.datadoghq.com
session-replay.browser-intake-datadoghq.com
sp.analytics.yahoo.com
static-lre.lowermybills.com
static.ads-twitter.com
stats.g.doubleclick.net
storage.googleapis.com
t.co
trc-events.taboola.com
trc.taboola.com
www.datadoghq-browser-agent.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.lowermybills.com
bat.bing.com
104.244.42.133
104.244.42.195
13.107.21.200
13.225.78.123
13.225.79.159
141.226.228.48
142.250.185.162
142.250.185.226
142.250.185.99
142.250.186.100
142.250.186.134
151.101.1.44
151.101.12.157
172.217.16.142
172.217.16.144
172.217.18.98
172.217.23.106
18.205.221.158
185.177.57.143
191.101.232.101
2.16.186.210
2.16.186.232
212.82.100.181
216.58.212.136
3.233.145.245
35.164.48.254
5.9.20.98
52.40.27.155
54.173.50.35
74.125.133.157
95.217.106.21
08feaee96f5b485df12a0cc0d3a2c37421614d9080d8d49d02ded97f50c37d67
0b52dc3851559db81b5517ed0d7f0ae732f1f758f09834c62d09c02189ca2155
0cff5de0a6dddcb01b664acb7cce79cd85b5a941e7e8f74423c8024e60704005
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
1254c38a132383513216c19961b78a582b41cd62c8d6aa8db8de32cfa7b6733c
127cae9821853edc1953090239e5ae0297c4626b184280bb894cbfef9f947f30
142e5960a9ce0a343a3e6daf94476cee65e4fb9259f1e2da668efe3e6dec5f81
1908c528dc5fbd0ed5122f02c9fabb1693a65c440858e43c9e58701374d84bec
1c0676327f2e8a36f4566392aaec15036da66d48fda332ae8b6c6af30dc3c485
1d7015c13fd51bf12eb98c6e4af1822cdfb32610540bf83730fed28917aadd84
1df0f2cf89eb44a31b7f24408d34a40dc2ea82c0ccfc583277a877beab10db11
2a0f183e6a929b72ff7756f11df64e56ea8941d4a7a9d6b6aa5339e0d6845dc0
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2d84cdbfaf9b2bc0ba30bc5f67e45d03b265b52c3cfe24353e09175b1fb0fdfb
3255db2fb88891ee1add7804275d722bdd4e1eb438c51927d08c0dd67c1c558f
387f3766d2fc6766de3cf6bfa2e12fbb77feb52a02dad93e4df2db7c360080df
3abc9eb2a584311acee3b5dd1f779e251936d5c9ca10c290438d041ed0947e49
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
445e34c47c631f49e4613b4d4339d2abbc434108af1c779214da08fe8bd6f516
4b1b21b0ab4690640b83bdfc913cc58e39095fd558c90f91457044e6a3c5a418
4b8271a7147141530b4450016f74d728419e6cea808360acdf2c25ce1ab6cf96
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4f63020fd7d71a0016944275892c73da57a708fe51511d51eba00df594c1443b
505270093df8867b73647c7258e42dc42d82f14036b7ab4c6a36f0fad80b5dbd
512baacd6cf32dc83b6ea04c18a6801cef1c39a82476b1cf38dcb879a0326a33
57b07685881886bb6b4ae58da88a10f38db1d9d33ab1aad0407077fd427b345f
5b970fb18ab1c54748c3a53ab9e7e2d8bf5a1d557f38728a110c4cd7893ae77c
5d67b40783f583fa48ec3a8d7346bb2a7396407bb7fb4b5ad6a5bb3cab2dd53b
5e5028bf8a9bd712920649dc8facef5899a162a2a28177bf7e916e4719c15ce5
655145296c4f196f46dcdca8d90fa529af07d249242722119c30d90be8b77612
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ca27ac7c95f9369602c9e7155bdbd0932e5f5996d6286655f8609b4f6ed952f
7202824f39f82ba4c8f5cd454cc3e68e2b33112667e759b81aec57b374c42dfe
72e6e98b1391dd750f3b44019ac52c993b93bb0fed404b5149ae5a8af9660d59
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3
8003f9f74c4575c83a2b13c651f406952a3e2fc7dfeb936116eb1fc17c9c6689
88e09a080d10edd61b81cb065800e79a526358e6f2beca67a80412ef5eaf071f
8d8da86c43cf070ea497bc465bcbfb97d2ee60c7b3d087914872c3960dd3db39
8dab4d0c909d5c749686407079e93dbbdddcbf09bf2018e5cc62a406c961b273
912ff634327aea654e244d74ba1a387141ba6e3f68a0d94614c6563e14d6242a
922010a894024fc34925fafe378edfee4578db4a81bfbb2a517974bf505b51dd
939bee1d5dbb9bf486ec62083f1e7e97b22041c4781c73690ddc790f6b10d531
9881a70e1ba7b9c3409931942e5c9870d9295667ee29e9a84f7437543a94d0d6
9985336660219f2aa5e5c8f21d7f5456aee6c69afb706d3a9c9322ad5d601a76
9b899e50c2015a1c2e3c6b10138755b33f249afcb60b340cbde60c89785d7e18
9f36a055fc21c4e9ecc2f2e173d7bb413b3eb335d4952e11b0eea5f8fd775487
abaa56c87ad50bd81c7a1aa002149fb1d552938440426660d29eef4b421ccc13
ac40ea05dec4a849c515623b9cf79db51255953a76e801e6dbaf8ff4ede72656
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b09e2cd396fb96094ce9ce509862f223b83c6a8427900690eb7368251a28978c
b2a80cfc9dff72482f2d291da5f9f4524621b12ed20159b07ea7379329ce0169
b50302ba69880f2961a1ee870aeea0d20b551e9e5e095c3d46c2464d55a3dca7
ba759cda5ce091039d6dba3aeaffeafa9f3346519a230c1f3246791e5dfa4bec
bbc2aa89633a96e429372f938d86ca3973de457ede8793082bfd16e0bac6f446
c09fda3a899dd912dc95cca00d0ec7fa5e1aa97cea16adf4b80b86ec2a3b68b0
c8592ab3df2191a56de88b14bb4cc909a53a6020e92b7f3979f40e98c60f3b53
cec0eb8c1baba61bb7dee6ebe19f916fc382ce92623ffe597d825f4f6d5570f4
cfa0ad76afe7611f5a41c4cc23fab2ddd00fd29c7b319ca5d4df97b5d7a5abb9
d2f7a02c2194d538a9c82cf7c44ebb4baa5e5643bcb535ad88c3869779faa6f3
d60aa838e099599b51126886e7fa0334ad2022c7b4f76977c86f45463b55bfe9
d62fc11a6230a64558bb85803876d21fe3192d2f7e347856879d0ef57ce5a6ed
d891455e32c9a425e36e190047b1f58abeb7e3709eff687134ddea7ac9cfdd3b
d8b1f3575dd2b0024383a4f47725654257a4b4ec1015595ade984a80804a56ce
d9610fadce2a8993234add945441149d1da71a0bb4a2f5bbde16a55c47c874ce
d9c65db554d57f17a964bee80b4c94050e40f3a692852cf0ca2fdb9612c83273
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1b5ecbe1f536ff0fef14eabe281e525514e533dc65d179493ee770857893943
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c194d98ac39681cfa6a117dcf406e8a9cffc576fe07bd1e8060981f3defb39
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
edb855f9e67a8f23f6f615a7e793b0480c59f7ea76c1c4827d4c6cdab302f292
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10392463385bd72002263b446627c31a58a7ef10a7b819ca0e49d3dd2d1ae1b
f42235daa8e73093d924b4cacb61873f8d28192ad9dc54973691cbdf28b5025c
f68b97fe083abc21ebd8d9ab401fef37ae6e90b7c77f0daa9881bfb03ab1b3eb
fbac76ee986c65d9c1822b2392d8bc22c6aec8626a6ebc7fa9fc96c63f77fd3f
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3