harpreplacementprogram.com Open in urlscan Pro
2600:9000:214f:cc00:19:3666:ba00:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tk.easyfhadirect.com/?xtl=wr0fq86quafqh7z73h1qe3v6geuufb2rihx0rlep8e3koyeumeeg65mswgebcif0lvcgu1suz7sj8icod9plals7vwj...
Effective URL:
https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name...
Submission: On December 31 via manual (December 31st 2019, 8:30:47 pm UTC) from US

Summary HTTP 105 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 36 IPs in 7 countries across 31 domains to perform 105 HTTP transactions. The main IP is 2600:9000:214f:cc00:19:3666:ba00:93a1, located in United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is harpreplacementprogram.com.
TLS certificate: Issued by Amazon on March 18th 2019. Valid for: a year.

This is the only time harpreplacementprogram.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.193.21.59 34.193.21.59	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
10	2600:9000:214... 2600:9000:214f:cc00:19:3666:ba00:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:819::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
6	2a00:1450:400... 2a00:1450:4001:81e::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
8	159.122.87.153 159.122.87.153	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
7	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1	172.217.16.162 172.217.16.162	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	178.250.0.130 178.250.0.130	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700:10:... 2606:4700:10::6814:4a82	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2	2a00:1288:f03... 2a00:1288:f03d:1fa::4000	10310 (YAHOO-1) (YAHOO-1 - Oath Holdings Inc.)
1	2001:4860:480... 2001:4860:4802:32::15	15169 (GOOGLE) (GOOGLE - Google LLC)
1	143.204.214.29 143.204.214.29	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	151.101.114.2 151.101.114.2	54113 (FASTLY) (FASTLY - Fastly)
1 1	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE - Google LLC)
3 8	2a00:1450:400... 2a00:1450:4001:820::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
8	2a00:1450:400... 2a00:1450:4001:816::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE - Google LLC)
9	3.225.12.13 3.225.12.13	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
4	151.101.14.2 151.101.14.2	54113 (FASTLY) (FASTLY - Fastly)
4	70.42.32.63 70.42.32.63	22075 (AS-OUTBRAIN) (AS-OUTBRAIN - Outbrain)
1 1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO - Criteo Corp.)
2 7	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	13.35.254.176 13.35.254.176	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
6	50.97.168.187 50.97.168.187	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
1	23.23.73.124 23.23.73.124	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
4	54.69.74.204 54.69.74.204	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	44.226.93.191 44.226.93.191	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a00:1450:400... 2a00:1450:4001:821::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2606:4700:30:... 2606:4700:30::681c:19e6	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	151.101.14.110 151.101.14.110	54113 (FASTLY) (FASTLY - Fastly)
1	162.247.242.19 162.247.242.19	23467 (NEWRELIC-...) (NEWRELIC-AS-1 - New Relic)
105	36

1 34.193.21.59 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-193-21-59.compute-1.amazonaws.com

tk.easyfhadirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:214f:cc00:19:3666:ba00:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

harpreplacementprogram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 159.122.87.153 (Frankfurt am Main, Germany)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 99.57.7a9f.ip4.static.sl-reverse.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.162 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:4a82 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.190 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:f03d:1fa::4000 (United Kingdom)

ASN10310 (YAHOO-1 - Oath Holdings Inc., US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::15 (United States)

ASN15169 (GOOGLE - Google LLC, US)

fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.214.29 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-214-29.fra53.r.cloudfront.net

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:820::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.194.58 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 3.225.12.13 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-225-12-13.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.14.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 70.42.32.63 (United States)

ASN22075 (AS-OUTBRAIN - Outbrain, Inc., US)
PTR: ny.outbrain.com

amplifypixel.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.150 (United States)

ASN19750 (AS-CRITEO - Criteo Corp., US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.254.176 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-254-176.fra6.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 50.97.168.187 (Dallas, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: bb.a8.6132.ip4.static.sl-reverse.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.23.73.124 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-23-23-73-124.compute-1.amazonaws.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.69.74.204 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-69-74-204.us-west-2.compute.amazonaws.com

external.printfinger.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.226.93.191 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-44-226-93-191.us-west-2.compute.amazonaws.com

suited45trk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681c:19e6 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

api.zippopotam.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.242.19 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-7.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	harpreplacementprogram.com harpreplacementprogram.com	183 KB
9	leadid.com create.leadid.com	7 KB
9	outbrain.com amplify.outbrain.com tr.outbrain.com amplifypixel.outbrain.com	5 KB
8	google.de www.google.de	925 B
8	google.com 3 redirects www.google.com	2 KB
8	doubleclick.net 3 redirects stats.g.doubleclick.net googleads.g.doubleclick.net	9 KB
8	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com	98 KB
8	googleapis.com ajax.googleapis.com fonts.googleapis.com maps.googleapis.com	222 KB
7	bing.com bat.bing.com	8 KB
6	trustedform.com api.trustedform.com	23 KB
4	printfinger.tech external.printfinger.tech	24 KB
3	criteo.com 1 redirects sslwidget.criteo.com widget.us.criteo.com	1 KB
3	gstatic.com fonts.gstatic.com maps.gstatic.com	20 KB
2	facebook.com www.facebook.com	403 B
2	facebook.net connect.facebook.net	142 KB
2	fullstory.com fullstory.com rs.fullstory.com	68 KB
2	yimg.com s.yimg.com	6 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
1	nr-data.net bam.nr-data.net	261 B
1	newrelic.com js-agent.newrelic.com	9 KB
1	zippopotam.us api.zippopotam.us	474 B
1	suited45trk.com suited45trk.com	776 B
1	ipify.org api.ipify.org	265 B
1	cloudfront.net d2m2wsoho8qq12.cloudfront.net
1	taboola.com cdn.taboola.com	21 KB
1	pushnami.com api.pushnami.com	9 KB
1	lidstatic.com create.lidstatic.com	39 KB
1	criteo.net static.criteo.net	10 KB
1	googleadservices.com www.googleadservices.com	10 KB
1	googletagmanager.com www.googletagmanager.com	41 KB
1	easyfhadirect.com 1 redirects tk.easyfhadirect.com	686 B
105	31

	Domain	Requested by
10	harpreplacementprogram.com	harpreplacementprogram.com create.lidstatic.com
9	create.leadid.com	harpreplacementprogram.com
8	www.google.de	harpreplacementprogram.com
8	www.google.com	3 redirects harpreplacementprogram.com
8	dev.visualwebsiteoptimizer.com	harpreplacementprogram.com dev.visualwebsiteoptimizer.com
7	googleads.g.doubleclick.net	2 redirects www.googleadservices.com
7	bat.bing.com	www.googletagmanager.com harpreplacementprogram.com
6	api.trustedform.com	harpreplacementprogram.com api.trustedform.com
6	maps.googleapis.com	harpreplacementprogram.com maps.googleapis.com
4	external.printfinger.tech	harpreplacementprogram.com
4	amplifypixel.outbrain.com	harpreplacementprogram.com
4	tr.outbrain.com	harpreplacementprogram.com
2	maps.gstatic.com	harpreplacementprogram.com
2	www.facebook.com	harpreplacementprogram.com
2	widget.us.criteo.com	harpreplacementprogram.com static.criteo.net
2	connect.facebook.net	harpreplacementprogram.com connect.facebook.net
2	s.yimg.com	harpreplacementprogram.com
2	www.google-analytics.com	1 redirects www.googletagmanager.com
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	harpreplacementprogram.com
1	api.zippopotam.us	harpreplacementprogram.com
1	suited45trk.com	ajax.googleapis.com
1	api.ipify.org	harpreplacementprogram.com
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	sslwidget.criteo.com	1 redirects
1	rs.fullstory.com	harpreplacementprogram.com
1	stats.g.doubleclick.net	1 redirects
1	cdn.taboola.com	harpreplacementprogram.com
1	api.pushnami.com	www.googletagmanager.com
1	fullstory.com	harpreplacementprogram.com
1	amplify.outbrain.com	harpreplacementprogram.com
1	create.lidstatic.com	harpreplacementprogram.com
1	static.criteo.net	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	fonts.gstatic.com	harpreplacementprogram.com
1	www.googletagmanager.com	harpreplacementprogram.com
1	fonts.googleapis.com	harpreplacementprogram.com
1	ajax.googleapis.com	harpreplacementprogram.com
1	tk.easyfhadirect.com	1 redirects
105	39

This site contains links to these domains. Also see Links.

Domain
www.benefits.va.gov
benefits.va.gov
www.blogs.va.gov

Subject Issuer	Validity	Valid
harpreplacementprogram.com Amazon	`2019-03-18` - `2020-04-18`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2017-06-30` - `2020-07-06`	3 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
www.googleadservices.com GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2019-12-03` - `2021-04-06`	a year	crt.sh
lidstatic.com CloudFlare Inc ECC CA-2	`2019-07-02` - `2020-07-01`	a year	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2018-12-14` - `2020-03-14`	a year	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2019-12-10` - `2020-01-24`	a month	crt.sh
*.fullstory.com COMODO RSA Domain Validation Secure Server CA	`2017-12-27` - `2021-03-26`	3 years	crt.sh
*.pushnami.com Amazon	`2019-06-14` - `2020-07-14`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-12-06` - `2020-03-05`	3 months	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-07-30` - `2020-07-25`	a year	crt.sh
www.google.de GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
create.leadid.com Amazon	`2019-12-19` - `2021-01-19`	a year	crt.sh
*.us.criteo.com DigiCert ECC Secure Server CA	`2019-06-12` - `2020-06-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
www.google.com GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
*.trustedform.com Go Daddy Secure Certificate Authority - G2	`2019-01-04` - `2020-03-05`	a year	crt.sh
*.ipify.org COMODO RSA Domain Validation Secure Server CA	`2018-01-24` - `2021-01-23`	3 years	crt.sh
*.printfinger.tech Amazon	`2019-08-27` - `2020-09-27`	a year	crt.sh
*.suited45trk.com AlphaSSL CA - SHA256 - G2	`2019-03-29` - `2020-03-29`	a year	crt.sh
sni116369.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-09-01` - `2020-03-09`	6 months	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-04-10` - `2020-03-21`	a year	crt.sh
*.nr-data.net GeoTrust RSA CA 2018	`2018-01-11` - `2020-03-17`	2 years	crt.sh

This page contains 3 frames:

Primary Page: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
Frame ID: 6872795EB13EFF8D00A374377F6E2044
Requests: 103 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=607C83CA-AA50-31A7-1BF3-9A19D986F65D&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.5.2&lck=F21BCFE7-421D-0B59-65FE-3D36E8D9C8D6&lac=2B26B722-D668-EC71-D186-45FE6EC4DDE1
Frame ID: 2C66EC9DF43FA2B6F3C8A41DE7AF3844
Requests: 1 HTTP requests in this frame

Frame: https://widget.us.criteo.com/dis/dis.aspx?p=50034&cb=6419981274&ref=&sc_r=1600x1200&sc_d=24
Frame ID: 03959C99A034A976EE1721579A7690F3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://tk.easyfhadirect.com/?xtl=wr0fq86quafqh7z73h1qe3v6geuufb2rihx0rlep8e3koyeumeeg65mswgebcif0lvcgu1s... HTTP 302
https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipc... Page URL

Detected technologies

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i
headers server /^AmazonS3$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon S3 (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

headers server /^AmazonS3$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Visual Website Optimizer (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /dev\.visualwebsiteoptimizer\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

105
Requests

100 %
HTTPS

49 %
IPv6

31
Domains

39
Subdomains

36
IPs

7
Countries

977 kB
Transfer

3262 kB
Size

13
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://www.benefits.va.gov/homeloans/purchaseco_loan_limits.asp
Title: http://www.benefits.va.gov/homeloans/purchaseco_loan_limits.asp

Search URL Search Domain Scan URL

URL: http://benefits.va.gov/BENEFITS/factsheets/homeloans/VA_Guaranteed_Home_Loans.pdf
Title: VA Loan Fact Sheet

Search URL Search Domain Scan URL

URL: http://www.benefits.va.gov/HOMELOANS/adaptedhousing.asp
Title: http://www.benefits.va.gov/HOMELOANS/adaptedhousing.asp

Search URL Search Domain Scan URL

URL: http://www.benefits.va.gov/benefits/infographics/special_adaptive_housing.html#sthash.RaB9IKZG.2oN2pZYB.dpbs
Title: Great Infographic about the SAH grant

Search URL Search Domain Scan URL

URL: http://www.blogs.va.gov/VAntage/17636/top-questions-va-home-loans-housing-grants/
Title: http://www.blogs.va.gov/VAntage/17636/top-questions-va-home-loans-housing-grants/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tk.easyfhadirect.com/?xtl=wr0fq86quafqh7z73h1qe3v6geuufb2rihx0rlep8e3koyeumeeg65mswgebcif0lvcgu1suz7sj8icod9plals7vwjn1tmqaqn73rcialmxaefli2onhhlh3kynnsexf2yicw7wr86ngn80ow1kj6sy73i2dtnp1adh42nesr4p111wj2nnl27qfgd1pfdf6sv7xmc18h08hr1e276c5suiytpvkw9cmqcdv3wlejz0gwsa6te3taaoq8j1qojt3cieefjuibla7fck74hurxb9ehijun8pbe6n64xktwfecoczavt4gsbrerqe639y5vpnbfvel702ozy7a2mx7s290da14wmzzpk09afoompsyzfjexvdhs3qei5mstlx8fcccn1vmodi22ibxsja5u4egct1i2mbpox8iwp8nkcoaaffmd3x2kqotsywpizm7kodx8ryst2xez4tiqxaurou4ivov7y9rw62njnzqd5y5bjiqqbi554x11jspvay08q39gtchqfw010nlicocioa3sry9xkzydbq4deoklo3nywlaoewhzcbk2kags989f97oibwl1dahj8rrlglcjrrn9srxix4tllcpxag7jk5ifm&eih=6e8ccre4p17lk4fle4hor6iio2ud4ds0ycdp3t215it&Zip_Code=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&City=Minneota&State=MN&email=kelly.devlaeminck@avera.org&prepop_phone=5078729907&CurrentLender=Other HTTP 302
https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=831864537&t=pageview&_s=1&dl=https%3A%2F%2Fharpreplacementprogram.com%2F%3Fo%3D2143%26a%3D225%26c%3D10889%26cpid%3D12747%26s1%3DSES_EasyFHADirect_HarpReplace_Dec31%26zipcode%3D56264%26first_name%3DKelly%26last_name%3DDevlaeminck%26address%3D301%2520N%2520Madison%2520St%26city%3DMinneota%26state%3DMN%26email%3Dkelly.devlaeminck%40avera.org%26phone_primary%3D5078729907%26current_lender%3DOther%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&ul=en-us&de=UTF-8&dt=HARP%20Replacement%20Program&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=1462671034&gjid=491254776&cid=1754380497.1577824229&tid=UA-132689034-32&_gid=897214344.1577824229&_r=1&gtm=2wgc61P62KC9K&z=357881303 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-132689034-32&cid=1754380497.1577824229&jid=1462671034&_gid=897214344.1577824229&gjid=491254776&_v=j79&z=357881303 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-132689034-32&cid=1754380497.1577824229&jid=1462671034&_v=j79&z=357881303 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-132689034-32&cid=1754380497.1577824229&jid=1462671034&_v=j79&z=357881303&slf_rd=1&random=3229173368

Request Chain 41

https://sslwidget.criteo.com/event?a=50034&v=5.5.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&tld=harpreplacementprogram.com&dtycbr=54873 HTTP 302
https://widget.us.criteo.com/event?a=50034&v=5.5.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&tld=harpreplacementprogram.com&dtycbr=54873

Request Chain 44

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/749575810/?random=1577824229491&cv=9&fst=1577824229491&num=1&fmt=3&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fharpreplacementprogram.com%2F%3Fo%3D2143%26a%3D225%26c%3D10889%26cpid%3D12747%26s1%3DSES_EasyFHADirect_HarpReplace_Dec31%26zipcode%3D56264%26first_name%3DKelly%26last_name%3DDevlaeminck%26address%3D301%2520N%2520Madison%2520St%26city%3DMinneota%26state%3DMN%26email%3Dkelly.devlaeminck%40avera.org%26phone_primary%3D5078729907%26current_lender%3DOther%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&tiba=HARP%20Replacement%20Program&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/749575810/?random=1577824229491&cv=9&fst=1577822400000&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&frm=0&url=https%3A%2F%2Fharpreplacementprogram.com%2F%3Fo%3D2143%26a%3D225%26c%3D10889%26cpid%3D12747%26s1%3DSES_EasyFHADirect_HarpReplace_Dec31%26zipcode%3D56264%26first_name%3DKelly%26last_name%3DDevlaeminck%26address%3D301%2520N%2520Madison%2520St%26city%3DMinneota%26state%3DMN%26email%3Dkelly.devlaeminck%40avera.org%26phone_primary%3D5078729907%26current_lender%3DOther%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&tiba=HARP%20Replacement%20Program&async=1&is_vtc=1&random=1578923077&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/749575810/?random=1577824229491&cv=9&fst=1577822400000&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&frm=0&url=https%3A%2F%2Fharpreplacementprogram.com%2F%3Fo%3D2143%26a%3D225%26c%3D10889%26cpid%3D12747%26s1%3DSES_EasyFHADirect_HarpReplace_Dec31%26zipcode%3D56264%26first_name%3DKelly%26last_name%3DDevlaeminck%26address%3D301%2520N%2520Madison%2520St%26city%3DMinneota%26state%3DMN%26email%3Dkelly.devlaeminck%40avera.org%26phone_primary%3D5078729907%26current_lender%3DOther%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&tiba=HARP%20Replacement%20Program&async=1&is_vtc=1&random=1578923077&resp=GooglemKTybQhCsO&ipr=y

Request Chain 46

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/782166578/?random=1577824229492&cv=9&fst=1577824229492&num=1&fmt=3&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fharpreplacementprogram.com%2F%3Fo%3D2143%26a%3D225%26c%3D10889%26cpid%3D12747%26s1%3DSES_EasyFHADirect_HarpReplace_Dec31%26zipcode%3D56264%26first_name%3DKelly%26last_name%3DDevlaeminck%26address%3D301%2520N%2520Madison%2520St%26city%3DMinneota%26state%3DMN%26email%3Dkelly.devlaeminck%40avera.org%26phone_primary%3D5078729907%26current_lender%3DOther%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&tiba=HARP%20Replacement%20Program&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/782166578/?random=1577824229492&cv=9&fst=1577822400000&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&frm=0&url=https%3A%2F%2Fharpreplacementprogram.com%2F%3Fo%3D2143%26a%3D225%26c%3D10889%26cpid%3D12747%26s1%3DSES_EasyFHADirect_HarpReplace_Dec31%26zipcode%3D56264%26first_name%3DKelly%26last_name%3DDevlaeminck%26address%3D301%2520N%2520Madison%2520St%26city%3DMinneota%26state%3DMN%26email%3Dkelly.devlaeminck%40avera.org%26phone_primary%3D5078729907%26current_lender%3DOther%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&tiba=HARP%20Replacement%20Program&async=1&is_vtc=1&random=2321663752&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/782166578/?random=1577824229492&cv=9&fst=1577822400000&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&frm=0&url=https%3A%2F%2Fharpreplacementprogram.com%2F%3Fo%3D2143%26a%3D225%26c%3D10889%26cpid%3D12747%26s1%3DSES_EasyFHADirect_HarpReplace_Dec31%26zipcode%3D56264%26first_name%3DKelly%26last_name%3DDevlaeminck%26address%3D301%2520N%2520Madison%2520St%26city%3DMinneota%26state%3DMN%26email%3Dkelly.devlaeminck%40avera.org%26phone_primary%3D5078729907%26current_lender%3DOther%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&tiba=HARP%20Replacement%20Program&async=1&is_vtc=1&random=2321663752&resp=GooglemKTybQhCsO&ipr=y

105 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
harpreplacementprogram.com/
Redirect Chain

http://tk.easyfhadirect.com/?xtl=wr0fq86quafqh7z73h1qe3v6geuufb2rihx0rlep8e3koyeumeeg65mswgebcif0lvcgu1suz7sj8icod9plals7vwjn1tmqaqn73rcialmxaefli2onhhlh3kynnsexf2yicw7wr86ngn80ow1kj6sy73i2dtnp1adh...
https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=M...

62 KB
10 KB

442ms
365ms

Document
text/html

2600:9000:214f:cc00:19:3666:ba00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:cc00:19:3666:ba00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c699b83f8ecf8dd95b18a95fada846239453a206093fe4da4d0698a02ab0a60

Request headers

:method: GET
:authority: harpreplacementprogram.com
:scheme: https
:path: /?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
content-type: text/html
date: Tue, 31 Dec 2019 20:30:29 GMT
last-modified: Tue, 31 Dec 2019 17:10:55 GMT
cache-control: max-age=604810, no-cache
x-amz-version-id: null
x-amz-meta-content-md5: 8fad5125e1ba8c12758c3a8c7a177549
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: prAQV9wbmCb1MvbPwdoWMwZyzkCGjOi7CJKHOXbJdPMF_mG4eIUJgg==

Redirect headers

Date: Tue, 31 Dec 2019 20:30:28 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
X-Powered-By: PHP/5.5.38
Location: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301 N Madison St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block;

GET
H2 200 newrelic.js Show response
harpreplacementprogram.com/ 15 KB
6 KB 385ms
381ms Script
application/javascript 2600:9000:214f:cc00:19:3666:ba00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://harpreplacementprogram.com/newrelic.js
Requested by: Host: harpreplacementprogram.com
URL: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:cc00:19:3666:ba00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 277a32fa231e3e1caee408f61d1ea1e4ec4d723aae7fd31f7520b5b0d6a18425

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 31 Dec 2019 20:30:30 GMT
content-encoding: gzip
last-modified: Tue, 19 Mar 2019 19:38:00 GMT
x-amz-meta-content-md5: 5bb9cb2ee2e2071636eeea8724778dfb
x-amz-cf-pop: FRA53-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: 2xn1y0k4SEGPcWHxKHlaWFncsB413Odp
status: 200
cache-control: max-age=604810, no-cache
content-type: application/javascript
x-amz-cf-id: NmYXtDGLS49FCaQChaU81ANdguVAGcMyHGThQISDGxpLHu0dqw54Pg==
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
server: AmazonS3

GET
H2 200 ck-check.js Show response
harpreplacementprogram.com/js/ 1 KB
1017 B 472ms
468ms Script
application/javascript 2600:9000:214f:cc00:19:3666:ba00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://harpreplacementprogram.com/js/ck-check.js
Requested by: Host: harpreplacementprogram.com
URL: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:cc00:19:3666:ba00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7a25b19e0012c8615b187a14425ea7f5d9f8ce511eeb09dc142107070c229c33

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 31 Dec 2019 20:30:30 GMT
content-encoding: gzip
last-modified: Tue, 04 Jun 2019 19:40:51 GMT
x-amz-meta-content-md5: 23fedc1f8304dae50f3fc27da9191e27
x-amz-cf-pop: FRA53-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: NLkuhb3tlH4wuNuZS8BwboCZ9YvYU2e6
status: 200
cache-control: max-age=604810, no-cache
content-type: application/javascript
x-amz-cf-id: 2inQCA_BJQXdaCP0cXWeAYcVoD513E2eM_yN5qXPCUR-diydpVI4PA==
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
server: AmazonS3

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:819::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: harpreplacementprogram.com
URL: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 01:35:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3437718
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 30306
x-xss-protection: 0
last-modified: Fri, 24 Mar 2017 20:55:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Nov 2020 01:35:10 GMT

GET
H2 200 css
fonts.googleapis.com/ 798 B
454 B 18ms
15ms Stylesheet
text/css 2a00:1450:4001:809::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Work+Sans

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

97fb2056af5f0a0fe6cde3b28745185ad173c0e15d06f37a9bbea85d8cdeb79d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 31 Dec 2019 20:30:28 GMT
server: ESF
access-control-allow-origin: *
date: Tue, 31 Dec 2019 20:30:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Tue, 31 Dec 2019 20:30:28 GMT

GET
H2 200 combined.css
harpreplacementprogram.com/css/ 42 KB
10 KB 463ms
461ms Stylesheet
text/css 2600:9000:214f:cc00:19:3666:ba00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://harpreplacementprogram.com/css/combined.css
Requested by: Host: harpreplacementprogram.com
URL: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:cc00:19:3666:ba00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cda98d62a8b44d41b30a4716701cb26c8c9ea5160dff304ea7dc98d2f47e62ff

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 31 Dec 2019 20:30:30 GMT
content-encoding: gzip
last-modified: Thu, 05 Dec 2019 20:44:18 GMT
x-amz-meta-content-md5: ca07768b846d344bf902443ecd748312
x-amz-cf-pop: FRA53-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: null
status: 200
cache-control: max-age=604810, no-cache
content-type: text/css
x-amz-cf-id: LY-re1SLCBn0dr7i2c-4U-rRnfDknxiDBXR7tiRDR1ogVGnKg-qfTg==
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
server: AmazonS3

GET
H2 200 gtm.js Show response
harpreplacementprogram.com/js/ 483 B
900 B 371ms
370ms Script
application/javascript 2600:9000:214f:cc00:19:3666:ba00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://harpreplacementprogram.com/js/gtm.js
Requested by: Host: harpreplacementprogram.com
URL: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:cc00:19:3666:ba00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e8e24710a00d273711721c46e945040257fdc6cb34938c3bb169371ea9c6ba2e

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 31 Dec 2019 20:30:30 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified: Thu, 29 Aug 2019 19:38:44 GMT
x-amz-meta-content-md5: d5e98aba0631a0d729fb3628d10a9ea0
x-amz-cf-pop: FRA53-C1
etag: "d5e98aba0631a0d729fb3628d10a9ea0"
x-cache: Miss from cloudfront
x-amz-version-id: null
status: 200
cache-control: max-age=604810, no-cache
accept-ranges: bytes
content-type: application/javascript
content-length: 483
x-amz-cf-id: Ow6Xbd8AcGKSkk7RnL0RvMXAzx0ACleuBUQ5rHuQCgWCQV1uJ7e-Cg==
server: AmazonS3

GET
H2 200 logo.png
harpreplacementprogram.com/img/ 16 KB
17 KB 462ms
460ms Image
image/png 2600:9000:214f:cc00:19:3666:ba00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://harpreplacementprogram.com/img/logo.png
Requested by: Host: harpreplacementprogram.com
URL: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:cc00:19:3666:ba00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0df9be58ff2ef922e79b122ab65ed499de0dc3c8653c05dc66163d1bec26e5ae

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 31 Dec 2019 20:30:30 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified: Tue, 19 Mar 2019 19:38:00 GMT
x-amz-meta-content-md5: 8a744bb42d28e2acc9001851924f8ace
x-amz-cf-pop: FRA53-C1
etag: "8a744bb42d28e2acc9001851924f8ace"
x-cache: Miss from cloudfront
x-amz-version-id: BcvUL2TmhN49JiqJ.C97PbUxyCnpJAsa
status: 200
cache-control: max-age=604810, no-cache
accept-ranges: bytes
content-type: image/png
content-length: 16715
x-amz-cf-id: zzzh2o0fbdKtPhtNnwww_TfbDp_9zTjtPXRfgREZ3biCebIJjxh_JQ==
server: AmazonS3

GET
H2 200 loading-gif.gif
harpreplacementprogram.com/img/ 51 KB
52 KB 395ms
395ms Image
image/gif 2600:9000:214f:cc00:19:3666:ba00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://harpreplacementprogram.com/img/loading-gif.gif
Requested by: Host: harpreplacementprogram.com
URL: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:cc00:19:3666:ba00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bbee24cb8cf3f1cdc8bf2251c22ce5d1a696f17b7370d0003a1ca47c94d82291

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 31 Dec 2019 20:30:30 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified: Tue, 19 Mar 2019 19:38:00 GMT
x-amz-meta-content-md5: 34cf53375f840ece721fc985de40d881
x-amz-cf-pop: FRA53-C1
etag: "34cf53375f840ece721fc985de40d881"
x-cache: Miss from cloudfront
x-amz-version-id: jPVp.h4_A9bRGY5ptenqgOdybtkamlWU
status: 200
cache-control: max-age=604810, no-cache
accept-ranges: bytes
content-type: image/gif
content-length: 52250
x-amz-cf-id: GhoeYkvuS-v-6wOqTRyphVr03eAM_4zSbUM_vURW0S5s3xCLTyyXSQ==
server: AmazonS3

GET
H2 200 combined.js Show response
harpreplacementprogram.com/js/ 297 KB
84 KB 416ms
416ms Script
application/javascript 2600:9000:214f:cc00:19:3666:ba00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://harpreplacementprogram.com/js/combined.js
Requested by: Host: harpreplacementprogram.com
URL: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:cc00:19:3666:ba00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 033060ec220d107e05139720f34cd2f3a0c61d30a72553f7fb6c8d16d17d2837

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 31 Dec 2019 20:30:30 GMT
content-encoding: gzip
last-modified: Tue, 31 Dec 2019 17:10:56 GMT
x-amz-meta-content-md5: 717e4c0d990e9a3752044cd9932f1e96
x-amz-cf-pop: FRA53-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: null
status: 200
cache-control: max-age=604810, no-cache
content-type: application/javascript
x-amz-cf-id: Tkpo2TQIX8WQ8bmtu0TiPhba6ngk1jI_cUvWjrHwgAl7xqHA5U2caw==
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
server: AmazonS3

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 119 KB
39 KB 55ms
36ms Script
text/javascript 2a00:1450:4001:81e::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?types=geocode&components=country:us&key=AIzaSyCQgYQDQA0UlURlWeO33dKf16ZpvG2ckak&libraries=places&callback=initAutocomplete

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

mafe /

Resource Hash

843e4af8c026e6081c5463c8d414bcb96ea13649e3935ef60545cd1bcbc6df49

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 31 Dec 2019 20:30:29 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
vary: Accept-Language
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=1800
server-timing: gfet4t7; dur=21
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 39257
x-xss-protection: 0
expires: Tue, 31 Dec 2019 21:00:29 GMT

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 3 KB
2 KB 98ms
32ms Script
application/javascript 159.122.87.153
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=364281&u=https%3A%2F%2Fharpreplacementprogram.com%2F%3Fo%3D2143%26a%3D225%26c%3D10889%26cpid%3D12747%26s1%3DSES_EasyFHADirect_HarpReplace_Dec31%26zipcode%3D56264%26first_name%3DKelly%26last_name%3DDevlaeminck%26address%3D301%2520N%2520Madison%2520St%26city%3DMinneota%26state%3DMN%26email%3Dkelly.devlaeminck%40avera.org%26phone_primary%3D5078729907%26current_lender%3DOther%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&f=1&r=0.4527698117716632
Requested by: Host: harpreplacementprogram.com
URL: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.122.87.153 Frankfurt am Main, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: 99.57.7a9f.ip4.static.sl-reverse.com
Software: dacdn2 /
Resource Hash: aec1af5f416523a9c65dab041d672fecd09e83bc52169f896d9e07612dee487b

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 31 Dec 2019 20:30:29 GMT
content-encoding: gzip
server: dacdn2
content-type: application/javascript; charset=UTF-8

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 359 KB
41 KB 46ms
46ms Script
application/javascript 2a00:1450:4001:80b::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P62KC9K&l=scData

Requested by

Host: harpreplacementprogram.com
URL: https://harpreplacementprogram.com/js/gtm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b3a282d28d7b649aa88b15662cc542ea11ff126d7e9a335d11cd9184a94d2739

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 31 Dec 2019 20:30:29 GMT
content-encoding: br
last-modified: Tue, 31 Dec 2019 18:00:00 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 41806
x-xss-protection: 0
expires: Tue, 31 Dec 2019 20:30:29 GMT

GET
H2 200 checkmark.png
harpreplacementprogram.com/img/ 2 KB
2 KB 156ms
156ms Image
image/png 2600:9000:214f:cc00:19:3666:ba00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://harpreplacementprogram.com/img/checkmark.png
Requested by: Host: harpreplacementprogram.com
URL: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:cc00:19:3666:ba00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aa9a0f84f5d4227f07f7713b7bffad852486a86d3036cc7cbb3a25e259caeebd

Request headers

Referer: https://harpreplacementprogram.com/css/combined.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 31 Dec 2019 20:30:30 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified: Tue, 19 Mar 2019 19:38:00 GMT
x-amz-meta-content-md5: 2dfb098de442d5e36f06ae838f8bd695
x-amz-cf-pop: FRA53-C1
etag: "2dfb098de442d5e36f06ae838f8bd695"
x-cache: Miss from cloudfront
x-amz-version-id: BAsw4LZmmGdbwW4nX6OQ2WazDEomnGjy
status: 200
cache-control: max-age=604810, no-cache
accept-ranges: bytes
content-type: image/png
content-length: 1795
x-amz-cf-id: xuZikP859i8UtPh2fLXrMg7_UgiU9Ned1uPmqZlmhnoNfPdlwIRaGw==
server: AmazonS3

GET
H2 200 QGYsz_wNahGAdqQ43Rh_fKDptfpA4Q.woff2
fonts.gstatic.com/s/worksans/v5/ 15 KB
15 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:817::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v5/QGYsz_wNahGAdqQ43Rh_fKDptfpA4Q.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

6a645c93a587df5075444babe7d852b13ed4e4d24e339e307551acf743e214ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Work+Sans
Origin: https://harpreplacementprogram.com

Response headers

date: Fri, 22 Nov 2019 01:33:46 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:19:14 GMT
server: sffe
age: 3437803
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 15112
x-xss-protection: 0
expires: Sat, 21 Nov 2020 01:33:46 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 23 KB
7 KB 48ms
31ms Script
application/javascript 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P62KC9K&l=scData
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 31 Dec 2019 20:30:28 GMT
content-encoding: gzip
last-modified: Tue, 10 Sep 2019 18:57:28 GMT
x-msedge-ref: Ref A: C13852B003E14966B3C5ECC4FB3741F6 Ref B: FRAEDGE0818 Ref C: 2019-12-31T20:30:29Z
access-control-allow-origin: *
etag: "09c5197968d51:0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7148

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 26 KB
10 KB 138ms
43ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P62KC9K&l=scData

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

77ce0ec2a02b410eee12285bd7487b2599970ac39b6ff58c0b748b6e2df36f3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 31 Dec 2019 20:30:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9933
x-xss-protection: 0
server: cafe
etag: 9795501548502167919
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 31 Dec 2019 20:30:29 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P62KC9K&l=scData

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 7012
date: Tue, 31 Dec 2019 18:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Tue, 31 Dec 2019 20:33:37 GMT

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 29 KB
10 KB 124ms
30ms Script
text/javascript 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/ld.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P62KC9K&l=scData
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 6a60018cab3d38d035188490d869d5dc1283a7dd115917226df457ca92887f7f

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 31 Dec 2019 20:30:29 GMT
content-encoding: gzip
last-modified: Mon, 16 Dec 2019 15:00:50 GMT
server: nginx
access-control-allow-origin: *
etag: W/"5df79c22-7533"
content-type: text/javascript
status: 200
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Wed, 01 Jan 2020 20:30:29 GMT

GET
H2 200 f21bcfe7-421d-0b59-65fe-3d36e8d9c8d6.js Show response
create.lidstatic.com/campaign/ 122 KB
39 KB 112ms
20ms Script
text/javascript 2606:4700:10::6814:4a82
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/f21bcfe7-421d-0b59-65fe-3d36e8d9c8d6.js?snippet_version=2&f=reset
Requested by: Host: harpreplacementprogram.com
URL: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4a82 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbcc37c25df7534634d5dd518a1e2f155eb7be187adf796e8581b0734c9d6383

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 31 Dec 2019 20:30:29 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1451
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: 2FFCE02E3CA387B9
x-amz-id-2: 3pgq7MYp/zKiz1KsytGWjOetvwNsSaLk7b67CJbPsAzfy/QjZ3mf2hjg+UINhfWbO3j3V6VRoiQ=
last-modified: Fri, 27 Apr 2018 16:58:03 GMT
server: cloudflare
etag: W/"9d4caf42bf9665b843fd1a5321dd6df2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1800
x-amz-version-id: j6zNllYXzgfPBR.bFlasNdsto3e4PhNj
cf-ray: 54df02f9fde6d6d5-FRA

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 6 KB
3 KB 128ms
36ms Script
application/x-javascript 2.18.234.190
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: harpreplacementprogram.com
URL: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: be5238c76400fe2da689c27af8d1827067a5f7d06528e441e3596d7ae236ee1d

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 31 Dec 2019 20:30:29 GMT
Content-Encoding: gzip
Last-Modified: Wed, 27 Nov 2019 09:04:08 GMT
Server: Apache
ETag: "4d2d4fd9389c5c77c32c897e944ddd21:1574845448"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2578
Expires: Tue, 31 Dec 2019 20:50:29 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 19 KB
6 KB 87ms
53ms Script
application/javascript 2a00:1288:f03d:1fa::4000
Oath Holdings Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),

Reverse DNS

Software

ATS /

Resource Hash

7edb2213c1f4f569617389783ba544f9997d11a1fc5e54406582b25967bfde66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Tue, 31 Dec 2019 19:52:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2287
x-amz-server-side-encryption: AES256
status: 200
strict-transport-security: max-age=15552000
content-length: 5150
x-amz-id-2: +QAKMO3QWsCMIIGX++RsTZ1QUiBxoCsDgogYSDYU1yHstnO3XYwrfJpZ+BP1jijlQt/rOmw+Mcg=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 12 Nov 2020 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 08 Oct 2019 10:16:59 GMT
server: ATS
etag: "254a43f994019deb4ca1830f04bd5d32-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
x-amz-request-id: 9D0ED4EF1FE9166A
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: x4Y4HVRbF4l0Lw4GKvYmVr0DuE8bwWr0
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 fs.js Show response
fullstory.com/s/ 190 KB
68 KB 38ms
15ms Script
application/javascript 2001:4860:4802:32::15
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fullstory.com/s/fs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

656bbef64fb13e06026a66677646a39f9c36554a2f0431c4bcccef296930fd07

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: gzip
server: Google Frontend
age: 275
etag: "iPKD0A"
vary: Accept-Encoding
content-type: application/javascript
status: 200
x-cloud-trace-context: 6422902627187709da3fd83a97d22d71
cache-control: public, max-age=600
date: Tue, 31 Dec 2019 20:25:54 GMT
timing-allow-origin: *
access-control-allow-origin: *
content-length: 69206
expires: Tue, 31 Dec 2019 20:35:54 GMT

GET
H2 200 5c50ccd208bc450010b68ada Show response
api.pushnami.com/scripts/v1/push/ 31 KB
9 KB 586ms
483ms Script
application/javascript 143.204.214.29
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pushnami.com/scripts/v1/push/5c50ccd208bc450010b68ada
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P62KC9K&l=scData
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.29 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-214-29.fra53.r.cloudfront.net
Software: /
Resource Hash: b7f24c4aa69e11efb7d46b99f7ab854f1b1ce2e8ed8b0034885bb6486498f97a

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 31 Dec 2019 20:30:29 GMT
via: 1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
status: 200
cache-control: no-cache
content-encoding: gzip
x-amz-cf-id: 3b60hKWSh-uvWqJ38KeTraN489hGESGZTNZXUXqaYklpyog4iK2ZCw==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

1ada5b4d0b63b06d2bd668cd7d6597689796da41a434a675cfdbd2a1bddf251a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 30426
x-xss-protection: 0
pragma: public
x-fb-debug: NFdkYQKpew3AVbSkgK82Nsq318C/bT9YdpwlvCzpjfOTEL9G7qFW595mtkL5paypdeWMyJiorN15MJ1tcqQjZQ==
x-fb-trip-id: 1850256238
date: Tue, 31 Dec 2019 20:30:29 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1221287/ 60 KB
21 KB 121ms
38ms Script
application/javascript 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1221287/tfa.js
Requested by: Host: harpreplacementprogram.com
URL: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3d6dfc05f109729225eb85df1a3cf3c8be08dd8a3b82c7082c144bb14ece9efb

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: wBSAEnGiYwCvlvuR2exihh6PFowd7EU3
content-encoding: gzip
age: 85
x-cache: HIT
status: 200
date: Tue, 31 Dec 2019 20:30:29 GMT
x-amz-replication-status: COMPLETED
content-length: 20795
x-amz-id-2: c1DBSfz6y6v8/J6emI4y17SLf6MnnN8rXodBY+owaXDDUnRmFbKC4g5u7UaJZYv3VW6iMdWzYtQ=
x-served-by: cache-hhn4036-HHN
last-modified: Wed, 11 Dec 2019 13:43:06 GMT
server: AmazonS3
x-timer: S1577824229.451474,VS0,VE0
etag: "07977d655c4f3382f187a5141f44ddf1"
vary: Accept-Encoding
x-amz-request-id: 7E8FD7CABF7D959A
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 59
x-cache-hits: 1

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=831864537&t=pageview&_s=1&dl=https%3A%2F%2Fharpreplacementprogram.com%2F%3Fo%3D2143%26a%3D225%26c%3D10889%26cpid%3D12747%26s1%3DSES_EasyFHADi...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-132689034-32&cid=1754380497.1577824229&jid=1462671034&_gid=897214344.1577824229&gjid=491254776&_v=j79&z=357881303
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-132689034-32&cid=1754380497.1577824229&jid=1462671034&_v=j79&z=357881303
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-132689034-32&cid=1754380497.1577824229&jid=1462671034&_v=j79&z=357881303&slf_rd=1&random=3229173368

42 B
109 B

18ms
17ms

Image
image/gif

2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-132689034-32&cid=1754380497.1577824229&jid=1462671034&_v=j79&z=357881303&slf_rd=1&random=3229173368

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Dec 2019 20:30:29 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Dec 2019 20:30:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-132689034-32&cid=1754380497.1577824229&jid=1462671034&_v=j79&z=357881303&slf_rd=1&random=3229173368
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2349520131953309 Show response
connect.facebook.net/signals/config/ 447 KB
112 KB 61ms
60ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2349520131953309?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

639f4b2ea3af75c7c14c32ee3b7389d77f7de52bcc2baf67c15fc28f6bdad70b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: MxoWdIgq8I4JGAFIgJ0e95LjQ2haFZmVXl60dBwIGPnu5FIvkYSM8BV/JY4dNgysZHC6+/736C4z5CRkl1t6Ag==
x-fb-trip-id: 1850256238
date: Tue, 31 Dec 2019 20:30:29 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 vanj-c444a6ccce59eae6a1743c389f0975db.js Show response
dev.visualwebsiteoptimizer.com/6.0/ 117 KB
34 KB 123ms
31ms Script
text/javascript 159.122.87.153
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/6.0/vanj-c444a6ccce59eae6a1743c389f0975db.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=364281&u=https%3A%2F%2Fharpreplacementprogram.com%2F%3Fo%3D2143%26a%3D225%26c%3D10889%26cpid%3D12747%26s1%3DSES_EasyFHADirect_HarpReplace_Dec31%26zipcode%3D56264%26first_name%3DKelly%26last_name%3DDevlaeminck%26address%3D301%2520N%2520Madison%2520St%26city%3DMinneota%26state%3DMN%26email%3Dkelly.devlaeminck%40avera.org%26phone_primary%3D5078729907%26current_lender%3DOther%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&f=1&r=0.4527698117716632
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.122.87.153 Frankfurt am Main, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: 99.57.7a9f.ip4.static.sl-reverse.com
Software: dacdn2 /
Resource Hash: dedc182020360077beba203224a36fa2e4ebf927126344936a1c9661ea553329

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
Origin: https://harpreplacementprogram.com

Response headers

date: Tue, 31 Dec 2019 20:30:29 GMT
content-encoding: br
last-modified: Fri, 20 Dec 2019 11:18:01 GMT
server: dacdn2
access-control-allow-origin: *
etag: "5dfcade9-8618"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34328

GET
H2 200 track-c444a6ccce59eae6a1743c389f0975db.js Show response
dev.visualwebsiteoptimizer.com/6.0/ 11 KB
4 KB 154ms
63ms Script
text/javascript 159.122.87.153
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/6.0/track-c444a6ccce59eae6a1743c389f0975db.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=364281&u=https%3A%2F%2Fharpreplacementprogram.com%2F%3Fo%3D2143%26a%3D225%26c%3D10889%26cpid%3D12747%26s1%3DSES_EasyFHADirect_HarpReplace_Dec31%26zipcode%3D56264%26first_name%3DKelly%26last_name%3DDevlaeminck%26address%3D301%2520N%2520Madison%2520St%26city%3DMinneota%26state%3DMN%26email%3Dkelly.devlaeminck%40avera.org%26phone_primary%3D5078729907%26current_lender%3DOther%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&f=1&r=0.4527698117716632
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.122.87.153 Frankfurt am Main, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: 99.57.7a9f.ip4.static.sl-reverse.com
Software: dacdn2 /
Resource Hash: 5de450312e22148d5ada1712d795e9600b72a2c5fa71b45975728ef67f762ff5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
Origin: https://harpreplacementprogram.com

Response headers

date: Tue, 31 Dec 2019 20:30:29 GMT
content-encoding: br
last-modified: Fri, 20 Dec 2019 11:18:01 GMT
server: dacdn2
access-control-allow-origin: *
etag: "5dfcade9-dad"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3501

GET
H2 200 opa-da02bbb42ccc85fc5d2baff89e5014fd.js Show response
dev.visualwebsiteoptimizer.com/analysis/2.0/ 150 KB
43 KB 154ms
63ms Script
application/javascript 159.122.87.153
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/2.0/opa-da02bbb42ccc85fc5d2baff89e5014fd.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=364281&u=https%3A%2F%2Fharpreplacementprogram.com%2F%3Fo%3D2143%26a%3D225%26c%3D10889%26cpid%3D12747%26s1%3DSES_EasyFHADirect_HarpReplace_Dec31%26zipcode%3D56264%26first_name%3DKelly%26last_name%3DDevlaeminck%26address%3D301%2520N%2520Madison%2520St%26city%3DMinneota%26state%3DMN%26email%3Dkelly.devlaeminck%40avera.org%26phone_primary%3D5078729907%26current_lender%3DOther%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&f=1&r=0.4527698117716632
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.122.87.153 Frankfurt am Main, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: 99.57.7a9f.ip4.static.sl-reverse.com
Software: dacdn2 /
Resource Hash: 63de39b7cb45640fb5d0b035ef4f05cc4676619b02270939334abed407e9f3ec

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
Origin: https://harpreplacementprogram.com

Response headers

date: Tue, 31 Dec 2019 20:30:29 GMT
content-encoding: br
last-modified: Fri, 20 Dec 2019 11:17:58 GMT
server: dacdn2
access-control-allow-origin: *
etag: "5dfcade6-a932"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 43314

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
236 B 59ms
59ms Image
image/gif 159.122.87.153
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?a=364281&d=harpreplacementprogram.com&u=D0225EAE609B28CE8D22549AB8B8A3755&h=5e9a9294199f5468568a88481607e4a2&t=false&r=0.001019745537192085

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.122.87.153 Frankfurt am Main, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

99.57.7a9f.ip4.static.sl-reverse.com

Software

dacdn2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Dec 2019 20:30:29 GMT
x-content-type-options: nosniff
server: dacdn2
content-type: image/gif
status: 200
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 10004409.json Show response
s.yimg.com/wi/config/ 2 B
483 B 192ms
158ms XHR
application/json 2a00:1288:f03d:1fa::4000
Oath Holdings Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10004409.json

Requested by

Host: harpreplacementprogram.com
URL: https://harpreplacementprogram.com/newrelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
Origin: https://harpreplacementprogram.com

Response headers

date: Tue, 31 Dec 2019 20:30:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
status: 200
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: BB6BE98A89F53C84
x-amz-id-2: clezjM+it/0r8NGIQ9bSzUk7+rkZLIWunL3teCZS9or+t7j6Dp+aG2ZTrSOKLxCWrXNAMz7B144=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600

GET
H2 204 0
bat.bing.com/action/ 0
148 B 29ms
29ms Image
text/plain 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=25077431&Ver=2&mid=4e2f2403-56d7-7fee-1f01-e47e82df0b94&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=HARP%20Replacement%20Program&p=https%3A%2F%2Fharpreplacementprogram.com%2F%3Fo%3D2143%26a%3D225%26c%3D10889%26cpid%3D12747%26s1%3DSES_EasyFHADirect_HarpReplace_Dec31%26zipcode%3D56264%26first_name%3DKelly%26last_name%3DDevlaeminck%26address%3D301%2520N%2520Madison%2520St%26city%3DMinneota%26state%3DMN%26email%3Dkelly.devlaeminck%40avera.org%26phone_primary%3D5078729907%26current_lender%3DOther%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&r=&evt=pageLoad&msclkid=N&rn=612767
Requested by: Host: harpreplacementprogram.com
URL: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Tue, 31 Dec 2019 20:30:28 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: EEC86C6E4F884CAC81413347B03AE941 Ref B: FRAEDGE0818 Ref C: 2019-12-31T20:30:29Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
92 B 29ms
28ms Image
text/plain 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=18003016&Ver=2&mid=99524395-189c-ee1a-32be-b5ca643800cc&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=HARP%20Replacement%20Program&p=https%3A%2F%2Fharpreplacementprogram.com%2F%3Fo%3D2143%26a%3D225%26c%3D10889%26cpid%3D12747%26s1%3DSES_EasyFHADirect_HarpReplace_Dec31%26zipcode%3D56264%26first_name%3DKelly%26last_name%3DDevlaeminck%26address%3D301%2520N%2520Madison%2520St%26city%3DMinneota%26state%3DMN%26email%3Dkelly.devlaeminck%40avera.org%26phone_primary%3D5078729907%26current_lender%3DOther%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&r=&evt=pageLoad&msclkid=N&rn=613185
Requested by: Host: harpreplacementprogram.com
URL: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Tue, 31 Dec 2019 20:30:28 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 61517953AC2A411199488D2432565D92 Ref B: FRAEDGE0818 Ref C: 2019-12-31T20:30:29Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
93 B 29ms
29ms Image
text/plain 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=56003691&Ver=2&mid=877c1d40-2ba6-6b45-d407-6f6b62ce01b1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=HARP%20Replacement%20Program&p=https%3A%2F%2Fharpreplacementprogram.com%2F%3Fo%3D2143%26a%3D225%26c%3D10889%26cpid%3D12747%26s1%3DSES_EasyFHADirect_HarpReplace_Dec31%26zipcode%3D56264%26first_name%3DKelly%26last_name%3DDevlaeminck%26address%3D301%2520N%2520Madison%2520St%26city%3DMinneota%26state%3DMN%26email%3Dkelly.devlaeminck%40avera.org%26phone_primary%3D5078729907%26current_lender%3DOther%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&r=&evt=pageLoad&msclkid=N&rn=983525
Requested by: Host: harpreplacementprogram.com
URL: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Tue, 31 Dec 2019 20:30:28 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 14CAA0E0F4B34E50AF638C1FC095D887 Ref B: FRAEDGE0818 Ref C: 2019-12-31T20:30:29Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 202 page Show response
rs.fullstory.com/rec/ 15 B
250 B 172ms
124ms XHR
text/plain 35.186.194.58
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://rs.fullstory.com/rec/page

Requested by

Host: harpreplacementprogram.com
URL: https://harpreplacementprogram.com/newrelic.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

58.194.186.35.bc.googleusercontent.com

Software

Resource Hash

4caf40e0f19d99cb8008b4823ed368b3e77d689018a44616075280d68ed4920b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
Origin: https://harpreplacementprogram.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 31 Dec 2019 20:30:29 GMT
via: 1.1 google
x-content-type-options: nosniff
status: 202
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://harpreplacementprogram.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 15
expires: 0

POST
H/1.1 200
OK GenerateToken Show response
create.leadid.com/2.5.2/ 36 B
850 B 456ms
151ms XHR
text/plain 3.225.12.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.5.2/GenerateToken?msn=1&pid=ed348c8b-6493-4f02-87d6-5f8d5495ce25&_=230526098
Requested by: Host: harpreplacementprogram.com
URL: https://harpreplacementprogram.com/newrelic.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.12.13 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-3-225-12-13.compute-1.amazonaws.com
Software: nginx/1.10.1 / PHP/7.1.33
Resource Hash: 62633f7bd8e51de70fa29ed511952365a1026ae19aa5fcdcc9f471e3b5c0e763

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
Origin: https://harpreplacementprogram.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Tue, 31 Dec 2019 20:30:29 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
X-Powered-By: PHP/7.1.33
Access-Control-Max-Age: 1728000
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 56
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pixel
tr.outbrain.com/ 43 B
358 B 207ms
128ms Image
image/gif 151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.outbrain.com/pixel?marketerId=0067f0a41438361d9cb533b65911e31c39&obApiVersion=1.1&obtpVersion=1.1.7&name=PAGE_VIEW&dl=https%3A%2F%2Fharpreplacementprogram.com%2F%3Fo%3D2143%26a%3D225%26c%3D10889%26cpid%3D12747%26s1%3DSES_EasyFHADirect_HarpReplace_Dec31%26zipcode%3D56264%26first_name%3DKelly%26last_name%3DDevlaeminck%26address%3D301%2520N%2520Madison%2520St%26city%3DMinneota%26state%3DMN%26email%3Dkelly.devlaeminck%40avera.org%26phone_primary%3D5078729907%26current_lender%3DOther%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&optOut=false&bust=05934834226565235

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=0; includeSubDomains;
content-encoding: gzip
traffic-path: NYDC1, JFK, FRA, Europe1
x-cache: MISS, MISS
status: 200
x-traceid: b75a2463e9fa789192ec820e27f5f123
content-length: 60
x-served-by: cache-jfk8122-JFK, cache-fra19160-FRA
x-timer: S1577824230.574655,VS0,VE88
date: Tue, 31 Dec 2019 20:30:29 GMT
content-type: image/gif;
via: 1.1 varnish, 1.1 varnish
cache-control: no-cache
backend-ip: 104.156.90.22
accept-ranges: bytes, bytes
x-cache-hits: 0, 0

GET
H/1.1 200
OK pixel
amplifypixel.outbrain.com/ 43 B
314 B 386ms
93ms Image
image/gif 70.42.32.63
Outbrain

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amplifypixel.outbrain.com/pixel?mid=0067f0a41438361d9cb533b65911e31c39&dl=https%3A%2F%2Fharpreplacementprogram.com%2F%3Fo%3D2143%26a%3D225%26c%3D10889%26cpid%3D12747%26s1%3DSES_EasyFHADirect_HarpReplace_Dec31%26zipcode%3D56264%26first_name%3DKelly%26last_name%3DDevlaeminck%26address%3D301%2520N%2520Madison%2520St%26city%3DMinneota%26state%3DMN%26email%3Dkelly.devlaeminck%40avera.org%26phone_primary%3D5078729907%26current_lender%3DOther%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&bust=06724547610908185

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN - Outbrain, Inc., US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 31 Dec 2019 20:30:29 GMT
Cache-Control: no-cache
X-TraceId: 6603e0d1b16fc7117002a535a621c697
content-encoding: gzip
Content-Length: 60
Strict-Transport-Security: max-age=0; includeSubDomains;
Content-Type: image/gif;

GET
H2 200 pixel
tr.outbrain.com/ 43 B
190 B 211ms
131ms Image
image/gif 151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.outbrain.com/pixel?marketerId=00975efe2ff747f2b9d5b12fce0c9291e1&obApiVersion=1.1&obtpVersion=1.1.7&name=PAGE_VIEW&dl=https%3A%2F%2Fharpreplacementprogram.com%2F%3Fo%3D2143%26a%3D225%26c%3D10889%26cpid%3D12747%26s1%3DSES_EasyFHADirect_HarpReplace_Dec31%26zipcode%3D56264%26first_name%3DKelly%26last_name%3DDevlaeminck%26address%3D301%2520N%2520Madison%2520St%26city%3DMinneota%26state%3DMN%26email%3Dkelly.devlaeminck%40avera.org%26phone_primary%3D5078729907%26current_lender%3DOther%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&optOut=false&bust=032749133189847357

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=0; includeSubDomains;
content-encoding: gzip
traffic-path: NYDC1, JFK, FRA, Europe1
x-cache: MISS, MISS
status: 200
x-traceid: fd4c95c4f9d55966dc0324af48c6541e
content-length: 60
x-served-by: cache-jfk8134-JFK, cache-fra19160-FRA
x-timer: S1577824230.574353,VS0,VE92
date: Tue, 31 Dec 2019 20:30:29 GMT
content-type: image/gif;
via: 1.1 varnish, 1.1 varnish
cache-control: no-cache
backend-ip: 104.156.90.34
accept-ranges: bytes, bytes
x-cache-hits: 0, 0

GET
H/1.1 200
OK pixel
amplifypixel.outbrain.com/ 43 B
314 B 387ms
93ms Image
image/gif 70.42.32.63
Outbrain

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amplifypixel.outbrain.com/pixel?mid=00975efe2ff747f2b9d5b12fce0c9291e1&dl=https%3A%2F%2Fharpreplacementprogram.com%2F%3Fo%3D2143%26a%3D225%26c%3D10889%26cpid%3D12747%26s1%3DSES_EasyFHADirect_HarpReplace_Dec31%26zipcode%3D56264%26first_name%3DKelly%26last_name%3DDevlaeminck%26address%3D301%2520N%2520Madison%2520St%26city%3DMinneota%26state%3DMN%26email%3Dkelly.devlaeminck%40avera.org%26phone_primary%3D5078729907%26current_lender%3DOther%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&bust=016390631628424268

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN - Outbrain, Inc., US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 31 Dec 2019 20:30:29 GMT
Cache-Control: no-cache
X-TraceId: 2638375ae7acc6af1db0ac2fc51d3885
content-encoding: gzip
Content-Length: 60
Strict-Transport-Security: max-age=0; includeSubDomains;
Content-Type: image/gif;

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=50034&v=5.5.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&tld=harpreplacementprogram.com&dtycbr=54873
https://widget.us.criteo.com/event?a=50034&v=5.5.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&tld=harpreplacementprogram.com&dtycbr=54873

1 KB
1 KB

301ms
104ms

Script
application/x-javascript

74.119.119.150
Criteo Corp.

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.us.criteo.com/event?a=50034&v=5.5.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&tld=harpreplacementprogram.com&dtycbr=54873
Requested by: Host: harpreplacementprogram.com
URL: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.119.119.150 , United States, ASN19750 (AS-CRITEO - Criteo Corp., US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 82a3e086c62df13c8066d9ba633cf76f23e444b8436bdd083aeeb08f2107a95a

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Dec 2019 20:30:29 GMT
content-encoding: gzip
content-type: application/x-javascript
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
status: 200
cache-control: no-cache
timing-allow-origin: *
content-length: 844
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 31 Dec 2019 20:30:29 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
location: https://widget.us.criteo.com/event?a=50034&v=5.5.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&tld=harpreplacementprogram.com&dtycbr=54873
status: 302
cache-control: no-cache
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/709015113/ 3 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/709015113/?random=1577824229489&cv=9&fst=1577824229489&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fharpreplacementprogram.com%2F%3Fo%3D2143%26a%3D225%26c%3D10889%26cpid%3D12747%26s1%3DSES_EasyFHADirect_HarpReplace_Dec31%26zipcode%3D56264%26first_name%3DKelly%26last_name%3DDevlaeminck%26address%3D301%2520N%2520Madison%2520St%26city%3DMinneota%26state%3DMN%26email%3Dkelly.devlaeminck%40avera.org%26phone_primary%3D5078729907%26current_lender%3DOther%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&tiba=HARP%20Replacement%20Program&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0c22bbf991f2d5cb40c65881c184e6b4b7d173e2e6618154288e87aff6d0289d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Dec 2019 20:30:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1233
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/701378055/ 3 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/701378055/?random=1577824229491&cv=9&fst=1577824229491&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fharpreplacementprogram.com%2F%3Fo%3D2143%26a%3D225%26c%3D10889%26cpid%3D12747%26s1%3DSES_EasyFHADirect_HarpReplace_Dec31%26zipcode%3D56264%26first_name%3DKelly%26last_name%3DDevlaeminck%26address%3D301%2520N%2520Madison%2520St%26city%3DMinneota%26state%3DMN%26email%3Dkelly.devlaeminck%40avera.org%26phone_primary%3D5078729907%26current_lender%3DOther%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&tiba=HARP%20Replacement%20Program&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

9518dbcf629145a4ba36b016734a21bec08ab9c0eb5ac521d9450078ff5d1638

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Dec 2019 20:30:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1232
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-user-list/749575810/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/749575810/?random=1577824229491&cv=9&fst=1577824229491&num=1&fmt=3&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=16...
https://www.google.com/pagead/1p-user-list/749575810/?random=1577824229491&cv=9&fst=1577822400000&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_np...
https://www.google.de/pagead/1p-user-list/749575810/?random=1577824229491&cv=9&fst=1577822400000&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_npl...

42 B
156 B

19ms
19ms

Image
image/gif

2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/749575810/?random=1577824229491&cv=9&fst=1577822400000&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&frm=0&url=https%3A%2F%2Fharpreplacementprogram.com%2F%3Fo%3D2143%26a%3D225%26c%3D10889%26cpid%3D12747%26s1%3DSES_EasyFHADirect_HarpReplace_Dec31%26zipcode%3D56264%26first_name%3DKelly%26last_name%3DDevlaeminck%26address%3D301%2520N%2520Madison%2520St%26city%3DMinneota%26state%3DMN%26email%3Dkelly.devlaeminck%40avera.org%26phone_primary%3D5078729907%26current_lender%3DOther%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&tiba=HARP%20Replacement%20Program&async=1&is_vtc=1&random=1578923077&resp=GooglemKTybQhCsO&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Dec 2019 20:30:29 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Dec 2019 20:30:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/pagead/1p-user-list/749575810/?random=1577824229491&cv=9&fst=1577822400000&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&frm=0&url=https%3A%2F%2Fharpreplacementprogram.com%2F%3Fo%3D2143%26a%3D225%26c%3D10889%26cpid%3D12747%26s1%3DSES_EasyFHADirect_HarpReplace_Dec31%26zipcode%3D56264%26first_name%3DKelly%26last_name%3DDevlaeminck%26address%3D301%2520N%2520Madison%2520St%26city%3DMinneota%26state%3DMN%26email%3Dkelly.devlaeminck%40avera.org%26phone_primary%3D5078729907%26current_lender%3DOther%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&tiba=HARP%20Replacement%20Program&async=1&is_vtc=1&random=1578923077&resp=GooglemKTybQhCsO&ipr=y
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/712220025/ 3 KB
1 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/712220025/?random=1577824229492&cv=9&fst=1577824229492&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fharpreplacementprogram.com%2F%3Fo%3D2143%26a%3D225%26c%3D10889%26cpid%3D12747%26s1%3DSES_EasyFHADirect_HarpReplace_Dec31%26zipcode%3D56264%26first_name%3DKelly%26last_name%3DDevlaeminck%26address%3D301%2520N%2520Madison%2520St%26city%3DMinneota%26state%3DMN%26email%3Dkelly.devlaeminck%40avera.org%26phone_primary%3D5078729907%26current_lender%3DOther%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&tiba=HARP%20Replacement%20Program&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

30c63d10d0bbae23502d763b7b64283bc947ce59d78dcdf569859bd9d044ac59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Dec 2019 20:30:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1234
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-user-list/782166578/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/782166578/?random=1577824229492&cv=9&fst=1577824229492&num=1&fmt=3&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=16...
https://www.google.com/pagead/1p-user-list/782166578/?random=1577824229492&cv=9&fst=1577822400000&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_np...
https://www.google.de/pagead/1p-user-list/782166578/?random=1577824229492&cv=9&fst=1577822400000&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_npl...

42 B
110 B

20ms
20ms

Image
image/gif

2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/782166578/?random=1577824229492&cv=9&fst=1577822400000&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&frm=0&url=https%3A%2F%2Fharpreplacementprogram.com%2F%3Fo%3D2143%26a%3D225%26c%3D10889%26cpid%3D12747%26s1%3DSES_EasyFHADirect_HarpReplace_Dec31%26zipcode%3D56264%26first_name%3DKelly%26last_name%3DDevlaeminck%26address%3D301%2520N%2520Madison%2520St%26city%3DMinneota%26state%3DMN%26email%3Dkelly.devlaeminck%40avera.org%26phone_primary%3D5078729907%26current_lender%3DOther%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&tiba=HARP%20Replacement%20Program&async=1&is_vtc=1&random=2321663752&resp=GooglemKTybQhCsO&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Dec 2019 20:30:29 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Dec 2019 20:30:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/pagead/1p-user-list/782166578/?random=1577824229492&cv=9&fst=1577822400000&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&frm=0&url=https%3A%2F%2Fharpreplacementprogram.com%2F%3Fo%3D2143%26a%3D225%26c%3D10889%26cpid%3D12747%26s1%3DSES_EasyFHADirect_HarpReplace_Dec31%26zipcode%3D56264%26first_name%3DKelly%26last_name%3DDevlaeminck%26address%3D301%2520N%2520Madison%2520St%26city%3DMinneota%26state%3DMN%26email%3Dkelly.devlaeminck%40avera.org%26phone_primary%3D5078729907%26current_lender%3DOther%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&tiba=HARP%20Replacement%20Program&async=1&is_vtc=1&random=2321663752&resp=GooglemKTybQhCsO&ipr=y
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/860860373/ 3 KB
2 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/860860373/?random=1577824229493&cv=9&fst=1577824229493&num=1&label=BnAeCL6p15ABENXfvpoD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fharpreplacementprogram.com%2F%3Fo%3D2143%26a%3D225%26c%3D10889%26cpid%3D12747%26s1%3DSES_EasyFHADirect_HarpReplace_Dec31%26zipcode%3D56264%26first_name%3DKelly%26last_name%3DDevlaeminck%26address%3D301%2520N%2520Madison%2520St%26city%3DMinneota%26state%3DMN%26email%3Dkelly.devlaeminck%40avera.org%26phone_primary%3D5078729907%26current_lender%3DOther%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&tiba=HARP%20Replacement%20Program&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

7bde5e2b03a5efb4ea7f9efc1cc176e7ce7880755a184d825c57899065f256c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Dec 2019 20:30:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1284
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/704931280/ 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/704931280/?random=1577824229493&cv=9&fst=1577824229493&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fharpreplacementprogram.com%2F%3Fo%3D2143%26a%3D225%26c%3D10889%26cpid%3D12747%26s1%3DSES_EasyFHADirect_HarpReplace_Dec31%26zipcode%3D56264%26first_name%3DKelly%26last_name%3DDevlaeminck%26address%3D301%2520N%2520Madison%2520St%26city%3DMinneota%26state%3DMN%26email%3Dkelly.devlaeminck%40avera.org%26phone_primary%3D5078729907%26current_lender%3DOther%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&tiba=HARP%20Replacement%20Program&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ba8d4799a01ea736bb0855e4fbd55ca0795fa137180b99ce4e8b26548ce5f377

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Dec 2019 20:30:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1233
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
252 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2349520131953309&ev=PageView&dl=https%3A%2F%2Fharpreplacementprogram.com%2F%3Fo%3D2143%26a%3D225%26c%3D10889%26cpid%3D12747%26s1%3DSES_EasyFHADirect_HarpReplace_Dec31%26zipcode%3D56264%26first_name%3DKelly%26last_name%3DDevlaeminck%26address%3D301%2520N%2520Madison%2520St%26city%3DMinneota%26state%3DMN%26email%3Dkelly.devlaeminck%40avera.org%26phone_primary%3D5078729907%26current_lender%3DOther%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&rl=&if=false&ts=1577824229516&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1577824229515.219037283&it=1577824229370&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 31 Dec 2019 20:30:29 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Tue, 31 Dec 2019 20:30:29 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/709015113/ 42 B
110 B 27ms
27ms Image
image/gif 2a00:1450:4001:820::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/709015113/?random=1577824229489&cv=9&fst=1577822400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&frm=0&url=https%3A%2F%2Fharpreplacementprogram.com%2F%3Fo%3D2143%26a%3D225%26c%3D10889%26cpid%3D12747%26s1%3DSES_EasyFHADirect_HarpReplace_Dec31%26zipcode%3D56264%26first_name%3DKelly%26last_name%3DDevlaeminck%26address%3D301%2520N%2520Madison%2520St%26city%3DMinneota%26state%3DMN%26email%3Dkelly.devlaeminck%40avera.org%26phone_primary%3D5078729907%26current_lender%3DOther%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&tiba=HARP%20Replacement%20Program&async=1&fmt=3&is_vtc=1&random=644858455&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Dec 2019 20:30:29 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/709015113/ 42 B
110 B 19ms
18ms Image
image/gif 2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/709015113/?random=1577824229489&cv=9&fst=1577822400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&frm=0&url=https%3A%2F%2Fharpreplacementprogram.com%2F%3Fo%3D2143%26a%3D225%26c%3D10889%26cpid%3D12747%26s1%3DSES_EasyFHADirect_HarpReplace_Dec31%26zipcode%3D56264%26first_name%3DKelly%26last_name%3DDevlaeminck%26address%3D301%2520N%2520Madison%2520St%26city%3DMinneota%26state%3DMN%26email%3Dkelly.devlaeminck%40avera.org%26phone_primary%3D5078729907%26current_lender%3DOther%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&tiba=HARP%20Replacement%20Program&async=1&fmt=3&is_vtc=1&random=644858455&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Dec 2019 20:30:29 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/701378055/ 42 B
110 B 23ms
23ms Image
image/gif 2a00:1450:4001:820::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/701378055/?random=1577824229491&cv=9&fst=1577822400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&frm=0&url=https%3A%2F%2Fharpreplacementprogram.com%2F%3Fo%3D2143%26a%3D225%26c%3D10889%26cpid%3D12747%26s1%3DSES_EasyFHADirect_HarpReplace_Dec31%26zipcode%3D56264%26first_name%3DKelly%26last_name%3DDevlaeminck%26address%3D301%2520N%2520Madison%2520St%26city%3DMinneota%26state%3DMN%26email%3Dkelly.devlaeminck%40avera.org%26phone_primary%3D5078729907%26current_lender%3DOther%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&tiba=HARP%20Replacement%20Program&async=1&fmt=3&is_vtc=1&random=216701081&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Dec 2019 20:30:29 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/701378055/ 42 B
110 B 20ms
20ms Image
image/gif 2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/701378055/?random=1577824229491&cv=9&fst=1577822400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&frm=0&url=https%3A%2F%2Fharpreplacementprogram.com%2F%3Fo%3D2143%26a%3D225%26c%3D10889%26cpid%3D12747%26s1%3DSES_EasyFHADirect_HarpReplace_Dec31%26zipcode%3D56264%26first_name%3DKelly%26last_name%3DDevlaeminck%26address%3D301%2520N%2520Madison%2520St%26city%3DMinneota%26state%3DMN%26email%3Dkelly.devlaeminck%40avera.org%26phone_primary%3D5078729907%26current_lender%3DOther%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&tiba=HARP%20Replacement%20Program&async=1&fmt=3&is_vtc=1&random=216701081&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Dec 2019 20:30:29 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/712220025/ 42 B
110 B 24ms
24ms Image
image/gif 2a00:1450:4001:820::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/712220025/?random=1577824229492&cv=9&fst=1577822400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&frm=0&url=https%3A%2F%2Fharpreplacementprogram.com%2F%3Fo%3D2143%26a%3D225%26c%3D10889%26cpid%3D12747%26s1%3DSES_EasyFHADirect_HarpReplace_Dec31%26zipcode%3D56264%26first_name%3DKelly%26last_name%3DDevlaeminck%26address%3D301%2520N%2520Madison%2520St%26city%3DMinneota%26state%3DMN%26email%3Dkelly.devlaeminck%40avera.org%26phone_primary%3D5078729907%26current_lender%3DOther%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&tiba=HARP%20Replacement%20Program&async=1&fmt=3&is_vtc=1&random=4042421495&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Dec 2019 20:30:29 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/712220025/ 42 B
110 B 21ms
20ms Image
image/gif 2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/712220025/?random=1577824229492&cv=9&fst=1577822400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&frm=0&url=https%3A%2F%2Fharpreplacementprogram.com%2F%3Fo%3D2143%26a%3D225%26c%3D10889%26cpid%3D12747%26s1%3DSES_EasyFHADirect_HarpReplace_Dec31%26zipcode%3D56264%26first_name%3DKelly%26last_name%3DDevlaeminck%26address%3D301%2520N%2520Madison%2520St%26city%3DMinneota%26state%3DMN%26email%3Dkelly.devlaeminck%40avera.org%26phone_primary%3D5078729907%26current_lender%3DOther%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&tiba=HARP%20Replacement%20Program&async=1&fmt=3&is_vtc=1&random=4042421495&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Dec 2019 20:30:29 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 31 KB
3 KB 33ms
33ms Script
application/javascript 159.122.87.153
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=364281&settings_type=1&vn=6.0&r=0.5992699083584214
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/6.0/vanj-c444a6ccce59eae6a1743c389f0975db.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.122.87.153 Frankfurt am Main, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: 99.57.7a9f.ip4.static.sl-reverse.com
Software: dacdn2 /
Resource Hash: 075c66d94d0cc2e360d5d6e7e340248df6ee410f4da098e2b37462d9f1447b97

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 31 Dec 2019 20:30:29 GMT
content-encoding: gzip
server: dacdn2
content-type: application/javascript; charset=UTF-8

GET
H2 200 /
www.google.com/pagead/1p-user-list/704931280/ 42 B
110 B 21ms
21ms Image
image/gif 2a00:1450:4001:820::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/704931280/?random=1577824229493&cv=9&fst=1577822400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&frm=0&url=https%3A%2F%2Fharpreplacementprogram.com%2F%3Fo%3D2143%26a%3D225%26c%3D10889%26cpid%3D12747%26s1%3DSES_EasyFHADirect_HarpReplace_Dec31%26zipcode%3D56264%26first_name%3DKelly%26last_name%3DDevlaeminck%26address%3D301%2520N%2520Madison%2520St%26city%3DMinneota%26state%3DMN%26email%3Dkelly.devlaeminck%40avera.org%26phone_primary%3D5078729907%26current_lender%3DOther%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&tiba=HARP%20Replacement%20Program&async=1&fmt=3&is_vtc=1&random=243942312&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Dec 2019 20:30:29 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/704931280/ 42 B
110 B 20ms
20ms Image
image/gif 2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/704931280/?random=1577824229493&cv=9&fst=1577822400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&frm=0&url=https%3A%2F%2Fharpreplacementprogram.com%2F%3Fo%3D2143%26a%3D225%26c%3D10889%26cpid%3D12747%26s1%3DSES_EasyFHADirect_HarpReplace_Dec31%26zipcode%3D56264%26first_name%3DKelly%26last_name%3DDevlaeminck%26address%3D301%2520N%2520Madison%2520St%26city%3DMinneota%26state%3DMN%26email%3Dkelly.devlaeminck%40avera.org%26phone_primary%3D5078729907%26current_lender%3DOther%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&tiba=HARP%20Replacement%20Program&async=1&fmt=3&is_vtc=1&random=243942312&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Dec 2019 20:30:29 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 worker-1acd6955248e984d8c16ea37afb8cbb7.js Show response
dev.visualwebsiteoptimizer.com/analysis/ 47 KB
14 KB 32ms
32ms XHR
application/javascript 159.122.87.153
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/worker-1acd6955248e984d8c16ea37afb8cbb7.js
Requested by: Host: harpreplacementprogram.com
URL: https://harpreplacementprogram.com/newrelic.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.122.87.153 Frankfurt am Main, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: 99.57.7a9f.ip4.static.sl-reverse.com
Software: dacdn2 /
Resource Hash: 7f26039bc285692ece41166f9c171051da8e93c3bae29e9ee1b888335e394bce

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
Origin: https://harpreplacementprogram.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 31 Dec 2019 20:30:29 GMT
content-encoding: br
last-modified: Fri, 20 Dec 2019 11:17:58 GMT
server: dacdn2
status: 200
etag: "5dfcade6-3536"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13622

GET
H2 200 /
www.google.com/pagead/1p-user-list/860860373/ 42 B
110 B 20ms
20ms Image
image/gif 2a00:1450:4001:820::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/860860373/?random=1577824229493&cv=9&fst=1577822400000&num=1&label=BnAeCL6p15ABENXfvpoD&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&frm=0&url=https%3A%2F%2Fharpreplacementprogram.com%2F%3Fo%3D2143%26a%3D225%26c%3D10889%26cpid%3D12747%26s1%3DSES_EasyFHADirect_HarpReplace_Dec31%26zipcode%3D56264%26first_name%3DKelly%26last_name%3DDevlaeminck%26address%3D301%2520N%2520Madison%2520St%26city%3DMinneota%26state%3DMN%26email%3Dkelly.devlaeminck%40avera.org%26phone_primary%3D5078729907%26current_lender%3DOther%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&tiba=HARP%20Replacement%20Program&async=1&fmt=3&is_vtc=1&random=96621415&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Dec 2019 20:30:29 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/860860373/ 42 B
110 B 20ms
19ms Image
image/gif 2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/860860373/?random=1577824229493&cv=9&fst=1577822400000&num=1&label=BnAeCL6p15ABENXfvpoD&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&frm=0&url=https%3A%2F%2Fharpreplacementprogram.com%2F%3Fo%3D2143%26a%3D225%26c%3D10889%26cpid%3D12747%26s1%3DSES_EasyFHADirect_HarpReplace_Dec31%26zipcode%3D56264%26first_name%3DKelly%26last_name%3DDevlaeminck%26address%3D301%2520N%2520Madison%2520St%26city%3DMinneota%26state%3DMN%26email%3Dkelly.devlaeminck%40avera.org%26phone_primary%3D5078729907%26current_lender%3DOther%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&tiba=HARP%20Replacement%20Program&async=1&fmt=3&is_vtc=1&random=96621415&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Dec 2019 20:30:29 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 2C66 0
0 181ms
39ms Document
text/html 13.35.254.176
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=607C83CA-AA50-31A7-1BF3-9A19D986F65D&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.5.2&lck=F21BCFE7-421D-0B59-65FE-3D36E8D9C8D6&lac=2B26B722-D668-EC71-D186-45FE6EC4DDE1
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/f21bcfe7-421d-0b59-65fe-3d36e8d9c8d6.js?snippet_version=2&f=reset
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.254.176 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-35-254-176.fra6.r.cloudfront.net
Software: nginx/1.10.1 /
Resource Hash

Request headers

Host: d2m2wsoho8qq12.cloudfront.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER

Response headers

Content-Type: text/html
Content-Length: 1440
Connection: keep-alive
Content-Encoding: gzip
Date: Tue, 31 Dec 2019 02:05:13 GMT
ETag: W/"5e0a2ca9-da5"
Last-Modified: Mon, 30 Dec 2019 16:58:17 GMT
P3P: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
Server: nginx/1.10.1
X-Cache: Hit from cloudfront
Via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
X-Amz-Cf-Id: lQVncXqvhrcDfV59xNsDxmsFT7PEmB17YgptdVwuEM37IXIAygJ_dA==
Age: 66248

POST
H/1.1 200
OK SaveDom Show response
create.leadid.com/2.5.2/ 0
814 B 104ms
103ms XHR
text/plain 3.225.12.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.5.2/SaveDom?msn=2&pid=ed348c8b-6493-4f02-87d6-5f8d5495ce25&token=607C83CA-AA50-31A7-1BF3-9A19D986F65D&_=230526099
Requested by: Host: harpreplacementprogram.com
URL: https://harpreplacementprogram.com/newrelic.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.12.13 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-3-225-12-13.compute-1.amazonaws.com
Software: nginx/1.10.1 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
Origin: https://harpreplacementprogram.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Tue, 31 Dec 2019 20:30:29 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
X-Powered-By: PHP/7.1.33
Access-Control-Max-Age: 1728000
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 dropdown-carat.png
harpreplacementprogram.com/img/ 173 B
603 B 368ms
368ms Image
image/png 2600:9000:214f:cc00:19:3666:ba00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://harpreplacementprogram.com/img/dropdown-carat.png
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/f21bcfe7-421d-0b59-65fe-3d36e8d9c8d6.js?snippet_version=2&f=reset
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:cc00:19:3666:ba00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 501d5cbec7dca5f05bc4d56fbd492a6a354b64d1bfcfd8688838d4535c1cef58

Request headers

Referer: https://harpreplacementprogram.com/css/combined.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 31 Dec 2019 20:30:31 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified: Tue, 19 Mar 2019 19:38:00 GMT
x-amz-meta-content-md5: c0ad9e58ae32b82aff78f543ecf8810a
x-amz-cf-pop: FRA53-C1
etag: "c0ad9e58ae32b82aff78f543ecf8810a"
x-cache: Miss from cloudfront
x-amz-version-id: 5CR9zrVsWc0Mk725qjxwXy1v6czMVhEN
status: 200
cache-control: max-age=604810, no-cache
accept-ranges: bytes
content-type: image/png
content-length: 173
x-amz-cf-id: eJKyZZK-wibyVHhUrAkLGbNdzltmozEkeLBZnA6jA1dWXaXnc_MWQg==
server: AmazonS3

POST
H/1.1 200
OK InitFormData Show response
create.leadid.com/2.5.2/ 0
814 B 324ms
245ms XHR
text/plain 3.225.12.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.5.2/InitFormData?msn=3&pid=ed348c8b-6493-4f02-87d6-5f8d5495ce25&token=607C83CA-AA50-31A7-1BF3-9A19D986F65D&_=230526100
Requested by: Host: harpreplacementprogram.com
URL: https://harpreplacementprogram.com/newrelic.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.12.13 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-3-225-12-13.compute-1.amazonaws.com
Software: nginx/1.10.1 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
Origin: https://harpreplacementprogram.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Tue, 31 Dec 2019 20:30:30 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
X-Powered-By: PHP/7.1.33
Access-Control-Max-Age: 1728000
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/39/5/ 77 KB
28 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81e::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/39/5/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?types=geocode&components=country:us&key=AIzaSyCQgYQDQA0UlURlWeO33dKf16ZpvG2ckak&libraries=places&callback=initAutocomplete

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

10d8b19611e1ec0389a4d528aa5ebc8d8487287305f3dafb08c3e3d6e2e2c21c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Dec 2019 09:35:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 Dec 2019 19:34:41 GMT
server: sffe
age: 125697
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28649
x-xss-protection: 0
expires: Tue, 29 Dec 2020 09:35:33 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/39/5/ 144 KB
53 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81e::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/39/5/util.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d52781eab70c4852c5c946f8c0fa83af83217a44a009e73192c27708c9c9178b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Dec 2019 09:35:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 Dec 2019 19:34:41 GMT
server: sffe
age: 125671
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 54363
x-xss-protection: 0
expires: Tue, 29 Dec 2020 09:35:59 GMT

GET
H2 200 controls.js Show response
maps.googleapis.com/maps-api-v3/api/js/39/5/ 208 KB
56 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:81e::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/39/5/controls.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

42502c00176d24f65da4ad137877bf95bb38ac325630534868ca7fb879645271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 18 Dec 2019 19:54:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 Dec 2019 19:34:41 GMT
server: sffe
age: 1125337
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 57501
x-xss-protection: 0
expires: Thu, 17 Dec 2020 19:54:53 GMT

GET
H2 200 places_impl.js Show response
maps.googleapis.com/maps-api-v3/api/js/39/5/ 41 KB
16 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:81e::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/39/5/places_impl.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

af23a34b3b34bef1ec40a8bf92f60c224a5f42eddbcdc9422a219ca878ff9132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 18 Dec 2019 19:54:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 Dec 2019 19:34:41 GMT
server: sffe
age: 1125337
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 16044
x-xss-protection: 0
expires: Thu, 17 Dec 2020 19:54:53 GMT

GET
H2 200 trustedform.js Show response
api.trustedform.com/ 3 KB
2 KB 443ms
133ms Script
application/javascript 50.97.168.187
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=15778242300750.7689099975348812&invert_field_sensitivity=false

Requested by

Host: harpreplacementprogram.com
URL: https://harpreplacementprogram.com/js/combined.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.97.168.187 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

bb.a8.6132.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

ffeb3a8600fc68ad894ba655f7a2760aa2dbc936d906cb8e345e26ff0c867117

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 31 Dec 2019 20:30:30 GMT
cache-control: max-age=0, private, must-revalidate
server: nginx
content-encoding: gzip
strict-transport-security: max-age=15768000
content-type: application/javascript; charset=utf-8

GET
H/1.1 200
OK / Show response
api.ipify.org/ 22 B
265 B 405ms
106ms XHR
application/json 23.23.73.124
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: harpreplacementprogram.com
URL: https://harpreplacementprogram.com/newrelic.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.73.124 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-23-23-73-124.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: f0b94b87b9432f3e39c865040821da9590a01fea25448d8df14e97ea69fdd4ab

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
Origin: https://harpreplacementprogram.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 31 Dec 2019 20:30:30 GMT
Via: 1.1 vegur
Server: Cowboy
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://harpreplacementprogram.com
Connection: keep-alive
Content-Length: 22

OPTIONS
H2 200 CheckRules Show response
external.printfinger.tech/api/ 0
142 B 622ms
172ms XHR
text/plain 54.69.74.204
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://external.printfinger.tech:7105/api/CheckRules
Requested by: Host: harpreplacementprogram.com
URL: https://harpreplacementprogram.com/newrelic.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.69.74.204 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-69-74-204.us-west-2.compute.amazonaws.com
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://harpreplacementprogram.com
Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: authorization,content-type,contextid

Response headers

status: 200
date: Tue, 31 Dec 2019 20:30:30 GMT
server: Microsoft-HTTPAPI/2.0
access-control-allow-origin: *
access-control-allow-headers: authorization,content-type,contextid
content-length: 0

GET
H/1.1 200
OK / Show response
suited45trk.com/ 122 B
776 B 696ms
336ms Script
text/javascript 44.226.93.191
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://suited45trk.com/?cp=js&o=2143&a=225&s1=SES_EasyFHADirect_HarpReplace_Dec31&s2=&s3=&s4=&s5=&c=10889&cpid=12747&p=&_=1577824229264
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 44.226.93.191 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-44-226-93-191.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 961da09e2529db5fd2b09d018e17625ac51bb2868f038036ebf788d4d80a0447

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 31 Dec 2019 20:30:30 GMT
Cache-Control: private
Content-Type: text/javascript; charset=utf-8
Content-Length: 122
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/ 2 KB
2 KB 58ms
38ms Image
image/png 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 31 Dec 2019 20:30:30 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Oct 2019 23:15:00 GMT
server: sffe
access-control-allow-origin: *
content-type: image/png
status: 200
cache-control: private, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1616
x-xss-protection: 0
expires: Tue, 31 Dec 2019 20:30:30 GMT

GET
H2 200 autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/ 3 KB
3 KB 58ms
38ms Image
image/png 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 31 Dec 2019 20:30:30 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Oct 2019 23:15:00 GMT
server: sffe
access-control-allow-origin: *
content-type: image/png
status: 200
cache-control: private, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 3351
x-xss-protection: 0
expires: Tue, 31 Dec 2019 20:30:30 GMT

POST
H/1.1 200
OK Snap Show response
create.leadid.com/2.5.2/ 0
814 B 270ms
269ms XHR
text/plain 3.225.12.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.5.2/Snap?msn=4&pid=ed348c8b-6493-4f02-87d6-5f8d5495ce25&token=607C83CA-AA50-31A7-1BF3-9A19D986F65D&_=230526101
Requested by: Host: harpreplacementprogram.com
URL: https://harpreplacementprogram.com/newrelic.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.12.13 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-3-225-12-13.compute-1.amazonaws.com
Software: nginx/1.10.1 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
Origin: https://harpreplacementprogram.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Tue, 31 Dec 2019 20:30:30 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
X-Powered-By: PHP/7.1.33
Access-Control-Max-Age: 1728000
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 56264 Show response
api.zippopotam.us/us/ 218 B
474 B 224ms
170ms XHR
application/json 2606:4700:30::681c:19e6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://api.zippopotam.us/us/56264
Requested by: Host: harpreplacementprogram.com
URL: https://harpreplacementprogram.com/newrelic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681c:19e6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cd980ed3e0375d3252958c13db17216bd639069ae266c29d87f7760fc592e10

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
Origin: https://harpreplacementprogram.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 31 Dec 2019 20:30:30 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: hit
content-type: application/json
access-control-allow-origin: *
charset: UTF-8
cf-ray: 54df02ff9a1897c0-FRA

POST
H/1.1 200
OK InitFormData Show response
create.leadid.com/2.5.2/ 0
814 B 119ms
118ms XHR
text/plain 3.225.12.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.5.2/InitFormData?msn=5&pid=ed348c8b-6493-4f02-87d6-5f8d5495ce25&token=607C83CA-AA50-31A7-1BF3-9A19D986F65D&_=230526102
Requested by: Host: harpreplacementprogram.com
URL: https://harpreplacementprogram.com/newrelic.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.12.13 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-3-225-12-13.compute-1.amazonaws.com
Software: nginx/1.10.1 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
Origin: https://harpreplacementprogram.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Tue, 31 Dec 2019 20:30:30 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
X-Powered-By: PHP/7.1.33
Access-Control-Max-Age: 1728000
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 t.js Show response
api.trustedform.com/796bdd811ed6a165b0108bdc2f0be331b924a732/ 56 KB
21 KB 133ms
133ms Script
application/javascript 50.97.168.187
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.trustedform.com/796bdd811ed6a165b0108bdc2f0be331b924a732/t.js?lo=https%3A%2F%2Fharpreplacementprogram.com%2F%3Fo%3D2143%26a%3D225%26c%3D10889%26cpid%3D12747%26s1%3DSES_EasyFHADirect_HarpReplace_Dec31%26zipcode%3D56264%26first_name%3DKelly%26last_name%3DDevlaeminck%26address%3D301%2520N%2520Madison%2520St%26city%3DMinneota%26state%3DMN%26email%3Dkelly.devlaeminck%40avera.org%26phone_primary%3D5078729907%26current_lender%3DOther%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&l=15778242300750.7689099975348812&f=false&n=be13bf00f8c126202f7e195b6998d063c81652d1&cs=g3QAAAACZAABdGJeC6%2FmZAABdnQAAAAEbQAAAAVmaWVsZG0AAAAUeHhUcnVzdGVkRm9ybUNlcnRVcmxtAAAAGGludmVydF9maWVsZF9zZW5zaXRpdml0eWQABWZhbHNlbQAAAAFsbQAAAB8xNTc3ODI0MjMwMDc1MC43Njg5MDk5OTc1MzQ4ODEybQAAABBwcm92aWRlX3JlZmVycmVyZAAFZmFsc2U%3D&csh=aIBLaq21M1rPZREEPjtxfJipm7goqKf%2Fdr37VJbu9%2FA%3D

Requested by

Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=15778242300750.7689099975348812&invert_field_sensitivity=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.97.168.187 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

bb.a8.6132.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

040252ae6552f30131f291290457ec6530f21e4d066c5ad536d17497603fc304

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 31 Dec 2019 20:30:30 GMT
cache-control: max-age=0, private, must-revalidate
server: nginx
content-encoding: gzip
strict-transport-security: max-age=15768000
content-type: application/javascript; charset=utf-8

POST
H2 200 CheckRules Show response
external.printfinger.tech/api/ 1 KB
1 KB 181ms
180ms XHR
application/json 54.69.74.204
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://external.printfinger.tech:7105/api/CheckRules
Requested by: Host: harpreplacementprogram.com
URL: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.69.74.204 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-69-74-204.us-west-2.compute.amazonaws.com
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: 0214a81766b68e925067460bfcf3f5505eea9262c7fa4fe799b304ab3f53b1e0

Request headers

Accept: */*
Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
Origin: https://harpreplacementprogram.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
ContextId: 3d628893-777c-488e-9767-d69abd3cfff1
Authorization: Bearer a3Njd21WcU5rNTJXRG1hcnByemZlcWdCaERDMjB3RkVLekdXekNtc0loSjdGdFhoTUkzZlZhYzNNYVBpVHlYeHp4TU5mRTJuRkdXN2dpNnhxZXFyM2t0dVhNS1l3RFpVS1ZIU2hLQklRUFpPRGZXbmViMnlJcDRQRGMwVDNlMEJyQ3dMYm5QZmRoYm5LZXExemczVkxrTWZhMVBGVXNPdlpYaEJzTEwxTVdWa05SRml2OGRX
Content-Type: application/json

Response headers

status: 200
date: Tue, 31 Dec 2019 20:30:30 GMT
server: Microsoft-HTTPAPI/2.0
access-control-allow-origin: *
content-length: 1070
content-type: application/json; charset=utf-8

OPTIONS
H2 200 CheckRules Show response
external.printfinger.tech/api/ 0
142 B 172ms
172ms XHR
text/plain 54.69.74.204
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://external.printfinger.tech:7105/api/CheckRules
Requested by: Host: harpreplacementprogram.com
URL: https://harpreplacementprogram.com/newrelic.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.69.74.204 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-69-74-204.us-west-2.compute.amazonaws.com
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://harpreplacementprogram.com
Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: authorization,content-type,contextid

Response headers

status: 200
date: Tue, 31 Dec 2019 20:30:30 GMT
server: Microsoft-HTTPAPI/2.0
access-control-allow-origin: *
access-control-allow-headers: authorization,content-type,contextid
content-length: 0

POST
H/1.1 200
OK Snap Show response
create.leadid.com/2.5.2/ 0
814 B 158ms
157ms XHR
text/plain 3.225.12.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.5.2/Snap?msn=6&pid=ed348c8b-6493-4f02-87d6-5f8d5495ce25&token=607C83CA-AA50-31A7-1BF3-9A19D986F65D&_=230526103
Requested by: Host: harpreplacementprogram.com
URL: https://harpreplacementprogram.com/newrelic.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.12.13 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-3-225-12-13.compute-1.amazonaws.com
Software: nginx/1.10.1 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
Origin: https://harpreplacementprogram.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Tue, 31 Dec 2019 20:30:30 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
X-Powered-By: PHP/7.1.33
Access-Control-Max-Age: 1728000
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 h Show response
api.trustedform.com/796bdd811ed6a165b0108bdc2f0be331b924a732/ 0
262 B 554ms
286ms XHR
text/html 50.97.168.187
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.trustedform.com/796bdd811ed6a165b0108bdc2f0be331b924a732/h?n=6a5fe22f2fd6fb5fd878801ac40b6406ed843b11&l=15778242300750.7689099975348812&a=1&ce=z&t=cors

Requested by

Host: harpreplacementprogram.com
URL: https://harpreplacementprogram.com/newrelic.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.97.168.187 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

bb.a8.6132.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
Origin: https://harpreplacementprogram.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 31 Dec 2019 20:30:31 GMT
server: nginx
status: 200
access-control-max-age: 1728000
access-control-allow-methods: POST
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=15768000
access-control-allow-headers: Content-Type,Content-Length,X-Requested-With
content-length: 0

POST
H2 200 md Show response
api.trustedform.com/796bdd811ed6a165b0108bdc2f0be331b924a732/ 0
263 B 401ms
137ms XHR
text/html 50.97.168.187
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.trustedform.com/796bdd811ed6a165b0108bdc2f0be331b924a732/md?a=1&t=cors

Requested by

Host: harpreplacementprogram.com
URL: https://harpreplacementprogram.com/newrelic.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.97.168.187 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

bb.a8.6132.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
Origin: https://harpreplacementprogram.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 31 Dec 2019 20:30:31 GMT
server: nginx
status: 200
access-control-max-age: 1728000
access-control-allow-methods: POST
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=15768000
access-control-allow-headers: Content-Type,Content-Length,X-Requested-With
content-length: 0

GET
H2 204 0
bat.bing.com/action/ 0
116 B 29ms
29ms Image
text/plain 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=25077431&Ver=2&mid=4e2f2403-56d7-7fee-1f01-e47e82df0b94&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=HARP%20Replacement%20Program&p=https%3A%2F%2Fharpreplacementprogram.com%2F%3Fo%3D2143%26a%3D225%26c%3D10889%26cpid%3D12747%26s1%3DSES_EasyFHADirect_HarpReplace_Dec31%26zipcode%3D56264%26first_name%3DKelly%26last_name%3DDevlaeminck%26address%3D301%2520N%2520Madison%2520St%26city%3DMinneota%26state%3DMN%26email%3Dkelly.devlaeminck%40avera.org%26phone_primary%3D5078729907%26current_lender%3DOther%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&r=&evt=pageLoad&msclkid=N&rn=612767
Requested by: Host: harpreplacementprogram.com
URL: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Tue, 31 Dec 2019 20:30:30 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 197FE64CE80C4FC3B33F67296168D105 Ref B: FRAEDGE0818 Ref C: 2019-12-31T20:30:31Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
93 B 29ms
29ms Image
text/plain 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=18003016&Ver=2&mid=99524395-189c-ee1a-32be-b5ca643800cc&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=HARP%20Replacement%20Program&p=https%3A%2F%2Fharpreplacementprogram.com%2F%3Fo%3D2143%26a%3D225%26c%3D10889%26cpid%3D12747%26s1%3DSES_EasyFHADirect_HarpReplace_Dec31%26zipcode%3D56264%26first_name%3DKelly%26last_name%3DDevlaeminck%26address%3D301%2520N%2520Madison%2520St%26city%3DMinneota%26state%3DMN%26email%3Dkelly.devlaeminck%40avera.org%26phone_primary%3D5078729907%26current_lender%3DOther%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&r=&evt=pageLoad&msclkid=N&rn=613185
Requested by: Host: harpreplacementprogram.com
URL: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Tue, 31 Dec 2019 20:30:30 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 9DF7228B3173434298878B0B5F77FD1A Ref B: FRAEDGE0818 Ref C: 2019-12-31T20:30:31Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
93 B 29ms
29ms Image
text/plain 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=56003691&Ver=2&mid=877c1d40-2ba6-6b45-d407-6f6b62ce01b1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=HARP%20Replacement%20Program&p=https%3A%2F%2Fharpreplacementprogram.com%2F%3Fo%3D2143%26a%3D225%26c%3D10889%26cpid%3D12747%26s1%3DSES_EasyFHADirect_HarpReplace_Dec31%26zipcode%3D56264%26first_name%3DKelly%26last_name%3DDevlaeminck%26address%3D301%2520N%2520Madison%2520St%26city%3DMinneota%26state%3DMN%26email%3Dkelly.devlaeminck%40avera.org%26phone_primary%3D5078729907%26current_lender%3DOther%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&r=&evt=pageLoad&msclkid=N&rn=983525
Requested by: Host: harpreplacementprogram.com
URL: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Tue, 31 Dec 2019 20:30:30 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 4ECDB1BEB5344D678192DBFF7F041CA0 Ref B: FRAEDGE0818 Ref C: 2019-12-31T20:30:31Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 CheckRules Show response
external.printfinger.tech/api/ 142 KB
23 KB 251ms
251ms XHR
application/json 54.69.74.204
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://external.printfinger.tech:7105/api/CheckRules
Requested by: Host: harpreplacementprogram.com
URL: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.69.74.204 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-69-74-204.us-west-2.compute.amazonaws.com
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: 1e1b69969925b62b9b5f33ed2b9f58e340a6eb5e4018e6fe00aaa70b9deba857

Request headers

Accept: */*
Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
Origin: https://harpreplacementprogram.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
ContextId: 3d628893-777c-488e-9767-d69abd3cfff1
Authorization: Bearer a3Njd21WcU5rNTJXRG1hcnByemZlcWdCaERDMjB3RkVLekdXekNtc0loSjdGdFhoTUkzZlZhYzNNYVBpVHlYeHp4TU5mRTJuRkdXN2dpNnhxZXFyM2t0dVhNS1l3RFpVS1ZIU2hLQklRUFpPRGZXbmViMnlJcDRQRGMwVDNlMEJyQ3dMYm5QZmRoYm5LZXExemczVkxrTWZhMVBGVXNPdlpYaEJzTEwxTVdWa05SRml2OGRX
Content-Type: application/json

Response headers

status: 200
date: Tue, 31 Dec 2019 20:30:31 GMT
content-encoding: gzip
server: Microsoft-HTTPAPI/2.0
access-control-allow-origin: *
content-type: application/json

GET
H2 200 /
www.facebook.com/tr/ 44 B
151 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2349520131953309&ev=Microdata&dl=https%3A%2F%2Fharpreplacementprogram.com%2F%3Fo%3D2143%26a%3D225%26c%3D10889%26cpid%3D12747%26s1%3DSES_EasyFHADirect_HarpReplace_Dec31%26zipcode%3D56264%26first_name%3DKelly%26last_name%3DDevlaeminck%26address%3D301%2520N%2520Madison%2520St%26city%3DMinneota%26state%3DMN%26email%3Dkelly.devlaeminck%40avera.org%26phone_primary%3D5078729907%26current_lender%3DOther%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&rl=&if=false&ts=1577824231028&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22HARP%20Replacement%20Program%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1577824229515.219037283&it=1577824229370&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 31 Dec 2019 20:30:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Tue, 31 Dec 2019 20:30:31 GMT

GET
H2 200 nr-1071.min.js Show response
js-agent.newrelic.com/ 23 KB
9 KB 131ms
37ms Script
application/javascript 151.101.14.110
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1071.min.js
Requested by: Host: harpreplacementprogram.com
URL: https://harpreplacementprogram.com/newrelic.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 31 Dec 2019 20:30:31 GMT
content-encoding: gzip
x-amz-request-id: ACEB09A6FFD62336
x-cache: HIT
status: 200
content-length: 9086
x-amz-id-2: rhYRNfDuOePcViqxa8gPKIuPjBQJqvioVo+Z64HXa6390+10T0KNtfRPDPgGnBJC+SI+IL/Y8h8=
x-served-by: cache-fra19141-FRA
last-modified: Wed, 28 Feb 2018 23:33:31 GMT
server: AmazonS3
x-timer: S1577824231.168455,VS0,VE0
etag: "a1a545c95f313a230157b47dca555c25"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 15

GET
H2 200 dis.aspx
widget.us.criteo.com/dis/ Frame 0395 0
0 103ms
102ms Document
text/html 74.119.119.150
Criteo Corp.

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.us.criteo.com/dis/dis.aspx?p=50034&cb=6419981274&ref=&sc_r=1600x1200&sc_d=24
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.119.119.150 , United States, ASN19750 (AS-CRITEO - Criteo Corp., US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

:method: GET
:authority: widget.us.criteo.com
:scheme: https
:path: /dis/dis.aspx?p=50034&cb=6419981274&ref=&sc_r=1600x1200&sc_d=24
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
accept-encoding: gzip, deflate, br
cookie: uid=8df96bda-52a4-4224-802a-21a7a8b0dfcb
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER

Response headers

status: 200
cache-control: no-cache
pragma: no-cache
content-type: text/html
content-encoding: gzip
expires: Mon, 26 Jul 1997 05:00:00 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
p3p: CP='CUR ADM OUR NOR STA NID'
timing-allow-origin: *
x-powered-by: ASP.NET
date: Tue, 31 Dec 2019 20:30:30 GMT
content-length: 147

GET
H2 200 pixel
tr.outbrain.com/ 43 B
190 B 128ms
127ms Image
image/gif 151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=0; includeSubDomains;
content-encoding: gzip
traffic-path: NYDC1, JFK, FRA, Europe1
x-cache: MISS, MISS
status: 200
x-traceid: ec3d6e6c3eeb4d0fef733faa2b0fda84
content-length: 60
x-served-by: cache-jfk8149-JFK, cache-fra19160-FRA
x-timer: S1577824231.076623,VS0,VE90
date: Tue, 31 Dec 2019 20:30:31 GMT
content-type: image/gif;
via: 1.1 varnish, 1.1 varnish
cache-control: no-cache
backend-ip: 104.156.90.49
accept-ranges: bytes, bytes
x-cache-hits: 0, 0

GET
H/1.1 200
OK pixel
amplifypixel.outbrain.com/ 43 B
314 B 94ms
93ms Image
image/gif 70.42.32.63
Outbrain

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN - Outbrain, Inc., US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 31 Dec 2019 20:30:31 GMT
Cache-Control: no-cache
X-TraceId: bd3ebe43843d67b7462e27f1f376ae4c
content-encoding: gzip
Content-Length: 60
Strict-Transport-Security: max-age=0; includeSubDomains;
Content-Type: image/gif;

GET
H2 200 pixel
tr.outbrain.com/ 43 B
213 B 124ms
123ms Image
image/gif 151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=0; includeSubDomains;
content-encoding: gzip
traffic-path: NYDC1, JFK, FRA, Europe1
x-cache: MISS, MISS
status: 200
x-traceid: 2231f9b6be50ec32b46eadb7b8675fed
content-length: 60
x-served-by: cache-jfk8142-JFK, cache-fra19160-FRA
x-timer: S1577824231.077202,VS0,VE87
date: Tue, 31 Dec 2019 20:30:31 GMT
content-type: image/gif;
via: 1.1 varnish, 1.1 varnish
cache-control: no-cache
backend-ip: 104.156.90.42
accept-ranges: bytes, bytes
x-cache-hits: 0, 0

GET
H/1.1 200
OK pixel
amplifypixel.outbrain.com/ 43 B
314 B 95ms
94ms Image
image/gif 70.42.32.63
Outbrain

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN - Outbrain, Inc., US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 31 Dec 2019 20:30:31 GMT
Cache-Control: no-cache
X-TraceId: 4a541171cf0b0116fbacee7c4b72dd40
content-encoding: gzip
Content-Length: 60
Strict-Transport-Security: max-age=0; includeSubDomains;
Content-Type: image/gif;

GET
H2 200 e.gif
dev.visualwebsiteoptimizer.com/ 35 B
236 B 32ms
32ms Image
image/gif 159.122.87.153
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/e.gif?f=https%3A%2F%2Fdev.visualwebsiteoptimizer.com%2F6.0%2Fvanj-c444a6ccce59eae6a1743c389f0975db.js&l=125&c=225&a=364281&s=aEL&e=TypeError%3A%20Cannot%20read%20property%20%27getItem%27%20of%20null%0A%20%20%20%20at%20f._getWebStore%20(https%3A%2F%2Fdev.visualwebsiteoptimizer.com%2F6.0%2Fvanj-c444a6ccce59eae6a1743c389f0975db.js%3A125%3A225)%0A%20%20%20%20at%20f.get%20(https%3A%2F%2Fdev.visualwebsiteoptimizer.com%2F6.0%2Fvanj-c444a6ccce59eae6a1743c389f0975db.js%3A126%3A164)%0A%20%20%20%20at%20Object.setPastTriggers%20(https%3A%2F%2Fdev.visualwebsiteoptimizer.com%2F6.0%2Fvanj-c444a6ccce59eae6a1743c389f0975db.js%3A110%3A396)%0A%20%20%20%20at%20Object.setPastTriggers%20(https%3A%2F%2Fdev.visualwebsiteoptimizer.com%2F6.0%2Fvanj-c444a6ccce59eae6a1743c389f0975db.js%3A137%3A417)%0A%20%20%20%20at%20onUrlChange%20(https%3A%2F%2Fdev.visualwebsiteoptimizer.com%2F6.0%2Fvanj-c444a6ccce59eae6a1743c389f0975db.js%3A241%3A398)%0A%20%20%20%20at%20History.a.%3Ccomputed%3E%20%5Bas%20pushState%5D%20(https%3A%2F%2Fdev.visualwebsiteoptimizer.com%2F6.0%2Fvanj-c444a6ccce59eae6a1743c389f0975db.js%3A59%3A55)%0A%20%20%20%20at%20window.onload%20(https%3A%2F%2Fharpreplacementprogram.com%2Fjs%2Fcombined.js%3A298%3A37783)&vn=6.0.106&_cu=https%3A%2F%2Fharpreplacementprogram.com%2F%3Fo%3D2143%26a%3D225%26c%3D10889%26cpid%3D12747%26s1%3DSES_EasyFHADirect_HarpReplace&random=0.8116873011019932

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.122.87.153 Frankfurt am Main, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

99.57.7a9f.ip4.static.sl-reverse.com

Software

dacdn2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Dec 2019 20:30:31 GMT
x-content-type-options: nosniff
server: dacdn2
content-type: image/gif
status: 200
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H/1.1 200
OK 439703bc4b Show response
bam.nr-data.net/1/ 57 B
261 B 435ms
107ms Script
text/javascript 162.247.242.19
New Relic

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/439703bc4b?a=135957151&sa=1&v=1071.385e752&t=Unnamed%20Transaction&rst=3240&ref=https://harpreplacementprogram.com/&be=1298&fe=3103&dc=2112&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1577824227952,%22n%22:0,%22f%22:294,%22dn%22:294,%22dne%22:354,%22c%22:354,%22s%22:360,%22ce%22:371,%22rq%22:371,%22rp%22:736,%22rpe%22:908,%22dl%22:745,%22di%22:2112,%22ds%22:2112,%22de%22:2112,%22dc%22:3102,%22l%22:3102,%22le%22:3109%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1071.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.19 San Francisco, United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS: bam-7.nr-data.net
Software: /
Resource Hash: 5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: text/javascript;charset=ISO-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK InitFormData Show response
create.leadid.com/2.5.2/ 0
814 B 105ms
105ms XHR
text/plain 3.225.12.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.5.2/InitFormData?msn=7&pid=ed348c8b-6493-4f02-87d6-5f8d5495ce25&token=607C83CA-AA50-31A7-1BF3-9A19D986F65D&_=230526104
Requested by: Host: harpreplacementprogram.com
URL: https://harpreplacementprogram.com/newrelic.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.12.13 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-3-225-12-13.compute-1.amazonaws.com
Software: nginx/1.10.1 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
Origin: https://harpreplacementprogram.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Tue, 31 Dec 2019 20:30:31 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
X-Powered-By: PHP/7.1.33
Access-Control-Max-Age: 1728000
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 f Show response
api.trustedform.com/796bdd811ed6a165b0108bdc2f0be331b924a732/ 0
262 B 140ms
140ms XHR
text/html 50.97.168.187
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.trustedform.com/796bdd811ed6a165b0108bdc2f0be331b924a732/f?l=15778242300750.7689099975348812&n=c7a1babe3d6dda1e5ec017286d0cd9a331acf500&rn=0&a=1&t=cors

Requested by

Host: harpreplacementprogram.com
URL: https://harpreplacementprogram.com/newrelic.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.97.168.187 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

bb.a8.6132.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
Origin: https://harpreplacementprogram.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 31 Dec 2019 20:30:31 GMT
server: nginx
status: 200
access-control-max-age: 1728000
access-control-allow-methods: POST
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=15768000
access-control-allow-headers: Content-Type,Content-Length,X-Requested-With
content-length: 0

POST
H/1.1 200
OK Snap Show response
create.leadid.com/2.5.2/ 0
814 B 282ms
282ms XHR
text/plain 3.225.12.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.5.2/Snap?msn=8&pid=ed348c8b-6493-4f02-87d6-5f8d5495ce25&token=607C83CA-AA50-31A7-1BF3-9A19D986F65D&_=230526105
Requested by: Host: harpreplacementprogram.com
URL: https://harpreplacementprogram.com/newrelic.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.12.13 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-3-225-12-13.compute-1.amazonaws.com
Software: nginx/1.10.1 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
Origin: https://harpreplacementprogram.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Tue, 31 Dec 2019 20:30:31 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
X-Powered-By: PHP/7.1.33
Access-Control-Max-Age: 1728000
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK Snap Show response
create.leadid.com/2.5.2/ 0
814 B 110ms
109ms XHR
text/plain 3.225.12.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.5.2/Snap?msn=9&pid=ed348c8b-6493-4f02-87d6-5f8d5495ce25&token=607C83CA-AA50-31A7-1BF3-9A19D986F65D&_=230526106
Requested by: Host: harpreplacementprogram.com
URL: https://harpreplacementprogram.com/newrelic.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.12.13 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-3-225-12-13.compute-1.amazonaws.com
Software: nginx/1.10.1 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
Origin: https://harpreplacementprogram.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Tue, 31 Dec 2019 20:30:31 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
X-Powered-By: PHP/7.1.33
Access-Control-Max-Age: 1728000
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 e Show response
api.trustedform.com/796bdd811ed6a165b0108bdc2f0be331b924a732/ 0
262 B 163ms
162ms XHR
text/html 50.97.168.187
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.trustedform.com/796bdd811ed6a165b0108bdc2f0be331b924a732/e?cs=g2JeC6%252Fm&csh=RF81Up8woW4d%252FUcXNbcL8kBRuuND6gedfFEX8UXxsxM%253D&a=1&t=cors

Requested by

Host: harpreplacementprogram.com
URL: https://harpreplacementprogram.com/newrelic.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.97.168.187 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

bb.a8.6132.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
Origin: https://harpreplacementprogram.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 31 Dec 2019 20:30:32 GMT
server: nginx
status: 200
access-control-max-age: 1728000
access-control-allow-methods: POST
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=15768000
access-control-allow-headers: Content-Type,Content-Length,X-Requested-With
content-length: 0

GET
H2 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ 62 B
210 B 45ms
45ms Script
text/javascript 2a00:1450:4001:81e::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fharpreplacementprogram.com%2F%3Fo%3D2143%26a%3D225%26c%3D10889%26cpid%3D12747%26s1%3DSES_EasyFHADirect_HarpReplace_Dec31%26zipcode%3D56264%26first_name%3DKelly%26last_name%3DDevlaeminck%26address%3D301%2520N%2520Madison%2520St%26city%3DMinneota%26state%3DMN%26email%3Dkelly.devlaeminck%40avera.org%26phone_primary%3D5078729907%26current_lender%3DOther%26utm_source%3Dses%26utm_medium%3Demail%26utm_campaign%3DER&4sAIzaSyCQgYQDQA0UlURlWeO33dKf16ZpvG2ckak&callback=_xdc_._2eu5t1&key=AIzaSyCQgYQDQA0UlURlWeO33dKf16ZpvG2ckak&token=67669

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/39/5/common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

mafe /

Resource Hash

bcb549d23a7ebba1f559d31c39987f99c0d3642c25adcfccf5291cd00ca3abdd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://harpreplacementprogram.com/?o=2143&a=225&c=10889&cpid=12747&s1=SES_EasyFHADirect_HarpReplace_Dec31&zipcode=56264&first_name=Kelly&last_name=Devlaeminck&address=301%20N%20Madison%20St&city=Minneota&state=MN&email=kelly.devlaeminck@avera.org&phone_primary=5078729907&current_lender=Other&utm_source=ses&utm_medium=email&utm_campaign=ER
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Dec 2019 20:30:35 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=31
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

408 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.deviceid.trueleadid.com/	1970-01-25 20:28:19	Name: uuid Value: 5ae9d00bc3034a13bcf5fbae38584b88
.harpreplacementprogram.com/	1970-01-19 06:17:06	Name: _vwo_sn Value: 0%3A1
.harpreplacementprogram.com/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.harpreplacementprogram.com/	1970-01-19 08:26:40	Name: _fbp Value: fb.1.1577824229515.219037283
.harpreplacementprogram.com/	1970-01-19 06:18:30	Name: _gid Value: GA1.2.897214344.1577824229
.harpreplacementprogram.com/	1970-01-19 08:26:40	Name: _gcl_au Value: 1.1.140649174.1577824229
.harpreplacementprogram.com/	1970-01-19 07:00:16	Name: _vwo_ds Value: 3%3Aa_0%2Ct_0%3A0%241577824229%3A85.75129133%3A%3A%3A3_0%3A0
.harpreplacementprogram.com/	1970-01-19 15:04:06	Name: _vwo_uuid_v2 Value: D0225EAE609B28CE8D22549AB8B8A3755\|5e9a9294199f5468568a88481607e4a2
.harpreplacementprogram.com/	1970-01-19 06:17:04	Name: _gat_UA-132689034-32 Value: 1
harpreplacementprogram.com/	1969-12-31 23:59:59	Name: leadid_token-2B26B722-D668-EC71-D186-45FE6EC4DDE1-F21BCFE7-421D-0B59-65FE-3D36E8D9C8D6 Value: 607C83CA-AA50-31A7-1BF3-9A19D986F65D
.harpreplacementprogram.com/	1970-01-19 08:41:04	Name: _vis_opt_s Value: 1%7C
.harpreplacementprogram.com/	1970-01-19 23:48:16	Name: _ga Value: GA1.2.1754380497.1577824229
.harpreplacementprogram.com/	1970-01-22 21:53:04	Name: _vwo_uuid Value: D0225EAE609B28CE8D22549AB8B8A3755

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.taboola.com/libtrc/unip/1221287/tfa.js(Line 3) Message: Taboola Pixel: An error occurred while handling command '{"notify":"event","name":"page_view","id":1221287,"tim":1577824229500}'. TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://harpreplacementprogram.com/js/combined.js(Line 298) Message: zetaTrigger = null and affiliateID = 225
console-api	log	URL: https://harpreplacementprogram.com/js/combined.js(Line 298) Message: https://suited45trk.com/?cp=js&o=2143&a=225&s1=SES_EasyFHADirect_HarpReplace_Dec31&s2=&s3=&s4=&s5=&c=10889&cpid=12747&p=
console-api	log	URL: https://harpreplacementprogram.com/js/combined.js(Line 298) Message: Certificate URL: https://cert.trustedform.com/796bdd811ed6a165b0108bdc2f0be331b924a732
console-api	log	URL: https://harpreplacementprogram.com/js/combined.js(Line 298) Message: no cl

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
amplify.outbrain.com
amplifypixel.outbrain.com
api.ipify.org
api.pushnami.com
api.trustedform.com
api.zippopotam.us
bam.nr-data.net
bat.bing.com
cdn.taboola.com
connect.facebook.net
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
dev.visualwebsiteoptimizer.com
external.printfinger.tech
fonts.googleapis.com
fonts.gstatic.com
fullstory.com
googleads.g.doubleclick.net
harpreplacementprogram.com
js-agent.newrelic.com
maps.googleapis.com
maps.gstatic.com
rs.fullstory.com
s.yimg.com
sslwidget.criteo.com
static.criteo.net
stats.g.doubleclick.net
suited45trk.com
tk.easyfhadirect.com
tr.outbrain.com
widget.us.criteo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
13.35.254.176
143.204.214.29
151.101.114.2
151.101.14.110
151.101.14.2
159.122.87.153
162.247.242.19
172.217.16.162
178.250.0.130
178.250.2.151
2.18.234.190
2001:4860:4802:32::15
23.23.73.124
2600:9000:214f:cc00:19:3666:ba00:93a1
2606:4700:10::6814:4a82
2606:4700:30::681c:19e6
2620:1ec:c11::200
2a00:1288:f03d:1fa::4000
2a00:1450:4001:806::2002
2a00:1450:4001:809::200a
2a00:1450:4001:80b::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:816::2003
2a00:1450:4001:817::2003
2a00:1450:4001:819::200a
2a00:1450:4001:81e::200a
2a00:1450:4001:820::2004
2a00:1450:4001:821::2003
2a00:1450:400c:c04::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.225.12.13
34.193.21.59
35.186.194.58
44.226.93.191
50.97.168.187
54.69.74.204
70.42.32.63
74.119.119.150
0214a81766b68e925067460bfcf3f5505eea9262c7fa4fe799b304ab3f53b1e0
033060ec220d107e05139720f34cd2f3a0c61d30a72553f7fb6c8d16d17d2837
040252ae6552f30131f291290457ec6530f21e4d066c5ad536d17497603fc304
075c66d94d0cc2e360d5d6e7e340248df6ee410f4da098e2b37462d9f1447b97
0c22bbf991f2d5cb40c65881c184e6b4b7d173e2e6618154288e87aff6d0289d
0df9be58ff2ef922e79b122ab65ed499de0dc3c8653c05dc66163d1bec26e5ae
10d8b19611e1ec0389a4d528aa5ebc8d8487287305f3dafb08c3e3d6e2e2c21c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1ada5b4d0b63b06d2bd668cd7d6597689796da41a434a675cfdbd2a1bddf251a
1e1b69969925b62b9b5f33ed2b9f58e340a6eb5e4018e6fe00aaa70b9deba857
277a32fa231e3e1caee408f61d1ea1e4ec4d723aae7fd31f7520b5b0d6a18425
30c63d10d0bbae23502d763b7b64283bc947ce59d78dcdf569859bd9d044ac59
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
3c699b83f8ecf8dd95b18a95fada846239453a206093fe4da4d0698a02ab0a60
3d6dfc05f109729225eb85df1a3cf3c8be08dd8a3b82c7082c144bb14ece9efb
42502c00176d24f65da4ad137877bf95bb38ac325630534868ca7fb879645271
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4caf40e0f19d99cb8008b4823ed368b3e77d689018a44616075280d68ed4920b
501d5cbec7dca5f05bc4d56fbd492a6a354b64d1bfcfd8688838d4535c1cef58
56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280
5de450312e22148d5ada1712d795e9600b72a2c5fa71b45975728ef67f762ff5
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
62633f7bd8e51de70fa29ed511952365a1026ae19aa5fcdcc9f471e3b5c0e763
639f4b2ea3af75c7c14c32ee3b7389d77f7de52bcc2baf67c15fc28f6bdad70b
63de39b7cb45640fb5d0b035ef4f05cc4676619b02270939334abed407e9f3ec
656bbef64fb13e06026a66677646a39f9c36554a2f0431c4bcccef296930fd07
6a60018cab3d38d035188490d869d5dc1283a7dd115917226df457ca92887f7f
6a645c93a587df5075444babe7d852b13ed4e4d24e339e307551acf743e214ec
6cd980ed3e0375d3252958c13db17216bd639069ae266c29d87f7760fc592e10
77ce0ec2a02b410eee12285bd7487b2599970ac39b6ff58c0b748b6e2df36f3c
7a25b19e0012c8615b187a14425ea7f5d9f8ce511eeb09dc142107070c229c33
7bde5e2b03a5efb4ea7f9efc1cc176e7ce7880755a184d825c57899065f256c8
7edb2213c1f4f569617389783ba544f9997d11a1fc5e54406582b25967bfde66
7f26039bc285692ece41166f9c171051da8e93c3bae29e9ee1b888335e394bce
82a3e086c62df13c8066d9ba633cf76f23e444b8436bdd083aeeb08f2107a95a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
843e4af8c026e6081c5463c8d414bcb96ea13649e3935ef60545cd1bcbc6df49
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
9518dbcf629145a4ba36b016734a21bec08ab9c0eb5ac521d9450078ff5d1638
961da09e2529db5fd2b09d018e17625ac51bb2868f038036ebf788d4d80a0447
97fb2056af5f0a0fe6cde3b28745185ad173c0e15d06f37a9bbea85d8cdeb79d
aa9a0f84f5d4227f07f7713b7bffad852486a86d3036cc7cbb3a25e259caeebd
aec1af5f416523a9c65dab041d672fecd09e83bc52169f896d9e07612dee487b
af23a34b3b34bef1ec40a8bf92f60c224a5f42eddbcdc9422a219ca878ff9132
b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721
b3a282d28d7b649aa88b15662cc542ea11ff126d7e9a335d11cd9184a94d2739
b7f24c4aa69e11efb7d46b99f7ab854f1b1ce2e8ed8b0034885bb6486498f97a
ba8d4799a01ea736bb0855e4fbd55ca0795fa137180b99ce4e8b26548ce5f377
bbee24cb8cf3f1cdc8bf2251c22ce5d1a696f17b7370d0003a1ca47c94d82291
bcb549d23a7ebba1f559d31c39987f99c0d3642c25adcfccf5291cd00ca3abdd
be5238c76400fe2da689c27af8d1827067a5f7d06528e441e3596d7ae236ee1d
cbcc37c25df7534634d5dd518a1e2f155eb7be187adf796e8581b0734c9d6383
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
cda98d62a8b44d41b30a4716701cb26c8c9ea5160dff304ea7dc98d2f47e62ff
d52781eab70c4852c5c946f8c0fa83af83217a44a009e73192c27708c9c9178b
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dedc182020360077beba203224a36fa2e4ebf927126344936a1c9661ea553329
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8e24710a00d273711721c46e945040257fdc6cb34938c3bb169371ea9c6ba2e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0b94b87b9432f3e39c865040821da9590a01fea25448d8df14e97ea69fdd4ab
ffeb3a8600fc68ad894ba655f7a2760aa2dbc936d906cb8e345e26ff0c867117

harpreplacementprogram.com Open in urlscan Pro 2600:9000:214f:cc00:19:3666:ba00:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

105 Requests

100 %HTTPS

49 %IPv6

31 Domains

39 Subdomains

36 IPs

7 Countries

977 kBTransfer

3262 kBSize

13 Cookies

5 Outgoing links

Page URL History

Redirected requests

105 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

harpreplacementprogram.com Open in urlscan Pro
2600:9000:214f:cc00:19:3666:ba00:93a1 Public Scan

Screenshot
Live screenshot

Full Image

105
Requests

100 %
HTTPS

49 %
IPv6

31
Domains

39
Subdomains

36
IPs

7
Countries

977 kB
Transfer

3262 kB
Size

13
Cookies

105 HTTP transactions
0 data transactions