www.chooseyourmortgage.com Open in urlscan Pro
35.155.173.234 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.lemewix.com/6294N2395N86By17muZ1IP8d3aL_52e9p32UGavbwEx4GgIvf4hxvD-GsrxvshwEGsi8ORpoooKQ6hQmg105okjcY/core-s...
Effective URL:
https://www.chooseyourmortgage.com/lending/home-refinance/index.loan?moid=221627&sourceid=lmb-60047-121127-102&pkey1=102&pkey2=2010...
Submission: On September 13 via manual (September 13th 2021, 9:24:47 am UTC) from GG — Scanned from DE

Summary HTTP 40 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 14 domains to perform 40 HTTP transactions. The main IP is 35.155.173.234, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is www.chooseyourmortgage.com.
TLS certificate: Issued by Thawte RSA CA 2018 on August 27th 2021. Valid for: a year.

This is the only time www.chooseyourmortgage.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.21.54.63 104.21.54.63	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.144.68.123 104.144.68.123	55286 (SERVER-MANIA) (SERVER-MANIA)
11	142.250.13.97 142.250.13.97	15169 (GOOGLE) (GOOGLE)
1	13.225.25.85 13.225.25.85	16509 (AMAZON-02) (AMAZON-02)
1	143.204.207.78 143.204.207.78	16509 (AMAZON-02) (AMAZON-02)
14 24	3.225.18.241 3.225.18.241	14618 (AMAZON-AES) (AMAZON-AES)
1 4	54.77.5.233 54.77.5.233	16509 (AMAZON-02) (AMAZON-02)
1 1	52.39.40.33 52.39.40.33	16509 (AMAZON-02) (AMAZON-02)
2	35.155.173.234 35.155.173.234	16509 (AMAZON-02) (AMAZON-02)
1	64.233.166.121 64.233.166.121	15169 (GOOGLE) (GOOGLE)
1	173.194.76.95 173.194.76.95	15169 (GOOGLE) (GOOGLE)
4	184.86.103.211 184.86.103.211	() ()
1	173.194.76.157 173.194.76.157	() ()
1	64.233.167.94 64.233.167.94	() ()
40	13

1 104.21.54.63 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.lemewix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.144.68.123 (Buffalo, United States)

ASN55286 (SERVER-MANIA, CA)

lagoondot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.13.97 (United States)

ASN15169 (GOOGLE, US)
PTR: we-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.25.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-25-85.cdg3.r.cloudfront.net

static.bouncepilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.207.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-78.fra53.r.cloudfront.net

static.traversedlp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 3.225.18.241 (Ashburn, United States) 14 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-18-241.compute-1.amazonaws.com

api.traversedlp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.77.5.233 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-5-233.eu-west-1.compute.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.39.40.33 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-39-40-33.us-west-2.compute.amazonaws.com

cdmtrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.155.173.234 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-155-173-234.us-west-2.compute.amazonaws.com

www.chooseyourmortgage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.166.121 (United States)

ASN15169 (GOOGLE, US)
PTR: wm-in-f121.1e100.net

api.lincx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.76.95 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.86.103.211 (None, )

ASN- ()

cdn.lowermybills.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.76.157 (None, )

ASN- ()

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.167.94 (None, )

ASN- ()

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	traversedlp.com 14 redirects static.traversedlp.com api.traversedlp.com	14 KB
11	googletagmanager.com www.googletagmanager.com	418 KB
4	lowermybills.com cdn.lowermybills.com pixmon.lowermybills.com Failed	73 KB
4	mediawallahscript.com 1 redirects partner.mediawallahscript.com	3 KB
2	chooseyourmortgage.com www.chooseyourmortgage.com	30 KB
2	lagoondot.com lagoondot.com	6 KB
1	gstatic.com fonts.gstatic.com	15 KB
1	googleadservices.com www.googleadservices.com	17 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	lincx.com api.lincx.com	23 KB
1	cdmtrk.com 1 redirects cdmtrk.com	898 B
1	bouncepilot.com static.bouncepilot.com	33 KB
1	lemewix.com 1 redirects www.lemewix.com	772 B
0	erate.com Failed www.erate.com Failed
40	14

	Domain	Requested by
24	api.traversedlp.com	14 redirects static.traversedlp.com lagoondot.com
11	www.googletagmanager.com	lagoondot.com www.chooseyourmortgage.com
4	cdn.lowermybills.com	www.chooseyourmortgage.com
4	partner.mediawallahscript.com	1 redirects lagoondot.com
2	www.chooseyourmortgage.com	lagoondot.com www.chooseyourmortgage.com
2	lagoondot.com	lagoondot.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.googleadservices.com	www.chooseyourmortgage.com
1	fonts.googleapis.com	www.chooseyourmortgage.com
1	api.lincx.com	www.chooseyourmortgage.com
1	cdmtrk.com	1 redirects
1	static.traversedlp.com	www.googletagmanager.com
1	static.bouncepilot.com	lagoondot.com
1	www.lemewix.com	1 redirects
0	pixmon.lowermybills.com Failed	www.chooseyourmortgage.com
0	www.erate.com Failed	www.chooseyourmortgage.com
40	16

This site contains links to these domains. Also see Links.

Domain
privacyportal.onetrust.com
lending.chooseyourmortgage.com

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.bouncepilot.com Amazon	`2021-06-23` - `2022-07-22`	a year	crt.sh
*.traversedlp.com Go Daddy Secure Certificate Authority - G2	`2020-12-29` - `2022-01-30`	a year	crt.sh
*.mediawallahscript.com Amazon	`2021-05-19` - `2022-06-17`	a year	crt.sh
chooseyourmortgage.com Thawte RSA CA 2018	`2021-08-27` - `2022-08-27`	a year	crt.sh
api.lincx.com GTS CA 1D4	`2021-08-12` - `2021-11-10`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-23` - `2021-11-15`	3 months	crt.sh
cdn.lowermybills.com R3	`2021-09-02` - `2021-12-01`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.chooseyourmortgage.com/lending/home-refinance/index.loan?moid=221627&sourceid=lmb-60047-121127-102&pkey1=102&pkey2=201060&pkey3=57139367&sid=72&cmpid=1167&crtid=347
Frame ID: D8C3F1028DDB0497F53FB76AFBDBF713
Requests: 29 HTTP requests in this frame

Frame: https://partner.mediawallahscript.com/?account_id=1006&partner_id=1028&tag_format=img&tag_action=email&cb=1631525084265
Frame ID: 7B5C6EAF6BF0A2B5E7F2EB4CD26BA862
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Choose Your Mortgage

Page URL History Show full URLs

http://www.lemewix.com/6294N2395N86By17muZ1IP8d3aL_52e9p32UGavbwEx4GgIvf4hxvD-GsrxvshwEGsi8ORpoooKQ... HTTP 302
http://lagoondot.com/a5d9d1931c9ab64005289468b767f2b4c/?sid1=&sid2=&sid3=&sid4= Page URL
https://cdmtrk.com/?E=ESFYIULDqRL4gwbOErab2g%3d%3d&s1=201060&s2=d6517e516b556090f4707a847c287b4... HTTP 302
https://www.chooseyourmortgage.com/lending/home-refinance/index.loan?moid=221627&sourceid=lmb-60047-121127-102&... Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

40
Requests

90 %
HTTPS

0 %
IPv6

14
Domains

16
Subdomains

13
IPs

3
Countries

626 kB
Transfer

1696 kB
Size

16
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://privacyportal.onetrust.com/webform/37cf9a71-5b40-4cf5-a30e-8beabeed8379/c3baaee8-0b37-4f2b-bf4c-76b0e035482e
Title: Do Not Sell My Information

Search URL Search Domain Scan URL

URL: https://lending.chooseyourmortgage.com/calculator
Title: Payment Calculator

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.lemewix.com/6294N2395N86By17muZ1IP8d3aL_52e9p32UGavbwEx4GgIvf4hxvD-GsrxvshwEGsi8ORpoooKQ6hQmg105okjcY/core-stabler HTTP 302
http://lagoondot.com/a5d9d1931c9ab64005289468b767f2b4c/?sid1=&sid2=&sid3=&sid4= Page URL
https://cdmtrk.com/?E=ESFYIULDqRL4gwbOErab2g%3d%3d&s1=201060&s2=d6517e516b556090f4707a847c287b49&s3= HTTP 302
https://www.chooseyourmortgage.com/lending/home-refinance/index.loan?moid=221627&sourceid=lmb-60047-121127-102&pkey1=102&pkey2=201060&pkey3=57139367&sid=72&cmpid=1167&crtid=347 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.lemewix.com/6294N2395N86By17muZ1IP8d3aL_52e9p32UGavbwEx4GgIvf4hxvD-GsrxvshwEGsi8ORpoooKQ6hQmg105okjcY/core-stabler HTTP 302
http://lagoondot.com/a5d9d1931c9ab64005289468b767f2b4c/?sid1=&sid2=&sid3=&sid4=

Request Chain 8

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/0.gif HTTP 302
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/0.gif?emailMd5Lower= HTTP 302
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/0.gif?emailMd5Lower=&ic=13f1fda4-f0f9-4b4b-ade6-6e3c95af5184 HTTP 302
https://api.traversedlp.com/retargeting/v1/match/enqueue.gif?partnerId=7f2715a7-b8fd-48f4-9443-d095cbdcc02e&redirect=https%3A%2F%2Fapi.traversedlp.com%2Fv1%2F7f2715a7-b8fd-48f4-9443-d095cbdcc02e%2F0.gif%3FemailMd5Lower%3D%26ic%3D13f1fda4-f0f9-4b4b-ade6-6e3c95af5184%26offset%3D1 HTTP 302
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/0.gif?emailMd5Lower=&ic=13f1fda4-f0f9-4b4b-ade6-6e3c95af5184&offset=1 HTTP 302
https://partner.mediawallahscript.com/?account_id=1006&partner_id=1028&tag_format=img&tag_action=email&cb=1631525084265

Request Chain 9

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/1.gif HTTP 302
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/1.gif?emailMd5Lower= HTTP 302
https://partner.mediawallahscript.com/?account_id=1006&partner_id=1028&tag_format=img&tag_action=email&cb=1631525083974

Request Chain 10

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/2.gif HTTP 302
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/2.gif?emailMd5Lower=

Request Chain 11

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/3.gif HTTP 302
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/3.gif?emailMd5Lower=

Request Chain 12

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/4.gif HTTP 302
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/4.gif?emailMd5Lower=

Request Chain 13

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/5.gif HTTP 302
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/5.gif?emailMd5Lower=

Request Chain 14

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/6.gif HTTP 302
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/6.gif?emailMd5Lower=

Request Chain 15

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/7.gif HTTP 302
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/7.gif?emailMd5Lower=

Request Chain 16

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/8.gif HTTP 302
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/8.gif?emailMd5Lower=

Request Chain 17

https://partner.mediawallahscript.com/?account_id=1006&partner_id=2080&uid=13f1fda4-f0f9-4b4b-ade6-6e3c95af5184&tag_format=img&tag_action=sync&cb=1631525083810 HTTP 302
https://partner.mediawallahscript.com/?account_id=1006&partner_id=2080&uid=13f1fda4-f0f9-4b4b-ade6-6e3c95af5184&tag_format=img&tag_action=sync&cb=1631525083810&final=true&reqid=6e36cdd0-1474-11ec-ac3c-b5deecfce8ae&timestamp=2021-09-13T09%3A24%3A43.950Z

40 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Cookie set / Show response
lagoondot.com/a5d9d1931c9ab64005289468b767f2b4c/
Redirect Chain

http://www.lemewix.com/6294N2395N86By17muZ1IP8d3aL_52e9p32UGavbwEx4GgIvf4hxvD-GsrxvshwEGsi8ORpoooKQ6hQmg105okjcY/core-stabler
http://lagoondot.com/a5d9d1931c9ab64005289468b767f2b4c/?sid1=&sid2=&sid3=&sid4=

6 KB
6 KB

909ms
795ms

Document
text/html

104.144.68.123
SERVER-MANIA

General

Check archive.org

Show headers Download Go to

Full URL: http://lagoondot.com/a5d9d1931c9ab64005289468b767f2b4c/?sid1=&sid2=&sid3=&sid4=
Protocol: HTTP/1.1
Server: 104.144.68.123 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software: nginx / PHP/7.3.29
Resource Hash: 372294cc1aab70112a999aea2d65bd74cbc1d8a4dec97bae3e5602baacf52ab5

Request headers

Host: lagoondot.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Mon, 13 Sep 2021 09:34:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.29
Set-Cookie: clkcheck27697=d6517e516b556090f4707a847c287b49_201060; expires=Wed, 13-Oct-2021 09:34:28 GMT; Max-Age=2592000; path=/; SameSite=Lax

Redirect headers

Date: Mon, 13 Sep 2021 09:24:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/5.3.3
location: http://lagoondot.com/a5d9d1931c9ab64005289468b767f2b4c/?sid1=&sid2=&sid3=&sid4=
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WMrYGcOD0ugaU3g1hl4IgVnDSESkwSWniIHa7muCo0VCXafQQYAFgsRpZglm168DRr5R37ZfeuQXWW1LzEIDzw3h4OD79X%2FNyZ9Rb8%2B77Ybo4%2F%2FAWK6r4TfZRMueg2Pz5kc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68e052f18ace062d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 88 KB
35 KB 55ms
21ms Script
application/javascript 142.250.13.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NXNQ2LW

Requested by

Host: lagoondot.com
URL: http://lagoondot.com/a5d9d1931c9ab64005289468b767f2b4c/?sid1=&sid2=&sid3=&sid4=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.13.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

we-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

34eda4452f52d391e687dea29ca150e5303fc78f299f3bfd287e2f77d101d322

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://lagoondot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 09:24:43 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35778
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Sep 2021 09:24:43 GMT

POST
H/1.1 200
OK fp.php Show response
lagoondot.com/ 0
194 B 260ms
260ms XHR
text/html 104.144.68.123
SERVER-MANIA

General

Check archive.org

Show headers Download Go to

Full URL: http://lagoondot.com/fp.php
Requested by: Host: lagoondot.com
URL: http://lagoondot.com/a5d9d1931c9ab64005289468b767f2b4c/?sid1=&sid2=&sid3=&sid4=
Protocol: HTTP/1.1
Server: 104.144.68.123 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software: nginx / PHP/7.3.29
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Origin: http://lagoondot.com
Accept-Encoding: gzip, deflate
Host: lagoondot.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: */*
Cache-Control: no-cache
Referer: http://lagoondot.com/a5d9d1931c9ab64005289468b767f2b4c/?sid1=&sid2=&sid3=&sid4=
Cookie: clkcheck27697=d6517e516b556090f4707a847c287b49_201060
Connection: keep-alive
Content-Length: 946
Referer: http://lagoondot.com/a5d9d1931c9ab64005289468b767f2b4c/?sid1=&sid2=&sid3=&sid4=
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 13 Sep 2021 09:34:28 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/7.3.29
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 29a38865-21e1-485f-8a85-c343bbbe30fb.js Show response
static.bouncepilot.com/ 33 KB
33 KB 124ms
18ms Script
application/javascript 13.225.25.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.bouncepilot.com/29a38865-21e1-485f-8a85-c343bbbe30fb.js
Requested by: Host: lagoondot.com
URL: http://lagoondot.com/a5d9d1931c9ab64005289468b767f2b4c/?sid1=&sid2=&sid3=&sid4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.25.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-25-85.cdg3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b8a3efcf61c1c8a8e147616427e60fabbbe68fc0fab30c7bb0d221dd209bfd37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://lagoondot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 15:58:31 GMT
via: 1.1 b3f4b9d58649ca2204c0fb8174557c63.cloudfront.net (CloudFront)
last-modified: Fri, 03 Sep 2021 17:04:41 GMT
server: AmazonS3
age: 73986
etag: "e8b3aa6892d89e7fa297cb215b41f227"
x-cache: Error from cloudfront
content-type: application/javascript
x-amz-cf-pop: CDG3-C2
accept-ranges: bytes
content-length: 33917
x-amz-cf-id: GjPJC1BNeIt5WJoFhkyF5cSuZyqnkQJZXDKBj_gEUG95C28OyDbTbA==

GET
H/1.1 200
OK retargeting.js Show response
static.traversedlp.com/v1/ 11 KB
4 KB 42ms
7ms Script
application/javascript 143.204.207.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.traversedlp.com/v1/retargeting.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXNQ2LW
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-78.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3ad3fefdb207753cf1f7f14c610030fd6b00660db09420776630d056c35a2c58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://lagoondot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: F12F5DseUFay5ZveUw335ReTN1KGpJUZ
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 10 Jun 2021 05:37:15 GMT
Server: AmazonS3
Age: 5000
ETag: W/"c31ba40743566f87f00f822e3cefb390"
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
Connection: keep-alive
Date: Mon, 13 Sep 2021 08:30:08 GMT
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: ekr4xvHZm8oAKvvGZkO74ZgEgdjaMQfVC53EHR6mlPnYFnDMAbZusQ==

GET
H2 200 cookie Show response
api.traversedlp.com/retargeting/v1/ 117 B
818 B 315ms
96ms XHR
application/json 3.225.18.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.traversedlp.com/retargeting/v1/cookie
Requested by: Host: static.traversedlp.com
URL: https://static.traversedlp.com/v1/retargeting.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.18.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-18-241.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e9190d14a86eece92dce9782878eb5a3de53c585f98e33f3044f4fa5df2bcea0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://lagoondot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 09:24:43 GMT
server: nginx/1.20.0
etag: W/"75-DlTHPXBVoCV99ldB4dWfZw"
vary: Accept-Encoding
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
access-control-allow-origin: http://lagoondot.com
access-control-expose-headers
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 117

OPTIONS
H2 200 enqueue
api.traversedlp.com/retargetinginclusion/ Frame 0
0 293ms
98ms Preflight
text/html 3.225.18.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.traversedlp.com/retargetinginclusion/enqueue
Protocol: H2
Server: 3.225.18.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-18-241.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://lagoondot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 13 Sep 2021 09:24:44 GMT
content-type: text/html; charset=utf-8
content-length: 228
server: nginx/1.20.0
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
access-control-allow-origin: http://lagoondot.com
access-control-allow-credentials: true
access-control-expose-headers
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-headers: content-type,authorization
allow: ACL,BIND,CHECKOUT,CONNECT,COPY,DELETE,GET,HEAD,LINK,LOCK,M-SEARCH,MERGE,MKACTIVITY,MKCALENDAR,MKCOL,MOVE,NOTIFY,PATCH,POST,PROPFIND,PROPPATCH,PURGE,PUT,REBIND,REPORT,SEARCH,SOURCE,SUBSCRIBE,TRACE,UNBIND,UNLINK,UNLOCK,UNSUBSCRIBE
etag: W/"e4-6lFXkgJZ15OAZuBnvvjMtg"
vary: Accept-Encoding

POST
H2 200 enqueue
api.traversedlp.com/retargetinginclusion/ 0
323 B 97ms
96ms XHR
text/plain 3.225.18.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.traversedlp.com/retargetinginclusion/enqueue
Requested by: Host: static.traversedlp.com
URL: https://static.traversedlp.com/v1/retargeting.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.18.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-18-241.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash

Request headers

Referer: http://lagoondot.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: http://lagoondot.com
date: Mon, 13 Sep 2021 09:24:44 GMT
access-control-allow-credentials: true
server: nginx/1.20.0
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
vary: X-HTTP-Method-Override
access-control-expose-headers

GET
H/1.1

204
No Content

/
partner.mediawallahscript.com/ Frame 7B5C
Redirect Chain

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/0.gif
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/0.gif?emailMd5Lower=
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/0.gif?emailMd5Lower=&ic=13f1fda4-f0f9-4b4b-ade6-6e3c95af5184
https://api.traversedlp.com/retargeting/v1/match/enqueue.gif?partnerId=7f2715a7-b8fd-48f4-9443-d095cbdcc02e&redirect=https%3A%2F%2Fapi.traversedlp.com%2Fv1%2F7f2715a7-b8fd-48f4-9443-d095cbdcc02e%2F...
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/0.gif?emailMd5Lower=&ic=13f1fda4-f0f9-4b4b-ade6-6e3c95af5184&offset=1
https://partner.mediawallahscript.com/?account_id=1006&partner_id=1028&tag_format=img&tag_action=email&cb=1631525084265

0
638 B

30ms
30ms

Image
text/plain

54.77.5.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=1006&partner_id=1028&tag_format=img&tag_action=email&cb=1631525084265
Requested by: Host: lagoondot.com
URL: http://lagoondot.com/a5d9d1931c9ab64005289468b767f2b4c/?sid1=&sid2=&sid3=&sid4=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.5.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-5-233.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://lagoondot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 13 Sep 2021 09:24:44 GMT
Cache-Control: private, no-cache, must-revalidate, no-store, max-age=0
Server: nginx/1.18.0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://partner.mediawallahscript.com/?account_id=1006&partner_id=1028&tag_format=img&tag_action=email&cb=1631525084265
date: Mon, 13 Sep 2021 09:24:44 GMT
server: nginx/1.20.0
content-type: text/plain; charset=UTF-8
content-length: 141
vary: Accept, Accept-Encoding
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

GET
H/1.1

204
No Content

/
partner.mediawallahscript.com/ Frame 7B5C
Redirect Chain

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/1.gif
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/1.gif?emailMd5Lower=
https://partner.mediawallahscript.com/?account_id=1006&partner_id=1028&tag_format=img&tag_action=email&cb=1631525083974

0
638 B

32ms
30ms

Image
text/plain

54.77.5.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=1006&partner_id=1028&tag_format=img&tag_action=email&cb=1631525083974
Requested by: Host: lagoondot.com
URL: http://lagoondot.com/a5d9d1931c9ab64005289468b767f2b4c/?sid1=&sid2=&sid3=&sid4=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.5.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-5-233.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://lagoondot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 13 Sep 2021 09:24:44 GMT
Cache-Control: private, no-cache, must-revalidate, no-store, max-age=0
Server: nginx/1.18.0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://partner.mediawallahscript.com/?account_id=1006&partner_id=1028&tag_format=img&tag_action=email&cb=1631525083974
date: Mon, 13 Sep 2021 09:24:43 GMT
server: nginx/1.20.0
content-type: text/plain; charset=UTF-8
content-length: 141
vary: Accept, Accept-Encoding
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

GET
H2

200

2.gif
api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/ Frame 7B5C
Redirect Chain

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/2.gif
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/2.gif?emailMd5Lower=

35 B
466 B

96ms
95ms

Image
image/gif

3.225.18.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/2.gif?emailMd5Lower=
Requested by: Host: lagoondot.com
URL: http://lagoondot.com/a5d9d1931c9ab64005289468b767f2b4c/?sid1=&sid2=&sid3=&sid4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.18.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-18-241.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://lagoondot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 09:24:44 GMT
server: nginx/1.20.0
content-type: image/gif
etag: W/"23-whlt6LpBLGDCKrSRr3sUCQ"
content-length: 35
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

Redirect headers

location: https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/2.gif?emailMd5Lower=
date: Mon, 13 Sep 2021 09:24:43 GMT
server: nginx/1.20.0
content-type: text/plain; charset=UTF-8
content-length: 110
vary: Accept, Accept-Encoding
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

GET
H2

200

3.gif
api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/ Frame 7B5C
Redirect Chain

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/3.gif
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/3.gif?emailMd5Lower=

35 B
466 B

96ms
96ms

Image
image/gif

3.225.18.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/3.gif?emailMd5Lower=
Requested by: Host: lagoondot.com
URL: http://lagoondot.com/a5d9d1931c9ab64005289468b767f2b4c/?sid1=&sid2=&sid3=&sid4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.18.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-18-241.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://lagoondot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 09:24:44 GMT
server: nginx/1.20.0
content-type: image/gif
etag: W/"23-whlt6LpBLGDCKrSRr3sUCQ"
content-length: 35
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

Redirect headers

location: https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/3.gif?emailMd5Lower=
date: Mon, 13 Sep 2021 09:24:43 GMT
server: nginx/1.20.0
content-type: text/plain; charset=UTF-8
content-length: 110
vary: Accept, Accept-Encoding
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

GET
H2

200

4.gif
api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/ Frame 7B5C
Redirect Chain

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/4.gif
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/4.gif?emailMd5Lower=

35 B
466 B

97ms
97ms

Image
image/gif

3.225.18.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/4.gif?emailMd5Lower=
Requested by: Host: lagoondot.com
URL: http://lagoondot.com/a5d9d1931c9ab64005289468b767f2b4c/?sid1=&sid2=&sid3=&sid4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.18.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-18-241.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://lagoondot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 09:24:44 GMT
server: nginx/1.20.0
content-type: image/gif
etag: W/"23-whlt6LpBLGDCKrSRr3sUCQ"
content-length: 35
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

Redirect headers

location: https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/4.gif?emailMd5Lower=
date: Mon, 13 Sep 2021 09:24:43 GMT
server: nginx/1.20.0
content-type: text/plain; charset=UTF-8
content-length: 110
vary: Accept, Accept-Encoding
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

GET
H2

200

5.gif
api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/ Frame 7B5C
Redirect Chain

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/5.gif
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/5.gif?emailMd5Lower=

35 B
465 B

98ms
97ms

Image
image/gif

3.225.18.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/5.gif?emailMd5Lower=
Requested by: Host: lagoondot.com
URL: http://lagoondot.com/a5d9d1931c9ab64005289468b767f2b4c/?sid1=&sid2=&sid3=&sid4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.18.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-18-241.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://lagoondot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 09:24:44 GMT
server: nginx/1.20.0
content-type: image/gif
etag: W/"23-whlt6LpBLGDCKrSRr3sUCQ"
content-length: 35
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

Redirect headers

location: https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/5.gif?emailMd5Lower=
date: Mon, 13 Sep 2021 09:24:43 GMT
server: nginx/1.20.0
content-type: text/plain; charset=UTF-8
content-length: 110
vary: Accept, Accept-Encoding
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

GET
H2

200

6.gif
api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/ Frame 7B5C
Redirect Chain

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/6.gif
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/6.gif?emailMd5Lower=

35 B
464 B

97ms
96ms

Image
image/gif

3.225.18.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/6.gif?emailMd5Lower=
Requested by: Host: lagoondot.com
URL: http://lagoondot.com/a5d9d1931c9ab64005289468b767f2b4c/?sid1=&sid2=&sid3=&sid4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.18.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-18-241.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://lagoondot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 09:24:43 GMT
server: nginx/1.20.0
content-type: image/gif
etag: W/"23-whlt6LpBLGDCKrSRr3sUCQ"
content-length: 35
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

Redirect headers

location: https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/6.gif?emailMd5Lower=
date: Mon, 13 Sep 2021 09:24:43 GMT
server: nginx/1.20.0
content-type: text/plain; charset=UTF-8
content-length: 110
vary: Accept, Accept-Encoding
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

GET
H2

200

7.gif
api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/ Frame 7B5C
Redirect Chain

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/7.gif
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/7.gif?emailMd5Lower=

35 B
464 B

97ms
96ms

Image
image/gif

3.225.18.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/7.gif?emailMd5Lower=
Requested by: Host: lagoondot.com
URL: http://lagoondot.com/a5d9d1931c9ab64005289468b767f2b4c/?sid1=&sid2=&sid3=&sid4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.18.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-18-241.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://lagoondot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 09:24:43 GMT
server: nginx/1.20.0
content-type: image/gif
etag: W/"23-whlt6LpBLGDCKrSRr3sUCQ"
content-length: 35
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

Redirect headers

location: https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/7.gif?emailMd5Lower=
date: Mon, 13 Sep 2021 09:24:43 GMT
server: nginx/1.20.0
content-type: text/plain; charset=UTF-8
content-length: 110
vary: Accept, Accept-Encoding
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

GET
H2

200

8.gif
api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/ Frame 7B5C
Redirect Chain

https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/8.gif
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/8.gif?emailMd5Lower=

35 B
466 B

96ms
96ms

Image
image/gif

3.225.18.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/8.gif?emailMd5Lower=
Requested by: Host: lagoondot.com
URL: http://lagoondot.com/a5d9d1931c9ab64005289468b767f2b4c/?sid1=&sid2=&sid3=&sid4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.18.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-18-241.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://lagoondot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 09:24:43 GMT
server: nginx/1.20.0
content-type: image/gif
etag: W/"23-whlt6LpBLGDCKrSRr3sUCQ"
content-length: 35
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

Redirect headers

location: https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/8.gif?emailMd5Lower=
date: Mon, 13 Sep 2021 09:24:43 GMT
server: nginx/1.20.0
content-type: text/plain; charset=UTF-8
content-length: 110
vary: Accept, Accept-Encoding
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

GET
H/1.1

204
No Content

/
partner.mediawallahscript.com/ Frame 7B5C
Redirect Chain

https://partner.mediawallahscript.com/?account_id=1006&partner_id=2080&uid=13f1fda4-f0f9-4b4b-ade6-6e3c95af5184&tag_format=img&tag_action=sync&cb=1631525083810
https://partner.mediawallahscript.com/?account_id=1006&partner_id=2080&uid=13f1fda4-f0f9-4b4b-ade6-6e3c95af5184&tag_format=img&tag_action=sync&cb=1631525083810&final=true&reqid=6e36cdd0-1474-11ec-a...

0
638 B

33ms
33ms

Image
text/plain

54.77.5.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=1006&partner_id=2080&uid=13f1fda4-f0f9-4b4b-ade6-6e3c95af5184&tag_format=img&tag_action=sync&cb=1631525083810&final=true&reqid=6e36cdd0-1474-11ec-ac3c-b5deecfce8ae&timestamp=2021-09-13T09%3A24%3A43.950Z
Requested by: Host: lagoondot.com
URL: http://lagoondot.com/a5d9d1931c9ab64005289468b767f2b4c/?sid1=&sid2=&sid3=&sid4=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.5.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-5-233.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://lagoondot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 13 Sep 2021 09:24:43 GMT
Cache-Control: private, no-cache, must-revalidate, no-store, max-age=0
Server: nginx/1.18.0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Mon, 13 Sep 2021 09:24:43 GMT
Server: nginx/1.18.0
Vary: Accept, Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: /?account_id=1006&partner_id=2080&uid=13f1fda4-f0f9-4b4b-ade6-6e3c95af5184&tag_format=img&tag_action=sync&cb=1631525083810&final=true&reqid=6e36cdd0-1474-11ec-ac3c-b5deecfce8ae&timestamp=2021-09-13T09%3A24%3A43.950Z
Cache-Control: private, no-cache, must-revalidate, no-store, max-age=0
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 237
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

Primary Request

Cookie set index.loan Show response
www.chooseyourmortgage.com/lending/home-refinance/
Redirect Chain

https://cdmtrk.com/?E=ESFYIULDqRL4gwbOErab2g%3d%3d&s1=201060&s2=d6517e516b556090f4707a847c287b49&s3=
https://www.chooseyourmortgage.com/lending/home-refinance/index.loan?moid=221627&sourceid=lmb-60047-121127-102&pkey1=102&pkey2=201060&pkey3=57139367&sid=72&cmpid=1167&crtid=347

130 KB
30 KB

1897ms
1220ms

Document
text/html

35.155.173.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.chooseyourmortgage.com/lending/home-refinance/index.loan?moid=221627&sourceid=lmb-60047-121127-102&pkey1=102&pkey2=201060&pkey3=57139367&sid=72&cmpid=1167&crtid=347
Requested by: Host: lagoondot.com
URL: http://lagoondot.com/a5d9d1931c9ab64005289468b767f2b4c/?sid1=&sid2=&sid3=&sid4=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.155.173.234 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-155-173-234.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 80041c4b10add278f58edf0e3e52e380f62a712651937f45b5dcb49b61e7011c

Request headers

Host: www.chooseyourmortgage.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: http://lagoondot.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://lagoondot.com/a5d9d1931c9ab64005289468b767f2b4c/?sid1=&sid2=&sid3=&sid4=

Response headers

Date: Mon, 13 Sep 2021 09:24:45 GMT
Set-Cookie: SERVER_COOKIE=9adafca6.5cbdd0929cc96; path=/; expires=Wed, 13-Sep-23 09:24:45 GMT JSESSIONID=uQxvM9ScZLPx1yFmZuLe+cQy.WAPP09.MOON.CDM-MC-09; Path=/lending sourceid_cookie=lmb-60047-121127-102; Expires=Wed, 13-Oct-2021 09:24:45 GMT; Path=/ LMB_VISITOR_ID=3997148781; Expires=Tue, 13-Sep-2022 09:24:45 GMT; Path=/ lmb_repeat_visitor=Y; Expires=Tue, 13-Sep-2022 09:24:45 GMT; Path=/ BIGipServerpl.prod-http-lnd=!CtDqfQShMcNHSJxRHhj5eaSY0gTQ+DzpD90o0rkcb45SVmvPZBCPC5syLCZgCuWsV+TN4gMB4Rukmaw=; path=/; Httponly; Secure TS016c3cf9=012d8c2fc3e4f40e7d7abb274250edcedca1b3d48136e327202375cbf5b48fd5e7ec4f7d151380b2c5c14c9a62b4431ee2253968f9; Path=/; Domain=.www.chooseyourmortgage.com TS01130a72=012d8c2fc3e4f40e7d7abb274250edcedca1b3d48136e327202375cbf5b48fd5e7ec4f7d151380b2c5c14c9a62b4431ee2253968f9; path=/lending
Pragma: no-cache
Cache-Control: max-stale=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="CAO PSA OUR" CP="NON DSP COR LAW CONi TELi OUR SAM IND CNT"
Content-Type: text/html;charset=ISO-8859-1
Content-Language: de-DE
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 29298
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

Redirect headers

Cache-Control: private
Content-Length: 321
Content-Type: text/html; charset=utf-8
Date: Mon, 13 Sep 2021 09:24:44 GMT
Location: https://www.chooseyourmortgage.com/lending/home-refinance/index.loan?moid=221627&sourceid=lmb-60047-121127-102&pkey1=102&pkey2=201060&pkey3=57139367&sid=72&cmpid=1167&crtid=347
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=RZvWMQyWWXjA78uFyMsOxJudmebRgfjMwLKsmN13Ag4NPlI+0t0F5g==; domain=.cdmtrk.com; path=/; SameSite=None; secure; HttpOnly trk=/Z+yToJtOiDA78uFyMsOxJudmebRgfjMwLKsmN13Ag4NPlI+0t0F5g==; domain=.cdmtrk.com; expires=Sun, 13-Sep-2026 02:24:44 GMT; path=/; SameSite=None; secure; HttpOnly c72=RZvWMQyWWXi6N92xoPhOCq02MdX+kok+TEsy4/WxkjQ=; domain=.cdmtrk.com; expires=Sun, 13-Sep-2026 09:24:44 GMT; path=/; SameSite=None; secure; HttpOnly
Connection: close

GET
H2 200 load Show response
api.lincx.com/ 72 KB
23 KB 278ms
218ms Script
text/javascript 64.233.166.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.lincx.com/load
Requested by: Host: www.chooseyourmortgage.com
URL: https://www.chooseyourmortgage.com/lending/home-refinance/index.loan?moid=221627&sourceid=lmb-60047-121127-102&pkey1=102&pkey2=201060&pkey3=57139367&sid=72&cmpid=1167&crtid=347
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.166.121 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wm-in-f121.1e100.net
Software: /
Resource Hash: 921a7e9ba9a7b5e088aafb068ef1fd67870f1de29cbd632edc89e42b6a1495f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.chooseyourmortgage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 09:24:46 GMT
via: 1.1 google
content-encoding: gzip
content-length: 23611
content-type: text/javascript

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
1 KB 53ms
19ms Stylesheet
text/css 173.194.76.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans&display=swap

Requested by

Host: www.chooseyourmortgage.com
URL: https://www.chooseyourmortgage.com/lending/home-refinance/index.loan?moid=221627&sourceid=lmb-60047-121127-102&pkey1=102&pkey2=201060&pkey3=57139367&sid=72&cmpid=1167&crtid=347

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f95.1e100.net

Software

ESF /

Resource Hash

e01c3e936f2a41ed3b549425c5e00a255e4e4599403d2a764805643ebff63d37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.chooseyourmortgage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 08:16:06 GMT
server: ESF
date: Mon, 13 Sep 2021 09:24:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Sep 2021 09:24:46 GMT

GET
H/1.1 200
OK CHOOSE_YOUR_MORTGAGE_LOGO_HORIZONTAL.png
cdn.lowermybills.com/lending-images/2021/CYM/CYM%20Logos/ 3 KB
4 KB 232ms
45ms Image
image/png 184.86.103.211

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.lowermybills.com/lending-images/2021/CYM/CYM%20Logos/CHOOSE_YOUR_MORTGAGE_LOGO_HORIZONTAL.png
Requested by: Host: www.chooseyourmortgage.com
URL: https://www.chooseyourmortgage.com/lending/home-refinance/index.loan?moid=221627&sourceid=lmb-60047-121127-102&pkey1=102&pkey2=201060&pkey3=57139367&sid=72&cmpid=1167&crtid=347
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.103.211 -, , ASN (),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 6b57a2aacc93ed112a064a8f626adfbe8e1ccd38957360f7ff925836117259fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.chooseyourmortgage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 13 Sep 2021 09:24:47 GMT
Last-Modified: Wed, 14 Jul 2021 23:25:02 GMT
Server: Akamai Image Manager
ETag: "67e3de8dffd423fe-1766-5c4700beba0b0"
Content-Type: image/png
Cache-Control: no-transform, max-age=15552000
Connection: keep-alive
Content-Length: 3365
Expires: Sat, 12 Mar 2022 09:24:47 GMT

GET getRates
www.erate.com/widgets/ 0
0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 98 KB
38 KB 67ms
64ms Script
application/javascript 142.250.13.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M8GTM2K

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.13.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

we-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

40f5301ac41faf58741bb59b0ba74f91dcef3f34e7dee3a43b9bc98fac228563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.chooseyourmortgage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 09:24:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38617
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Sep 2021 09:24:46 GMT

GET
H/1.1 200
OK wsmvc2-global.js Show response
cdn.lowermybills.com/lending/jawr/gzip_383788347/jawr/ 208 KB
59 KB 204ms
8ms Script
text/javascript 184.86.103.211

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lowermybills.com/lending/jawr/gzip_383788347/jawr/wsmvc2-global.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

184.86.103.211 -, , ASN (),

Reverse DNS

Software

Resource Hash

c8364d86672de07ea5647ed648c452e9796e39698cf18ef7ddc4cef78de672b3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.lowermybills.com app.optimizely.com analytics.google.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.chooseyourmortgage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="NON DSP COR LAW CONi TELi OUR SAM IND CNT"
Connection: keep-alive
Content-Length: 60033
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 06 Nov 2005 12:00:00 GMT
X-Frame-Options: SAMEORIGIN
Date: Mon, 13 Sep 2021 09:24:47 GMT
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: public, max-age=15552000, post-check=15552000, pre-check=315360000
ETag: 2740050219
Content-Security-Policy: frame-ancestors 'self' *.lowermybills.com app.optimizely.com analytics.google.com
Expires: Sat, 12 Mar 2022 09:24:47 GMT

GET
H/1.1 200
OK deviceatlas-global.js Show response
cdn.lowermybills.com/lending/jawr/gzip_N2020317185/jawr/ 9 KB
4 KB 194ms
7ms Script
text/javascript 184.86.103.211

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lowermybills.com/lending/jawr/gzip_N2020317185/jawr/deviceatlas-global.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

184.86.103.211 -, , ASN (),

Reverse DNS

Software

Resource Hash

426c01c0231812a69abddf7146bf8bd12355ce703f1479a51399622b816e3099

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.lowermybills.com app.optimizely.com analytics.google.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.chooseyourmortgage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="NON DSP COR LAW CONi TELi OUR SAM IND CNT"
Connection: keep-alive
Content-Length: 3250
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 06 Nov 2005 12:00:00 GMT
X-Frame-Options: SAMEORIGIN
Date: Mon, 13 Sep 2021 09:24:47 GMT
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: public, max-age=15552000, post-check=15552000, pre-check=315360000
ETag: 2740050219
Content-Security-Policy: frame-ancestors 'self' *.lowermybills.com app.optimizely.com analytics.google.com
Expires: Sat, 12 Mar 2022 09:24:47 GMT

GET
H/1.1 200
OK 2791546-48.js Show response
cdn.lowermybills.com/lending/jawr/gzip_647680422/jawr/ 24 KB
6 KB 194ms
7ms Script
text/javascript 184.86.103.211

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lowermybills.com/lending/jawr/gzip_647680422/jawr/2791546-48.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

184.86.103.211 -, , ASN (),

Reverse DNS

Software

Resource Hash

beabc45ca9c01cac07dd127e21dca4d5eb11e979ab1c81c2ba86823f733e01bf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.lowermybills.com app.optimizely.com analytics.google.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.chooseyourmortgage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="NON DSP COR LAW CONi TELi OUR SAM IND CNT"
Connection: keep-alive
Content-Length: 5174
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 06 Nov 2005 12:00:00 GMT
X-Frame-Options: SAMEORIGIN
Date: Mon, 13 Sep 2021 09:24:47 GMT
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: public, max-age=15552000, post-check=15552000, pre-check=315360000
ETag: 2740050219
Content-Security-Policy: frame-ancestors 'self' *.lowermybills.com app.optimizely.com analytics.google.com
Expires: Sat, 12 Mar 2022 09:24:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 43ms
39ms Script
application/javascript 142.250.13.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-882032010

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.13.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

we-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

2e7c031ce6d88829ffc212eefac4fce0ad6340432d7fed37f07e89c1749cccc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.chooseyourmortgage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 09:24:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39226
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Sep 2021 09:24:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 61ms
58ms Script
application/javascript 142.250.13.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-934858762

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.13.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

we-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

acf9405eacff8b7dc074c163f8f5543c617f10a6d5ada53f658ce56d972e9bd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.chooseyourmortgage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 09:24:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39226
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Sep 2021 09:24:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 92 KB
37 KB 26ms
23ms Script
application/javascript 142.250.13.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-852807

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.13.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

we-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

0586ab39ce7ff4823d46fbf2ea8d5cc1d7638682b7388734aa56ea4c2c24d4ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.chooseyourmortgage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 09:24:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37859
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Sep 2021 09:24:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 58ms
55ms Script
application/javascript 142.250.13.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-735544455

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.13.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

we-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

7bd83222cb09fa36fd111b141b199cde99d44a7755d1e9b44ad1e6840121befa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.chooseyourmortgage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 09:24:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39228
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Sep 2021 09:24:46 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 44 KB
17 KB 55ms
17ms Script
text/javascript 173.194.76.157

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.157 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

fa4bfce05fb76c6ec5ceeef87aa6377bb3a96c0667c238c76dd301eae58a8cb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.chooseyourmortgage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 09:24:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17347
x-xss-protection: 0
server: cafe
etag: 244401856919365945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 13 Sep 2021 09:24:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 50ms
47ms Script
application/javascript 142.250.13.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-966730890

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.13.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

we-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

37b38fa7fcadf1475b04d164e02b3ea6244e2e9e99631f0c54209a38bd90bc87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.chooseyourmortgage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 09:24:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39232
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Sep 2021 09:24:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 69ms
67ms Script
application/javascript 142.250.13.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-874461485

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.13.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

we-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

4ff984f9e54e8a89b8dc9ab5606df263587ed6cd0d8fc14f7b24593aeae1c877

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.chooseyourmortgage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 09:24:47 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39223
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Sep 2021 09:24:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 34ms
31ms Script
application/javascript 142.250.13.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-968462554

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.13.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

we-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

699d12a965519a02840f1a1e069cb58106364cd55ebb65561eac75782374e508

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.chooseyourmortgage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 09:24:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39226
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Sep 2021 09:24:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 53ms
51ms Script
application/javascript 142.250.13.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-950054130

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.13.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

we-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

accf5f8a7c540ab3dad08cb01b9cb031457f04fe396ca70724a7442373950a1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.chooseyourmortgage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 09:24:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39309
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Sep 2021 09:24:46 GMT

GET cdn-monitoring-pixel.gif
pixmon.lowermybills.com/pixmon/ 0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 63ms
61ms Script
application/javascript 142.250.13.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-653751646

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.13.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

we-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

fdb0f084505da23c901a2ae90bab12616f17269232963baf9907541c78763251

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.chooseyourmortgage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 09:24:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39225
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Sep 2021 09:24:46 GMT

GET
H/1.1 200
OK Cookie set yellow_house_2x.png
www.chooseyourmortgage.com/lending-images/2021/CYM/0065%20-%20Hero%20Illustrations/ 91 KB
0 180ms
179ms Image
image/png 35.155.173.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.chooseyourmortgage.com/lending-images/2021/CYM/0065%20-%20Hero%20Illustrations/yellow_house_2x.png
Requested by: Host: www.chooseyourmortgage.com
URL: https://www.chooseyourmortgage.com/lending/home-refinance/index.loan?moid=221627&sourceid=lmb-60047-121127-102&pkey1=102&pkey2=201060&pkey3=57139367&sid=72&cmpid=1167&crtid=347
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.155.173.234 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-155-173-234.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.chooseyourmortgage.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.chooseyourmortgage.com/lending/home-refinance/index.loan?moid=221627&sourceid=lmb-60047-121127-102&pkey1=102&pkey2=201060&pkey3=57139367&sid=72&cmpid=1167&crtid=347
Cookie: SERVER_COOKIE=9adafca6.5cbdd0929cc96; sourceid_cookie=lmb-60047-121127-102; LMB_VISITOR_ID=3997148781; lmb_repeat_visitor=Y; BIGipServerpl.prod-http-lnd=!CtDqfQShMcNHSJxRHhj5eaSY0gTQ+DzpD90o0rkcb45SVmvPZBCPC5syLCZgCuWsV+TN4gMB4Rukmaw=; TS016c3cf9=012d8c2fc3e4f40e7d7abb274250edcedca1b3d48136e327202375cbf5b48fd5e7ec4f7d151380b2c5c14c9a62b4431ee2253968f9
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.chooseyourmortgage.com/lending/home-refinance/index.loan?moid=221627&sourceid=lmb-60047-121127-102&pkey1=102&pkey2=201060&pkey3=57139367&sid=72&cmpid=1167&crtid=347
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 13 Sep 2021 09:24:47 GMT
Last-Modified: Fri, 21 May 2021 02:29:44 GMT
ETag: "3a6b72d31f0c6d45-2f4a8-5c2cdd53640a0"
Connection: Keep-Alive
P3P: CP="NON DSP COR LAW CONi TELi OUR SAM IND CNT"
Cache-Control: max-age=2592000
Set-Cookie: BIGipServerpl.prod-static-66=!PjJfOiv6/zhSMKNRHhj5eaSY0gTQ+C3mfY7ur5SPPNa6/EvJrApXye25PQOQUkly8ZgctnBV3ge4eO0=; path=/; Httponly; Secure TS016c3cf9=012d8c2fc3e4f40e7d7abb274250edcedca1b3d48136e327202375cbf5b48fd5e7ec4f7d151380b2c5c14c9a62b4431ee2253968f9; Path=/; Domain=.www.chooseyourmortgage.com
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=2, max=40
Content-Length: 193704
Expires: Wed, 13 Oct 2021 09:24:47 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/ 14 KB
15 KB 67ms
20ms Font
font/woff2 64.233.167.94

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.94 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.chooseyourmortgage.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 21:22:33 GMT
x-content-type-options: nosniff
age: 475334
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:25 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Sep 2022 21:22:33 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.erate.com
URL: https://www.erate.com/widgets/getRates?state=US

Domain: pixmon.lowermybills.com
URL: https://pixmon.lowermybills.com/pixmon/cdn-monitoring-pixel.gif?vertical=LP_CYM&testId=2056158&presentationId=2791546&pageId=5649930&sourceId=lmb-60047-121127-102&vvId=5104720822&sId=uQxvM9ScZLPx1yFmZuLe%2BcQy.WAPP09.MOON.CDM-MC-09

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.chooseyourmortgage.com/lending	1969-12-31 23:59:59	Name: JSESSIONID Value: uQxvM9ScZLPx1yFmZuLe+cQy.WAPP09.MOON.CDM-MC-09
www.chooseyourmortgage.com/lending	1969-12-31 23:59:59	Name: TS01130a72 Value: 012d8c2fc3e4f40e7d7abb274250edcedca1b3d48136e327202375cbf5b48fd5e7ec4f7d151380b2c5c14c9a62b4431ee2253968f9
lagoondot.com/	1970-01-19 21:55:17	Name: clkcheck27697 Value: d6517e516b556090f4707a847c287b49_201060
.traversedlp.com/	1970-01-20 05:57:41	Name: v1.cookieId Value: s%3A13f1fda4-f0f9-4b4b-ade6-6e3c95af5184.BOmBD6NaUGi24Imv77tb3EZ%2BucVEe%2FTCCE1R34nTuuE
.traversedlp.com/	1970-01-20 05:57:41	Name: v1.syncTimestamp Value: s%3A1631525083761.TxTdl3iYCp1EKrR8J7U8o73cDNGGw6YNupGQ8O%2F6eKY
.mediawallahscript.com/	1970-01-20 14:43:17	Name: mCookie Value: 6e3bfdf0-1474-11ec-aa80-0f8bc0029e6f
.mediawallahscript.com/	1970-01-20 14:43:17	Name: mUserCookie Value: %7B%22undefined%22%3A%5B%22%22%2C%22%22%2C%22%22%5D%7D
.cdmtrk.com/	1969-12-31 23:59:59	Name: sid Value: RZvWMQyWWXjA78uFyMsOxJudmebRgfjMwLKsmN13Ag4NPlI+0t0F5g==
.cdmtrk.com/	1970-01-21 17:01:06	Name: trk Value: /Z+yToJtOiDA78uFyMsOxJudmebRgfjMwLKsmN13Ag4NPlI+0t0F5g==
.cdmtrk.com/	1970-01-21 17:01:31	Name: c72 Value: RZvWMQyWWXi6N92xoPhOCq02MdX+kok+TEsy4/WxkjQ=
www.chooseyourmortgage.com/	1970-01-20 14:43:17	Name: SERVER_COOKIE Value: 9adafca6.5cbdd0929cc96
www.chooseyourmortgage.com/	1970-01-19 21:55:17	Name: sourceid_cookie Value: lmb-60047-121127-102
www.chooseyourmortgage.com/	1970-01-20 05:57:41	Name: LMB_VISITOR_ID Value: 3997148781
www.chooseyourmortgage.com/	1970-01-20 05:57:41	Name: lmb_repeat_visitor Value: Y
www.chooseyourmortgage.com/	1969-12-31 23:59:59	Name: BIGipServerpl.prod-http-lnd Value: !CtDqfQShMcNHSJxRHhj5eaSY0gTQ+DzpD90o0rkcb45SVmvPZBCPC5syLCZgCuWsV+TN4gMB4Rukmaw=
.www.chooseyourmortgage.com/	1969-12-31 23:59:59	Name: TS016c3cf9 Value: 012d8c2fc3e4f40e7d7abb274250edcedca1b3d48136e327202375cbf5b48fd5e7ec4f7d151380b2c5c14c9a62b4431ee2253968f9

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: http://lagoondot.com/a5d9d1931c9ab64005289468b767f2b4c/?sid1=&sid2=&sid3=&sid4=(Line 111) Message: Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.
rendering	warning	URL: https://www.chooseyourmortgage.com/lending/home-refinance/index.loan?moid=221627&sourceid=lmb-60047-121127-102&pkey1=102&pkey2=201060&pkey3=57139367&sid=72&cmpid=1167&crtid=347(Line 13) Message: Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.lincx.com
api.traversedlp.com
cdmtrk.com
cdn.lowermybills.com
fonts.googleapis.com
fonts.gstatic.com
lagoondot.com
partner.mediawallahscript.com
pixmon.lowermybills.com
static.bouncepilot.com
static.traversedlp.com
www.chooseyourmortgage.com
www.erate.com
www.googleadservices.com
www.googletagmanager.com
www.lemewix.com
pixmon.lowermybills.com
www.erate.com
104.144.68.123
104.21.54.63
13.225.25.85
142.250.13.97
143.204.207.78
173.194.76.157
173.194.76.95
184.86.103.211
3.225.18.241
35.155.173.234
52.39.40.33
54.77.5.233
64.233.166.121
64.233.167.94
0586ab39ce7ff4823d46fbf2ea8d5cc1d7638682b7388734aa56ea4c2c24d4ee
2e7c031ce6d88829ffc212eefac4fce0ad6340432d7fed37f07e89c1749cccc4
34eda4452f52d391e687dea29ca150e5303fc78f299f3bfd287e2f77d101d322
372294cc1aab70112a999aea2d65bd74cbc1d8a4dec97bae3e5602baacf52ab5
37b38fa7fcadf1475b04d164e02b3ea6244e2e9e99631f0c54209a38bd90bc87
3ad3fefdb207753cf1f7f14c610030fd6b00660db09420776630d056c35a2c58
40f5301ac41faf58741bb59b0ba74f91dcef3f34e7dee3a43b9bc98fac228563
426c01c0231812a69abddf7146bf8bd12355ce703f1479a51399622b816e3099
4ff984f9e54e8a89b8dc9ab5606df263587ed6cd0d8fc14f7b24593aeae1c877
699d12a965519a02840f1a1e069cb58106364cd55ebb65561eac75782374e508
6b57a2aacc93ed112a064a8f626adfbe8e1ccd38957360f7ff925836117259fe
7bd83222cb09fa36fd111b141b199cde99d44a7755d1e9b44ad1e6840121befa
80041c4b10add278f58edf0e3e52e380f62a712651937f45b5dcb49b61e7011c
921a7e9ba9a7b5e088aafb068ef1fd67870f1de29cbd632edc89e42b6a1495f5
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
accf5f8a7c540ab3dad08cb01b9cb031457f04fe396ca70724a7442373950a1e
acf9405eacff8b7dc074c163f8f5543c617f10a6d5ada53f658ce56d972e9bd9
b8a3efcf61c1c8a8e147616427e60fabbbe68fc0fab30c7bb0d221dd209bfd37
beabc45ca9c01cac07dd127e21dca4d5eb11e979ab1c81c2ba86823f733e01bf
c8364d86672de07ea5647ed648c452e9796e39698cf18ef7ddc4cef78de672b3
e01c3e936f2a41ed3b549425c5e00a255e4e4599403d2a764805643ebff63d37
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9190d14a86eece92dce9782878eb5a3de53c585f98e33f3044f4fa5df2bcea0
fa4bfce05fb76c6ec5ceeef87aa6377bb3a96c0667c238c76dd301eae58a8cb6
fdb0f084505da23c901a2ae90bab12616f17269232963baf9907541c78763251

www.chooseyourmortgage.com Open in urlscan Pro 35.155.173.234 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

40 Requests

90 %HTTPS

0 %IPv6

14 Domains

16 Subdomains

13 IPs

3 Countries

626 kBTransfer

1696 kBSize

16 Cookies

2 Outgoing links

Page URL History

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.chooseyourmortgage.com Open in urlscan Pro
35.155.173.234 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

90 %
HTTPS

0 %
IPv6

14
Domains

16
Subdomains

13
IPs

3
Countries

626 kB
Transfer

1696 kB
Size

16
Cookies

40 HTTP transactions
0 data transactions