urlscan.io logo urlscan.io
SecurityTrails logo

harpsubstitute.com Open in urlscan Pro
2606:4700:3037::6815:548c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://u9336.ct.sendgrid.net/ls/click?upn=VLv9uw8r9X-2FET8f3ChS5TQ2Eq0uYmeZwBvhb0-2BA6CTQUxWBI3cznc3WUCgIk4nvDWkSJ_zqadKJ4pM0...
Effective URL: https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Submission: On April 02 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 3 countries across 23 domains to perform 95 HTTP transactions. The main IP is 2606:4700:3037::6815:548c, located in United States and belongs to CLOUDFLARENET, US. The main domain is harpsubstitute.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 8th 2022. Valid for: a year.
This is the only time harpsubstitute.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.115.54 11377 (SENDGRID)
1 1 209.59.184.222 32244 (LIQUIDWEB)
1 1 3.126.48.135 16509 (AMAZON-02)
47 2606:4700:303... 13335 (CLOUDFLAR...)
1 96.16.134.166 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 2606:4700:303... 13335 (CLOUDFLAR...)
1 52.218.180.184 16509 (AMAZON-02)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 52.44.180.71 14618 (AMAZON-AES)
2 52.11.81.218 16509 (AMAZON-02)
1 52.92.132.42 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 8 18.210.241.209 14618 (AMAZON-AES)
2 2600:9000:205... 16509 (AMAZON-02)
1 104.248.186.70 14061 (DIGITALOC...)
3 165.227.241.154 14061 (DIGITALOC...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
8 35.169.27.54 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.32.23.195 16509 (AMAZON-02)
1 52.207.54.198 14618 (AMAZON-AES)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
95 25
1    167.89.115.54 (Herndon, United States)

ASN11377 (SENDGRID, US)
PTR: o16789115x54.outbound-mail.sendgrid.net
u9336.ct.sendgrid.net
1    209.59.184.222 (United States)

ASN32244 (LIQUIDWEB, US)
hainneb.online
1    3.126.48.135 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-48-135.eu-central-1.compute.amazonaws.com
cxprime.com
47    2606:4700:3037::6815:548c (United States)

ASN13335 (CLOUDFLARENET, US)
harpsubstitute.com
1    96.16.134.166 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-134-166.deploy.static.akamaitechnologies.com
cdn-3.convertexperiments.com
1    2606:4700::6810:262f (United States)

ASN13335 (CLOUDFLARENET, US)
js.maxmind.com
5    2606:4700:3033::6815:40e (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.useproof.com
api.useproof.com
1    52.218.180.184 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com
s3-us-west-2.amazonaws.com
1    2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
1    52.44.180.71 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-180-71.compute-1.amazonaws.com
finance.mediaalpha.com
2    52.11.81.218 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-11-81-218.us-west-2.compute.amazonaws.com
cdn.fcmrktplace.com
1    52.92.132.42 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com
rgrassets.s3-us-west-2.amazonaws.com
2    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:10::ac43:29e5 (United States)

ASN13335 (CLOUDFLARENET, US)
create.lidstatic.com
8    18.210.241.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-241-209.compute-1.amazonaws.com
api.trustedform.com
2    2600:9000:2057:d400:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.trustedform.com
1    104.248.186.70 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
cp.reallygreatrate.com
3    165.227.241.154 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
reallygreatrate.com
1    2606:4700::6812:aef (United States)

ASN13335 (CLOUDFLARENET, US)
geoip-js.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
8    35.169.27.54 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-27-54.compute-1.amazonaws.com
create.leadid.com
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    13.32.23.195 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-195.fra56.r.cloudfront.net
d2m2wsoho8qq12.cloudfront.net
1    52.207.54.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-54-198.compute-1.amazonaws.com
deviceid.trueleadid.com
1    2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)
analytics.proofapi.com
Apex Domain
Subdomains		 Transfer
47 harpsubstitute.com
harpsubstitute.com
410 KB
10 trustedform.com
api.trustedform.com — Cisco Umbrella Rank: 22451
cdn.trustedform.com — Cisco Umbrella Rank: 24004
62 KB
8 leadid.com
create.leadid.com — Cisco Umbrella Rank: 14382
5 KB
5 useproof.com
cdn.useproof.com — Cisco Umbrella Rank: 61893
api.useproof.com — Cisco Umbrella Rank: 60124
603 KB
4 reallygreatrate.com
cp.reallygreatrate.com
reallygreatrate.com
2 KB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
205 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 39
20 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 45
2 KB
2 fcmrktplace.com
cdn.fcmrktplace.com — Cisco Umbrella Rank: 134334
5 KB
2 amazonaws.com
s3-us-west-2.amazonaws.com
rgrassets.s3-us-west-2.amazonaws.com
6 KB
1 proofapi.com
analytics.proofapi.com — Cisco Umbrella Rank: 76319
795 B
1 trueleadid.com
deviceid.trueleadid.com — Cisco Umbrella Rank: 2063
2 KB
1 cloudfront.net
d2m2wsoho8qq12.cloudfront.net
2 KB
1 geoip-js.com
geoip-js.com — Cisco Umbrella Rank: 14992
2 KB
1 lidstatic.com
create.lidstatic.com — Cisco Umbrella Rank: 24398
39 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 70
39 KB
1 mediaalpha.com
finance.mediaalpha.com — Cisco Umbrella Rank: 809966
2 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 652
33 KB
1 maxmind.com
js.maxmind.com — Cisco Umbrella Rank: 24486
2 KB
1 convertexperiments.com
cdn-3.convertexperiments.com — Cisco Umbrella Rank: 16578
223 B
1 cxprime.com
cxprime.com
2 KB
1 hainneb.online
hainneb.online
278 B
1 sendgrid.net
u9336.ct.sendgrid.net
245 B
95 23
Domain Requested by
47 harpsubstitute.com harpsubstitute.com
cdn.trustedform.com
8 create.leadid.com rgrassets.s3-us-west-2.amazonaws.com
deviceid.trueleadid.com
8 api.trustedform.com 1 redirects api.trustedform.com
cdn.trustedform.com
3 reallygreatrate.com rgrassets.s3-us-west-2.amazonaws.com
3 cdn.useproof.com harpsubstitute.com
cdn.useproof.com
2 api.useproof.com cdn.useproof.com
2 www.google-analytics.com www.googletagmanager.com
rgrassets.s3-us-west-2.amazonaws.com
2 cdn.trustedform.com harpsubstitute.com
api.trustedform.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com harpsubstitute.com
2 cdn.fcmrktplace.com harpsubstitute.com
1 analytics.proofapi.com cdn.useproof.com
1 deviceid.trueleadid.com d2m2wsoho8qq12.cloudfront.net
1 d2m2wsoho8qq12.cloudfront.net create.lidstatic.com
1 www.gstatic.com cdn.useproof.com
1 geoip-js.com rgrassets.s3-us-west-2.amazonaws.com
1 cp.reallygreatrate.com rgrassets.s3-us-west-2.amazonaws.com
1 create.lidstatic.com harpsubstitute.com
1 www.googletagmanager.com harpsubstitute.com
1 rgrassets.s3-us-west-2.amazonaws.com harpsubstitute.com
1 finance.mediaalpha.com harpsubstitute.com
1 code.jquery.com harpsubstitute.com
1 s3-us-west-2.amazonaws.com harpsubstitute.com
1 js.maxmind.com harpsubstitute.com
1 cdn-3.convertexperiments.com harpsubstitute.com
1 cxprime.com 1 redirects
1 hainneb.online 1 redirects
1 u9336.ct.sendgrid.net 1 redirects
95 28
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-03-08 -
2023-03-08		 a year crt.sh
*.convertexperiments.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
*.maxmind.com
Sectigo RSA Organization Validation Secure Server CA		 2021-10-27 -
2022-11-08		 a year crt.sh
*.s3-us-west-2.amazonaws.com
Amazon		 2021-12-17 -
2022-11-29		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
mediaalpha.com
Amazon		 2021-08-10 -
2022-09-08		 a year crt.sh
*.fcmrktplace.com
Amazon		 2022-02-06 -
2023-03-07		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
lidstatic.com
Cloudflare Inc ECC CA-3		 2022-03-30 -
2023-03-30		 a year crt.sh
cp.reallygreatrate.com
R3		 2022-02-05 -
2022-05-06		 3 months crt.sh
reallygreatrate.com
E1		 2022-03-12 -
2022-06-10		 3 months crt.sh
create.leadid.com
Amazon		 2021-10-22 -
2022-11-19		 a year crt.sh
*.trustedform.com
Amazon		 2021-10-12 -
2022-11-09		 a year crt.sh
cdn.trustedform.com
Amazon		 2021-05-14 -
2022-06-12		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
deviceid.trueleadid.com
Amazon		 2022-01-07 -
2023-02-05		 a year crt.sh

This page contains 6 frames:

Primary Page: https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Frame ID: 7EF27A072E666BFC735F55900BFA7BF2
Requests: 80 HTTP requests in this frame

Frame: https://cdn.useproof.com/proxy/index.html
Frame ID: 3FBC4F97797B45585BD142F5E5F141A2
Requests: 6 HTTP requests in this frame

Frame: https://api.trustedform.com/certs
Frame ID: E762BF7D48F3ADCF5AF2C74E185B1CF3
Requests: 1 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=3257A78B-2C73-47DF-FC4E-6B8B53B9CB30&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=55BC924F-7A64-632A-27E9-C00A43B0343D&lac=29705C9D-232A-8A19-97CA-C832491B96A7
Frame ID: 0AB0E5B1A735524D376ACA0B1B55B358
Requests: 1 HTTP requests in this frame

Frame: https://api.trustedform.com/certs/6b614783f3ec2ca7ec6cc38278d32d9a4394d346/snapshot
Frame ID: F2DFDD3D38EC4918833D563A71EFFF18
Requests: 6 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=3257A78B-2C73-47DF-FC4E-6B8B53B9CB30&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=55BC924F-7A64-632A-27E9-C00A43B0343D&lac=29705C9D-232A-8A19-97CA-C832491B96A7
Frame ID: 521C3471137BD217FB5A493513C9915F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Harp Substitute

Page URL History Show full URLs

  1. https://u9336.ct.sendgrid.net/ls/click?upn=VLv9uw8r9X-2FET8f3ChS5TQ2Eq0uYmeZwBvhb0-2BA6CTQUxWBI3cznc3WUCgI... HTTP 302
    http://hainneb.online/rgr.php?s1=2022_ad13 HTTP 302
    https://cxprime.com/click?trvid=10054&c1=2022_ad13 HTTP 302
    https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /(?:([\d.]+)/)?firebase(?:\.min)?\.js
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+lightbox(?:\.min)?\.css
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

95
Requests

98 %
HTTPS

48 %
IPv6

23
Domains

28
Subdomains

25
IPs

3
Countries

1452 kB
Transfer

2577 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u9336.ct.sendgrid.net/ls/click?upn=VLv9uw8r9X-2FET8f3ChS5TQ2Eq0uYmeZwBvhb0-2BA6CTQUxWBI3cznc3WUCgIk4nvDWkSJ_zqadKJ4pM0EEEJzihFUHxuD1DGhsL6sfEtwu1AitJLIjXb32DQUj36WQ-2Bt2rnPOofjdAObzq-2F1KEBFWKPUEmHebR8SENbRAoVGcdw-2BHUj5RB5xQE7DJNfE0rT-2F19tpoNawEGvi-2FpUQDev-2BQwjLEtvCfO6t4YVzjJj7d-2F7WFu2jw9q-2FIG4MDBMSdHo-2BVtOfInChBNEQgpjJjCHUesg9fO9GhxzXtzNUPFMtV31pCmZaifFgf2U0c8W-2F3uO3k0rh83r8vRXMmYW3yRURwtSzy87w-3D-3D HTTP 302
    http://hainneb.online/rgr.php?s1=2022_ad13 HTTP 302
    https://cxprime.com/click?trvid=10054&c1=2022_ad13 HTTP 302
    https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50
  • https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16489152863850.6885835829716949 HTTP 301
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16489152863850.6885835829716949

95 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
harpsubstitute.com/
Redirect Chain
  • https://u9336.ct.sendgrid.net/ls/click?upn=VLv9uw8r9X-2FET8f3ChS5TQ2Eq0uYmeZwBvhb0-2BA6CTQUxWBI3cznc3WUCgIk4nvDWkSJ_zqadKJ4pM0EEEJzihFUHxuD1DGhsL6sfEtwu1AitJLIjXb32DQUj36WQ-2Bt2rnPOofjdAObzq-2F1KEB...
  • http://hainneb.online/rgr.php?s1=2022_ad13
  • https://cxprime.com/click?trvid=10054&c1=2022_ad13
  • https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
89 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:548c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9869ed42c740fe29e9a43bdde314b372e4b43bc2497ae5c280475ec1d0295e2

Request headers

Accept-Language
de-DE,de;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
6f5ac87439373749-MXP
content-encoding
br
content-type
text/html
date
Sat, 02 Apr 2022 16:01:25 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Mon, 07 Mar 2022 13:34:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BY9%2FO8t20geiTEJt4x7jQMiJrqIEOcm3pqb%2BYA0k3TB67tqrAyTbP7o6bf8S62JzxGX%2BDTDVY7gKg%2FfUWMtOAuYH4j%2BZ8R2jca3N%2BVD6tvA8BTLisH%2FnbdX8XGYOKHeMxKl1OqHfbxXKz9TtlBmW7X0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
content-length
91
content-type
text/html; charset=utf-8
date
Sat, 02 Apr 2022 16:01:24 GMT
expires
Thu, 01 Jan 1970 00:00:00 UTC
location
https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
pragma
no-cache
server
nginx
glyphicons-halflings-regular.woff2
harpsubstitute.com/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://harpsubstitute.com/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:548c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Referer
https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Origin
https://harpsubstitute.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:25 GMT
cf-cache-status
HIT
last-modified
Tue, 06 Apr 2021 15:17:22 GMT
server
cloudflare
etag
"466c-5bf4f4fa0d3ba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yC%2FSQ6WrnzjEHtvobUY%2BaDmBYDcaCINUuSff6xc9as34WfEi6FDf%2FB4A6pnHjOIPtLXq7MpX2lQwV0SVpE4wkeS0TLXkvkDxO3Ey3caj5FJY0czW2B3ZwsxZIpsK%2Bh%2FUCZT3JanNH8NOQcuez7SrVX8%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6f5ac876ef363749-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18028
10025084-10024636.js
cdn-3.convertexperiments.com/js/ 		2 B
223 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-3.convertexperiments.com/js/10025084-10024636.js
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.134.166 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-134-166.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:25 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300
strict-transport-security
max-age=15768000
content-length
22
x-privacy-policy
You can find our privacy policy at https://www.convert.com/privacy-notice/
bootstrap.min.css
harpsubstitute.com/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://harpsubstitute.com/css/bootstrap.min.css
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:548c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 06 Apr 2021 15:16:58 GMT
server
cloudflare
etag
W/"1d970-5bf4f4e3161d5-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e5SsTu%2BeK6WmiOnPbCVox6dnyhEPVTyuzMAr9rQHh5oFpneej2QUBb5gBgjzK6UevK1DrZOaVXwFxUN5fg50mUcCEGlaF3i7Ng93CuRz%2BE9JYU6GRUmrvUEdPY6kQzTg6FjXQYwLuFRfSYXfijSB6%2Fs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f5ac876ef3a3749-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style.css
harpsubstitute.com/css/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://harpsubstitute.com/css/style.css
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:548c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70016a0b3330f5804ba2568b17cc63d6958b200faed5d2fecde16805beb8131f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 07 Mar 2022 13:34:33 GMT
server
cloudflare
etag
W/"3657-5d9a0ecc02857-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VJMydEYAoK1Bj0yZr415Hie%2Bfr%2Be%2F9ntsdqsDJSn5ainPqwXnt%2FGKIelacPldkQ58I5u5lgWBb9%2FxCEXNXHwEQIyQyOIej7dNIxfR7S%2BOg3L%2Bd2YV4g0H4drsvbzFGwTtB%2F%2BenMLd%2F%2B2iHo32fx3vf4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f5ac876ef3c3749-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.lightbox.css
harpsubstitute.com/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://harpsubstitute.com/css/jquery.lightbox.css
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:548c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c20200c1fce72a3749a5a2fe92a2c63a7f313adfd8b68376d6c6d1d7a51bd04c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 06 Apr 2021 15:16:59 GMT
server
cloudflare
etag
W/"135b-5bf4f4e3a7a0a-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2GGrcVOo6ub91eXQX5gjYiqNi7AdSgAvjnhAgtWnxGKirBBsleImSh%2BP%2BGby9OAR0erzsgXuFRh3wwF7l3QI6JFw1DWTPWLo9hBCya7SN7c5hLc4JAcC7hrjJVceZCpSt0GD99CP8zFLGZYBg5o0nCs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f5ac876ef4d3749-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style.confirm.css
harpsubstitute.com/css/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://harpsubstitute.com/css/style.confirm.css
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:548c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7be0ac99f2ea3e5f96e91fadfabfa6a74df8e9dde83f25bb847730cfd5b25310

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 06 Apr 2021 15:16:59 GMT
server
cloudflare
etag
W/"20ea-5bf4f4e4382a0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p8yUWOEVMhoI84fQWCvAhkP1TeO4P5Osx6h%2FL%2B0poxul%2FbUAZ6NUPp67JpZVaKRNlMddz780pzwMvbVF93FYgsG7fxmP8iZ5BjTR33Iyxivf6jDVlYM4nV1gqB0gYdewH2Ka9doQxskh1ixvYcBRY1c%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f5ac876ef503749-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
animate.css
harpsubstitute.com/css/ 		71 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://harpsubstitute.com/css/animate.css
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:548c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b02261de48e43eb36ebd12bb35cc8cf835709afdafc45090f720268f47c0ecd1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 06 Apr 2021 15:16:58 GMT
server
cloudflare
etag
W/"11a42-5bf4f4e287880-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=al0PQDiYz0VBYd1f4SQtu92Kyd4RY3sp84Sk%2BBp%2BmJPGBUw374LQOalKdheeRlIGNoLJ4qkaR%2FG6tWB95gYuwe6Il96GsEOZnpedY070q1s9IGsQBuqP4QzOxWTkRjWSoFDreB%2Bz1m1ly8lo%2F9IsnwU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f5ac876ef5f3749-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sh_confirm.css
harpsubstitute.com/css/ 		569 B
549 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://harpsubstitute.com/css/sh_confirm.css
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:548c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cecb7574a7b590943facd083b1fa50a4d723e2aab07e11b7ceb2221778404e20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 06 Apr 2021 15:16:59 GMT
server
cloudflare
etag
W/"239-5bf4f4e3efe55-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RcjcDQUrm%2Buu5P%2FD1jvdAKM2Ue6500Pl4FSKWFlauiNrdGhj21hTThW66g7fRRdJpfxLP0ICQpCDL05IRNtmH8EPrTUbIlsCXzYvfkB3%2FDNx2ENqzthb4RIoANdzjcaHVY8R0FZ5xqJr%2Bxy36bNDPLk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f5ac876ef643749-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
clickwall.css
harpsubstitute.com/css/ 		532 B
529 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://harpsubstitute.com/css/clickwall.css
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:548c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc1888f92aa87dcb7c08192c667db226dba1f5f027d7394136be7b0b0f78f8cf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 07 Mar 2022 13:34:33 GMT
server
cloudflare
etag
W/"214-5d9a0ecb9cf48-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6byy%2FsgRRlfew7%2BhGohDNv%2F6PaaL3AUEGTP2Wu2QqQwJSHWC5dyk9alh2Th8WX0ELIU0w%2BtQ5hv2Dkd55JEawUansMnKLfnUlLgqFGqjntV9QvFyc6%2BCyiIvaJYbcTJEJtnt%2FBAAbBjPB3ARe944vb8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f5ac876ef693749-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
geoip2.js
js.maxmind.com/js/apis/geoip2/v2.1/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.maxmind.com/js/apis/geoip2/v2.1/geoip2.js
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:262f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1e975c10286ed774f4b344904f5e5ceec04f7e4eb59eb82430eb9d247dc9b30

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:25 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 31 Mar 2022 18:12:44 GMT
server
cloudflare
age
1243
etag
W/"6245ef1c-d68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
6f5ac87758b8cc3e-ZRH
expires
Sat, 02 Apr 2022 20:01:25 GMT
proof.js
cdn.useproof.com/ 		486 KB
487 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.useproof.com/proof.js?acc=TWoRTkvsVLQNe3zCfcg3pETq91r1
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:40e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
29762949
cf-ray
6f5ac8798f0ff923-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
497733
x-amz-id-2
EoC+aXVf7qM+X2bQeLgTe1dhaUHeGlDxFJJcsggxMBRHi3WC2uR7wYiQzaRt881mo3UZb28UmGU=
last-modified
Mon, 29 Jun 2020 14:15:25 GMT
server
cloudflare
etag
"0426397a9b31146729ac86c5be8595d3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5mnzmmcdembpioS9TH1%2F3P%2FdBDeKdbWBL1Ou%2BTKCDiD1JzkucQzxBfhPQHnrWDJScLvPjTbxIlM3MKA67ejBXYg3Lu3FSyCwIwHCdtRWfZttfszFpH8cWBjFRSL8LO0KIjbn8CaJhFfRfrxYiVoe"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
JK9RDNF6QN7ABMSX
cache-control
public, max-age=315360000, no-transform
x-amz-version-id
F0WxJo6k6ZqSk5t4_qZ.mqlg1RkwiqAq
accept-ranges
bytes
content-type
application/javascript
ajax-loader.gif
harpsubstitute.com/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/ajax-loader.gif
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:548c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24ed9db3eb0d97ecf1f0832cbd30bd37744e0d2b520ccdad5af60f7a08a45b90

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:26 GMT
cf-cache-status
HIT
last-modified
Tue, 06 Apr 2021 15:18:19 GMT
server
cloudflare
etag
"4aa6-5bf4f52fa5746"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lGMB%2FP5uOZBkVjwVZdDQHqUEA3V4ouAH9gGCT8RIDtIsU7zC1mCZ27m3SxpzGlZEUMlIflPrHGhDsiy0IEwNKSG%2F5q0HnqZSE%2FC5lfc7YcIGS4XC0XKUqRnTDbla7zbBTOeIJNOQNFrcybZi5mzj4bM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6f5ac87929e041f1-MRS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19110
logo.png
harpsubstitute.com/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/logo.png
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:548c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5a31df4fd9b613ba62b7a8d1329687f7fddf1405e0f88478873106132ea216f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:26 GMT
cf-cache-status
HIT
last-modified
Tue, 06 Apr 2021 15:18:31 GMT
server
cloudflare
etag
"126b-5bf4f53bdc854"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ttrTYznFUrfsEgXY%2FUQX9rz6IQ7MFzRX1%2BOwOxp2xiQwe6qR%2F836sjeCkzlBX8XnaXU%2FxlpSGCxV9vUXBdRTrK8kCyaKO5uTFx1i%2BLX9G4q0%2BcVA5LrUit53sA8kGyJc5vcY6%2FukmYpChfOyecMoFLk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6f5ac87929e241f1-MRS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4715
single-family.png
harpsubstitute.com/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/single-family.png
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:548c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee855c03ff68d56d694f797b269f1741916f49dc1669b462bbeb9300f5525fd5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:26 GMT
cf-cache-status
HIT
last-modified
Tue, 06 Apr 2021 15:18:37 GMT
server
cloudflare
etag
"2483-5bf4f541a122e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LtNcwbUXdSFd%2Fgf4qJV2gq0Am2%2FFbNtSwj2%2FXrXFMVhyjrZ648o7aOnhmbOxLV8%2Bn3Cq6ojfgAzEbU1pTY6vMI%2Fd052iwYt465qCU4aEiJwfTq7RxsJFyHyJA0RvPZsrio7bTHp4wSVZlJx9oKizfiU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6f5ac87929e341f1-MRS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9347
multi-family.png
harpsubstitute.com/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/multi-family.png
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:548c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd6c567369b1170df3dce198008dffd26680609dac9d8a3532c79335696d058e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:26 GMT
cf-cache-status
HIT
last-modified
Tue, 06 Apr 2021 15:18:33 GMT
server
cloudflare
etag
"1fad-5bf4f53d8b334"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2R1D6Krs6ztrdv3S0TUCdR6j5Wwnfa4x6i66UDKXqt%2FAL0YRIc1M1JDrs4orkn6N17cWLY5Ua9G3vg%2FLw%2Fikaxx7F2zaaSKBiezFhdwP2wG%2BvydRebDxDSyzka%2Bhi%2Bz8RsjXNy9BeudhuFuk%2BkgVMPU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6f5ac87929e441f1-MRS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8109
condo.png
harpsubstitute.com/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/condo.png
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:548c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99209fd93a657cd31de8a66da57ed9eba7cdee3802d219a72f3ab040652060ec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:26 GMT
cf-cache-status
HIT
last-modified
Tue, 06 Apr 2021 15:18:23 GMT
server
cloudflare
etag
"28a8-5bf4f53423e30"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XkSKKTwLJctuJyINs611DjRNL8uEtBVdMrZyqRDSacmYsmatsryQW5rFq57c1VrRV3Cv0yuox4vMv5OG%2BFqX%2BMc3MLOZKIY8oS6xXHlX7H6jov9wStJU1lYOnfgC01217rfyFP3KLYbTyTKcwnQC3%2FM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6f5ac87929e641f1-MRS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10408
mobile-home.png
harpsubstitute.com/images/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/mobile-home.png
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:548c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f33bd58eaa8862892bfaaf1d07b4010ec83175e0b2b85b4b96b75c08cfa4a662

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:26 GMT
cf-cache-status
HIT
last-modified
Tue, 06 Apr 2021 15:18:32 GMT
server
cloudflare
etag
"532e-5bf4f53cb4594"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oe9ZTqdMTdQrkstEMHZGAr6RQWYWrFYSoxidaX3TxwkC%2BmzvPrl743wXU2ODVXSLRN83Co7U47ireSXeivK104kl4dMOnBGXdDJMYSYHMxDl%2BRez8JVm2nZRQJZJCrXOeRLu%2BSHemNbzbn1ATmp5os4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6f5ac87929e841f1-MRS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21294
credit1_sls.png
harpsubstitute.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/credit1_sls.png
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:548c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2b8dd7ad58cd78f041a5f1b9cefc383ae93c31c2f6109c4796c9309e84edbba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:26 GMT
cf-cache-status
HIT
last-modified
Tue, 06 Apr 2021 15:18:26 GMT
server
cloudflare
etag
"7aa-5bf4f53662205"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GWFzOd%2BnQSYc9en2lyfiK0e9%2Bw2nWpd5XLrl%2FHyj2N6RNpPSDoGBZLEoUIGyJ7l6bMBEneMonUP2CG2bk0rrqknwjV6xFfez1C6TEwlx%2Byi%2BoXQsdbKsD8L0CqD848oVJVXo%2FDUaMoJ%2BZl7KDLdw%2BTI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6f5ac87929e941f1-MRS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1962
credit2_sls.png
harpsubstitute.com/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/credit2_sls.png
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:548c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
005a62b1fb7c1cbfa9029e92f4d9fb116ac1c0227a1f897385eb5c5edb6616d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:26 GMT
cf-cache-status
HIT
last-modified
Tue, 06 Apr 2021 15:18:26 GMT
server
cloudflare
etag
"895-5bf4f536f1afa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FgKI%2BgPrysd0qLEEzCEteLLJ4TwhVsNgpiHHkAa%2FEIBqUbCIbKw9eKRRT1CbLjHeeTaCHwHMWgQVAzVmo9V2eEhKgf7wlxVruQuiQSFY3lGSfJWnGBVca9T1qOE6xGt%2FwKeOi9cM9bmC9tN%2FOEN%2BOFg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6f5ac87929ea41f1-MRS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2197
credit3_sls.png
harpsubstitute.com/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/credit3_sls.png
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:548c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96826e8521715e333d75aa855eeaffb6f72c08c3bd757b6f6f70d8adad936d53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:26 GMT
cf-cache-status
HIT
last-modified
Tue, 06 Apr 2021 15:18:27 GMT
server
cloudflare
etag
"8e8-5bf4f53783330"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2VL%2BjEhfDeP0s6XUvgqZEGmiq%2FRgYTB%2B96tFxr8C2Li9S7O%2F3XPODdvcCPIU%2FFxLdi%2BUfNox9hPbjtotyChTM3%2Fz0aym3F%2FY9gEfXpTNZZND%2FhAdAw01oD0TqdjUwAORcgFopNfd98GbL%2BAMe6k6fAI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6f5ac87929eb41f1-MRS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2280
credit4_sls.png
harpsubstitute.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/credit4_sls.png
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:548c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c881b0c2f14538c1171bf1ebe6e63440f6aa4d9100ad45ec857a201fbcab7c3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:26 GMT
cf-cache-status
HIT
last-modified
Tue, 06 Apr 2021 15:18:27 GMT
server
cloudflare
etag
"782-5bf4f53811c85"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s2XRW7QlUdtRskYoQnRglnALVUjW7Nuj%2Fjdf%2FYGXWFGhhgQV3a4i%2Be2TmVDKLL44XbP9w3ZfU30AZfCaGFMyD2yUmTz78%2FxwUi2DXQ7Ykxk06cGm7AAXJs8arl7%2FuZ%2BnUcGmFjYPqBGJlWVINJ6f2iI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6f5ac87929ed41f1-MRS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1922
brand.png
harpsubstitute.com/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/brand.png
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:548c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26f76ed947ed29163c4f8ee4821e085b6362f837175f8b940e088f5b63ae4c08

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:26 GMT
cf-cache-status
HIT
last-modified
Tue, 06 Apr 2021 15:18:21 GMT
server
cloudflare
etag
"1be7-5bf4f531e4abb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ufPv2bGK0xECWfEthjsO6kA%2Fl4SgdbHhv3WcreUVzGqrw0gD0O6Gv49nSoP6oxxXaI6Q%2Bzw4cH2A7Cg5%2BUXOnQSYTQGQW%2FpUSpG5KJFe1%2BFLZy7PM3%2BCZAVvEqegitxWysERPpeR8ame8NfGEJjjACA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6f5ac87929ee41f1-MRS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7143
getemails.js
s3-us-west-2.amazonaws.com/files.getemails.com/account/V3VHEYD/source/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-us-west-2.amazonaws.com/files.getemails.com/account/V3VHEYD/source/getemails.js
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.180.184 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
email-decode.min.js
harpsubstitute.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://harpsubstitute.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:548c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 24 Mar 2022 11:29:35 GMT
server
cloudflare
etag
W/"623c561f-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sq%2Bdfd4%2BiTAY%2BEbwB%2ButBY6kKIEh7%2BA9U2jWpb3yQJK5sibUhgqXju49O%2B05RfYl5Zql9NT%2BAQ%2BHXQvx%2F7lN%2B422XoWeUCEnyZlZexaWNNWmx4Zn7IAMKAKG8pryv36sWYKDF5bH%2FQ7C%2BqjlN%2BbNqnI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f5ac878d96441f1-MRS
vary
Accept-Encoding
expires
Mon, 04 Apr 2022 16:01:25 GMT
jquery-1.12.0.min.js
code.jquery.com/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.12.0.min.js
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:25 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-17c52"
vary
Accept-Encoding
x-hw
1648915285.dop133.fr8.t,1648915285.cds250.fr8.hn,1648915285.cds284.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33820
rhinoslider-1.05.min.js
harpsubstitute.com/js/ 		39 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://harpsubstitute.com/js/rhinoslider-1.05.min.js
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:548c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bdf83f75f66adf883bffa8154a933820ebe1774462491fa9569ced274dcfb76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 06 Apr 2021 15:18:45 GMT
server
cloudflare
etag
W/"9d51-5bf4f548f04c3-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3f9iFPfs4LeuoeSIktHyF4MWIrUuqdDa6Njd6x5NmEVa6znJHuz8Dw3reS%2BlUmC26TXf3fMtnUULG3KNyeoTpkJ6F6Pw5%2BBkyVt55swE7OQbFXBo25V%2FIMi%2F%2FQi52zTMUqCAkhFFpD%2BrAYVjGsny338%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f5ac87919c341f1-MRS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
angular.min.js
harpsubstitute.com/js/ 		104 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://harpsubstitute.com/js/angular.min.js
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:548c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28a050e3bb0c1932abdde03a00adedf53cb095b71bed2041cc5ff29c34bbad8c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 06 Apr 2021 15:18:40 GMT
server
cloudflare
etag
W/"19ed2-5bf4f54403829-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ze6T2s6nL703g18NwoRZx8e6JWxm8hr8Yv38aYB6BOL%2FPdGIfu15dMAkQlyzaCtXXwT2vwUqANxjcVOvR0BnV3wplN%2BNe%2FAUatsfyPSXCev2vICrEoRHbrVTGMSHvuIOQ7%2F4auXKKO%2Bs9Net3y%2BsFFM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f5ac87929c841f1-MRS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bootstrap.min.js
harpsubstitute.com/js/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://harpsubstitute.com/js/bootstrap.min.js
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:548c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 06 Apr 2021 15:18:41 GMT
server
cloudflare
etag
W/"90b5-5bf4f544fd84e-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zIDKGfA99axyXD162wB5ON%2F4T0Ni7z1S7eHdsIsMaWIfoJTywjQRuWdiBesZGxP8QFRc1Ooyz2z5FrTQHh2prv%2FuirolCOB6OaED9CTafmKIoYqOBA3JlEH9GBuTsO0VUahuc7lnylKErtJi2UJ%2F%2B8g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f5ac87929cb41f1-MRS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.inputmask.bundle.min.js
harpsubstitute.com/js/ 		74 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://harpsubstitute.com/js/jquery.inputmask.bundle.min.js
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:548c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f7c1711bbcc552ffcfa2d4a1ce63f0e5fde356e71d9c2fd7d7358888b93e798

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 06 Apr 2021 15:18:43 GMT
server
cloudflare
etag
W/"1299b-5bf4f546ad2cd-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LwQ4FzKIIUjOP3jdS1aq%2FCg209rQapi1eP%2B37Q8ZQxQhCtKrnFb%2F9U3DFNBpyHtJQsAqRmlk5V3zvggXJhZZ3kIg2nDWhtZzdKkGa9H5WGhcy7VTtCGvbut7i29dBnNFLha8cExS7nCWIX758XXt%2Bi4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f5ac87929cd41f1-MRS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.lightbox.js
harpsubstitute.com/js/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://harpsubstitute.com/js/jquery.lightbox.js
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:548c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31cd7d9398307ca2e6cfaa111bbe7b69d69cbaaed2ff74034412ebc5008671fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=48706
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 06 Apr 2021 15:18:43 GMT
server
cloudflare
etag
W/"be42-5bf4f5471a8dd-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CotAJ9EKw9OFnZS7%2FDLrLVJ2NywmjUnEnqGnXkjs2zDVkcdNoW%2BWPI%2F02SZeQz88uj28T5sBrmXcahbrBlyAyaRp8j5oawlfzGfpogTyJP2lGixuIOUtcG08WHIXKaIXofl76rSOL5Yv%2FZavfXvpQV0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6f5ac87929ce41f1-MRS
cf-bgj
minify
main.js
harpsubstitute.com/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://harpsubstitute.com/js/main.js
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:548c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78ea6ebecf353ac61af5e84b3234de2a8bbfbb845f88772e638e3d2d864d1d91

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=2504
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 27 Oct 2021 19:02:50 GMT
server
cloudflare
etag
W/"9c8-5cf5a3d89d7ca-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l3uAZEahxgMnzL0VEoWc%2BFUUKH2AH0ofjhllP4VY%2F65iVi7uOzuIUyIvG%2F%2FlzvV8ysRTuny1t4k%2FIe6WiTgWJaMkUB8IviceYcZHbGHDVYOZfYu6K7udD9lnFf4AsADlsT8Ntd6e%2BbeenCmHvbNZcx0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6f5ac87929d041f1-MRS
cf-bgj
minify
mousewheel.js
harpsubstitute.com/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://harpsubstitute.com/js/mousewheel.js
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:548c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2046ed80d06bde3e0232da2c1ff0f0b86b987bbdf462301dce2b1bcea7f0ff80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=1393
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 06 Apr 2021 15:18:44 GMT
server
cloudflare
etag
W/"571-5bf4f5485fc2d-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J0JP8N6TSjR0P0hR7V%2Fuo3E1Vl%2FgjDxlEt1wrkPEvDJBI3bnM7gIGGqWGHtasq287AXM1Ghrb6ORsPYflVYj0Y4jFwclNwxLhe5gJ%2FK6Ka74Wko5nBWzyfUqJOdN8jGs8iSYVgswGTNns0FoO87%2B5tM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6f5ac87929d141f1-MRS
cf-bgj
minify
easing.js
harpsubstitute.com/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://harpsubstitute.com/js/easing.js
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:548c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aea607f39789d4cc03dd33d5518a1e53d419c379c618b7a19d6e3a06f4f14d56

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=8698
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 06 Apr 2021 15:18:41 GMT
server
cloudflare
etag
W/"21fa-5bf4f54545c98-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9hCBH1EHnG9LJlEX6ZnioB%2BhtJ37c5jjtDWSDHC6rGpQawI3EQIukqy9MpmVodoWcans%2Bxv2tEWS8mb3tboRpAt6XJPeaqIb0x77OnGtoxNbrH7rd4vHQfC71KHU7RJn8gt3C2qsqmN50re3ohPsjB0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6f5ac87929d341f1-MRS
cf-bgj
minify
scripts.js
harpsubstitute.com/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://harpsubstitute.com/js/scripts.js
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:548c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
262cbee3c008c92ec4e2f35ae59b06461ff3d88a6a357debc9388a4c43cc1afd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=5327
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 07 Mar 2022 13:31:11 GMT
server
cloudflare
etag
W/"14cf-5d9a0e0b8d272-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N41Y4znknwcRdl4jzOHctFYg2OMMoJc%2BbkpSuSPmdfqLgotDbp%2BNTfnL4iVYwkYN5SkW0Vt3t7fw7eKZ7H1hsPD30%2FRjuWEUvcy%2FAYLi5UfUyvAdgdhiPe0sWiUysHH8gy4yIrCTXL77LndwYfzrWdA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6f5ac87929d541f1-MRS
cf-bgj
minify
config.js
harpsubstitute.com/ 		44 B
625 B 		Script
General
Check archive.org
Download Go to
Full URL
https://harpsubstitute.com/config.js
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:548c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5ef677540bc95d34f276b58d2aadc855311321a39ee0d1ec3e89f1f6dfe0912

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=53
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
last-modified
Mon, 07 Mar 2022 13:34:35 GMT
server
cloudflare
etag
"35-5d9a0ecd7c76f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A8Ub4IU%2FtKM%2BtG9wnmzXP6ma06tFXTSd83Ram94wnJdpvQw2BvK%2Fxt9EkXCeBGx995qdhEE22qhjtF0glrMZmD72eQ8f0zmnqktLGGCsV%2FCjoog3YwNAFDpF7oi7Waocx2oK%2BjW6oCWG2P3C%2BYlxDiU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6f5ac87929d641f1-MRS
cf-bgj
minify
app.js
harpsubstitute.com/js/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://harpsubstitute.com/js/app.js
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:548c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd2ab36473aef1e3d09b0f996ed6657547f07e0e8db7ce1b0f22bc522b9e74a4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=75060
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 07 Mar 2022 13:34:34 GMT
server
cloudflare
etag
W/"12534-5d9a0ecd100ff-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YvMLRMwCiIkiCRhzFKs5zEFPDNqOMINwsabPEPau4vZYT05u%2F9ngNcFY%2BJ6WyUYVdbWDO%2FmGtWtXePUANLVdsBAXCviOeDGV6RGwyH6zYryFeTdxXIPsU4yp35BP87fVha%2FoMCs0eXYGvblA7lPEN4I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6f5ac87929d841f1-MRS
cf-bgj
minify
postscribe.min.js
harpsubstitute.com/js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://harpsubstitute.com/js/postscribe.min.js
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:548c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 06 Apr 2021 15:18:45 GMT
server
cloudflare
etag
W/"45f4-5bf4f548a70d8-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JcHFONEv6h38L%2BtKG2K6KEpwn5zMPY6QZWEeXQ5uZiokdJF1UzRwt34nrTHOfxuJgu0XeLQpzH9LLJ8fjMJrV9onPhiYX8DgJN%2BpjqVNBhNczvLUwE7yhoAtOi0%2FukqYloLBivRnWAO9dfAfJamecJI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f5ac87929dc41f1-MRS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
serve.js
finance.mediaalpha.com/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://finance.mediaalpha.com/js/serve.js
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.180.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-180-71.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e40f2cf09acd9102b0395a54666be4b1e9cd345c217df3dc3acbb2f2af23edb9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:26 GMT
content-encoding
gzip
server
Apache
content-length
2357
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
clicksnet.js
cdn.fcmrktplace.com/scripts/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fcmrktplace.com/scripts/clicksnet.js
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.11.81.218 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-11-81-218.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
7656b5a72cee89a429742d2575df383f9d0a5a36464ab05ee13fb1dafeb73bdf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:26 GMT
content-encoding
gzip
etag
"80348a6b4b2d41:0"
last-modified
Wed, 23 Jan 2019 00:43:25 GMT
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
vary
Accept-Encoding
p3p
Policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
*
accept-ranges
bytes
content-type
application/javascript
content-length
2860
clicksnet_mortgage.js
cdn.fcmrktplace.com/scripts/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fcmrktplace.com/scripts/clicksnet_mortgage.js
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.11.81.218 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-11-81-218.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
479bbacc482a04fafa069e27d88922ed314c9f7df86ebf8b117de571c4869512

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:26 GMT
content-encoding
gzip
etag
"80348a6b4b2d41:0"
last-modified
Wed, 23 Jan 2019 00:43:25 GMT
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
vary
Accept-Encoding
p3p
Policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
*
accept-ranges
bytes
content-type
application/javascript
content-length
1559
EHawkTalon.js
harpsubstitute.com/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://harpsubstitute.com/EHawkTalon.js
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:548c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9d46e4d47e1eaa899ee395323e8b79b7466afe16594b6cc01cadfa32f0647bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=44465
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 06 Apr 2021 15:16:57 GMT
server
cloudflare
etag
W/"adb1-5bf4f4e1afb40-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YZYDmNId2qDShzZexzs886JpnvT3ojB2EVj2xTXUPUBwCeR%2FwOh9ouLiZSbseivJerSl6mvDT0plbLBe94pXztz3a4PHxoSjEqwr7%2BtxaLgsUSREn0VUuMxwvUUd5T25fMk8%2FUOU8CY9u0k%2BzZH3134%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6f5ac87929de41f1-MRS
cf-bgj
minify
pixel.min.js
rgrassets.s3-us-west-2.amazonaws.com/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rgrassets.s3-us-west-2.amazonaws.com/pixel.min.js
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.132.42 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
439a62706891e1d3726121a56316cdc8b545114ec209a7dab5abc374c7059a6f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Sat, 02 Apr 2022 16:01:27 GMT
Last-Modified
Thu, 24 Jun 2021 21:27:48 GMT
Server
AmazonS3
x-amz-request-id
80FT5MSDTGTZKDH8
ETag
"f953ea772cefd2eb9d63972a17357053"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
6065
x-amz-id-2
GST/DlU8pNObtmBL8RnASJn9otwyw9V7ErpxfI/Ck3jIUojOe506o/gTcuUN5Z7sg1zrF3nP96M=
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d69c01432ebe21bfd72cba936738c1ab831ce461de00e229dea799e6f932d510
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 02 Apr 2022 15:41:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 02 Apr 2022 16:01:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 02 Apr 2022 16:01:25 GMT
css
fonts.googleapis.com/ 		8 KB
696 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:100,300,400,500,700
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7c523acd9e064b23ceedc037540c9d4c0ccb5dd77cfc3d36183b2a53803030e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 02 Apr 2022 16:01:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 02 Apr 2022 16:01:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 02 Apr 2022 16:01:25 GMT
gtm.js
www.googletagmanager.com/ 		104 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KFG2H9Z
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c88bfbd21147a0cd9b6756adaabaf62598a48c461df4525e1958a1d09e9e7c32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:25 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39620
x-xss-protection
0
last-modified
Sat, 02 Apr 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 02 Apr 2022 16:01:25 GMT
arrow.png
harpsubstitute.com/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/arrow.png
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:548c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0504aaebc704c9e2f127b37b96aa475865d6dc9e8a7b3ebb84dabdaa87305ce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:26 GMT
cf-cache-status
HIT
last-modified
Tue, 06 Apr 2021 15:18:19 GMT
server
cloudflare
etag
"492-5bf4f5307c4e6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ADenuHj2fXhwWwGVxzwMBZMG0QsiM05vZZ9Sw4D8Fgi9ugkuTcpn327i%2BMon2EVoca0xMRsAfWt%2BHALZFgqK6nSa3t7t2wApF62mCn%2BgEvia9rL7qasXhaC%2Fe2PKTPKTSIcAhOmZNj%2Bf94f33wdcwcA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6f5ac87939f541f1-MRS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1170
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://harpsubstitute.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 22:45:30 GMT
x-content-type-options
nosniff
age
321355
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:03:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Mar 2023 22:45:30 GMT
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v26/ 		46 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v26/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:100,300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://harpsubstitute.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 18:48:55 GMT
x-content-type-options
nosniff
age
335550
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47312
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:15:33 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 29 Mar 2023 18:48:55 GMT
55bc924f-7a64-632a-27e9-c00a43b0343d.js
create.lidstatic.com/campaign/ 		123 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://create.lidstatic.com/campaign/55bc924f-7a64-632a-27e9-c00a43b0343d.js?snippet_version=2
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:29e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3e1a75bb57b46bb57f37b5df3eae427b50ad87d7ed3f29d251d8419dfb8f5dd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:26 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 12 Nov 2021 00:47:00 GMT
server
cloudflare
x-amz-request-id
80FZEZWYYB1JWDXK
etag
W/"19ac4fbd3ccfdf08d78b46bdf1132c01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=1800
x-amz-replication-status
COMPLETED
cf-ray
6f5ac879ad77021d-ZRH
x-amz-version-id
BsW9jzhS2nxJE2ExOont69kqs4oT549j
x-amz-id-2
5JeGPGG0IyqUaM1E9CVnMKuGQufXW8BTFxSXfaGr4ic+K/goBxtdx2qwb4KSryzK3Rmoy1/zpzM=
index.html
cdn.useproof.com/proxy/ Frame 3FBC 		325 B
790 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.useproof.com/proxy/index.html
Requested by
Host: cdn.useproof.com
URL: https://cdn.useproof.com/proof.js?acc=TWoRTkvsVLQNe3zCfcg3pETq91r1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:40e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0adeedede6d3bdf7e7258108ead2ed80af83b9fec8ba560d29fce2f3a957a261

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=315360000, no-transform, public
cf-cache-status
DYNAMIC
cf-ray
6f5ac87ad939f923-MXP
content-length
325
content-type
text/html
date
Sat, 02 Apr 2022 16:01:26 GMT
etag
"f92252b1f21fd30ac52b59395971ecdb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Mon, 29 Jun 2020 14:15:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eZMKphxQCNlSdlg4ttx5CnNHpo73Glepl%2F8ACZLuhBYxnLl2d%2BvtHYLE2GeNuuKDzZKMjzzyRr9NlRsVPAohxm1yOcnKepsr4663dVeBhYO%2FlZS27Fb9tPGkMuv82c1R1e0m%2BDLtRnb68JAKi4lI"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-amz-id-2
RnJCF136tK4E601g0BJBqhwCW0Lebzk6WomVzdjwMwn1+NnCoQiATR+rWo6gnlfyEGH34fet0Fk=
x-amz-request-id
80FG848BDTXXPF3B
x-amz-version-id
6OysE9MvUGgGn.qn_BXpeYijOLHR8713
bootstrap.js
cdn.trustedform.com/
Redirect Chain
  • https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16489152863850.6885835829716949
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16489152863850.6885835829716949
29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16489152863850.6885835829716949
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
Protocol
H2
Server
2600:9000:2057:d400:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3f99b7b6f77ad6e6f6b7e4985cd526ee009f4e1de60ee0795ff5b6a289b1fc69

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:27 GMT
content-encoding
gzip
last-modified
Fri, 25 Mar 2022 14:28:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
W/"6daf26213037cf565e994cbc663d4d23"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
x-amz-version-id
Ys81aiU8Gopf2Gz9imwBRbddpF82qWie
x-amz-cf-id
KqY7JcIUD5XMIUmKQeV4v6KMSi_DKHH2fCOwMtyUS6A5lS2zqrQnHQ==

Redirect headers

location
https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16489152863850.6885835829716949
date
Sat, 02 Apr 2022 16:01:26 GMT
server
awselb/2.0
content-length
134
content-type
text/html
HS
cp.reallygreatrate.com/pixel/view/1190/REFINANCE/ 		0
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cp.reallygreatrate.com/pixel/view/1190/REFINANCE/HS
Requested by
Host: rgrassets.s3-us-west-2.amazonaws.com
URL: https://rgrassets.s3-us-west-2.amazonaws.com/pixel.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.248.186.70 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Apr 2022 16:01:27 GMT
Content-Encoding
gzip
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://harpsubstitute.com
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
1
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Expires
Thu, 19 Nov 1981 08:52:00 GMT
/
reallygreatrate.com/api/hdi/ 		16 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://reallygreatrate.com/api/hdi/?upload_type=HS&publisher_id=1190&lead_type=Refinance
Requested by
Host: rgrassets.s3-us-west-2.amazonaws.com
URL: https://rgrassets.s3-us-west-2.amazonaws.com/pixel.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
165.227.241.154 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
a4e0c46c2096b31153d86e0f3b18ada2d0d517b2157fcef0890d1745cabc971a

Request headers

Accept
application/json, text/plain, */*
Referer
https://harpsubstitute.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 16:01:27 GMT
server
nginx/1.10.3 (Ubuntu)
transfer-encoding
chunked
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0,private
expires
Thu, 19 Nov 1981 08:52:00 GMT
/
reallygreatrate.com/api/user/ip_address/ 		29 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://reallygreatrate.com/api/user/ip_address/
Requested by
Host: rgrassets.s3-us-west-2.amazonaws.com
URL: https://rgrassets.s3-us-west-2.amazonaws.com/pixel.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
165.227.241.154 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
870d376a0a2827da19ed36e282b5c404d5784e28ef5039f766b84fd747e16750

Request headers

Accept
application/json, text/plain, */*
Referer
https://harpsubstitute.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 02 Apr 2022 16:01:27 GMT
cache-control
private
server
nginx/1.10.3 (Ubuntu)
transfer-encoding
chunked
content-type
application/json
index.php
reallygreatrate.com/api/prepop/ 		69 B
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://reallygreatrate.com/api/prepop/index.php?token=undefined&lead_type=refinance&action=d
Requested by
Host: rgrassets.s3-us-west-2.amazonaws.com
URL: https://rgrassets.s3-us-west-2.amazonaws.com/pixel.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
165.227.241.154 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
12d5f5436c92db2953a77e0c1d3d10ddf7ca6365129dbda3300e705d7d8bcb0d

Request headers

Accept
application/json, text/plain, */*
Referer
https://harpsubstitute.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 16:01:27 GMT
content-encoding
gzip
server
nginx/1.10.3 (Ubuntu)
transfer-encoding
chunked
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0,private
expires
Thu, 19 Nov 1981 08:52:00 GMT
me
geoip-js.com/geoip/v2.1/city/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip-js.com/geoip/v2.1/city/me?referrer=https%3A%2F%2Fharpsubstitute.com
Requested by
Host: rgrassets.s3-us-west-2.amazonaws.com
URL: https://rgrassets.s3-us-west-2.amazonaws.com/pixel.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fbaf6d942972e596e0e08a8f093650f90ea9d36017f2f3474b56ad403b74d9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/vnd.maxmind.com-city+json; charset=UTF-8; version=2.1
access-control-allow-origin
*
cf-ray
6f5ac87e0a9801db-ZRH
content-length
1396
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFG2H9Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
7000
date
Sat, 02 Apr 2022 14:04:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 02 Apr 2022 16:04:46 GMT
GenerateToken
create.leadid.com/2.11.9/ 		36 B
659 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/GenerateToken?msn=1&pid=3709804f-7c2c-4741-8918-d22ab89798b7&_=188085483
Requested by
Host: rgrassets.s3-us-west-2.amazonaws.com
URL: https://rgrassets.s3-us-west-2.amazonaws.com/pixel.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.27.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-27-54.compute-1.amazonaws.com
Software
nginx /
Resource Hash
70451e6d3cd87c2f0d7d82d2738b4b298d4f0300af7dabd3ab1c9b0cdb16716a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://harpsubstitute.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 02 Apr 2022 16:01:27 GMT
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
firebase.js
www.gstatic.com/firebasejs/4.5.0/ Frame 3FBC 		389 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/4.5.0/firebase.js
Requested by
Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a45658988e9ccf8d151c181ca1ce06731abd20a469ea9b6210b31cfcaffa91e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.useproof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 19:56:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
504311
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116073
x-xss-protection
0
last-modified
Tue, 03 Oct 2017 14:56:39 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 27 Mar 2023 19:56:15 GMT
proxy.js
cdn.useproof.com/proxy/ Frame 3FBC 		112 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.useproof.com/proxy/proxy.js
Requested by
Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:40e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4d712c5a2901b92d4baa6e18554c3db8e5ce1d8f4d3189054e39489b37c982c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.useproof.com/proxy/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
29762941
cf-ray
6f5ac87dfdb1f923-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
114404
x-amz-id-2
i1lQEfrm/egCdmWBnlDgiNuzjVqr9uorTi3BBd210NmplUuIcDsjMwRA/z9WIycaRWVLVDL8vlE=
last-modified
Mon, 29 Jun 2020 14:15:25 GMT
server
cloudflare
etag
"9f4d60f4f2b143cadacb2b8b3a901401"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A6TrgCDT1L%2BcaSe4nO6KI3W3sFj9VM630GN%2Fu33XVoZPG7oEQzsrcy6bzl5Ajnmr%2FawgIVJ3CxoBShR7r9dZ0bZ5bo%2FLu5WgaSpBgwrAtfaMgVmO5%2FIF36Wc92FBK8AhZrOAqzgZCETlPZkDVRuu"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
E4YFYS185ZAZA7AQ
cache-control
public, max-age=315360000, no-transform
x-amz-version-id
FhtEkyvjyNE68BTwRHm.pMLrP83vtI4K
accept-ranges
bytes
content-type
application/javascript
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=451021321&t=event&ni=1&_s=1&dl=https%3A%2F%2Fharpsubstitute.com%2F%3Fpublisher_id%3D1190%26subid%3D45usytvmhnn8&ul=en-us&de=UTF-8&dt=Harp%20Substitute&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=HS%20Landing&ea=HS%20Landing&el=HS%20Landing&_u=YEBAAEABAAAAAC~&jid=937520934&gjid=1144156882&cid=743017094.1648915287&tid=UA-104373288-9&_gid=842649632.1648915287&_r=1&gtm=2wg3u0KFG2H9Z&z=555573418
Requested by
Host: rgrassets.s3-us-west-2.amazonaws.com
URL: https://rgrassets.s3-us-west-2.amazonaws.com/pixel.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://harpsubstitute.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 16:01:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://harpsubstitute.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
TWoRTkvsVLQNe3zCfcg3pETq91r1
api.useproof.com/pixel/ Frame 3FBC 		881 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.useproof.com/pixel/TWoRTkvsVLQNe3zCfcg3pETq91r1?url=https:%2F%2Fharpsubstitute.com%2F%3Fpublisher_id%3D1190%26subid%3D45usytvmhnn8
Requested by
Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:40e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ae5a39803e420c1586641e0b94437aa94c2655fb6078061fdaccccef50d18b1

Request headers

Accept
application/json, text/plain, */*
Referer
https://cdn.useproof.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:27 GMT
via
1.1 18c94d92342408d8a23be5466431eb84.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
881
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amzn-remapped-date
Sat, 02 Apr 2022 16:01:27 GMT
x-amz-cf-pop
MXP64-P2
x-amzn-requestid
9043f70b-ebee-47fd-bf86-cfd4ee0c752b
surrogate-control
no-store
x-cache
Miss from cloudfront
cf-cache-status
DYNAMIC
content-encoding
br
x-amz-apigw-id
P9b1rGjvIAMF0DA=
pragma
no-cache
server
cloudflare
etag
W/"371-/fglsxxOR2THOE3j1+ciIcKCsD0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gaPCEd5f8yIwOTHAxmknLW33pMtBQr4TxV7tRuCqX1d56VqgV30REszB27qTUc%2B3Ej3RxumP6ZihA%2FtZfRsbA6eEQcFDR8vYdOwnkR%2FiPszqMgc3cQi26elWn5DurMUqdJ%2FCYiW4WSEtIGgAcytT"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray
6f5ac88048f0102b-MRS
x-amz-cf-id
zekKP2Pk4Geqc9VkCytLzgT3WfxZpzr-yU7M_G36-OsxhVjaI-GKxQ==
x-amzn-remapped-connection
keep-alive
expires
0
certs
api.trustedform.com/ Frame E762 		494 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16489152863850.6885835829716949
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.210.241.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-241-209.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
f669947f3a7afe2c1d985ad130f37507445184ee01cdf715da3a668b36365d8d

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 02 Apr 2022 16:01:27 GMT
server
Cowboy
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
494
helveticaltstd-boldcond.woff
harpsubstitute.com/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://harpsubstitute.com/fonts/helveticaltstd-boldcond.woff
Requested by
Host: harpsubstitute.com
URL: https://harpsubstitute.com/css/style.confirm.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:548c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86b9810f5af65c62a1d7c0ae9b8fcfbf88fec66b80b6ba723eb6b37eb4c3fef8

Request headers

Referer
https://harpsubstitute.com/css/style.confirm.css
Origin
https://harpsubstitute.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 06 Apr 2021 15:17:25 GMT
server
cloudflare
etag
W/"4610-5bf4f4fc2850a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NYRkEkgFAaGvauDw7LZRiG8Hhx11qKwOMTNp8jAjSCdoi0qtHxSaak1Oe8IH9%2Fk0PaX3uwr%2BDdgpxDVPvQV5843SIOpiPzX5IDw88aka4kf6eqJ2Cr5xEGXBpmj1fE2QhUL94RrTEk4NQKS1qtbqJlI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f5ac87f5a4a41f1-MRS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
trustedform-1.8.22.js
cdn.trustedform.com/ 		131 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustedform.com/trustedform-1.8.22.js
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16489152863850.6885835829716949
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:d400:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
99ecebacfade709528af60deeb8afea4b33dce670ae21eead44b46d22d6a2e21

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
N817dePUtA9rNKdE_nbGGjBc.ZPqFMDE
content-encoding
gzip
last-modified
Fri, 25 Mar 2022 14:28:19 GMT
server
AmazonS3
age
21
etag
W/"2e7c2ab796de9d834b6de0a5a599eb31"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
date
Sat, 02 Apr 2022 16:01:27 GMT
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
9HmkxF3rZ8NiNz1N7YQIncUYmNanvXJ6vjHia6Ay-IasQHBWLuzyDg==
iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 0AB0 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=3257A78B-2C73-47DF-FC4E-6B8B53B9CB30&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=55BC924F-7A64-632A-27E9-C00A43B0343D&lac=29705C9D-232A-8A19-97CA-C832491B96A7
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/55bc924f-7a64-632a-27e9-c00a43b0343d.js?snippet_version=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-195.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Age
41735
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sat, 02 Apr 2022 04:28:15 GMT
ETag
W/"62447315-dbb"
Last-Modified
Wed, 30 Mar 2022 15:11:17 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
X-Amz-Cf-Id
GHhLPG6KuHD8l6ErgguTbpRxBOWb4FrMLPnSQ8Ra1-TRHlOU4QR67g==
X-Amz-Cf-Pop
FRA56-C2
X-Cache
Hit from cloudfront
SaveDom
create.leadid.com/2.11.9/ 		0
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/SaveDom?msn=2&pid=3709804f-7c2c-4741-8918-d22ab89798b7&token=3257A78B-2C73-47DF-FC4E-6B8B53B9CB30&_=188085484
Requested by
Host: rgrassets.s3-us-west-2.amazonaws.com
URL: https://rgrassets.s3-us-west-2.amazonaws.com/pixel.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.27.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-27-54.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://harpsubstitute.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 02 Apr 2022 16:01:27 GMT
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
InitFormData
create.leadid.com/2.11.9/ 		0
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/InitFormData?msn=3&pid=3709804f-7c2c-4741-8918-d22ab89798b7&token=3257A78B-2C73-47DF-FC4E-6B8B53B9CB30&_=188085485
Requested by
Host: rgrassets.s3-us-west-2.amazonaws.com
URL: https://rgrassets.s3-us-west-2.amazonaws.com/pixel.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.27.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-27-54.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://harpsubstitute.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 02 Apr 2022 16:01:27 GMT
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
snapshot
api.trustedform.com/certs/6b614783f3ec2ca7ec6cc38278d32d9a4394d346/ Frame F2DF 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/6b614783f3ec2ca7ec6cc38278d32d9a4394d346/snapshot
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.22.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.210.241.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-241-209.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Sat, 02 Apr 2022 16:01:27 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
Cowboy
access-control-expose-headers
ajax-loader.gif
harpsubstitute.com/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/ajax-loader.gif
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.22.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:548c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24ed9db3eb0d97ecf1f0832cbd30bd37744e0d2b520ccdad5af60f7a08a45b90

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19110
last-modified
Tue, 06 Apr 2021 15:18:19 GMT
server
cloudflare
etag
"4aa6-5bf4f52fa5746"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QtuYy5ABRsNKebZ6OXGyabJRn3dVtMJNBl58GLO3AL9RuDxAh0fQfxWGIiM9xPC9z7PYbBKfSO11sFR9HokIcSnxA5MKOmXXC29RcDrfkf%2FLCEia5V3Wsw9RdzUPIUENsyfKH75tbOPSm7IKNNEGJ5c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6f5ac8823e4141f1-MRS
logo.png
harpsubstitute.com/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/logo.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.22.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:548c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5a31df4fd9b613ba62b7a8d1329687f7fddf1405e0f88478873106132ea216f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4715
last-modified
Tue, 06 Apr 2021 15:18:31 GMT
server
cloudflare
etag
"126b-5bf4f53bdc854"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2BDOr54nn6rHfkvrlzJZtTljSodJ8F%2FSUDNZJmzcSjYxDXztGkyJJwm0E%2BlCeE4GGCgxBrQDepeVD1mPOT4sO3Bib9lAl1m8w3ZWjA%2FTOXmBJF1IwGydjt1ehDl%2FL3nCmADPZvn5Ce4DKSmtiohVnNE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6f5ac8823e4541f1-MRS
single-family.png
harpsubstitute.com/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/single-family.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.22.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:548c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee855c03ff68d56d694f797b269f1741916f49dc1669b462bbeb9300f5525fd5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9347
last-modified
Tue, 06 Apr 2021 15:18:37 GMT
server
cloudflare
etag
"2483-5bf4f541a122e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CY5upglNCVOeidtx7NEX9mdczLSEEt9S1dDrYoC166CX5v25OFHnmBAAWRXXc8a00N1leuyUk5ZoGsqdA4LogqLLI7oCbPYG3oo8ybKtJteZpXRDgweKNiosd2SKmSj4epS%2FhKZ59c%2Fea5zyEhURoBE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6f5ac8823e4841f1-MRS
multi-family.png
harpsubstitute.com/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/multi-family.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.22.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:548c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd6c567369b1170df3dce198008dffd26680609dac9d8a3532c79335696d058e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8109
last-modified
Tue, 06 Apr 2021 15:18:33 GMT
server
cloudflare
etag
"1fad-5bf4f53d8b334"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uF9H3oVceaqDY3XO7284%2BsxD8AXAxGGLC7EKlRGNCYxFKACVsxIjRNg8TfHlN5Ga%2FBjIOlU1YC78827VefopHMdBL64FZki0pYlIV3sxnXwj1%2BhTCAkjGr3wBTH9huBE67f0njM1iBUSFE7LSAAVR0M%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6f5ac8823e4b41f1-MRS
condo.png
harpsubstitute.com/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/condo.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.22.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:548c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99209fd93a657cd31de8a66da57ed9eba7cdee3802d219a72f3ab040652060ec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10408
last-modified
Tue, 06 Apr 2021 15:18:23 GMT
server
cloudflare
etag
"28a8-5bf4f53423e30"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2XuNuW7eZgHwXbsIa%2FSUcYdEULglmts7Nq5lBGsrbZlbtJIS7AOKCbTglKffvVWq0t73QCMTIa3mWZztrW%2B6Vy1jZ8x4olirf9Yv2fqJC1aDf%2B4N9pZtyIk%2FMZ0DbW7x5q9sa36hxr5Kn9soO34LAQ0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6f5ac8823e4e41f1-MRS
mobile-home.png
harpsubstitute.com/images/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/mobile-home.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.22.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:548c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f33bd58eaa8862892bfaaf1d07b4010ec83175e0b2b85b4b96b75c08cfa4a662

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21294
last-modified
Tue, 06 Apr 2021 15:18:32 GMT
server
cloudflare
etag
"532e-5bf4f53cb4594"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h3S9APU0r7i2O%2FxGOAJsnrWCUJRi3HTcoodVQPF9Tk3gHyDRec9J4AJGvz6mFbr2vQKGmEVCQTg7n9Pje55OKgEZZf0yX3rqHSWiSSezU2g06EmKFDXWOCBdeTfj6x8TKTcgwbJB8A%2F7FUKPYW0t1p4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6f5ac8823e4f41f1-MRS
credit1_sls.png
harpsubstitute.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/credit1_sls.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.22.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:548c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2b8dd7ad58cd78f041a5f1b9cefc383ae93c31c2f6109c4796c9309e84edbba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1962
last-modified
Tue, 06 Apr 2021 15:18:26 GMT
server
cloudflare
etag
"7aa-5bf4f53662205"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zoIu1H51wMMeVJzFiqVw6lyPXkJgpzcPViETmjlk7ORflWXep%2FT4rRjPMqHfDAZg8M1ytPjlFvhylliNjfwRCH8SJmNn6gTgmzhmd17z%2BRvCB%2Bv6wvghPI5rk%2FUUaBltFxURBdUzV1u0mWs7NLg%2FFgE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6f5ac8823e5241f1-MRS
credit2_sls.png
harpsubstitute.com/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/credit2_sls.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.22.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:548c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
005a62b1fb7c1cbfa9029e92f4d9fb116ac1c0227a1f897385eb5c5edb6616d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2197
last-modified
Tue, 06 Apr 2021 15:18:26 GMT
server
cloudflare
etag
"895-5bf4f536f1afa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WATLE40NqX2tVJWzaX%2F91g9nBhVcqTF4DRuShLw2TV2FPG2rlXo49u5EtISwTJB7u2lxDJYd7GWIKZCYgNWcSWX9JmV57D7TjX5m7xNx3XUELXbBbP9djnvMWmJmcrg0rUMj6zQWMUAGZI9BxXvEqYc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6f5ac8823e5441f1-MRS
credit3_sls.png
harpsubstitute.com/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/credit3_sls.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.22.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:548c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96826e8521715e333d75aa855eeaffb6f72c08c3bd757b6f6f70d8adad936d53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2280
last-modified
Tue, 06 Apr 2021 15:18:27 GMT
server
cloudflare
etag
"8e8-5bf4f53783330"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aUN%2FQqAvP1As6Aiv3tB39RJTfXuwi8wPS77Hvn9KKGJwbec8Su3nxiGsCMwe8WNdRjWhG9VKIZTHq1oRNoN2hm7S9BJlMuz%2B1Jhgv0Jk3r5JomuMIeLVjWAI7seez73%2B7Uo0b3v6m%2FJarH7DBgr%2FcMQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6f5ac8823e5641f1-MRS
credit4_sls.png
harpsubstitute.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/credit4_sls.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.22.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:548c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c881b0c2f14538c1171bf1ebe6e63440f6aa4d9100ad45ec857a201fbcab7c3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1922
last-modified
Tue, 06 Apr 2021 15:18:27 GMT
server
cloudflare
etag
"782-5bf4f53811c85"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vNBK0sVBNpaIEOxqUh9xBXQP4%2FHA1Ev%2BPvsevZ9qrL15M08SfvdU8e%2FSKCCO7%2FRZd0Fpi0%2BBkElfjOwd6kvdOqVHEU4lT6poQGtYuNGbxkRIarxfLGnSqWKSKKOHaF4Za7lSUeUqVx6Q%2BA%2FbLo%2FUJGI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6f5ac8823e5741f1-MRS
brand.png
harpsubstitute.com/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harpsubstitute.com/images/brand.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.22.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:548c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26f76ed947ed29163c4f8ee4821e085b6362f837175f8b940e088f5b63ae4c08

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://harpsubstitute.com/?publisher_id=1190&subid=45usytvmhnn8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7143
last-modified
Tue, 06 Apr 2021 15:18:21 GMT
server
cloudflare
etag
"1be7-5bf4f531e4abb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GKoT%2BpGfwjvzp3J8gtULDWDpkiJQgGABLXqqX8%2B98zBIGATpD0Qos2tL2DUA7zo9EXE4AvJono2XOoY26pJomvtyb2GuExoWhBVHHFG4gcqSEvgJv6G1rOFPAooi%2BvByj2D44QetWxWn0QZ1NsXFs5c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6f5ac8823e5841f1-MRS
fingerprints
api.trustedform.com/certs/6b614783f3ec2ca7ec6cc38278d32d9a4394d346/ Frame F2DF 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/6b614783f3ec2ca7ec6cc38278d32d9a4394d346/fingerprints
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.22.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.210.241.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-241-209.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Sat, 02 Apr 2022 16:01:27 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
Cowboy
access-control-expose-headers
truncated
/ 		10 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0fa4e662b0b08681283c555584cee05dcc9042496f65efd38b65a4fdbe5758ba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
text/javascript
iframe.html
deviceid.trueleadid.com/ Frame 521C 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://deviceid.trueleadid.com/iframe.html?token=3257A78B-2C73-47DF-FC4E-6B8B53B9CB30&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=55BC924F-7A64-632A-27E9-C00A43B0343D&lac=29705C9D-232A-8A19-97CA-C832491B96A7
Requested by
Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=3257A78B-2C73-47DF-FC4E-6B8B53B9CB30&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=55BC924F-7A64-632A-27E9-C00A43B0343D&lac=29705C9D-232A-8A19-97CA-C832491B96A7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.54.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-54-198.compute-1.amazonaws.com
Software
nginx /
Resource Hash
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
max-age=86400 public
content-encoding
gzip
content-type
text/html
date
Sat, 02 Apr 2022 16:01:28 GMT
etag
W/"62446bcd-1049"
expires
Sun, 03 Apr 2022 16:01:28 GMT
last-modified
Wed, 30 Mar 2022 14:40:13 GMT
p3p
CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
server
nginx
track
analytics.proofapi.com/ Frame 3FBC 		72 B
795 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.proofapi.com/track?e=%257B%2522pixelId%2522%253A%2522TWoRTkvsVLQNe3zCfcg3pETq91r1%2522%252C%2522pixelVersion%2522%253A%25223.1.13%2522%252C%2522visitorId%2522%253A%25221f26a8fa-584f-4d8f-8af3-63063bada9c4%2522%252C%2522captureIds%2522%253A%255B%2522-LcWwTO6U_79pIDK1S7q%2522%255D%252C%2522integrationType%2522%253A%2522auto-lead-capture%2522%252C%2522notificationId%2522%253A%2522-LcWwTO6U_79pIDK1S7q%2522%252C%2522campaignVariant%2522%253A%2522-LrjfxvzUGAMnz5uQUdr%2522%252C%2522campaignVersion%2522%253A7%252C%2522localeSetting%2522%253A%2522en%2522%252C%2522os%2522%253A%2522Windows%2522%252C%2522browser%2522%253A%2522Chrome%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fharpsubstitute.com%252F%253Fpublisher_id%253D1190%2526subid%253D45usytvmhnn8%2522%252C%2522cleanUrl%2522%253A%2522harpsubstitute.com%252F%2522%252C%2522domain%2522%253A%2522harpsubstitute.com%2522%252C%2522activityNotifications%2522%253Atrue%252C%2522hotStreaks%2522%253Atrue%252C%2522pageviews%2522%253A1%252C%2522initialLandingPage%2522%253A%2522https%253A%252F%252Fharpsubstitute.com%252F%253Fpublisher_id%253D1190%2526subid%253D45usytvmhnn8%2522%252C%2522actionBlurb%2522%253A%2522Inquired%2520about%2520current%2520mortgage%2520rates!%2522%252C%2522showFor%2522%253A5%252C%2522spacing%2522%253A10%252C%2522delay%2522%253A3%252C%2522activityLimit%2522%253A5%252C%2522activityMinimum%2522%253A3%252C%2522hideAnon%2522%253Atrue%252C%2522hideOwnConversion%2522%253Atrue%252C%2522restartActivityList%2522%253Atrue%257D
Requested by
Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
95a2ad33ac7dac170f5294e859a559e7263727371155e9ee1d04e53e63ca3af4

Request headers

Accept
application/json, text/plain, */*
Referer
https://cdn.useproof.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:27 GMT
via
1.1 vegur
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
access-control-allow-methods
GET, POST, OPTIONS
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
etag
W/"48-RUilwxW16HEh8j4LEpW1TCxlUPU"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DTNwIDKnlOTEKI1XuUH2rrHvTON0WT8RtGdSmM7CnrZsrGlk%2Fyel5alB16lqaEJMgdrCQ5gcaOKRi7kwb1lmuk1icoh8BwQjvoXMNZEtwhf7ZlGxl3qvQveH6iNbBahWEJqdagG8n%2FAqantXgrf7QT7Bf%2B55"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cdn.useproof.com
access-control-allow-credentials
true
cf-ray
6f5ac883c9707338-MRS
access-control-allow-headers
X-Requested-With,content-type
InitFormData
create.leadid.com/2.11.9/ 		0
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/InitFormData?msn=4&pid=3709804f-7c2c-4741-8918-d22ab89798b7&token=3257A78B-2C73-47DF-FC4E-6B8B53B9CB30&_=188085486
Requested by
Host: rgrassets.s3-us-west-2.amazonaws.com
URL: https://rgrassets.s3-us-west-2.amazonaws.com/pixel.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.27.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-27-54.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://harpsubstitute.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 02 Apr 2022 16:01:27 GMT
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
TWoRTkvsVLQNe3zCfcg3pETq91r1
api.useproof.com/reporting/captures/ Frame 3FBC 		1 KB
974 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.useproof.com/reporting/captures/TWoRTkvsVLQNe3zCfcg3pETq91r1?pixelId=TWoRTkvsVLQNe3zCfcg3pETq91r1&integrationId=-LcWwTO6U_79pIDK1S7q&limit=5&hideAnon=true
Requested by
Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:40e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a231423242a2f6be663831a3cf95f4f9297548fc923869ca77a654be91e2b0b

Request headers

Accept
application/json, text/plain, */*
Referer
https://cdn.useproof.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:28 GMT
via
1.1 18c94d92342408d8a23be5466431eb84.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
1510
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amzn-remapped-date
Sat, 02 Apr 2022 16:01:28 GMT
x-amz-cf-pop
MXP64-P2
x-amzn-requestid
6b12d13c-3050-4cc9-bcfd-a2db61208728
surrogate-control
no-store
x-cache
Miss from cloudfront
cf-cache-status
DYNAMIC
content-encoding
br
x-amz-apigw-id
P9b1zGPCoAMFo4g=
pragma
no-cache
server
cloudflare
etag
W/"5e6-8vcgiAItx0e9VxF/hbIKhQ2vmrY"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=doxWNwG29UNhtpOPrl3tuGNzBPrjUdgI%2BJFCyqutk1yvBa4EhpJ8u21qEPdFaVIsRjEtGJ5r8LRKop1fWdoctD1guXNSxnkaUrEDD0Sf24xLX3OTGhBte4CkW53OF56VDuUQn%2FJRAQsiHKfyCuR3"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray
6f5ac8856f45102b-MRS
x-amz-cf-id
K6laDmiP7u6mV7uxekL2xHXDXEUSdKHGm7h88RJJMDBOE-h0SWSRvg==
x-amzn-remapped-connection
keep-alive
expires
0
events
api.trustedform.com/certs/6b614783f3ec2ca7ec6cc38278d32d9a4394d346/ Frame F2DF 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/6b614783f3ec2ca7ec6cc38278d32d9a4394d346/events
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.22.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.210.241.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-241-209.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Sat, 02 Apr 2022 16:01:28 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
Cowboy
access-control-expose-headers
SaveDeviceId.js
create.leadid.com/2.11.9/ Frame 521C 		0
626 B 		Script
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/SaveDeviceId.js?lac=29705C9D-232A-8A19-97CA-C832491B96A7&lck=55BC924F-7A64-632A-27E9-C00A43B0343D&methods=48&token=3257A78B-2C73-47DF-FC4E-6B8B53B9CB30&uuid=dc78c2b5677c4484b4bb8433ac9bd369
Requested by
Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=3257A78B-2C73-47DF-FC4E-6B8B53B9CB30&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=55BC924F-7A64-632A-27E9-C00A43B0343D&lac=29705C9D-232A-8A19-97CA-C832491B96A7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.27.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-27-54.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://deviceid.trueleadid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:01:28 GMT
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
events
api.trustedform.com/certs/6b614783f3ec2ca7ec6cc38278d32d9a4394d346/ 		0
159 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/6b614783f3ec2ca7ec6cc38278d32d9a4394d346/events
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.22.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.210.241.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-241-209.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://harpsubstitute.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 02 Apr 2022 16:01:28 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
Cowboy
access-control-expose-headers
Snap
create.leadid.com/2.11.9/ 		0
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/Snap?msn=5&pid=3709804f-7c2c-4741-8918-d22ab89798b7&token=3257A78B-2C73-47DF-FC4E-6B8B53B9CB30&_=188085487
Requested by
Host: rgrassets.s3-us-west-2.amazonaws.com
URL: https://rgrassets.s3-us-west-2.amazonaws.com/pixel.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.27.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-27-54.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://harpsubstitute.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 02 Apr 2022 16:01:29 GMT
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
Snap
create.leadid.com/2.11.9/ 		0
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/Snap?msn=6&pid=3709804f-7c2c-4741-8918-d22ab89798b7&token=3257A78B-2C73-47DF-FC4E-6B8B53B9CB30&_=188085488
Requested by
Host: rgrassets.s3-us-west-2.amazonaws.com
URL: https://rgrassets.s3-us-west-2.amazonaws.com/pixel.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.27.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-27-54.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://harpsubstitute.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 02 Apr 2022 16:01:29 GMT
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
events
api.trustedform.com/certs/6b614783f3ec2ca7ec6cc38278d32d9a4394d346/ Frame F2DF 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/6b614783f3ec2ca7ec6cc38278d32d9a4394d346/events
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.22.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.210.241.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-241-209.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Sat, 02 Apr 2022 16:01:29 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
Cowboy
access-control-expose-headers
events
api.trustedform.com/certs/6b614783f3ec2ca7ec6cc38278d32d9a4394d346/ Frame F2DF 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/6b614783f3ec2ca7ec6cc38278d32d9a4394d346/events
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.22.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.210.241.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-241-209.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Sat, 02 Apr 2022 16:01:29 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
Cowboy
access-control-expose-headers
Snap
create.leadid.com/2.11.9/ 		0
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/Snap?msn=7&pid=3709804f-7c2c-4741-8918-d22ab89798b7&token=3257A78B-2C73-47DF-FC4E-6B8B53B9CB30&_=188085489
Requested by
Host: rgrassets.s3-us-west-2.amazonaws.com
URL: https://rgrassets.s3-us-west-2.amazonaws.com/pixel.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.27.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-27-54.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://harpsubstitute.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 02 Apr 2022 16:01:32 GMT
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
events
api.trustedform.com/certs/6b614783f3ec2ca7ec6cc38278d32d9a4394d346/ Frame F2DF 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.trustedform.com
URL
https://api.trustedform.com/certs/6b614783f3ec2ca7ec6cc38278d32d9a4394d346/events

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails boolean| convert_fire object| geoip2 object| dataLayer function| $ function| jQuery object| google_tag_manager function| setImmediate function| clearImmediate boolean| proofInitialized object| angular object| jQuery112008260403041499946 function| Inputmask function| buttonclick function| spanclick function| ValidateForm function| property_type function| credit_score function| property_value function| loan_amount function| fha_loan function| cashout function| veteran function| va_loan function| elect_bill1 function| validate_address function| validate function| validateOptEmails function| validateEmail function| hasClass object| config function| getUrlVars function| getUrlParam function| RGRCallBack function| mobileTabletCheck function| postscribe function| customRadio function| fillState object| dt string| month string| day string| year string| currentDate object| scrollbox function| trustedFormCertUrlCallback object| __maxch__thunk object| MediaAlphaExchange function| MediaAlphaExchange__success function| MediaAlphaExchange__error function| MediaAlphaExchange__click function| MediaAlphaExchange__load undefined| targetID undefined| targetElt function| clicksNetGetProtocol function| clicksNetGetQueryStringParam function| clicksNetGetElementsByClassName boolean| cf_mort_src_script_was_added boolean| cf_add_adapt_src_script_was_added function| mortCallback function| cf_add_missing_src_scripts function| GenerateMissingScript function| loadScriptWithSrc function| stripAndExecuteScript function| addClass function| removeClass function| clicksNetAddExpandButtonListeners function| eHawkTalon function| EHTalon function| Fingerprint boolean| isBlink string| pixelrgr_product string| pixelrgr_upload_type string| pixelrgr_url object| pixelrgr_cackeid string| pixelrgr_publisher_id object| pixelrgr_pageview string| tmpShiftValue string| tmpParts object| google_tag_data string| GoogleAnalyticsObject function| ga object| LeadiDconfig object| LeadiD object| gaplugins object| gaGlobal object| gaData object| trustedForm function| trustedFormStartRecording function| trustedFormStopRecording number| chk string| e_hawkTalonStr string| label string| id boolean| sensitiveData object| regeneratorRuntime object| defaultStyleFrame

8 Cookies

Domain/Path Name / Value
cxprime.com/ Name: ClickDataNG
Value: H4sIAAAAAAAA_1xSXU_rOBD9K9E8gWSlTpqGNgihbmGXFRStBCwvV0KuPW2tJnY0tgu9wH-_cpIL1X3zx8ycM-ecd9gjOW0NVJClPOXAwB9ahIozcGH1-PssrdkjeVRQrUXtkIGstdz9q6CCYhLcwe-brTFTYKCER6iyspjOskk-LRhI0bRCb0yszjifFAy0W_w3_5pF1guvbVcw4Qwo1BjP8YhKE0q_RL-1CqqcgbOBZPefM6iFUdpshurh9kQ1VAAM7HqN1MFm2ZTBioSR26G2--srt963rhqNtoJaF1bOax88ptI2o8s2rGrttkgvWl1k2Yz_CJznpQsrrS7-WF1a5wfWezShl64VBxs8VOVkwFwEIjTyABU8PVwBg0D6iIR8a0k3PXon8qWnfcSOyvXgMrvIeZ6_CJWNgYFu50oROhddnI3T_CzNijTjx19lL0hwSPMNGg8VLO1PXddiNEl5cvKsjbKvLrl_TDKe8vPkWZuyOE_eyuI0mbdtjc-4utV-NBmfpeMyObm9eVzesaTWO0z-Qbmzp8liS7bBUcZ5ytNiOivTkicPYi1ID20QpVkjIfV0FO61xK-U2bjBwCS65_7_TmfcZkX21XW9PdTXhL9IGHU8cmkV1scP96LB_i57OFhYai3FsMY4tlGQvDhL7rzqnAzGU7To6rojvelpXF1_fNygc7FJan8Ynv4mYXbrQD4RTbIU2kD0ndD4RXRwCCPpjTZ37dGTJ2GckH32HVQm1DUDGZy3DVTvsOdQwbfVn5-_AgAA__-KMLhUsQMAAA==
cxprime.com/ Name: ClickDataNgFall
Value: H4sIAAAAAAAA_1xSXU_rOBD9K9E8gWSlTpqGNgihbmGXFRStBCwvV0KuPW2tJnY0tgu9wH-_cpIL1X3zx8ycM-ecd9gjOW0NVJClPOXAwB9ahIozcGH1-PssrdkjeVRQrUXtkIGstdz9q6CCYhLcwe-brTFTYKCER6iyspjOskk-LRhI0bRCb0yszjifFAy0W_w3_5pF1guvbVcw4Qwo1BjP8YhKE0q_RL-1CqqcgbOBZPefM6iFUdpshurh9kQ1VAAM7HqN1MFm2ZTBioSR26G2--srt963rhqNtoJaF1bOax88ptI2o8s2rGrttkgvWl1k2Yz_CJznpQsrrS7-WF1a5wfWezShl64VBxs8VOVkwFwEIjTyABU8PVwBg0D6iIR8a0k3PXon8qWnfcSOyvXgMrvIeZ6_CJWNgYFu50oROhddnI3T_CzNijTjx19lL0hwSPMNGg8VLO1PXddiNEl5cvKsjbKvLrl_TDKe8vPkWZuyOE_eyuI0mbdtjc-4utV-NBmfpeMyObm9eVzesaTWO0z-Qbmzp8liS7bBUcZ5ytNiOivTkicPYi1ID20QpVkjIfV0FO61xK-U2bjBwCS65_7_TmfcZkX21XW9PdTXhL9IGHU8cmkV1scP96LB_i57OFhYai3FsMY4tlGQvDhL7rzqnAzGU7To6rojvelpXF1_fNygc7FJan8Ynv4mYXbrQD4RTbIU2kD0ndD4RXRwCCPpjTZ37dGTJ2GckH32HVQm1DUDGZy3DVTvsOdQwbfVn5-_AgAA__-KMLhUsQMAAA==
.harpsubstitute.com/ Name: _ga
Value: GA1.2.743017094.1648915287
.harpsubstitute.com/ Name: _gid
Value: GA1.2.842649632.1648915287
.harpsubstitute.com/ Name: _gat_UA-104373288-9
Value: 1
harpsubstitute.com/ Name: 6bdfac53cbfb648b7ebe7a1fe1b93f4d
Value: %7B%22v%22%3A%225.8%22%2C%22a%22%3A123364741%2C%22b%22%3A%22f97a1ca96055f595211997eda27f59e9%22%2C%22c%22%3A1648915287043%2C%22d%22%3A%22d22256ffa200ed350c6065b4600e7446%22%2C%22e%22%3A%22%22%7D
harpsubstitute.com/ Name: leadid_token-29705C9D-232A-8A19-97CA-C832491B96A7-55BC924F-7A64-632A-27E9-C00A43B0343D
Value: 3257A78B-2C73-47DF-FC4E-6B8B53B9CB30
.deviceid.trueleadid.com/ Name: uuid
Value: dc78c2b5677c4484b4bb8433ac9bd369

1 Console Messages

Source Level URL
Text
network error URL: https://s3-us-west-2.amazonaws.com/files.getemails.com/account/V3VHEYD/source/getemails.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.proofapi.com
api.trustedform.com
api.useproof.com
cdn-3.convertexperiments.com
cdn.fcmrktplace.com
cdn.trustedform.com
cdn.useproof.com
code.jquery.com
cp.reallygreatrate.com
create.leadid.com
create.lidstatic.com
cxprime.com
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
finance.mediaalpha.com
fonts.googleapis.com
fonts.gstatic.com
geoip-js.com
hainneb.online
harpsubstitute.com
js.maxmind.com
reallygreatrate.com
rgrassets.s3-us-west-2.amazonaws.com
s3-us-west-2.amazonaws.com
u9336.ct.sendgrid.net
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
api.trustedform.com
104.248.186.70
13.32.23.195
165.227.241.154
167.89.115.54
18.210.241.209
2001:4de0:ac18::1:a:1a
209.59.184.222
2600:9000:2057:d400:1c:7f1a:6680:93a1
2606:4700:10::ac43:29e5
2606:4700:3033::6815:40e
2606:4700:3037::6815:548c
2606:4700::6810:262f
2606:4700::6812:aef
2a00:1450:4001:808::2003
2a00:1450:4001:808::200e
2a00:1450:4001:810::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200a
2a06:98c1:3120::7
3.126.48.135
35.169.27.54
52.11.81.218
52.207.54.198
52.218.180.184
52.44.180.71
52.92.132.42
96.16.134.166
005a62b1fb7c1cbfa9029e92f4d9fb116ac1c0227a1f897385eb5c5edb6616d8
0adeedede6d3bdf7e7258108ead2ed80af83b9fec8ba560d29fce2f3a957a261
0fa4e662b0b08681283c555584cee05dcc9042496f65efd38b65a4fdbe5758ba
12d5f5436c92db2953a77e0c1d3d10ddf7ca6365129dbda3300e705d7d8bcb0d
1f7c1711bbcc552ffcfa2d4a1ce63f0e5fde356e71d9c2fd7d7358888b93e798
2046ed80d06bde3e0232da2c1ff0f0b86b987bbdf462301dce2b1bcea7f0ff80
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
24ed9db3eb0d97ecf1f0832cbd30bd37744e0d2b520ccdad5af60f7a08a45b90
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
262cbee3c008c92ec4e2f35ae59b06461ff3d88a6a357debc9388a4c43cc1afd
26f76ed947ed29163c4f8ee4821e085b6362f837175f8b940e088f5b63ae4c08
28a050e3bb0c1932abdde03a00adedf53cb095b71bed2041cc5ff29c34bbad8c
2a231423242a2f6be663831a3cf95f4f9297548fc923869ca77a654be91e2b0b
2bdf83f75f66adf883bffa8154a933820ebe1774462491fa9569ced274dcfb76
2c881b0c2f14538c1171bf1ebe6e63440f6aa4d9100ad45ec857a201fbcab7c3
31cd7d9398307ca2e6cfaa111bbe7b69d69cbaaed2ff74034412ebc5008671fd
3f99b7b6f77ad6e6f6b7e4985cd526ee009f4e1de60ee0795ff5b6a289b1fc69
3fbaf6d942972e596e0e08a8f093650f90ea9d36017f2f3474b56ad403b74d9f
418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf
439a62706891e1d3726121a56316cdc8b545114ec209a7dab5abc374c7059a6f
479bbacc482a04fafa069e27d88922ed314c9f7df86ebf8b117de571c4869512
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
6a45658988e9ccf8d151c181ca1ce06731abd20a469ea9b6210b31cfcaffa91e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70016a0b3330f5804ba2568b17cc63d6958b200faed5d2fecde16805beb8131f
70451e6d3cd87c2f0d7d82d2738b4b298d4f0300af7dabd3ab1c9b0cdb16716a
7656b5a72cee89a429742d2575df383f9d0a5a36464ab05ee13fb1dafeb73bdf
78ea6ebecf353ac61af5e84b3234de2a8bbfbb845f88772e638e3d2d864d1d91
7ae5a39803e420c1586641e0b94437aa94c2655fb6078061fdaccccef50d18b1
7be0ac99f2ea3e5f96e91fadfabfa6a74df8e9dde83f25bb847730cfd5b25310
7c523acd9e064b23ceedc037540c9d4c0ccb5dd77cfc3d36183b2a53803030e5
86b9810f5af65c62a1d7c0ae9b8fcfbf88fec66b80b6ba723eb6b37eb4c3fef8
870d376a0a2827da19ed36e282b5c404d5784e28ef5039f766b84fd747e16750
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
95a2ad33ac7dac170f5294e859a559e7263727371155e9ee1d04e53e63ca3af4
96826e8521715e333d75aa855eeaffb6f72c08c3bd757b6f6f70d8adad936d53
99209fd93a657cd31de8a66da57ed9eba7cdee3802d219a72f3ab040652060ec
99ecebacfade709528af60deeb8afea4b33dce670ae21eead44b46d22d6a2e21
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a4e0c46c2096b31153d86e0f3b18ada2d0d517b2157fcef0890d1745cabc971a
a5a31df4fd9b613ba62b7a8d1329687f7fddf1405e0f88478873106132ea216f
a9d46e4d47e1eaa899ee395323e8b79b7466afe16594b6cc01cadfa32f0647bc
aea607f39789d4cc03dd33d5518a1e53d419c379c618b7a19d6e3a06f4f14d56
b02261de48e43eb36ebd12bb35cc8cf835709afdafc45090f720268f47c0ecd1
b3e1a75bb57b46bb57f37b5df3eae427b50ad87d7ed3f29d251d8419dfb8f5dd
b5ef677540bc95d34f276b58d2aadc855311321a39ee0d1ec3e89f1f6dfe0912
b9869ed42c740fe29e9a43bdde314b372e4b43bc2497ae5c280475ec1d0295e2
c0504aaebc704c9e2f127b37b96aa475865d6dc9e8a7b3ebb84dabdaa87305ce
c20200c1fce72a3749a5a2fe92a2c63a7f313adfd8b68376d6c6d1d7a51bd04c
c2b8dd7ad58cd78f041a5f1b9cefc383ae93c31c2f6109c4796c9309e84edbba
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
c88bfbd21147a0cd9b6756adaabaf62598a48c461df4525e1958a1d09e9e7c32
cd2ab36473aef1e3d09b0f996ed6657547f07e0e8db7ce1b0f22bc522b9e74a4
cecb7574a7b590943facd083b1fa50a4d723e2aab07e11b7ceb2221778404e20
d69c01432ebe21bfd72cba936738c1ab831ce461de00e229dea799e6f932d510
dc1888f92aa87dcb7c08192c667db226dba1f5f027d7394136be7b0b0f78f8cf
e1e975c10286ed774f4b344904f5e5ceec04f7e4eb59eb82430eb9d247dc9b30
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40f2cf09acd9102b0395a54666be4b1e9cd345c217df3dc3acbb2f2af23edb9
ee855c03ff68d56d694f797b269f1741916f49dc1669b462bbeb9300f5525fd5
f33bd58eaa8862892bfaaf1d07b4010ec83175e0b2b85b4b96b75c08cfa4a662
f4d712c5a2901b92d4baa6e18554c3db8e5ce1d8f4d3189054e39489b37c982c
f669947f3a7afe2c1d985ad130f37507445184ee01cdf715da3a668b36365d8d
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fd6c567369b1170df3dce198008dffd26680609dac9d8a3532c79335696d058e
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c