www.mrcooper.com Open in urlscan Pro
104.16.157.114 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.email.nationstarmail.com/?qs=6de45ae641855fa822137100ba26be2f534c7f19ed966c80b328dcf7e2972b9cf38bec156a4c85d8132eb840bb84...
Effective URL:
https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet
Submission: On May 01 via manual (May 1st 2024, 3:13:58 pm UTC) from US — Scanned from DE

Summary HTTP 69 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 27 IPs in 5 countries across 22 domains to perform 69 HTTP transactions. The main IP is 104.16.157.114, located in and belongs to CLOUDFLARENET, US. The main domain is www.mrcooper.com. The Cisco Umbrella rank of the primary domain is 109127.
TLS certificate: Issued by GTS CA 1P5 on April 2nd 2024. Valid for: 3 months.

This is the only time www.mrcooper.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	128.17.96.3 128.17.96.3	14340 (SALESFORCE) (SALESFORCE)
27	104.16.157.114 104.16.157.114	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.87.20 104.16.87.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.159.138.60 162.159.138.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	18.66.102.53 18.66.102.53	16509 (AMAZON-02) (AMAZON-02)
1 4	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2	52.217.227.0 52.217.227.0	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	13.32.27.107 13.32.27.107	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c02::9d	15169 (GOOGLE) (GOOGLE)
1	146.75.122.109 146.75.122.109	54113 (FASTLY) (FASTLY)
4	2620:1ec:bdf::64 2620:1ec:bdf::64	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2620:1ec:46::64 2620:1ec:46::64	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	20.232.115.241 20.232.115.241	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	3.211.190.76 3.211.190.76	14618 (AMAZON-AES) (AMAZON-AES)
1	2400:52e0:1e0... 2400:52e0:1e00::1080:1	200325 (BUNNYCDN) (BUNNYCDN)
1	2602:816:5001... 2602:816:5001::39	54113 (FASTLY) (FASTLY)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	172.217.18.14 172.217.18.14	15169 (GOOGLE) (GOOGLE)
1	20.122.63.128 20.122.63.128	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
69	27

1 128.17.96.3 (United States) 1 redirects

ASN14340 (SALESFORCE, US)
PTR: click.email.nationstarmail.com

click.email.nationstarmail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 104.16.157.114 (None, )

ASN13335 (CLOUDFLARENET, US)

www.mrcooper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.87.20 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.138.60 (None, )

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-53.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.217.227.0 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-107.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c02::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.122.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

extend.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:bdf::64 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

oc-cdn-ocprod.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::64 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.232.115.241 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

unq4aee21797bd9ed11aece000d3a323-crm.omnichannelengagementhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.211.190.76 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-190-76.compute-1.amazonaws.com

geo.qualaroo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::1080:1 (Germany)

ASN200325 (BUNNYCDN, SI)

dntcl.qualaroo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.14 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.122.63.128 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

p.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	mrcooper.com www.mrcooper.com — Cisco Umbrella Rank: 109127	2 MB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31 region1.google-analytics.com — Cisco Umbrella Rank: 2404	21 KB
5	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 747 c.clarity.ms — Cisco Umbrella Rank: 1371 p.clarity.ms — Cisco Umbrella Rank: 576208	28 KB
4	azureedge.net oc-cdn-ocprod.azureedge.net — Cisco Umbrella Rank: 36661	45 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 337 c.bing.com — Cisco Umbrella Rank: 228	16 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	298 KB
2	qualaroo.com geo.qualaroo.com — Cisco Umbrella Rank: 40401 dntcl.qualaroo.com — Cisco Umbrella Rank: 10670	381 B
2	amazonaws.com s3.amazonaws.com	51 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	74 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 737 script.hotjar.com — Cisco Umbrella Rank: 933	59 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	27 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 242	599 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 594	18 KB
1	omnichannelengagementhub.com unq4aee21797bd9ed11aece000d3a323-crm.omnichannelengagementhub.com — Cisco Umbrella Rank: 165043	670 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	274 B
1	vimeocdn.com extend.vimeocdn.com — Cisco Umbrella Rank: 10489	6 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 84	347 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 817	7 KB
1	vimeo.com player.vimeo.com — Cisco Umbrella Rank: 2026	12 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 320	1 KB
1	nationstarmail.com 1 redirects click.email.nationstarmail.com — Cisco Umbrella Rank: 205780	280 B
0	googleapis.com Failed storage.googleapis.com Failed
69	22

	Domain	Requested by
27	www.mrcooper.com	www.mrcooper.com static.cloudflareinsights.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	oc-cdn-ocprod.azureedge.net	www.mrcooper.com oc-cdn-ocprod.azureedge.net
3	bat.bing.com	www.mrcooper.com bat.bing.com
3	www.googletagmanager.com	www.mrcooper.com www.googletagmanager.com
2	c.clarity.ms	1 redirects
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	region1.google-analytics.com	www.googletagmanager.com
2	s3.amazonaws.com	www.mrcooper.com
2	connect.facebook.net	www.mrcooper.com connect.facebook.net
2	cdnjs.cloudflare.com	www.mrcooper.com
1	bam.nr-data.net	js-agent.newrelic.com
1	p.clarity.ms	www.clarity.ms
1	c.bing.com	1 redirects
1	js-agent.newrelic.com	www.mrcooper.com
1	dntcl.qualaroo.com	s3.amazonaws.com
1	geo.qualaroo.com	s3.amazonaws.com
1	unq4aee21797bd9ed11aece000d3a323-crm.omnichannelengagementhub.com	oc-cdn-ocprod.azureedge.net
1	www.facebook.com	www.mrcooper.com
1	extend.vimeocdn.com	www.googletagmanager.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	www.mrcooper.com
1	static.cloudflareinsights.com	www.mrcooper.com
1	player.vimeo.com	www.mrcooper.com
1	cdn.jsdelivr.net	www.mrcooper.com
1	click.email.nationstarmail.com	1 redirects
0	storage.googleapis.com Failed	www.mrcooper.com
69	28

This site contains links to these domains. Also see Links.

Domain
apps.apple.com
play.google.com
careers.mrcooper.com
investors.mrcoopergroup.com
www.mrcoopergroup.com
masterservicing.nationstarmtg.com
mrcooper.com
www.mrcooperincident.com
www.facebook.com
twitter.com
www.linkedin.com
www.instagram.com
www.youtube.com
www.nmlsconsumeraccess.org

Subject Issuer	Validity	Valid
mrcooper.com GTS CA 1P5	`2024-04-02` - `2024-07-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
player.vimeo.com E1	`2024-03-29` - `2024-06-27`	3 months	crt.sh
cloudflareinsights.com GTS CA 1P5	`2024-03-10` - `2024-06-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-05-01` - `2024-06-27`	2 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-02-09` - `2024-05-08`	3 months	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2024-02-08` - `2025-01-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-11-22` - `2024-12-23`	a year	crt.sh
*.azureedge.net Microsoft Azure RSA TLS Issuing CA 04	`2024-04-09` - `2025-04-04`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.omnichannelengagementhub.com Microsoft Azure RSA TLS Issuing CA 04	`2024-04-10` - `2025-04-05`	a year	crt.sh
*.qualaroo.com Amazon RSA 2048 M02	`2024-04-01` - `2025-04-30`	a year	crt.sh
dntcl.qualaroo.com R3	`2024-04-06` - `2024-07-05`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-21` - `2025-04-22`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet
Frame ID: BDC124A318D61687F4A0D763A51FE53E
Requests: 67 HTTP requests in this frame

Frame: https://dntcl.qualaroo.com/frame.html
Frame ID: 7FEEE52C25D006C4364C51ED405D67D0
Requests: 1 HTTP requests in this frame

Frame: https://oc-cdn-ocprod.azureedge.net/livechatwidget/v2public/htmls/chatv2.html?data-app-id=866e40c5-3b87-4d39-8309-af41bbcd3eef&data-org-id=4aee2179-7bd9-ed11-aece-000d3a323213&data-org-url=https://unq4aee21797bd9ed11aece000d3a323-crm.omnichannelengagementhub.com&hostname=www.mrcooper.com&data-hide-chat-button=&data-suggested-action-layout=stacked&data-lcw-version=prod&data-render-mobile=false&data-color-override=%23009fc7
Frame ID: 87AFFE576692D6BB2B54BBE365E7FFD0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome! | Mr. Cooper Home Loans - Mortgage Transfer Support Q&A

Page URL History Show full URLs

https://click.email.nationstarmail.com/?qs=6de45ae641855fa822137100ba26be2f534c7f19ed966c80b328dcf7e2972b9cf38bec15... HTTP 302
https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redca... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

69
Requests

96 %
HTTPS

44 %
IPv6

22
Domains

28
Subdomains

27
IPs

5
Countries

2701 kB
Transfer

9223 kB
Size

33
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://apps.apple.com/us/app/mr-cooper/id1114621467
Title: App Store

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.mrcooper.apollo.beta&hl=en_US
Title: Google Play

Search URL Search Domain Scan URL

URL: https://careers.mrcooper.com/
Title: Careers

Search URL Search Domain Scan URL

URL: http://investors.mrcoopergroup.com/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://www.mrcoopergroup.com/press
Title: Press

Search URL Search Domain Scan URL

URL: https://masterservicing.nationstarmtg.com/
Title: Master Servicing

Search URL Search Domain Scan URL

URL: https://mrcooper.com/blog/testimonial/
Title: Customer Testimonials

Search URL Search Domain Scan URL

URL: https://www.mrcooperincident.com/
Title: 2023 Cyber Incident

Search URL Search Domain Scan URL

URL: https://www.facebook.com/mrcooperhomeloans

Search URL Search Domain Scan URL

URL: https://twitter.com/mrcooper
Title: twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/mrcooper
Title: linkedin

Search URL Search Domain Scan URL

URL: https://www.instagram.com/mrcooperhomeloans
Title: instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC18GKLLpfra7p8eK8EN9RzA

Search URL Search Domain Scan URL

URL: http://www.nmlsconsumeraccess.org/
Title: www.nmlsconsumeraccess.org

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.email.nationstarmail.com/?qs=6de45ae641855fa822137100ba26be2f534c7f19ed966c80b328dcf7e2972b9cf38bec156a4c85d8132eb840bb8465ea6194408500ead291 HTTP 302
https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=ABFDEB7085B744E299EB3A7B3AF4544D&RedC=c.clarity.ms&MXFR=32F3A0EFC781650D3F33B49DC3816BDE HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=ABFDEB7085B744E299EB3A7B3AF4544D&MUID=19A807216A3D6BC1262713536B916A7F

69 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request welcome Show response
www.mrcooper.com/
Redirect Chain

https://click.email.nationstarmail.com/?qs=6de45ae641855fa822137100ba26be2f534c7f19ed966c80b328dcf7e2972b9cf38bec156a4c85d8132eb840bb8465ea6194408500ead291
https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet

61 KB
20 KB

404ms
362ms

Document
text/html

104.16.157.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.157.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcaabc40fc0fdbf7da1081a4b4fa2a929ca7a24bdc53cb014e57b7d4ec76eabc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store
cf-cache-status: DYNAMIC
cf-ray: 87d0b7c9887871b5-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 01 May 2024 15:13:51 GMT
expires: Mon, 28 Oct 2024 15:13:51 +0000
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Origin
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 866458c1-9c05-4c98-b1ac-bd0ec640db91
x-runtime: 0.198020
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 230
Content-Type: text/html; charset=utf-8
Date: Wed, 01 May 2024 15:13:51 GMT
Location: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet

GET
H3 200 application-7d05e6f5ef6040e9d3c8b48d10a3f897182d1d5147e929f325a23f3e24eaceb2.css
www.mrcooper.com/assets/ 2 MB
213 KB 153ms
153ms Stylesheet
text/css 104.16.157.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mrcooper.com/assets/application-7d05e6f5ef6040e9d3c8b48d10a3f897182d1d5147e929f325a23f3e24eaceb2.css
Requested by: Host: www.mrcooper.com
URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.157.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d596223f97146bbdb0e84198efa1088c808b039e06e92fde90b75af323a4483

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 15:13:52 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 19 Apr 2024 10:16:22 GMT
server: cloudflare
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, s-maxage=15552000, max-age=15552000
cf-ray: 87d0b7cbebc071b5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 217395
expires: Mon, 21 Oct 2024 19:36:49 +0000

GET
H3 200 shadydom.min.js Show response
cdnjs.cloudflare.com/ajax/libs/shadydom/1.7.0/ 44 KB
12 KB 59ms
31ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/shadydom/1.7.0/shadydom.min.js

Requested by

Host: www.mrcooper.com
URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfbbd46b7e6278f631dabd89da3b811bda57956ee640f27dfb36bd0aca792179

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 15:13:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 452039
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 11834
last-modified: Sat, 11 Jul 2020 21:04:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f0a2967-aefe"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JNmmngewcqFj6wXvq0PaKsawfkFFfUfB729dQVT9wcrFCtuRsdDShuyCqdQnnSlP%2FByrbiKOg0b4e9FX8eb%2FMJzbP12Z8rcwPpknO0YxZIcZoL8FMp4tsMZ8RTOOTQ9yvcIUli%2F%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 87d0b7cc1d989b58-FRA
expires: Mon, 21 Apr 2025 15:13:52 GMT

GET
H3 200 index.js Show response
cdn.jsdelivr.net/npm/object-assign-polyfill@0.1.0/ 1 KB
1 KB 103ms
75ms Script
application/javascript 104.16.87.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/object-assign-polyfill@0.1.0/index.js

Requested by

Host: www.mrcooper.com
URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47309252c09e4ca1d797dc8ad1bea7e7d881a47b2b8f40adf63c19cf9cb93559

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 15:13:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4231693
x-jsd-version: 0.1.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230125-FRA, cache-lga21940-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"439-llwwTEAQmiYa7WIaB4nrlYjvuug"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kozWgeapiC%2FLR6C6pjmrMFKyWkKf5QEaGbix0M4Idgj0aTZALgTw6oi%2BVVzPHZYh%2FawQbYmVSgX7YJ2sWlD5u05DIIC7uclQlQuQFkX7Tt%2B4lkhyH7HGFys2jqyZPFmSjPw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 87d0b7cc18862c43-FRA

GET
H3 200 interact_banner-2bb1b8b363a37376691e562d8565ec4e48e8b8052690100786542d0b4a1ebe3e.js Show response
www.mrcooper.com/assets/ 86 KB
25 KB 170ms
163ms Script
application/javascript 104.16.157.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mrcooper.com/assets/interact_banner-2bb1b8b363a37376691e562d8565ec4e48e8b8052690100786542d0b4a1ebe3e.js
Requested by: Host: www.mrcooper.com
URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.157.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bb1b8b363a37376691e562d8565ec4e48e8b8052690100786542d0b4a1ebe3e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 15:13:52 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 19 Apr 2024 10:16:22 GMT
server: cloudflare
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: public, s-maxage=15552000, max-age=15552000
cf-ray: 87d0b7cbfbcd71b5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 25076
expires: Mon, 21 Oct 2024 21:08:30 +0000

GET
H3 200 jquery.min-a6ed45d15e46615f8c15931ca254e398a912e770b10122a4435529a1a523180d.js Show response
www.mrcooper.com/assets/ 87 KB
30 KB 181ms
181ms Script
application/javascript 104.16.157.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mrcooper.com/assets/jquery.min-a6ed45d15e46615f8c15931ca254e398a912e770b10122a4435529a1a523180d.js
Requested by: Host: www.mrcooper.com
URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.157.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6ed45d15e46615f8c15931ca254e398a912e770b10122a4435529a1a523180d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 15:13:52 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 19 Apr 2024 10:16:22 GMT
server: cloudflare
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: public, s-maxage=15552000, max-age=15552000
cf-ray: 87d0b7cbfbd171b5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 30881
expires: Mon, 21 Oct 2024 20:44:27 +0000

GET
H3 200 DeviceDetector.min-c92d5c98448974e2ba50160478b9247c3900e42ef26d0f663666bf89c09f868c.js Show response
www.mrcooper.com/assets/ 4 KB
2 KB 154ms
153ms Script
application/javascript 104.16.157.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mrcooper.com/assets/DeviceDetector.min-c92d5c98448974e2ba50160478b9247c3900e42ef26d0f663666bf89c09f868c.js
Requested by: Host: www.mrcooper.com
URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.157.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c92d5c98448974e2ba50160478b9247c3900e42ef26d0f663666bf89c09f868c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 15:13:52 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 19 Apr 2024 10:16:22 GMT
server: cloudflare
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: public, s-maxage=15552000, max-age=15552000
cf-ray: 87d0b7cc0bd371b5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1766
expires: Mon, 21 Oct 2024 20:44:27 +0000

GET
H3 200 application-5b16a2ae040c2503a1d0b78d91ec5924c12415447f4592214ca413440624393f.js Show response
www.mrcooper.com/assets/ 1 MB
367 KB 232ms
231ms Script
application/javascript 104.16.157.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mrcooper.com/assets/application-5b16a2ae040c2503a1d0b78d91ec5924c12415447f4592214ca413440624393f.js
Requested by: Host: www.mrcooper.com
URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.157.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b16a2ae040c2503a1d0b78d91ec5924c12415447f4592214ca413440624393f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 15:13:52 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 19 Apr 2024 10:16:22 GMT
server: cloudflare
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: public, s-maxage=15552000, max-age=15552000
cf-ray: 87d0b7cc0bd471b5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 375029
expires: Mon, 21 Oct 2024 19:36:57 +0000

GET
H3 200 velocity.min.js Show response
cdnjs.cloudflare.com/ajax/libs/velocity/1.5.2/ 44 KB
15 KB 57ms
39ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/velocity/1.5.2/velocity.min.js

Requested by

Host: www.mrcooper.com
URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d47aa823be8918a035ecad02d2cf4af0bfe2cbc3c00b8dca54bb758510ff3a37

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 15:13:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2310994
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 14390
last-modified: Mon, 04 May 2020 16:17:30 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb0401a-af08"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jopEbfmwEp3%2FP%2FF%2Feh31sYVBXh4F8etW6voQseSVk8QDPMtYhB9gQVWObt3qTIly3b%2FRvCwVsbe51TonKH2Xib2n5vCOUebF2Rmk0B2IfQ3yH4cToRC91ai%2BXm2rbPakJL%2FFSEMM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 87d0b7cc1d979b58-FRA
expires: Mon, 21 Apr 2025 15:13:52 GMT

GET
H3 200 animations-9f5fe33ba81608fd7f0af209db600e49b08cfbd89ff587fa707ef7d5edc60fe5.js Show response
www.mrcooper.com/assets/ 5 KB
2 KB 159ms
158ms Script
application/javascript 104.16.157.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mrcooper.com/assets/animations-9f5fe33ba81608fd7f0af209db600e49b08cfbd89ff587fa707ef7d5edc60fe5.js
Requested by: Host: www.mrcooper.com
URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.157.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f5fe33ba81608fd7f0af209db600e49b08cfbd89ff587fa707ef7d5edc60fe5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 15:13:52 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 19 Apr 2024 10:16:22 GMT
server: cloudflare
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: public, s-maxage=15552000, max-age=15552000
cf-ray: 87d0b7cc0bd571b5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1623
expires: Mon, 21 Oct 2024 19:37:02 +0000

GET
H3 200 ic-close-blue-f317a98031701d673d1fb9a012740836ef2795dd9c4161f73fccd74effec6188.svg
www.mrcooper.com/assets/ 662 B
554 B 232ms
231ms Image
image/svg+xml 104.16.157.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mrcooper.com/assets/ic-close-blue-f317a98031701d673d1fb9a012740836ef2795dd9c4161f73fccd74effec6188.svg
Requested by: Host: www.mrcooper.com
URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.157.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f317a98031701d673d1fb9a012740836ef2795dd9c4161f73fccd74effec6188

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 15:13:52 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 19 Apr 2024 10:16:22 GMT
server: cloudflare
vary: Origin
content-type: image/svg+xml
cache-control: public, s-maxage=15552000, max-age=15552000
cf-ray: 87d0b7cc0bd871b5-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 21 Oct 2024 19:36:58 +0000

GET
H3 200 icon-failure-round-1b29161ae415fd3f9a93bdaf2d740b758bd2f34f09edd54b6d1eeb3793fc81be.svg
www.mrcooper.com/assets/ 532 B
543 B 375ms
374ms Image
image/svg+xml 104.16.157.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mrcooper.com/assets/icon-failure-round-1b29161ae415fd3f9a93bdaf2d740b758bd2f34f09edd54b6d1eeb3793fc81be.svg
Requested by: Host: www.mrcooper.com
URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.157.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b29161ae415fd3f9a93bdaf2d740b758bd2f34f09edd54b6d1eeb3793fc81be

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 15:13:52 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 19 Apr 2024 10:16:22 GMT
server: cloudflare
vary: Origin
content-type: image/svg+xml
cache-control: public, s-maxage=15552000, max-age=15552000
cf-ray: 87d0b7cc0bdc71b5-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 21 Oct 2024 19:35:15 +0000

GET
H3 200 vendor-79f2d8b32a58b790869aae0945fde5af979fcd08b7c4a9e8b622cb0bd5455291.js Show response
www.mrcooper.com/assets/ 1 MB
214 KB 171ms
171ms Script
application/javascript 104.16.157.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mrcooper.com/assets/vendor-79f2d8b32a58b790869aae0945fde5af979fcd08b7c4a9e8b622cb0bd5455291.js
Requested by: Host: www.mrcooper.com
URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.157.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79f2d8b32a58b790869aae0945fde5af979fcd08b7c4a9e8b622cb0bd5455291

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 15:13:52 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 19 Apr 2024 10:16:22 GMT
server: cloudflare
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: public, s-maxage=15552000, max-age=15552000
cf-ray: 87d0b7cdae8371b5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 219025
expires: Mon, 21 Oct 2024 20:44:27 +0000

GET
H3 200 phones-e20bca6b515e1d751064224728754fce81be23d97ed3a121724f9f90c4f744d3.png
www.mrcooper.com/assets/ 77 KB
77 KB 168ms
167ms Image
image/png 104.16.157.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mrcooper.com/assets/phones-e20bca6b515e1d751064224728754fce81be23d97ed3a121724f9f90c4f744d3.png
Requested by: Host: www.mrcooper.com
URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.157.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e20bca6b515e1d751064224728754fce81be23d97ed3a121724f9f90c4f744d3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 15:13:52 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 19 Apr 2024 10:16:22 GMT
server: cloudflare
vary: Origin
content-type: image/png
cache-control: public, s-maxage=15552000, max-age=15552000
cf-ray: 87d0b7ce7fb471b5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 78410
expires: Mon, 21 Oct 2024 20:24:23 +0000

GET
H3 200 google-play-93269ae059a288ccc373235e2548ecbf7cf25f0753a99a7f0b74fcc1bb4b6718.png
www.mrcooper.com/assets/ 6 KB
6 KB 166ms
164ms Image
image/png 104.16.157.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mrcooper.com/assets/google-play-93269ae059a288ccc373235e2548ecbf7cf25f0753a99a7f0b74fcc1bb4b6718.png
Requested by: Host: www.mrcooper.com
URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.157.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93269ae059a288ccc373235e2548ecbf7cf25f0753a99a7f0b74fcc1bb4b6718

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 15:13:52 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 19 Apr 2024 10:16:22 GMT
server: cloudflare
vary: Origin
content-type: image/png
cache-control: public, s-maxage=15552000, max-age=15552000
cf-ray: 87d0b7ce8ffa71b5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 5687
expires: Mon, 21 Oct 2024 20:52:55 +0000

GET
H3 200 apple-store-7e8075d0a8254466b150ddc3ff522c12b8420c372c184eef6329bf5e4f0accd5.png
www.mrcooper.com/assets/ 5 KB
5 KB 159ms
154ms Image
image/png 104.16.157.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mrcooper.com/assets/apple-store-7e8075d0a8254466b150ddc3ff522c12b8420c372c184eef6329bf5e4f0accd5.png
Requested by: Host: www.mrcooper.com
URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.157.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e8075d0a8254466b150ddc3ff522c12b8420c372c184eef6329bf5e4f0accd5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 15:13:52 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 19 Apr 2024 10:16:22 GMT
server: cloudflare
vary: Origin
content-type: image/png
cache-control: public, s-maxage=15552000, max-age=15552000
cf-ray: 87d0b7ce980171b5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4960
expires: Mon, 21 Oct 2024 19:35:15 +0000

GET
H/1.1 200
OK player.js Show response
player.vimeo.com/api/ 37 KB
12 KB 126ms
55ms Script
application/javascript 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/api/player.js

Requested by

Host: www.mrcooper.com
URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b26ea722a2121ee02d8ca9c23460c5ff6cb75f840ff9e0c1ee79ecaedc7ad8f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 01 May 2024 11:38:38 GMT
Date: Wed, 01 May 2024 15:13:52 GMT
content-security-policy: default-src 'none'; style-src 'unsafe-inline'
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
via: 1.1 varnish
Age: 314
x-cache: HIT
Connection: keep-alive
x-backend-server: player-backend-edge-entry
Content-Length: 11390
x-served-by: cache-fra-eddf8230043-FRA
x-player-backend: g
Server: cloudflare
x-timer: S1714576433.500634,VS0,VE0
vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
access-control-allow-origin: *
Cache-Control: max-age=1800
x-bapp-server
accept-ranges: bytes
CF-RAY: 87d0b7ceff585d93-FRA
x-cache-hits: 239

GET
H3 200 find-your-loan-initializer-6b4c6318f5847ac5708659205157c7d5243ba2c2d8909707315717634d3a9c01.js Show response
www.mrcooper.com/assets/ 65 KB
15 KB 178ms
174ms Script
application/javascript 104.16.157.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mrcooper.com/assets/find-your-loan-initializer-6b4c6318f5847ac5708659205157c7d5243ba2c2d8909707315717634d3a9c01.js
Requested by: Host: www.mrcooper.com
URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.157.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b4c6318f5847ac5708659205157c7d5243ba2c2d8909707315717634d3a9c01

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 15:13:52 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 19 Apr 2024 10:16:22 GMT
server: cloudflare
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: public, s-maxage=15552000, max-age=15552000
cf-ray: 87d0b7ce980271b5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15564
expires: Mon, 21 Oct 2024 19:36:14 +0000

GET
H3 200 welcome-faq-initializer-67ccf15ec382e18296316e29a4dd7e995dffb10859e6092fa606d06ab3d59ca6.js Show response
www.mrcooper.com/assets/ 11 KB
4 KB 168ms
164ms Script
application/javascript 104.16.157.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mrcooper.com/assets/welcome-faq-initializer-67ccf15ec382e18296316e29a4dd7e995dffb10859e6092fa606d06ab3d59ca6.js
Requested by: Host: www.mrcooper.com
URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.157.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67ccf15ec382e18296316e29a4dd7e995dffb10859e6092fa606d06ab3d59ca6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 15:13:52 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 19 Apr 2024 10:16:22 GMT
server: cloudflare
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: public, s-maxage=15552000, max-age=15552000
cf-ray: 87d0b7ce980471b5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3503
expires: Mon, 21 Oct 2024 20:52:50 +0000

GET
H3 200 play_vimeo-b6d9bc47c47f79eb78f9230afff0ac6124dfbe913df36fd563f7f1c256e4e852.js Show response
www.mrcooper.com/assets/ 262 B
399 B 161ms
159ms Script
application/javascript 104.16.157.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mrcooper.com/assets/play_vimeo-b6d9bc47c47f79eb78f9230afff0ac6124dfbe913df36fd563f7f1c256e4e852.js
Requested by: Host: www.mrcooper.com
URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.157.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6d9bc47c47f79eb78f9230afff0ac6124dfbe913df36fd563f7f1c256e4e852

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 15:13:52 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 19 Apr 2024 10:16:22 GMT
server: cloudflare
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: public, s-maxage=15552000, max-age=15552000
cf-ray: 87d0b7ce980771b5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 177
expires: Mon, 21 Oct 2024 19:36:18 +0000

GET
H3 200 common-components-initializer-7144def2de90041d6ff47778c1c29ebd9a0a1c79fe6baa5bb04a0d0cea231b68.js Show response
www.mrcooper.com/assets/ 1 MB
454 KB 172ms
170ms Script
application/javascript 104.16.157.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mrcooper.com/assets/common-components-initializer-7144def2de90041d6ff47778c1c29ebd9a0a1c79fe6baa5bb04a0d0cea231b68.js
Requested by: Host: www.mrcooper.com
URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.157.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7144def2de90041d6ff47778c1c29ebd9a0a1c79fe6baa5bb04a0d0cea231b68

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 15:13:52 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 19 Apr 2024 10:16:22 GMT
server: cloudflare
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: public, s-maxage=15552000, max-age=15552000
cf-ray: 87d0b7ce980b71b5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 464485
expires: Mon, 21 Oct 2024 21:08:28 +0000

GET
H2 200 v55bfa2fee65d44688e90c00735ed189a1713218998793 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 117ms
68ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793
Requested by: Host: www.mrcooper.com
URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/
Origin: https://www.mrcooper.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 15:13:52 GMT
content-encoding: gzip
last-modified: Tue, 23 Apr 2024 12:12:17 GMT
server: cloudflare
etag: W/"2024.4.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 87d0b7cedc4d65a5-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 468 KB
121 KB 120ms
70ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PT5RFM

Requested by

Host: www.mrcooper.com
URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7ff05b8c94bc44852eea050f2b8ca46bb62459511fc55992e8814bc8bca62f89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 15:13:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 123416
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 01 May 2024 15:13:52 GMT

GET
H3 200 chat Show response
www.mrcooper.com/omnichannel/ 93 KB
30 KB 231ms
230ms Script
application/javascript 104.16.157.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrcooper.com/omnichannel/chat?path=/welcome

Requested by

Host: www.mrcooper.com
URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.157.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12c0d4bf891eda253a66a3dd282d1704271d39cf9a8efaa321fdafcb230cbc2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 15:13:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 05 Apr 2024 13:39:51 GMT
server: cloudflare
etag: W/"173ee-18eae7cb058"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: private, no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 87d0b7ce980f71b5-FRA
expires: -1

GET
H3 200 Lato-Black.woff2
www.mrcooper.com/fonts/ 173 KB
173 KB 171ms
171ms Font
application/font-woff2 104.16.157.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mrcooper.com/fonts/Lato-Black.woff2
Requested by: Host: www.mrcooper.com
URL: https://www.mrcooper.com/assets/application-7d05e6f5ef6040e9d3c8b48d10a3f897182d1d5147e929f325a23f3e24eaceb2.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.157.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34bb46634d07ac579411823eb39fac1376b012257460066a98b95075d086ccdd

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/assets/application-7d05e6f5ef6040e9d3c8b48d10a3f897182d1d5147e929f325a23f3e24eaceb2.css
Origin: https://www.mrcooper.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 15:13:52 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 24 Apr 2024 19:36:19 GMT
server: cloudflare
vary: Origin
content-type: application/font-woff2
cache-control: public, s-maxage=15552000, max-age=15552000
cf-ray: 87d0b7cf9a3871b5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 176748
expires: Mon, 21 Oct 2024 19:36:14 +0000

GET
H3 200 Lato-Regular.woff2
www.mrcooper.com/fonts/ 178 KB
179 KB 154ms
153ms Font
application/font-woff2 104.16.157.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mrcooper.com/fonts/Lato-Regular.woff2
Requested by: Host: www.mrcooper.com
URL: https://www.mrcooper.com/assets/application-7d05e6f5ef6040e9d3c8b48d10a3f897182d1d5147e929f325a23f3e24eaceb2.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.157.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 983b0caf336e8542214fc17019a4fc5e0360864b92806ca14d55c1fc1c2c5a0f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/assets/application-7d05e6f5ef6040e9d3c8b48d10a3f897182d1d5147e929f325a23f3e24eaceb2.css
Origin: https://www.mrcooper.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 15:13:52 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 24 Apr 2024 20:52:52 GMT
server: cloudflare
vary: Origin
content-type: application/font-woff2
cache-control: public, s-maxage=15552000, max-age=15552000
cf-ray: 87d0b7cf9a3971b5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 182708
expires: Mon, 21 Oct 2024 20:52:50 +0000

GET
H3 200 Lato-Black-Italic.woff2
www.mrcooper.com/fonts/ 25 KB
25 KB 295ms
294ms Font
application/font-woff2 104.16.157.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mrcooper.com/fonts/Lato-Black-Italic.woff2
Requested by: Host: www.mrcooper.com
URL: https://www.mrcooper.com/assets/application-7d05e6f5ef6040e9d3c8b48d10a3f897182d1d5147e929f325a23f3e24eaceb2.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.157.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34455358cf170b5f063d6b219a563a0fface0b1ba1b469d9991f40d86b349be7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/assets/application-7d05e6f5ef6040e9d3c8b48d10a3f897182d1d5147e929f325a23f3e24eaceb2.css
Origin: https://www.mrcooper.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 15:13:52 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 24 Apr 2024 21:08:31 GMT
server: cloudflare
vary: Origin
content-type: application/font-woff2
cache-control: public, s-maxage=15552000, max-age=15552000
cf-ray: 87d0b7cf9a3a71b5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 25636
expires: Mon, 21 Oct 2024 21:08:28 +0000

GET
H3 200 ic-eye-260e5b01666721a7b552ec3ad94472dfcc865de4ddfdaca7e115dd7c08bc2ab0.svg
www.mrcooper.com/assets/ 599 B
578 B 156ms
156ms Image
image/svg+xml 104.16.157.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mrcooper.com/assets/ic-eye-260e5b01666721a7b552ec3ad94472dfcc865de4ddfdaca7e115dd7c08bc2ab0.svg
Requested by: Host: www.mrcooper.com
URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.157.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 260e5b01666721a7b552ec3ad94472dfcc865de4ddfdaca7e115dd7c08bc2ab0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 15:13:52 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 19 Apr 2024 10:16:22 GMT
server: cloudflare
vary: Origin
content-type: image/svg+xml
cache-control: public, s-maxage=15552000, max-age=15552000
cf-ray: 87d0b7cfca6a71b5-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 21 Oct 2024 19:36:58 +0000

GET
H3 200 Lato-Bold.woff2
www.mrcooper.com/fonts/ 181 KB
181 KB 376ms
376ms Font
application/font-woff2 104.16.157.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mrcooper.com/fonts/Lato-Bold.woff2
Requested by: Host: www.mrcooper.com
URL: https://www.mrcooper.com/assets/application-7d05e6f5ef6040e9d3c8b48d10a3f897182d1d5147e929f325a23f3e24eaceb2.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.157.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae88fc0d7a961832f809527d30bd3983a6866d42f66a56ade23f543681594db6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/assets/application-7d05e6f5ef6040e9d3c8b48d10a3f897182d1d5147e929f325a23f3e24eaceb2.css
Origin: https://www.mrcooper.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 15:13:52 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 24 Apr 2024 19:36:58 GMT
server: cloudflare
vary: Origin
content-type: application/font-woff2
cache-control: public, s-maxage=15552000, max-age=15552000
cf-ray: 87d0b7cfda9871b5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 184912
expires: Mon, 21 Oct 2024 19:36:57 +0000

GET
H3 200 icomoon_shared-7717ccb61085f7671513b4d34111c94e3d34d3ed7751ab4657fc1cc42afc96f6.ttf
www.mrcooper.com/assets/ 11 KB
11 KB 172ms
171ms Font
application/octet-stream 104.16.157.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mrcooper.com/assets/icomoon_shared-7717ccb61085f7671513b4d34111c94e3d34d3ed7751ab4657fc1cc42afc96f6.ttf?fjiae1
Requested by: Host: www.mrcooper.com
URL: https://www.mrcooper.com/assets/application-7d05e6f5ef6040e9d3c8b48d10a3f897182d1d5147e929f325a23f3e24eaceb2.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.157.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7717ccb61085f7671513b4d34111c94e3d34d3ed7751ab4657fc1cc42afc96f6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/assets/application-7d05e6f5ef6040e9d3c8b48d10a3f897182d1d5147e929f325a23f3e24eaceb2.css
Origin: https://www.mrcooper.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 15:13:52 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 19 Apr 2024 10:16:22 GMT
server: cloudflare
vary: Origin
content-type: application/octet-stream
cache-control: public, s-maxage=15552000, max-age=15552000
cf-ray: 87d0b7d03b5471b5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 11548
expires: Mon, 21 Oct 2024 21:08:28 +0000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 287 KB
98 KB 51ms
51ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2HY4QRV7HT&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PT5RFM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3e2460dc56871a6d49ccd59a2c104a3255be6f928b3a0a629bbe1056632a7814

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 15:13:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 99745
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 01 May 2024 15:13:52 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 223 KB
80 KB 54ms
54ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-958038470&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PT5RFM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e4bcdbcf03a9bc54c4f7bfcc95263dee65326a8470cd3bd015233c853227bee0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 15:13:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 01 May 2024 15:13:52 GMT

GET
H2 200 hotjar-1444525.js Show response
static.hotjar.com/c/ 10 KB
4 KB 85ms
22ms Script
application/javascript 18.66.102.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1444525.js?sv=6

Requested by

Host: www.mrcooper.com
URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-53.fra56.r.cloudfront.net

Software

Resource Hash

7bc3e2f9e466e352e764e5176f029c940d72cbdecfcd026fe059c747a5993e03

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 15:13:09 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 43
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/9cb81d9846e2059ae70027c1205a0afd
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
x-amz-cf-id: ntyM97lPtMNkCORUfvczMPCI6AGnWukCSQtYXbIDivcTzeKkCMBPrA==

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 109ms
48ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.mrcooper.com
URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 01 May 2024 15:13:52 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 90C2E918AD1445469692ECEE61E29524 Ref B: FRA31EDGE0810 Ref C: 2024-05-01T15:13:52Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 91ms
21ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.mrcooper.com
URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

713601c1e3e76d39801d007a718d2b536a7a081e31a51f22e99ff96d58e988e2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 01 May 2024 15:13:52 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57855
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=12, mss=1294, tbw=2783, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: h4G5g+jBtDtMUxoobgEKuWTOjRUZyI/4xRQ+kYsprCLaXvEOpuB/kLBSPdhKW8vgR2+1dJR3iVWJJ51rW5Ctyw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 68ms
19ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PT5RFM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 01 May 2024 14:07:49 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3963
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 01 May 2024 16:07:49 GMT

GET
H/1.1 200
OK f86.js Show response
s3.amazonaws.com/ki.js/65142/ 303 B
698 B 352ms
117ms Script
application/ecmascript 52.217.227.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/ki.js/65142/f86.js
Requested by: Host: www.mrcooper.com
URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 52.217.227.0 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4d95576681bebaba6008bbd7aeec298ee3896c50fcec5bf50f1cae97197fa022

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 15:13:53 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Mar 2024 21:44:42 GMT
Server: AmazonS3
x-amz-request-id: V04VHG8QSMG0MXQB
ETag: "82ad8e029838990749df93b20af388df"
x-amz-server-side-encryption: AES256
Content-Type: application/ecmascript
Cache-Control: s-maxage=3600, max-age=0
Accept-Ranges: bytes
Content-Length: 226
x-amz-id-2: ZLC+OJD5HMvjWOYBXGpUkoU1VR4jn6XamVVjNKcP07v2QTWVBBLrE+TPKg1/xAGXVm7h5Pug6MI=

GET
H3 200 config Show response
www.mrcooper.com/omnichannel/ 5 KB
2 KB 192ms
192ms Fetch
application/json 104.16.157.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrcooper.com/omnichannel/config

Requested by

Host: www.mrcooper.com
URL: https://www.mrcooper.com/omnichannel/chat?path=/welcome

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.157.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

855f4d2aaeb2f05fa0feb2deb6b4b41861fc09fb5843e0b105e11ecb92b08393

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 15:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
etag: W/"15b0-vj0KTjTpLVFcTOR6oVt/m7IzlKE"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate
cf-ray: 87d0b7d14d9a71b5-FRA
expires: -1

GET
H/1.1 200
OK f89.js Show response
s3.amazonaws.com/ki.js/65142/ 164 KB
51 KB 219ms
120ms Script
application/ecmascript 52.217.227.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/ki.js/65142/f89.js
Requested by: Host: www.mrcooper.com
URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 52.217.227.0 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: bb80b123cb9b0572074cf071acb996c072f3d1ca415802c66474e28a80bd708c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 15:13:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Apr 2024 15:13:23 GMT
Server: AmazonS3
x-amz-request-id: 27BYQY94J4VZJ6CR
ETag: "428afcc611932d11023be931a512fec3"
x-amz-server-side-encryption: AES256
Content-Type: application/ecmascript
Cache-Control: s-maxage=3600, max-age=0
Accept-Ranges: bytes
Content-Length: 51546
x-amz-id-2: o20r17yfQbr+Nnk0NdsP4g+0BCHWgt7VDZCf99KuWdjR7udyGgDq1jZ9Lxk5EmMIKty+ufiCrgA=

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 74ms
25ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-2HY4QRV7HT&gtm=45je44t0v872595761z871404933za200&_p=1714576432310&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1866876835.1714576433&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1714576432&sct=1&seg=0&dl=https%3A%2F%2Fwww.mrcooper.com%2Fwelcome%3Futm_source%3Dexacttarget%26utm_medium%3Demail%26utm_campaign%3Dlmt_43_53_redcarpet&dt=Welcome!%20%7C%20Mr.%20Cooper%20Home%20Loans%20-%20Mortgage%20Transfer%20Support%20Q%26A&en=page_view&_fv=1&_nsi=1&_ss=1&ep.logged_in=N&up.loggedIn=N&tfd=2156
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2HY4QRV7HT&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 01 May 2024 15:13:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mrcooper.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.6d59a1e4d239d258535b.js Show response
script.hotjar.com/ 221 KB
55 KB 73ms
23ms Script
application/javascript 13.32.27.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.6d59a1e4d239d258535b.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1444525.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-107.fra56.r.cloudfront.net

Software

Resource Hash

29f0d60cfaa05f3764e61320cf7bbd934c053b6bb0c41ad61b4e682b0c1d6fae

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 14:28:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 2747
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55738
last-modified: Wed, 01 May 2024 14:27:34 GMT
etag: "dcabc75d4e5bca9e1042120682f56a78"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: dJWtutM1fPrbFcp8oWwM6PKSaF7elDSEKac9TdnGtCsaBZZSw9An3g==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
209 B 29ms
27ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=952610849&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mrcooper.com%2Fwelcome%3Futm_source%3Dexacttarget%26utm_medium%3Demail%26utm_campaign%3Dlmt_43_53_redcarpet&ul=de-de&de=UTF-8&dt=Welcome!%20%7C%20Mr.%20Cooper%20Home%20Loans%20-%20Mortgage%20Transfer%20Support%20Q%26A&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&exp=.&_u=YCDAgEABAAAAACgAI~&jid=230016368&gjid=800058666&cid=1866876835.1714576433&tid=UA-12910956-1&_gid=1043611674.1714576433&_slc=1&gtm=45He44t0n71PT5RFMv71404933za200&cd5=799770cd-3baf-4ebf-89a9-906666c2af63&cd6=1714576432686&cd7=exacttarget%2Cemail%2Clmt_43_53_redcarpet%2Cundefined%2Cundefined&cd12=N&cd14=N&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=238584749

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.mrcooper.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 01 May 2024 15:13:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mrcooper.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
347 B 104ms
23ms XHR
text/plain 2a00:1450:400c:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-12910956-1&cid=1866876835.1714576433&jid=230016368&gjid=800058666&_gid=1043611674.1714576433&npa=1&_u=YCDAgEABAAAAAGgAIAC~&z=292902813

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.mrcooper.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 01 May 2024 15:13:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mrcooper.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 72899161.js Show response
extend.vimeocdn.com/ga/ 17 KB
6 KB 118ms
33ms Script
text/javascript 146.75.122.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://extend.vimeocdn.com/ga/72899161.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PT5RFM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.122.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 6c649cc3d4aee7683250622541a6045ad4ac3beb93df1fcdd3ec1f7f12a1ff44

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 25247
date: Wed, 01 May 2024 15:13:53 GMT
content-encoding: gzip
via: 1.1 varnish
age: 708332
x-cache: HIT
content-length: 5579
x-served-by: cache-fra-etou8220131-FRA
last-modified: Tue, 23 Apr 2024 08:49:23 GMT
server: Apache
x-timer: S1714576433.149554,VS0,VE0
etag: "421e-616bfa16b6ac0-gzip"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-vimeo-dc: ge
x-bapp-server: assets-7455c7bd9d-mqxtc
cache-control: max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Apr 2034 10:28:21 GMT

GET
H2 200 5065759.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 51ms
50ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5065759.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f0b2f9661df75bb09901523b6a36ef1d55046d49f3ee513f41507dfe1ea88add

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Wed, 01 May 2024 15:13:52 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0B4A1687D24B4B61AA06FBB014F450DC Ref B: FRA31EDGE0810 Ref C: 2024-05-01T15:13:53Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
286 B 74ms
73ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5065759&Ver=2&mid=2462a7f7-4985-4d9a-bc82-49559eb1842d&sid=6bd3cc6007cd11efb4802723b16279a9&vid=6bd4912007cd11ef9216ab775ccc57eb&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Welcome!%20%7C%20Mr.%20Cooper%20Home%20Loans%20-%20Mortgage%20Transfer%20Support%20Q%26A&p=https%3A%2F%2Fwww.mrcooper.com%2Fwelcome%3Futm_source%3Dexacttarget%26utm_medium%3Demail%26utm_campaign%3Dlmt_43_53_redcarpet&r=&lt=2107&evt=pageLoad&sv=1&rn=970688

Requested by

Host: www.mrcooper.com
URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 01 May 2024 15:13:52 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1BDB67D818264FAAA6642C0CD09767C1 Ref B: FRA31EDGE0810 Ref C: 2024-05-01T15:13:53Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1498188900425660 Show response
connect.facebook.net/signals/config/ 67 KB
15 KB 155ms
154ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1498188900425660?v=2.9.154&r=stable&domain=www.mrcooper.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b9c1d3a48b8bfee61330befb454c4744ea53af548de15e945c91bc6ceb17c388

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 01 May 2024 15:13:53 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=64, mss=1294, tbw=63319, tp=-1, tpl=-1, uplat=134, ullat=0
pragma: public
x-fb-debug: cYnhAZttCiidyMN4dCBeXxjH5UCDyT96xTwmK6JNuNykXO/93lGrQKxwK4VM/3J11Sc4zDdu8RDN6NdpacdYsQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 LiveChatBootstrapper.js Show response
oc-cdn-ocprod.azureedge.net/livechatwidget/scripts/ 123 KB
26 KB 737ms
43ms Script
application/x-javascript 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/scripts/LiveChatBootstrapper.js
Requested by: Host: www.mrcooper.com
URL: https://www.mrcooper.com/omnichannel/chat?path=/welcome
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5e41de6c12e79b0ec21a94168c561223c967126ac8e0e4c7831258d3c932dcc7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 01 May 2024 15:13:53 GMT
content-encoding: br
last-modified: Sat, 27 Apr 2024 02:08:18 GMT
vary: Accept-Encoding
x-azure-ref: 20240501T151353Z-17859dc676bb8s4lhun1d1qg1g0000000by00000000096ta
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 8eafd26a-701e-00d6-5148-989eb7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=900
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 69228868

GET chime.mp3
storage.googleapis.com/apolloimage/images/omnichannel/ 0
0

GET
H2 200 5065759 Show response
www.clarity.ms/tag/uet/ 855 B
1 KB 797ms
121ms Script
application/x-javascript 2620:1ec:46::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/5065759?insights=1
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/5065759.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 38ab9974fe0410abd8e112c27a262ad5fae17d29f303ba8c648e2b43376725cb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
date: Wed, 01 May 2024 15:13:53 GMT
x-azure-ref: 20240501T151353Z-17859dc676bbnmlth8zvr2wnun0000000bsg00000001uxmg
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 855
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 546ms
21ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1498188900425660&ev=PageView&dl=https%3A%2F%2Fwww.mrcooper.com&rl=&if=false&ts=1714576433253&sw=1600&sh=1200&v=2.9.154&r=stable&ec=0&o=4124&fbp=fb.1.1714576433249.245798172&cs_est=true&pm=1&hrl=95ef81&ler=empty&cdl=API_unavailable&it=1714576433074&coo=false&cs_cc=1&cas=7260056410772334%2C2494144723951786%2C1488487121276423%2C1965498860210986%2C1681898001865908&rqm=GET

Requested by

Host: www.mrcooper.com
URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1294, tbw=2775, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 01 May 2024 15:13:53 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK 4aee2179-7bd9-ed11-aece-000d3a323213 Show response
unq4aee21797bd9ed11aece000d3a323-crm.omnichannelengagementhub.com/livechatconnector/v2/lcwfcsdetails/ 240 B
670 B 598ms
117ms Fetch
application/json 20.232.115.241
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://unq4aee21797bd9ed11aece000d3a323-crm.omnichannelengagementhub.com/livechatconnector/v2/lcwfcsdetails/4aee2179-7bd9-ed11-aece-000d3a323213

Requested by

Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/scripts/LiveChatBootstrapper.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.232.115.241 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f78ed3c20d53def60cdfe0f2acb6379f508e6b0669edfa6f1feb63fe3445802e

Security Headers

Name	Value
Content-Security-Policy	default-src "none"
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Security-Policy: default-src "none"
Date: Wed, 01 May 2024 15:13:54 GMT
X-Content-Type-Options: nosniff
Correlation-Vector: fdeoeTa42U+DnbGNwyg+dw.5
Transfer-Encoding: chunked
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Transaction-Id,ErrorCode,Message,AuthCodeNonce
Transaction-Id: 292e4e25-0051-42c6-a289-4af1507cb119

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.32/ 61 KB
26 KB 50ms
48ms Script
application/javascript 2620:1ec:46::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.32/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/5065759?insights=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 15:13:53 GMT
content-encoding: br
last-modified: Tue, 30 Apr 2024 06:11:34 GMT
etag: W/"0x8DC68DC630B7AEC"
vary: Accept-Encoding
x-azure-ref: 20240501T151353Z-17859dc676bbnmlth8zvr2wnun0000000bsg00000001uxmr
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: d56441e1-601e-0050-3612-9bec8b000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H2 200 / Show response
geo.qualaroo.com/json/ 194 B
381 B 409ms
112ms XHR
application/json 3.211.190.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.qualaroo.com/json/
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/ki.js/65142/f89.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.211.190.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-190-76.compute-1.amazonaws.com
Software: /
Resource Hash: 2b70558ce0e8be8904a217a830a0e869cb18cf92ac2f2df556aa3352872548cf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/javascript
Referer: https://www.mrcooper.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://www.mrcooper.com
date: Wed, 01 May 2024 15:13:54 GMT
access-control-allow-credentials: true
x-database-date: Fri, 05 Jan 2018 18:56:42 GMT
content-length: 194
vary: Origin
content-type: application/json

GET
H2 200 frame.html
dntcl.qualaroo.com/ Frame 7FEE 0
0 102ms
17ms Document
text/html 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://dntcl.qualaroo.com/frame.html
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/ki.js/65142/f89.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mrcooper.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: public, max-age=604800
cdn-cache: HIT
cdn-cachedat: 04/28/2024 05:19:02
cdn-edgestorageid: 1080
cdn-fileserver: 639
cdn-proxyver: 1.04
cdn-pullzone: 99568
cdn-requestcountrycode: DE
cdn-requestid: 36f6293b2cc00e0e7855f589cd4fa719
cdn-requestpullcode: 206
cdn-requestpullsuccess: True
cdn-status: 200
cdn-storageserver: DE-662
cdn-uid: 50c043fb-dcd1-4574-9faf-b60384f66f78
content-encoding: gzip
content-type: text/html
date: Wed, 01 May 2024 15:13:54 GMT
last-modified: Sun, 09 Jul 2023 20:56:17 GMT
server: BunnyCDN-DE1-1080
vary: Accept-Encoding

GET
H2 200 nr-rum-1.258.0.min.js Show response
js-agent.newrelic.com/ 50 KB
18 KB 92ms
18ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-rum-1.258.0.min.js

Requested by

Host: www.mrcooper.com
URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b1a829826f8a436f1bc4a66240e6515c320a7a64ab9dd2fa59e69c50e97ce7d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/
Origin: https://www.mrcooper.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 2zfqKqAHBO0aH.1TxfiL9wA.fC6_UJ2F
content-encoding: br
via: 1.1 varnish
date: Wed, 01 May 2024 15:13:54 GMT
strict-transport-security: max-age=300
x-amz-request-id: KQDGT5X6QHH117G0
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 17444
x-amz-id-2: Au8Gr1QZrkRvxGoFLxRojrDTrE/6iCeNtg5IPMRs2ktCu3zoJN0W14dyDOLDwlDps7PW6qIq4QY=
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Mon, 29 Apr 2024 21:02:59 GMT
server: AmazonS3
etag: "00b686355367c15dc8570fdca7ce78a0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 16208

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=ABFDEB7085B744E299EB3A7B3AF4544D&RedC=c.clarity.ms&MXFR=32F3A0EFC781650D3F33B49DC3816BDE
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=ABFDEB7085B744E299EB3A7B3AF4544D&MUID=19A807216A3D6BC1262713536B916A7F

42 B
441 B

54ms
54ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=ABFDEB7085B744E299EB3A7B3AF4544D&MUID=19A807216A3D6BC1262713536B916A7F
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mrcooper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 May 2024 15:13:53 GMT
last-modified: Fri, 01 Mar 2024 22:54:48 GMT
server: Microsoft-IIS/10.0
etag: "3e26b762b6cda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 01 May 2024 15:13:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FF2561BF75C244BE9CDF3AD2801DC7BD Ref B: FRA31EDGE0810 Ref C: 2024-05-01T15:13:54Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=ABFDEB7085B744E299EB3A7B3AF4544D&MUID=19A807216A3D6BC1262713536B916A7F
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 37ms
37ms XHR
text/plain 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=952610849&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.mrcooper.com%2Fwelcome%3Futm_source%3Dexacttarget%26utm_medium%3Demail%26utm_campaign%3Dlmt_43_53_redcarpet&ul=de-de&de=UTF-8&dt=Welcome!%20%7C%20Mr.%20Cooper%20Home%20Loans%20-%20Mortgage%20Transfer%20Support%20Q%26A&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=virtual%20pageview&ea=window%20loaded&el=prefill%20%3A%20%20logged%20in%20%3A%20N&_u=aDDAAEABAAAAAGgAIAC~&jid=628967870&gjid=814720814&cid=1866876835.1714576433&tid=UA-12910956-1&_gid=1043611674.1714576433&_r=1&gtm=45He44t0n71PT5RFMv71404933za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=485768521

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.mrcooper.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 01 May 2024 15:13:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mrcooper.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 rum Show response
www.mrcooper.com/cdn-cgi/ 0
142 B 36ms
35ms XHR
text/plain 104.16.157.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrcooper.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.157.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Wed, 01 May 2024 15:13:54 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.mrcooper.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 87d0b7d8ae0671b5-FRA

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
18ms Image
image/gif 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=952610849&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.mrcooper.com%2Fwelcome%3Futm_source%3Dexacttarget%26utm_medium%3Demail%26utm_campaign%3Dlmt_43_53_redcarpet&ul=de-de&de=UTF-8&dt=Welcome!%20%7C%20Mr.%20Cooper%20Home%20Loans%20-%20Mortgage%20Transfer%20Support%20Q%26A&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=25%25&el=%2Fwelcome&_u=aDDAAEABAAAAAGgAIAC~&jid=&gjid=&cid=1866876835.1714576433&tid=UA-12910956-1&_gid=1043611674.1714576433&gtm=45He44t0n71PT5RFMv71404933za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=1541962586

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 01 May 2024 13:54:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4755
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
18ms Image
image/gif 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=952610849&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.mrcooper.com%2Fwelcome%3Futm_source%3Dexacttarget%26utm_medium%3Demail%26utm_campaign%3Dlmt_43_53_redcarpet&ul=de-de&de=UTF-8&dt=Welcome!%20%7C%20Mr.%20Cooper%20Home%20Loans%20-%20Mortgage%20Transfer%20Support%20Q%26A&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=50%25&el=%2Fwelcome&_u=aDDAAEABAAAAAGgAIAC~&jid=&gjid=&cid=1866876835.1714576433&tid=UA-12910956-1&_gid=1043611674.1714576433&gtm=45He44t0n71PT5RFMv71404933za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=1327922695

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 01 May 2024 13:54:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4755
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
p.clarity.ms/ 0
296 B 382ms
133ms XHR
text/plain 20.122.63.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/x-clarity-gzip
Referer: https://www.mrcooper.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://www.mrcooper.com
Date: Wed, 01 May 2024 15:13:54 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

POST
H/1.1 200 6b2288c4ec Show response
bam.nr-data.net/1/ 150 B
599 B 310ms
139ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/6b2288c4ec?a=959119565&v=1.258.0&to=dVhdQ0pfXVhVFklHDV9DVltZUlRYHxMDXAZZWlYYV0ZURkYNA0c%3D&rst=3277&ck=0&s=9c7f24e19a4cc1ee&ref=https://www.mrcooper.com/welcome&ap=196&be=1118&fe=2049&dc=990&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1714576430838,%22n%22:0,%22f%22:712,%22dn%22:714,%22dne%22:727,%22c%22:727,%22s%22:727,%22ce%22:756,%22rq%22:756,%22rp%22:1118,%22rpe%22:1151,%22di%22:2091,%22ds%22:2097,%22de%22:2108,%22dc%22:3153,%22l%22:3165,%22le%22:3167%7D,%22navigation%22:%7B%7D%7D&fp=1562&fcp=1741
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-rum-1.258.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2b82608378c4dfff8c4ab567157c4e2cf58cd923cec441aa784a6beb97c8ede0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.mrcooper.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 01 May 2024 15:13:54 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.mrcooper.com
access-control-expose-headers: Date
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
timing-allow-origin: https://www.mrcooper.com
Content-Length: 150
x-served-by: cache-fra-eddf8230063-FRA

GET
H3 200 favicon.ico
www.mrcooper.com/ 2 KB
2 KB 164ms
163ms Other
image/vnd.microsoft.icon 104.16.157.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mrcooper.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.157.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e187c7427df92694a0cf142551d06627d7592f6837368437693836f78c3d25e4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 15:13:54 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Wed, 24 Apr 2024 20:52:57 GMT
server: cloudflare
vary: Origin
content-type: image/vnd.microsoft.icon
cache-control: public, s-maxage=15552000, max-age=15552000
cf-ray: 87d0b7da68f571b5-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 21 Oct 2024 20:52:55 +0000

GET
H2 200 LiveChatBootstrapper.js Show response
oc-cdn-ocprod.azureedge.net/livechatwidget/v2scripts/ 56 KB
18 KB 54ms
50ms Script
application/x-javascript 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/v2scripts/LiveChatBootstrapper.js
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/scripts/LiveChatBootstrapper.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: fbdd63549192246d89ba652782f8d91fca0bca3169adfe4753d4694d241e85e8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 01 May 2024 15:13:54 GMT
content-encoding: br
last-modified: Sat, 27 Apr 2024 02:08:18 GMT
vary: Accept-Encoding
x-azure-ref: 20240501T151354Z-17859dc676bb8s4lhun1d1qg1g0000000by00000000096wm
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: f84d3ec2-d01e-0092-774a-981488000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=900
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 69228868

GET
H2 200 LiveChatWidgetFrame.css
oc-cdn-ocprod.azureedge.net/livechatwidget/v2public/styles/ 1 KB
870 B 40ms
26ms Stylesheet
text/css 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/v2public/styles/LiveChatWidgetFrame.css
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/v2scripts/LiveChatBootstrapper.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6b32a4d0f8c36ae19b79885fb628cf3866347908800d6123ce55fc7ca7168d25

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.mrcooper.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 01 May 2024 15:13:54 GMT
content-encoding: br
last-modified: Sat, 27 Apr 2024 02:08:18 GMT
vary: Accept-Encoding
x-azure-ref: 20240501T151354Z-17859dc676bb8s4lhun1d1qg1g0000000by00000000096x5
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 22d867c0-d01e-0049-3548-98d2b5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=900
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 69228868

GET
H2 200 chatv2.html
oc-cdn-ocprod.azureedge.net/livechatwidget/v2public/htmls/ Frame 87AF 0
0 503ms
411ms Document
text/html 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/v2public/htmls/chatv2.html?data-app-id=866e40c5-3b87-4d39-8309-af41bbcd3eef&data-org-id=4aee2179-7bd9-ed11-aece-000d3a323213&data-org-url=https://unq4aee21797bd9ed11aece000d3a323-crm.omnichannelengagementhub.com&hostname=www.mrcooper.com&data-hide-chat-button=&data-suggested-action-layout=stacked&data-lcw-version=prod&data-render-mobile=false&data-color-override=%23009fc7
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/v2scripts/LiveChatBootstrapper.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mrcooper.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=900
content-encoding: br
content-type: text/html
date: Wed, 01 May 2024 15:13:54 GMT
last-modified: Sat, 27 Apr 2024 02:08:18 GMT
vary: Accept-Encoding
x-azure-ref: 20240501T151354Z-15ff4544644wf9qk7yq667y1n00000000kvg000000014gtp
x-cache: TCP_REVALIDATED_HIT
x-fd-int-roxy-purgeid: 69228868
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 8e55dec2-d01e-00cf-3dfb-991e0c000000
x-ms-version: 2009-09-19

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 30ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-2HY4QRV7HT&gtm=45je44t0v872595761z871404933za200&_p=1714576432310&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1866876835.1714576433&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&sid=1714576432&sct=1&seg=0&dl=https%3A%2F%2Fwww.mrcooper.com%2Fwelcome%3Futm_source%3Dexacttarget%26utm_medium%3Demail%26utm_campaign%3Dlmt_43_53_redcarpet&dt=Welcome!%20%7C%20Mr.%20Cooper%20Home%20Loans%20-%20Mortgage%20Transfer%20Support%20Q%26A&_s=2&tfd=7166
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2HY4QRV7HT&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.mrcooper.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 01 May 2024 15:13:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mrcooper.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST trackInteraction
www.mrcooper.com/omnichannel/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: storage.googleapis.com
URL: https://storage.googleapis.com/apolloimage/images/omnichannel/chime.mp3

Domain: www.mrcooper.com
URL: https://www.mrcooper.com/omnichannel/trackInteraction

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.mrcooper.com/	1969-12-31 23:59:59	Name: utm_source Value: exacttarget
www.mrcooper.com/	1969-12-31 23:59:59	Name: utm_campaign Value: lmt_43_53_redcarpet
www.mrcooper.com/	1969-12-31 23:59:59	Name: utm_medium Value: email
www.mrcooper.com/	1970-01-21 05:52:16	Name: guid Value: 9573d158-d24b-4e00-bee8-abf000c23f8e
www.mrcooper.com/	1970-01-20 20:16:17	Name: _apollo-web_session Value: 5b8e2e1b770d8607d893ff16071e89f7
.vimeo.com/	1970-01-20 20:16:18	Name: __cf_bm Value: ooMRoZj1enBrN.nk6pQ_DF8oYDGKe0ZsChtYmdxSBAk-1714576432-1.0.1.1-nGFyb.OVatBFZENZ..Bu8FXyVmD2FQgFlrAx0ViYpmk43439ziJJX.qMtBfs5OUlYnMr1YDcbfBINE0emxmbrw
.vimeo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: rwATwHzDYF7QFjVNSgqlK6FZQmxvFH059bU9U5Qbk7E-1714576432511-0.0.1.1-604800000
.mrcooper.com/	1970-01-20 22:25:52	Name: _gcl_au Value: 1.1.1563098980.1714576433
www.mrcooper.com/	1969-12-31 23:59:59	Name: utm_source_cookie Value: exacttarget
www.mrcooper.com/	1969-12-31 23:59:59	Name: utms Value: exacttarget,email,lmt_43_53_redcarpet,undefined,undefined
.mrcooper.com/	1970-01-21 05:52:16	Name: _ga_2HY4QRV7HT Value: GS1.1.1714576432.1.0.1714576433.0.0.0
.mrcooper.com/	1970-01-21 05:52:16	Name: _ga Value: GA1.2.1866876835.1714576433
.mrcooper.com/	1970-01-20 20:17:42	Name: _gid Value: GA1.2.1043611674.1714576433
.mrcooper.com/	1970-01-20 20:16:16	Name: _dc_gtm_UA-12910956-1 Value: 1
.mrcooper.com/	1970-01-20 20:17:42	Name: _uetsid Value: 6bd3cc6007cd11efb4802723b16279a9
.mrcooper.com/	1970-01-21 05:37:52	Name: _uetvid Value: 6bd4912007cd11ef9216ab775ccc57eb
.bing.com/	1970-01-21 05:37:52	Name: MUID Value: 19A807216A3D6BC1262713536B916A7F
.mrcooper.com/	1970-01-21 05:01:52	Name: _hjSessionUser_1444525 Value: eyJpZCI6IjE3NjU3MzM4LTY1N2EtNTUyNy1hNmNiLWRlYjNmZmQ1ODlmMCIsImNyZWF0ZWQiOjE3MTQ1NzY0MzMxODAsImV4aXN0aW5nIjpmYWxzZX0=
.mrcooper.com/	1970-01-20 20:16:18	Name: _hjSession_1444525 Value: eyJpZCI6ImUyZmQ3MmMzLTk0MjYtNGYwMC05NWJkLTdiMTJhNjQxNWM3MyIsImMiOjE3MTQ1NzY0MzMxODcsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.mrcooper.com/	1970-01-20 22:25:52	Name: _fbp Value: fb.1.1714576433249.245798172
www.clarity.ms/	1970-01-21 05:01:52	Name: CLID Value: f717d697c1234b2d8db5fcb1055fc4a3.20240501.20250501
.mrcooper.com/	1970-01-21 05:01:52	Name: _clck Value: 2ajxee%7C2%7Cfle%7C0%7C1582
www.mrcooper.com/	1970-01-21 05:52:16	Name: ki_t Value: 1714576433993%3B1714576433993%3B1714576433993%3B1%3B1
www.mrcooper.com/	1970-01-21 05:52:16	Name: ki_r Value:
.mrcooper.com/	1970-01-20 20:16:16	Name: _gat_UA-12910956-1 Value: 1
www.mrcooper.com/	1969-12-31 23:59:59	Name: ga_client_id Value: 1866876835.1714576433
.c.bing.com/	1970-01-20 20:26:21	Name: MR Value: 0
.c.bing.com/	1970-01-21 05:37:52	Name: SRM_B Value: 19A807216A3D6BC1262713536B916A7F
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 05:37:52	Name: MUID Value: 19A807216A3D6BC1262713536B916A7F
.c.clarity.ms/	1970-01-20 20:26:21	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 20:16:17	Name: ANONCHK Value: 0
.mrcooper.com/	1970-01-20 20:17:42	Name: _clsk Value: 9ukeis%7C1714576434446%7C1%7C0%7Cp.clarity.ms%2Fcollect

19 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet Message: Third-party cookie will be blocked. Learn more in the Issues tab.
recommendation	verbose	URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
other	warning	URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/1498188900425660?v=2.9.154&r=stable&domain=www.mrcooper.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 94) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mrcooper.com/welcome?utm_source=exacttarget&utm_medium=email&utm_campaign=lmt_43_53_redcarpet Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
bat.bing.com
c.bing.com
c.clarity.ms
cdn.jsdelivr.net
cdnjs.cloudflare.com
click.email.nationstarmail.com
connect.facebook.net
dntcl.qualaroo.com
extend.vimeocdn.com
geo.qualaroo.com
js-agent.newrelic.com
oc-cdn-ocprod.azureedge.net
p.clarity.ms
player.vimeo.com
region1.google-analytics.com
s3.amazonaws.com
script.hotjar.com
static.cloudflareinsights.com
static.hotjar.com
stats.g.doubleclick.net
storage.googleapis.com
unq4aee21797bd9ed11aece000d3a323-crm.omnichannelengagementhub.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.mrcooper.com
storage.googleapis.com
www.mrcooper.com
104.16.157.114
104.16.87.20
104.17.24.14
128.17.96.3
13.32.27.107
146.75.122.109
162.159.138.60
162.247.243.29
172.217.18.14
18.66.102.53
20.122.63.128
20.232.115.241
2001:4860:4802:34::36
2400:52e0:1e00::1080:1
2602:816:5001::39
2606:4700::6810:5049
2620:1ec:46::64
2620:1ec:bdf::64
2620:1ec:c11::237
2a00:1450:4001:806::2008
2a00:1450:4001:80b::200e
2a00:1450:400c:c02::9d
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.211.190.76
52.217.227.0
68.219.88.97
12c0d4bf891eda253a66a3dd282d1704271d39cf9a8efaa321fdafcb230cbc2c
17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee
1b26ea722a2121ee02d8ca9c23460c5ff6cb75f840ff9e0c1ee79ecaedc7ad8f
1b29161ae415fd3f9a93bdaf2d740b758bd2f34f09edd54b6d1eeb3793fc81be
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
260e5b01666721a7b552ec3ad94472dfcc865de4ddfdaca7e115dd7c08bc2ab0
29f0d60cfaa05f3764e61320cf7bbd934c053b6bb0c41ad61b4e682b0c1d6fae
2b70558ce0e8be8904a217a830a0e869cb18cf92ac2f2df556aa3352872548cf
2b82608378c4dfff8c4ab567157c4e2cf58cd923cec441aa784a6beb97c8ede0
2bb1b8b363a37376691e562d8565ec4e48e8b8052690100786542d0b4a1ebe3e
34455358cf170b5f063d6b219a563a0fface0b1ba1b469d9991f40d86b349be7
34bb46634d07ac579411823eb39fac1376b012257460066a98b95075d086ccdd
38ab9974fe0410abd8e112c27a262ad5fae17d29f303ba8c648e2b43376725cb
3e2460dc56871a6d49ccd59a2c104a3255be6f928b3a0a629bbe1056632a7814
47309252c09e4ca1d797dc8ad1bea7e7d881a47b2b8f40adf63c19cf9cb93559
4d95576681bebaba6008bbd7aeec298ee3896c50fcec5bf50f1cae97197fa022
5b16a2ae040c2503a1d0b78d91ec5924c12415447f4592214ca413440624393f
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
5e41de6c12e79b0ec21a94168c561223c967126ac8e0e4c7831258d3c932dcc7
67ccf15ec382e18296316e29a4dd7e995dffb10859e6092fa606d06ab3d59ca6
6b32a4d0f8c36ae19b79885fb628cf3866347908800d6123ce55fc7ca7168d25
6b4c6318f5847ac5708659205157c7d5243ba2c2d8909707315717634d3a9c01
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c649cc3d4aee7683250622541a6045ad4ac3beb93df1fcdd3ec1f7f12a1ff44
713601c1e3e76d39801d007a718d2b536a7a081e31a51f22e99ff96d58e988e2
7144def2de90041d6ff47778c1c29ebd9a0a1c79fe6baa5bb04a0d0cea231b68
7717ccb61085f7671513b4d34111c94e3d34d3ed7751ab4657fc1cc42afc96f6
79f2d8b32a58b790869aae0945fde5af979fcd08b7c4a9e8b622cb0bd5455291
7bc3e2f9e466e352e764e5176f029c940d72cbdecfcd026fe059c747a5993e03
7e8075d0a8254466b150ddc3ff522c12b8420c372c184eef6329bf5e4f0accd5
7ff05b8c94bc44852eea050f2b8ca46bb62459511fc55992e8814bc8bca62f89
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
855f4d2aaeb2f05fa0feb2deb6b4b41861fc09fb5843e0b105e11ecb92b08393
8d596223f97146bbdb0e84198efa1088c808b039e06e92fde90b75af323a4483
93269ae059a288ccc373235e2548ecbf7cf25f0753a99a7f0b74fcc1bb4b6718
983b0caf336e8542214fc17019a4fc5e0360864b92806ca14d55c1fc1c2c5a0f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9f5fe33ba81608fd7f0af209db600e49b08cfbd89ff587fa707ef7d5edc60fe5
a6ed45d15e46615f8c15931ca254e398a912e770b10122a4435529a1a523180d
ae88fc0d7a961832f809527d30bd3983a6866d42f66a56ade23f543681594db6
b1a829826f8a436f1bc4a66240e6515c320a7a64ab9dd2fa59e69c50e97ce7d8
b6d9bc47c47f79eb78f9230afff0ac6124dfbe913df36fd563f7f1c256e4e852
b9c1d3a48b8bfee61330befb454c4744ea53af548de15e945c91bc6ceb17c388
bb80b123cb9b0572074cf071acb996c072f3d1ca415802c66474e28a80bd708c
bcaabc40fc0fdbf7da1081a4b4fa2a929ca7a24bdc53cb014e57b7d4ec76eabc
bfbbd46b7e6278f631dabd89da3b811bda57956ee640f27dfb36bd0aca792179
c92d5c98448974e2ba50160478b9247c3900e42ef26d0f663666bf89c09f868c
d47aa823be8918a035ecad02d2cf4af0bfe2cbc3c00b8dca54bb758510ff3a37
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e187c7427df92694a0cf142551d06627d7592f6837368437693836f78c3d25e4
e20bca6b515e1d751064224728754fce81be23d97ed3a121724f9f90c4f744d3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4bcdbcf03a9bc54c4f7bfcc95263dee65326a8470cd3bd015233c853227bee0
f0b2f9661df75bb09901523b6a36ef1d55046d49f3ee513f41507dfe1ea88add
f317a98031701d673d1fb9a012740836ef2795dd9c4161f73fccd74effec6188
f78ed3c20d53def60cdfe0f2acb6379f508e6b0669edfa6f1feb63fe3445802e
fbdd63549192246d89ba652782f8d91fca0bca3169adfe4753d4694d241e85e8

www.mrcooper.com Open in urlscan Pro 104.16.157.114 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

69 Requests

96 %HTTPS

44 %IPv6

22 Domains

28 Subdomains

27 IPs

5 Countries

2701 kBTransfer

9223 kBSize

33 Cookies

14 Outgoing links

Page URL History

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.mrcooper.com Open in urlscan Pro
104.16.157.114 Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

96 %
HTTPS

44 %
IPv6

22
Domains

28
Subdomains

27
IPs

5
Countries

2701 kB
Transfer

9223 kB
Size

33
Cookies

69 HTTP transactions
0 data transactions