urlscan.io logo urlscan.io
SecurityTrails logo

www.getmyrefinance.com Open in urlscan Pro
34.200.85.68  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mygosecure.com/?a=76&oc=1189&c=3130&s1=GMR-Pops-Ron&s2=&s3=&s4=&s5=wKU39VQQ90C8TDI91HSJVSQS
Effective URL: https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
Submission: On November 09 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 2 countries across 15 domains to perform 45 HTTP transactions. The main IP is 34.200.85.68, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is www.getmyrefinance.com.
TLS certificate: Issued by Amazon on January 30th 2017. Valid for: a year.
This is the only time www.getmyrefinance.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.198.193.13 14618 (AMAZON-AES)
1 1 54.210.163.231 14618 (AMAZON-AES)
1 2 34.205.7.227 14618 (AMAZON-AES)
5 34.200.85.68 14618 (AMAZON-AES)
1 2400:cb00:204... 13335 (CLOUDFLAR...)
8 52.222.168.154 16509 (AMAZON-02)
5 34.225.232.90 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2400:cb00:204... 13335 (CLOUDFLAR...)
4 2a03:2880:f01... 32934 (FACEBOOK)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a03:2880:f12... 32934 (FACEBOOK)
1 216.137.61.15 16509 (AMAZON-02)
3 52.7.204.158 14618 (AMAZON-AES)
1 52.44.169.239 14618 (AMAZON-AES)
45 17
1    34.198.193.13 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-198-193-13.compute-1.amazonaws.com
mygosecure.com
1    54.210.163.231 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-210-163-231.compute-1.amazonaws.com
lpnjump.com
2    34.205.7.227 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-205-7-227.compute-1.amazonaws.com
www.goodmeasure.link
blacksmith.goodmeasure.io
5    34.200.85.68 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-200-85-68.compute-1.amazonaws.com
www.getmyrefinance.com
1    2400:cb00:2048:1::6819:7b63 (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)
code.ionicframework.com
8    52.222.168.154 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-168-154.fra54.r.cloudfront.net
dn3nmb5yt1ysw.cloudfront.net
5    34.225.232.90 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-225-232-90.compute-1.amazonaws.com
www.getmyrefinance.com
2    2a00:1450:4001:806::200a (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
fonts.googleapis.com
1    2a00:1450:4001:821::2008 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
www.googletagmanager.com
3    2a00:1450:4001:806::2003 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
fonts.gstatic.com
1    2400:cb00:2048:1::6819:7c63 (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)
code.ionicframework.com
4    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
2    2a00:1450:4001:81d::200e (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
www.google-analytics.com
1    2a00:1450:400c:c04::9c (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
stats.g.doubleclick.net
5    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
1    216.137.61.15 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-216-137-61-15.fra2.r.cloudfront.net
d1tprjo2w7krrh.cloudfront.net
3    52.7.204.158 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-7-204-158.compute-1.amazonaws.com
create.leadid.com
1    52.44.169.239 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-44-169-239.compute-1.amazonaws.com
create.leadid.com
Domain Requested by
10 www.getmyrefinance.com www.getmyrefinance.com
8 dn3nmb5yt1ysw.cloudfront.net www.getmyrefinance.com
5 www.facebook.com www.getmyrefinance.com
4 create.leadid.com d1tprjo2w7krrh.cloudfront.net
4 connect.facebook.net www.getmyrefinance.com
connect.facebook.net
3 fonts.gstatic.com www.getmyrefinance.com
2 www.google-analytics.com 1 redirects www.getmyrefinance.com
2 fonts.googleapis.com www.getmyrefinance.com
2 code.ionicframework.com www.getmyrefinance.com
1 blacksmith.goodmeasure.io
1 d1tprjo2w7krrh.cloudfront.net www.getmyrefinance.com
1 stats.g.doubleclick.net www.getmyrefinance.com
1 www.googletagmanager.com www.getmyrefinance.com
1 www.goodmeasure.link 1 redirects
1 lpnjump.com 1 redirects
1 mygosecure.com 1 redirects
0 d2m2wsoho8qq12.cloudfront.net Failed d1tprjo2w7krrh.cloudfront.net
45 17

This site contains no links.

Subject Issuer Validity Valid
lnxtrk.net
Amazon		 2017-01-30 -
2018-02-28		 a year crt.sh
ionicframework.com
CloudFlare Inc ECC CA-2		 2017-03-07 -
2018-03-07		 a year crt.sh
*.cloudfront.net
Symantec Class 3 Secure Server CA - G4		 2016-10-26 -
2017-12-17		 a year crt.sh
*.googleapis.com
Google Internet Authority G2		 2017-11-01 -
2018-01-24		 3 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2017-11-01 -
2018-01-24		 3 months crt.sh
*.google.com
Google Internet Authority G2		 2017-11-01 -
2018-01-24		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2016-12-09 -
2018-01-25		 a year crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2017-11-01 -
2018-01-24		 3 months crt.sh
*.leadid.com
Go Daddy Secure Certificate Authority - G2		 2017-02-13 -
2018-04-14		 a year crt.sh

This page contains 4 frames:

Primary Page: https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
Frame ID: 10875.1
Requests: 42 HTTP requests in this frame

Frame: https://www.getmyrefinance.com/pixels?uuid=01ab7d7a-b21d-4886-9ac2-bd5c7f7f2366&cb=1510263624141
Frame ID: 10875.2
Requests: 1 HTTP requests in this frame

Frame: https://www.getmyrefinance.com/pixels?uuid=01ab7d7a-b21d-4886-9ac2-bd5c7f7f2366&conversion=1&cb=1510263624142
Frame ID: 10875.3
Requests: 1 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=CAD7F2D1-02AC-4DF6-C1C2-1886036874DC&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.4.0&lck=4F5F9AC8-85C0-44E4-B195-5C860AF35787
Frame ID: 10875.4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://mygosecure.com/?a=76&oc=1189&c=3130&s1=GMR-Pops-Ron&s2=&s3=&s4=&s5=wKU39VQQ90C8TDI91HSJVSQS HTTP 302
    http://lpnjump.com/?a=76&oc=1189&c=3130&s1=GMR-Pops-Ron&s2=&s3=&s4=&s5=wKU39VQQ90C8TDI91HSJVSQS... HTTP 302
    https://www.goodmeasure.link/lnx/refinance?sourceid=76&sub_1=GMR-Pops-Ron&sub_2=&sub_3=&requestid=44935720 HTTP 302
    https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+ionicons(?:\.min)?\.css/i

Page Statistics

45
Requests

93 %
HTTPS

50 %
IPv6

15
Domains

17
Subdomains

17
IPs

2
Countries

1056 kB
Transfer

1628 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mygosecure.com/?a=76&oc=1189&c=3130&s1=GMR-Pops-Ron&s2=&s3=&s4=&s5=wKU39VQQ90C8TDI91HSJVSQS HTTP 302
    http://lpnjump.com/?a=76&oc=1189&c=3130&s1=GMR-Pops-Ron&s2=&s3=&s4=&s5=wKU39VQQ90C8TDI91HSJVSQS&ckmguid=4ab4ee32-52d3-4cb2-a076-9ccc43775098 HTTP 302
    https://www.goodmeasure.link/lnx/refinance?sourceid=76&sub_1=GMR-Pops-Ron&sub_2=&sub_3=&requestid=44935720 HTTP 302
    https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://www.google-analytics.com/r/collect?v=1&_v=j65&a=1723482705&t=pageview&_s=1&dl=https%3A%2F%2Fwww.getmyrefinance.com%2Ff%2Fe%2F%3F_s%3D76%26sub_1%3DGMR-Pops-Ron%26sub_5%3D44935720%26requestid%3D44935720%26sourceid%3D76&ul=en-us&de=UTF-8&dt=Compare%20Home%20Mortgage%20Refinance%20Rates%20%7C%20Get%20My%20Refinance&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAAABI~&jid=650329730&gjid=1857624921&cid=2057143075.1510263624&tid=UA-29775006-50&_gid=255805131.1510263624&_r=1&z=1491969731 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-29775006-50&cid=2057143075.1510263624&jid=650329730&_gid=255805131.1510263624&gjid=1857624921&_v=j65&z=1491969731

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.getmyrefinance.com/f/e/
Redirect Chain
  • http://mygosecure.com/?a=76&oc=1189&c=3130&s1=GMR-Pops-Ron&s2=&s3=&s4=&s5=wKU39VQQ90C8TDI91HSJVSQS
  • http://lpnjump.com/?a=76&oc=1189&c=3130&s1=GMR-Pops-Ron&s2=&s3=&s4=&s5=wKU39VQQ90C8TDI91HSJVSQS&ckmguid=4ab4ee32-52d3-4cb2-a076-9ccc43775098
  • https://www.goodmeasure.link/lnx/refinance?sourceid=76&sub_1=GMR-Pops-Ron&sub_2=&sub_3=&requestid=44935720
  • https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
33 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.85.68 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-200-85-68.compute-1.amazonaws.com
Software
/
Resource Hash
185d9ae24438163e341b86ae98979f0948615aa10aad6ab22de77fdb83b8ddd1

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.getmyrefinance.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 09 Nov 2017 21:40:22 GMT
content-encoding
gzip
last-modified
Mon, 02 Oct 2017 15:58:32 GMT
etag
"51721-11030884-1506959912000"
content-type
text/html
cache-control
public, max-age=3600
Connection
keep-alive
Content-Length
7446

Redirect headers

Location
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
Date
Thu, 09 Nov 2017 21:40:22 GMT
Connection
keep-alive
Content-Length
288
Vary
Accept
Content-Type
text/html; charset=utf-8
gmr.css
www.getmyrefinance.com/css/ 		129 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.getmyrefinance.com/css/gmr.css
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.85.68 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-200-85-68.compute-1.amazonaws.com
Software
/
Resource Hash
27afb66208080d9f913090a564bb81b07fda8b0652adc1f578465e4e87157952

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.getmyrefinance.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 09 Nov 2017 21:40:22 GMT
content-encoding
gzip
last-modified
Mon, 02 Oct 2017 15:58:32 GMT
etag
"51721-2677288-1506959912000"
content-type
text/css
cache-control
public, max-age=3600
Connection
keep-alive
Content-Length
19058
ionicons.min.css
code.ionicframework.com/ionicons/2.0.1/css/ 		50 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6819:7b63 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
92ac508220f5bb60ec94e07650528eb66625f82a4740ada068cde05365781286

Request headers

:path
/ionicons/2.0.1/css/ionicons.min.css
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
code.ionicframework.com
referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
:scheme
https
:method
GET
Referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

x-fastly-request-id
94ec5fb198812aced501ba8e17ab6bf774dd6da9
date
Thu, 09 Nov 2017 21:40:22 GMT
content-encoding
gzip
cf-cache-status
MISS
access-control-allow-origin
*
x-cache
HIT
status
200
x-cache-hits
50
content-length
9682
x-served-by
cache-fra1229-FRA
last-modified
Thu, 26 Oct 2017 14:18:49 GMT
server
cloudflare-nginx
x-github-request-id
A46C:1156:1953E8B:23DF273:5A04AFAA
x-timer
S1510263623.924253,VS0,VE0
vary
Accept-Encoding
content-type
text/css; charset=utf-8
via
1.1 varnish
cache-control
public, max-age=7200
set-cookie
__cfduid=d4facab073335d71e9cec7dbc6b87c2071510263622; expires=Fri, 09-Nov-18 21:40:22 GMT; path=/; domain=.ionicframework.com; HttpOnly
accept-ranges
bytes
cf-ray
3bb3ee1b3a5463c1-FRA
expires
Thu, 09 Nov 2017 23:40:22 GMT
Cookie set tracking.js
www.getmyrefinance.com/ 		215 KB
215 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.getmyrefinance.com/tracking.js
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.85.68 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-200-85-68.compute-1.amazonaws.com
Software
/
Resource Hash
aefbfd0ae51125357109771033d6533d4136e76e38392e654292452d88580058

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.getmyrefinance.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 09 Nov 2017 21:40:23 GMT
Etag
01ab7d7a-b21d-4886-9ac2-bd5c7f7f2366/0.0.34
Content-Type
text/html; charset=utf-8
Set-Cookie
uuid=01ab7d7a-b21d-4886-9ac2-bd5c7f7f2366; Max-Age=2592000; Path=/; Expires=Sat, 09 Dec 2017 21:40:23 GMT
Cache-Control
private, must-revalidate post-check=1 pre-check=1
Connection
keep-alive
Content-Length
219691
Expires
0
refi-submit-loop-color.gif
dn3nmb5yt1ysw.cloudfront.net/images/common/ 		125 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dn3nmb5yt1ysw.cloudfront.net/images/common/refi-submit-loop-color.gif
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.168.154 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-168-154.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e89017e6d9e56bf06ddf30202428f7227c163c7eff22b18f1295a1d369534248

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
dn3nmb5yt1ysw.cloudfront.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Sun, 05 Nov 2017 19:53:30 GMT
Via
1.1 09a9032b8291da9155abd9dd1a5a360e.cloudfront.net (CloudFront)
Last-Modified
Tue, 16 Jun 2015 17:36:39 GMT
Server
AmazonS3
Age
3991
ETag
"ef05e1c9a0a01399a6fce89029e3495f"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
127612
X-Amz-Cf-Id
ynE5e5YxYB3TLBAgoPyIzkL6punJQumG_T30GqR-9g1prNij5P-F5A==
scripts.js
www.getmyrefinance.com/js/ 		274 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.getmyrefinance.com/js/scripts.js
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.232.90 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-225-232-90.compute-1.amazonaws.com
Software
/
Resource Hash
9be1ea6051aea02f8bf627ddf688ae70ea57a464b21819117b745c0fad295be3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.getmyrefinance.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 09 Nov 2017 21:40:23 GMT
content-encoding
gzip
last-modified
Mon, 02 Oct 2017 15:58:32 GMT
etag
"51721-2677324-1506959912000"
content-type
application/javascript
cache-control
public, max-age=3600
Connection
keep-alive
Content-Length
89489
css
fonts.googleapis.com/ 		2 KB
558 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::200a , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
ESF /
Resource Hash
d51aad42ed7f937bdd4f4b0e8310e1db33b1f73b15fe161f560276bd871e95db
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/css?family=Lato:300,400,700
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
fonts.googleapis.com
referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
:scheme
https
:method
GET
Referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 09 Nov 2017 21:40:23 GMT
content-encoding
gzip
last-modified
Thu, 09 Nov 2017 21:40:23 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="41,39,38,37,35"
x-xss-protection
1; mode=block
expires
Thu, 09 Nov 2017 21:40:23 GMT
css
fonts.googleapis.com/ 		2 KB
613 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Slab:300
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::200a , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
ESF /
Resource Hash
941cc503df31552ac196bf2523d1c52b84269f35b1c58106ca5b2b353f720c0e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/css?family=Roboto+Slab:300
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
fonts.googleapis.com
referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
:scheme
https
:method
GET
Referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 09 Nov 2017 21:40:23 GMT
content-encoding
gzip
last-modified
Thu, 09 Nov 2017 21:40:23 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="41,39,38,37,35"
x-xss-protection
1; mode=block
expires
Thu, 09 Nov 2017 21:40:23 GMT
ionicons.min.css
code.ionicframework.com/ionicons/2.0.1/css/ 		0
0
leadData
www.getmyrefinance.com/ 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.getmyrefinance.com/leadData?uuid=01ab7d7a-b21d-4886-9ac2-bd5c7f7f2366
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/tracking.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.85.68 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-200-85-68.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.getmyrefinance.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
Cookie
uuid=01ab7d7a-b21d-4886-9ac2-bd5c7f7f2366
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

X-ClockName
8714ef
Date
Thu, 09 Nov 2017 21:40:23 GMT
Connection
keep-alive
X-Clocks
OTQ9Nw==
gtm.js
www.googletagmanager.com/ 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5QCHWF6
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:821::2008 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
7ecc2c3451a802daa94f11282c7cdc33b31c9b425d5bb1deceec651432abccf5
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

:path
/gtm.js?id=GTM-5QCHWF6
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.googletagmanager.com
referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
:scheme
https
:method
GET
Referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 09 Nov 2017 21:40:23 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
21167
x-xss-protection
1; mode=block
expires
Thu, 09 Nov 2017 21:40:23 GMT
get-my-refinance-logo-black.png
dn3nmb5yt1ysw.cloudfront.net/images/logos/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dn3nmb5yt1ysw.cloudfront.net/images/logos/get-my-refinance-logo-black.png
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.168.154 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-168-154.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8a763b56d3623402129d369636ce18253893ead112a9733a3ad81e6cbf9787a0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
dn3nmb5yt1ysw.cloudfront.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.getmyrefinance.com/css/gmr.css
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.getmyrefinance.com/css/gmr.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Sun, 05 Nov 2017 19:53:30 GMT
Via
1.1 9f190c53aa1fad1d6d54f8cc88bdeb16.cloudfront.net (CloudFront)
Last-Modified
Tue, 19 May 2015 21:46:18 GMT
Server
AmazonS3
Age
3991
ETag
"dda1dca74d5bebe8574c7cac88676e30"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12352
X-Amz-Cf-Id
PIcuLYgbyi4FXs5sCNmueH6LA5u2UDLXvEejS2Ejn-G-cqeoaZLwKQ==
MgNNr5y1C_tIEuLEmicLmwLUuEpTyoUstqEm5AMlJo4.woff2
fonts.gstatic.com/s/lato/v14/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v14/MgNNr5y1C_tIEuLEmicLmwLUuEpTyoUstqEm5AMlJo4.woff2
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
a3b3c4f67bf2b44294215e2be76f12794e6b142edec201e199c93c38739f2bfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/s/lato/v14/MgNNr5y1C_tIEuLEmicLmwLUuEpTyoUstqEm5AMlJo4.woff2
pragma
no-cache
origin
https://www.getmyrefinance.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
fonts.gstatic.com
referer
https://fonts.googleapis.com/css?family=Lato:300,400,700
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:300,400,700
Origin
https://www.getmyrefinance.com

Response headers

date
Mon, 23 Oct 2017 16:22:10 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:24:00 GMT
server
sffe
age
1487893
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
14076
x-xss-protection
1; mode=block
expires
Tue, 23 Oct 2018 16:22:10 GMT
MDadn8DQ_3oT6kvnUq_2r_esZW2xOQ-xsNqO47m55DA.woff2
fonts.gstatic.com/s/lato/v14/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v14/MDadn8DQ_3oT6kvnUq_2r_esZW2xOQ-xsNqO47m55DA.woff2
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
52726fb580d6bffc46615863ddbf4c319524b5a68fb484be2972bdad4fd0310d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/s/lato/v14/MDadn8DQ_3oT6kvnUq_2r_esZW2xOQ-xsNqO47m55DA.woff2
pragma
no-cache
origin
https://www.getmyrefinance.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
fonts.gstatic.com
referer
https://fonts.googleapis.com/css?family=Lato:300,400,700
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:300,400,700
Origin
https://www.getmyrefinance.com

Response headers

date
Mon, 23 Oct 2017 16:30:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:23:19 GMT
server
sffe
age
1487407
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
13944
x-xss-protection
1; mode=block
expires
Tue, 23 Oct 2018 16:30:16 GMT
house-icon-refi-white.png
dn3nmb5yt1ysw.cloudfront.net/images/common/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dn3nmb5yt1ysw.cloudfront.net/images/common/house-icon-refi-white.png
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.168.154 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-168-154.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
377e74d94f8ee8dc4329e128992f726e2abb2f72389c215ddce332309da0f386

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
dn3nmb5yt1ysw.cloudfront.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.getmyrefinance.com/css/gmr.css
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.getmyrefinance.com/css/gmr.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Sun, 05 Nov 2017 19:53:30 GMT
Via
1.1 1463b274b31e0310acc7c754b8b5a550.cloudfront.net (CloudFront)
Last-Modified
Fri, 17 Jul 2015 19:27:17 GMT
Server
AmazonS3
Age
3991
ETag
"5584f2662a67fa05a4e83d50e7de9367"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36492
X-Amz-Cf-Id
JJ5_lFsZ-NYhPMAcGGT1VCKlg9ls2PGk1srpL9ncndPmBZ7B8Dy_Xg==
house-icon-forsale-dark.png
dn3nmb5yt1ysw.cloudfront.net/images/common/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dn3nmb5yt1ysw.cloudfront.net/images/common/house-icon-forsale-dark.png
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.168.154 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-168-154.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e1591f46ec1345804720502fe936742853d4205cc7a47e55585ea505ce45b892

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
dn3nmb5yt1ysw.cloudfront.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.getmyrefinance.com/css/gmr.css
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.getmyrefinance.com/css/gmr.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Wed, 08 Nov 2017 13:17:51 GMT
Via
1.1 23d92aa442d5ae9ed0313643d8764687.cloudfront.net (CloudFront)
Last-Modified
Mon, 20 Jul 2015 15:55:21 GMT
Server
AmazonS3
Age
29737
ETag
"5d93c39b7eaa15995e105ccaf622c7a8"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
46457
X-Amz-Cf-Id
jlwusKUn7TifanIz4IMCe21P5ZJ7x4ciVc0DE2GizYRk3Mv2h3WL7Q==
primary-color.jpg
dn3nmb5yt1ysw.cloudfront.net/images/common/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dn3nmb5yt1ysw.cloudfront.net/images/common/primary-color.jpg
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.168.154 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-168-154.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1dcf008dc0c68133a23012ad030fd9522c163d98333835210eeb82cd8de60ce3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
dn3nmb5yt1ysw.cloudfront.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.getmyrefinance.com/css/gmr.css
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.getmyrefinance.com/css/gmr.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 09 Nov 2017 13:24:47 GMT
Via
1.1 e3666efb6956ba7f03c75c3401b8c79e.cloudfront.net (CloudFront)
Last-Modified
Mon, 15 Jun 2015 20:25:42 GMT
Server
AmazonS3
Age
29737
ETag
"f85a6ef6243f71f9e30d05c4dc95a274"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35763
X-Amz-Cf-Id
nst0ckftRfhKAjYGKUvQLRm-9aW1RbkZcSMvRGmX5zN29Ie91hXgug==
multi-bw.jpg
dn3nmb5yt1ysw.cloudfront.net/images/common/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dn3nmb5yt1ysw.cloudfront.net/images/common/multi-bw.jpg
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.168.154 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-168-154.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
03ea084cca13780de106a935c01fb46bbc1e2d8a81680095f375b0006aa52f8d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
dn3nmb5yt1ysw.cloudfront.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.getmyrefinance.com/css/gmr.css
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.getmyrefinance.com/css/gmr.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Sun, 05 Nov 2017 19:53:31 GMT
Via
1.1 1280e48937eca7de58e32cd35415f48a.cloudfront.net (CloudFront)
Last-Modified
Mon, 15 Jun 2015 20:25:38 GMT
Server
AmazonS3
Age
3991
ETag
"df699984d376af7cf8994cf840f04fe0"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
52869
X-Amz-Cf-Id
md5xR_K5SdL1niHqfUTkbZz3Jj3DtWnxcOvNlcEU84X3shV9urd5EA==
condo-bw.jpg
dn3nmb5yt1ysw.cloudfront.net/images/common/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dn3nmb5yt1ysw.cloudfront.net/images/common/condo-bw.jpg
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.168.154 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-168-154.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9fefba373e2d8f887fe9a7165e8b062b23eff486a2c4225f824fff48c97325fe

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
dn3nmb5yt1ysw.cloudfront.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.getmyrefinance.com/css/gmr.css
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.getmyrefinance.com/css/gmr.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Sun, 05 Nov 2017 19:53:31 GMT
Via
1.1 9f190c53aa1fad1d6d54f8cc88bdeb16.cloudfront.net (CloudFront)
Last-Modified
Mon, 15 Jun 2015 20:25:35 GMT
Server
AmazonS3
Age
3991
ETag
"29f2359c6243d2d6301dc48180afd582"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
40716
X-Amz-Cf-Id
ks6mRAyTpL62iCqWFy5xQSANWzRnthAf8siDdsSvldffdgs4bJ4OJQ==
mobile-bw.jpg
dn3nmb5yt1ysw.cloudfront.net/images/common/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dn3nmb5yt1ysw.cloudfront.net/images/common/mobile-bw.jpg
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.168.154 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-168-154.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
acd490a53b11adfda6357e73054ca7f08003ef1dc37ce1f7a87f1eafedda9e85

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
dn3nmb5yt1ysw.cloudfront.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.getmyrefinance.com/css/gmr.css
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.getmyrefinance.com/css/gmr.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Sun, 05 Nov 2017 19:53:32 GMT
Via
1.1 e3666efb6956ba7f03c75c3401b8c79e.cloudfront.net (CloudFront)
Last-Modified
Mon, 15 Jun 2015 20:25:38 GMT
Server
AmazonS3
Age
3990
ETag
"5c575a9be716d8c709a87435427919a3"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28929
X-Amz-Cf-Id
J1F6PrnlHWLnpXV2DRR5pq77FmdJTsBMEVkXjo4O6mUhw_VPXnBUow==
22JRxvfANxSmnAhzbFH8PgLUuEpTyoUstqEm5AMlJo4.woff2
fonts.gstatic.com/s/lato/v14/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v14/22JRxvfANxSmnAhzbFH8PgLUuEpTyoUstqEm5AMlJo4.woff2
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
5d7c184f73407fd0b6e92743095a0d2a5cb5d3b853ce898798c24ef87d622db1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/s/lato/v14/22JRxvfANxSmnAhzbFH8PgLUuEpTyoUstqEm5AMlJo4.woff2
pragma
no-cache
origin
https://www.getmyrefinance.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
fonts.gstatic.com
referer
https://fonts.googleapis.com/css?family=Lato:300,400,700
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:300,400,700
Origin
https://www.getmyrefinance.com

Response headers

date
Wed, 11 Oct 2017 18:45:14 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:23:55 GMT
server
sffe
age
2516109
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
13828
x-xss-protection
1; mode=block
expires
Thu, 11 Oct 2018 18:45:14 GMT
ionicons.ttf
code.ionicframework.com/ionicons/2.0.1/fonts/ 		184 KB
112 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://code.ionicframework.com/ionicons/2.0.1/fonts/ionicons.ttf?v=2.0.1
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6819:7c63 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
5e700835ec05293a3d0f9e354e7d038319d34521cd279e782198dff6d1dd58f2

Request headers

:path
/ionicons/2.0.1/fonts/ionicons.ttf?v=2.0.1
pragma
no-cache
origin
https://www.getmyrefinance.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
code.ionicframework.com
referer
https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Referer
https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
Origin
https://www.getmyrefinance.com

Response headers

x-fastly-request-id
c82f1693167b6826d2c7e79f078cc3ebbe96d083
date
Thu, 09 Nov 2017 21:40:23 GMT
content-encoding
gzip
cf-cache-status
MISS
access-control-allow-origin
*
x-cache
HIT
status
200
x-cache-hits
244
content-length
114845
x-served-by
cache-hhn1528-HHN
last-modified
Thu, 26 Oct 2017 14:18:50 GMT
server
cloudflare-nginx
x-github-request-id
999A:0DD9:11D86CF3:1942FD1C:59F1EEEE
x-timer
S1510263623.466017,VS0,VE0
vary
Accept-Encoding
content-type
application/x-font-ttf
via
1.1 varnish
cache-control
public, max-age=7200
set-cookie
__cfduid=d180c357e31eb99e6bf7262d9bbad75361510263623; expires=Fri, 09-Nov-18 21:40:23 GMT; path=/; domain=.ionicframework.com; HttpOnly
accept-ranges
bytes
cf-ray
3bb3ee1eaaa52666-FRA
expires
Thu, 09 Nov 2017 23:40:23 GMT
fbevents.js
connect.facebook.net/en_US/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
9ed8d0405bfd3dfc42779322685993a6a303579ebad7405b5ce42931416129ea
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

:path
/en_US/fbevents.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
connect.facebook.net
referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
:scheme
https
:method
GET
Referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

pragma
public
x-fb-debug
V67bxxJ8/k0XJU7KhZLESnc6uc4LK0PFOq8UrC8gcxX4Vy89Lsy6hh1gS4W5rEoJuAZOx/XAcw/d1ZCx8s/BnQ==
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 09 Nov 2017 21:40:23 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
status
200
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
strict-transport-security
max-age=31536000; preload; includeSubDomains
vary
Accept-Encoding
content-length
10852
x-xss-protection
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
session
www.getmyrefinance.com/ 		540 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.getmyrefinance.com/session?uuid=01ab7d7a-b21d-4886-9ac2-bd5c7f7f2366
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/js/scripts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.85.68 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-200-85-68.compute-1.amazonaws.com
Software
/
Resource Hash
a65e43dff7ad9c617e763b99743aac1364d0e606e6352763eb795dea2f35af98

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.getmyrefinance.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
X-Requested-With
XMLHttpRequest
Cookie
uuid=01ab7d7a-b21d-4886-9ac2-bd5c7f7f2366
Connection
keep-alive
Cache-Control
no-cache
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2017 21:40:23 GMT
ETag
W/"21c-6V27Yi3isQYjQxXgwuxacg"
Content-Type
application/json; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
540
Expires
0
decide
www.getmyrefinance.com/ 		2 B
2 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.getmyrefinance.com/decide?uuid=01ab7d7a-b21d-4886-9ac2-bd5c7f7f2366&origin=form&actionType=inject&templateId=RELSCa5c
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/js/scripts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.232.90 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-225-232-90.compute-1.amazonaws.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.getmyrefinance.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
X-Requested-With
XMLHttpRequest
Cookie
uuid=01ab7d7a-b21d-4886-9ac2-bd5c7f7f2366
Connection
keep-alive
Cache-Control
no-cache
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2017 21:40:23 GMT
ETag
W/"2-11FxOYiYfpMxmANj4kGJzg"
Content-Type
application/json; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
2
Expires
0
analytics.js
www.google-analytics.com/ 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81d::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Golfe2 /
Resource Hash
45fa5c9e6fed4bf92ae35aec5d65164af6365cb957bbfeaa81c96d7aad186c5a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/analytics.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.google-analytics.com
referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
:scheme
https
:method
GET
Referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 20 Oct 2017 23:46:20 GMT
server
Golfe2
age
1468
date
Thu, 09 Nov 2017 21:15:55 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
14635
expires
Thu, 09 Nov 2017 23:15:55 GMT
leadData
www.getmyrefinance.com/ 		266 B
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.getmyrefinance.com/leadData?uuid=01ab7d7a-b21d-4886-9ac2-bd5c7f7f2366
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/js/scripts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.232.90 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-225-232-90.compute-1.amazonaws.com
Software
/
Resource Hash
94c51dccb26f9d7180122e2c47d19b01f36291f6aa687837de0dc5df71ce1c83

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.getmyrefinance.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
X-Requested-With
XMLHttpRequest
Cookie
uuid=01ab7d7a-b21d-4886-9ac2-bd5c7f7f2366
Connection
keep-alive
Cache-Control
no-cache
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

X-ClockName
3aec8d
Pragma
no-cache
Date
Thu, 09 Nov 2017 21:40:23 GMT
ETag
W/"10a-zpUlOjvbi+kDHgj+iK5krw"
Content-Type
application/json; charset=utf-8
X-Clocks
OTQ9Nw==
Cache-Control
no-cache, no-store, must-revalidate
X-WasSubmitted
0
Connection
keep-alive
Content-Length
266
Expires
0
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j65&a=1723482705&t=pageview&_s=1&dl=https%3A%2F%2Fwww.getmyrefinance.com%2Ff%2Fe%2F%3F_s%3D76%26sub_1%3DGMR-Pops-Ron%26sub_5%3D44935720%26requestid...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-29775006-50&cid=2057143075.1510263624&jid=650329730&_gid=255805131.1510263624&gjid=1857624921&_v=j65&z=1491969731
35 B
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-29775006-50&cid=2057143075.1510263624&jid=650329730&_gid=255805131.1510263624&gjid=1857624921&_v=j65&z=1491969731
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:400c:c04::9c , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-29775006-50&cid=2057143075.1510263624&jid=650329730&_gid=255805131.1510263624&gjid=1857624921&_v=j65&z=1491969731
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
stats.g.doubleclick.net
referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
:scheme
https
:method
GET
Referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 09 Nov 2017 21:40:23 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2017 21:40:23 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-29775006-50&cid=2057143075.1510263624&jid=650329730&_gid=255805131.1510263624&gjid=1857624921&_v=j65&z=1491969731
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
419
expires
Fri, 01 Jan 1990 00:00:00 GMT
1198084236906326
connect.facebook.net/signals/config/ 		1 KB
831 B 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1198084236906326?v=2.8.1
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
321431863214da0c3da6e90eb68de5560504be27e394507fb65897787db5460a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

:path
/signals/config/1198084236906326?v=2.8.1
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
connect.facebook.net
referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
:scheme
https
:method
GET
Referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin Accept-Encoding
x-xss-protection
0
pragma
public
x-fb-debug
E6faanEYpuzPnDzCqqkNq8vcTuI4Y2LqH2OfIJAhCleB9L5b2iYZflR9tFavdZ3D6/94eAOYWj41ZVy56DuvOw==
x-frame-options
DENY
date
Thu, 09 Nov 2017 21:40:24 GMT
expect-ct
max-age=10, report-uri="http://reports.fb.com/expectct/"
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
access-control-allow-method
OPTIONS
expires
Sat, 01 Jan 2000 00:00:00 GMT
pixels
www.getmyrefinance.com/ Frame 1087 		41 B
41 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.getmyrefinance.com/pixels?uuid=01ab7d7a-b21d-4886-9ac2-bd5c7f7f2366&cb=1510263624141
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/tracking.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.232.90 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-225-232-90.compute-1.amazonaws.com
Software
/
Resource Hash
22da7d45508222276b737ccd7f4b4be7d2b791ac65a7c8d3851e2ec1bdf00a76

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.getmyrefinance.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
Cookie
uuid=01ab7d7a-b21d-4886-9ac2-bd5c7f7f2366; _ga=GA1.3.2057143075.1510263624; _gid=GA1.3.255805131.1510263624; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
date
Thu, 09 Nov 2017 21:40:24 GMT
etag
W/"29-2070775220"
p3p
policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
content-type
text/html; charset=utf-8
Content-Length
41
Expires
0
pixels
www.getmyrefinance.com/ Frame 1087 		41 B
41 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.getmyrefinance.com/pixels?uuid=01ab7d7a-b21d-4886-9ac2-bd5c7f7f2366&conversion=1&cb=1510263624142
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/tracking.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.232.90 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-225-232-90.compute-1.amazonaws.com
Software
/
Resource Hash
22da7d45508222276b737ccd7f4b4be7d2b791ac65a7c8d3851e2ec1bdf00a76

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.getmyrefinance.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
Cookie
uuid=01ab7d7a-b21d-4886-9ac2-bd5c7f7f2366; _ga=GA1.3.2057143075.1510263624; _gid=GA1.3.255805131.1510263624; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
date
Thu, 09 Nov 2017 21:40:24 GMT
etag
W/"29-2070775220"
p3p
policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
content-type
text/html; charset=utf-8
Content-Length
41
Expires
0
1345687412191082
connect.facebook.net/signals/config/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1345687412191082?v=2.8.1
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
6001acc03602271a1bc001aeb7ccdc7a39ebc4fc94ba5943e45226cb30ad8b50
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

:path
/signals/config/1345687412191082?v=2.8.1
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
connect.facebook.net
referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
:scheme
https
:method
GET
Referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin Accept-Encoding
x-xss-protection
0
pragma
public
x-fb-debug
uuxT+bXu6qTR9jDJC68TD2OlFMP/7dq+tCvSz++g9s2SR6Ej9/omSo5OOgXqjl92VPsf5EqbeAu2/DCFOtE/Cw==
x-frame-options
DENY
date
Thu, 09 Nov 2017 21:40:24 GMT
expect-ct
max-age=10, report-uri="http://reports.fb.com/expectct/"
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
access-control-allow-method
OPTIONS
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1198084236906326&ev=PageView&dl=https%3A%2F%2Fwww.getmyrefinance.com%2Ff%2Fe%2F%3F_s%3D76%26sub_1%3DGMR-Pops-Ron%26sub_5%3D44935720%26requestid%3D44935720%26sourceid%3D76&rl=&if=false&ts=1510263624146&v=2.8.1&ec=0&o=28&it=1510263623922
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

:path
/tr/?id=1198084236906326&ev=PageView&dl=https%3A%2F%2Fwww.getmyrefinance.com%2Ff%2Fe%2F%3F_s%3D76%26sub_1%3DGMR-Pops-Ron%26sub_5%3D44935720%26requestid%3D44935720%26sourceid%3D76&rl=&if=false&ts=1510263624146&v=2.8.1&ec=0&o=28&it=1510263623922
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.facebook.com
referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
:scheme
https
:method
GET
Referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 09 Nov 2017 21:40:24 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
set-cookie
fr=0jsi73KPa6wChubvY..BaBMtI...1.0.BaBMtI.; expires=Wednesday, 07-Feb-2018 21:40:24 GMT; path=/; domain=.facebook.com; HttpOnly; secure
content-length
44
expires
Thu, 09 Nov 2017 21:40:24 GMT
1740593736157411
connect.facebook.net/signals/config/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1740593736157411?v=2.8.1
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
f5ebf7c62ae9f804a847508acdfcafe690b51975936afd80d91a76780ccb3916
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

:path
/signals/config/1740593736157411?v=2.8.1
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
connect.facebook.net
referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
:scheme
https
:method
GET
Referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin Accept-Encoding
content-length
10755
x-xss-protection
0
pragma
public
x-fb-debug
lzTnbgULsOoaWhoQdCW76QUHLDGR+S5zsEUVWwHw1ig9EnbrkSWmqZRgxAdemeFahdwUWSlwrprSegE8WnC/5w==
x-frame-options
DENY
date
Thu, 09 Nov 2017 21:40:24 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
access-control-allow-method
OPTIONS
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1345687412191082&ev=PageView&dl=https%3A%2F%2Fwww.getmyrefinance.com%2Ff%2Fe%2F%3F_s%3D76%26sub_1%3DGMR-Pops-Ron%26sub_5%3D44935720%26requestid%3D44935720%26sourceid%3D76&rl=&if=false&ts=1510263624384&v=2.8.1&ec=0&o=28&it=1510263623922
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

:path
/tr/?id=1345687412191082&ev=PageView&dl=https%3A%2F%2Fwww.getmyrefinance.com%2Ff%2Fe%2F%3F_s%3D76%26sub_1%3DGMR-Pops-Ron%26sub_5%3D44935720%26requestid%3D44935720%26sourceid%3D76&rl=&if=false&ts=1510263624384&v=2.8.1&ec=0&o=28&it=1510263623922
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.facebook.com
referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
:scheme
https
:method
GET
Referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 09 Nov 2017 21:40:24 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
set-cookie
fr=0GsXAsqGcP5psN7DZ..BaBMtI...1.0.BaBMtI.; expires=Wednesday, 07-Feb-2018 21:40:24 GMT; path=/; domain=.facebook.com; HttpOnly; secure
content-length
44
expires
Thu, 09 Nov 2017 21:40:24 GMT
/
www.facebook.com/tr/ 		44 B
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1740593736157411&ev=PageView&dl=https%3A%2F%2Fwww.getmyrefinance.com%2Ff%2Fe%2F%3F_s%3D76%26sub_1%3DGMR-Pops-Ron%26sub_5%3D44935720%26requestid%3D44935720%26sourceid%3D76&rl=&if=false&ts=1510263624487&v=2.8.1&ec=0&o=28&it=1510263623922
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

:path
/tr/?id=1740593736157411&ev=PageView&dl=https%3A%2F%2Fwww.getmyrefinance.com%2Ff%2Fe%2F%3F_s%3D76%26sub_1%3DGMR-Pops-Ron%26sub_5%3D44935720%26requestid%3D44935720%26sourceid%3D76&rl=&if=false&ts=1510263624487&v=2.8.1&ec=0&o=28&it=1510263623922
pragma
no-cache
cookie
fr=0jsi73KPa6wChubvY..BaBMtI...1.0.BaBMtI.
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.facebook.com
referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
:scheme
https
:method
GET
Referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 09 Nov 2017 21:40:24 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
set-cookie
content-length
44
expires
Thu, 09 Nov 2017 21:40:24 GMT
4f5f9ac8-85c0-44e4-b195-5c860af35787.js
d1tprjo2w7krrh.cloudfront.net/campaign/ 		123 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1tprjo2w7krrh.cloudfront.net/campaign/4f5f9ac8-85c0-44e4-b195-5c860af35787.js
Requested by
Host: www.getmyrefinance.com
URL: https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.137.61.15 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-216-137-61-15.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
de42e4e82346d2dbad8026cd7043baa70da054ed0824d7a44af548bdb40d4ceb

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
d1tprjo2w7krrh.cloudfront.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 09 Nov 2017 18:45:10 GMT
Via
1.1 0437902e99783229e3317bb4dfe27240.cloudfront.net (CloudFront)
Last-Modified
Tue, 03 Oct 2017 15:04:40 GMT
Server
AmazonS3
ETag
"ad9418e2ec142cf54697a14a20b48f2b"
X-Cache
RefreshHit from cloudfront
x-amz-version-id
vR.AjYT7FYDO0R8XUoVm3qRLHdDVa0Ep
Cache-Control
max-age=1800
x-amz-replication-status
COMPLETED
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
126414
X-Amz-Cf-Id
gV-P_5Sy3yWuVYp8HvFgh_ynWRHzgzYNdbOfvSXUz_Hz7BuRbBAcHg==
Cookie set GenerateToken
create.leadid.com/2.4.0/ 		36 B
55 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.4.0/GenerateToken?msn=1&pid=7d3894a4-b15e-4d34-936d-c77a74bb6a76&_=142707557
Requested by
Host: d1tprjo2w7krrh.cloudfront.net
URL: https://d1tprjo2w7krrh.cloudfront.net/campaign/4f5f9ac8-85c0-44e4-b195-5c860af35787.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.204.158 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-7-204-158.compute-1.amazonaws.com
Software
nginx/1.10.1 / PHP/5.6.29
Resource Hash
fa9d151570e9b67a1fc4fb2debb09b4b4e6215ddf1b8b6c035331ec613e07f49

Request headers

Pragma
no-cache
Origin
https://www.getmyrefinance.com
Accept-Encoding
gzip, deflate
Host
create.leadid.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Content-type
application/x-www-form-urlencoded
Accept
*/*
Cache-Control
no-cache
Referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
Connection
keep-alive
Content-Length
301
Referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
Origin
https://www.getmyrefinance.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Thu, 09 Nov 2017 21:40:25 GMT
Content-Encoding
gzip
Server
nginx/1.10.1
X-Powered-By
PHP/5.6.29
Access-Control-Max-Age
1728000
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Set-Cookie
rgisanonymous=false; expires=Sat, 09-Dec-2017 21:40:25 GMT; Max-Age=2592000 rguserid=f94b5cbf-72f1-43d3-b740-b1db2e5a9d6e; expires=Sat, 09-Dec-2017 21:40:25 GMT; Max-Age=2592000 rguuid=true; expires=Sat, 09-Dec-2017 21:40:25 GMT; Max-Age=2592000 rgisanonymous=true; expires=Sat, 09-Dec-2017 21:40:25 GMT; Max-Age=2592000
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
55
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setParams
blacksmith.goodmeasure.io/lnx/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://blacksmith.goodmeasure.io/lnx/setParams?apikey=0c9f7af76650464b956eb7f5c2f9ae20&requestid=44935720&o_session=1&gtmcb=672739198
Protocol
HTTP/1.1
Server
34.205.7.227 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-205-7-227.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
image/webp,image/apng,image/*,*/*;q=0.8
Pragma
no-cache
Connection
keep-alive
Accept-Encoding
gzip, deflate
Host
blacksmith.goodmeasure.io
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 09 Nov 2017 21:40:25 GMT
Connection
keep-alive
Content-Length
0
Content-Type
application/json
iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 1087 		0
0
Cookie set SaveDom
create.leadid.com/2.4.0/ 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.4.0/SaveDom?msn=2&pid=7d3894a4-b15e-4d34-936d-c77a74bb6a76&token=CAD7F2D1-02AC-4DF6-C1C2-1886036874DC&_=142707558
Requested by
Host: d1tprjo2w7krrh.cloudfront.net
URL: https://d1tprjo2w7krrh.cloudfront.net/campaign/4f5f9ac8-85c0-44e4-b195-5c860af35787.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.204.158 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-7-204-158.compute-1.amazonaws.com
Software
nginx/1.10.1 / PHP/5.6.29
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Origin
https://www.getmyrefinance.com
Accept-Encoding
gzip, deflate
Host
create.leadid.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Content-type
application/x-www-form-urlencoded
Accept
*/*
Cache-Control
no-cache
Referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
Connection
keep-alive
Content-Length
559
Referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
Origin
https://www.getmyrefinance.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Thu, 09 Nov 2017 21:40:25 GMT
Content-Encoding
gzip
Server
nginx/1.10.1
X-Powered-By
PHP/5.6.29
Access-Control-Max-Age
1728000
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Set-Cookie
rgisanonymous=false; expires=Sat, 09-Dec-2017 21:40:25 GMT; Max-Age=2592000 rguserid=b759a8f1-ce41-47b0-992e-ef29f395c264; expires=Sat, 09-Dec-2017 21:40:25 GMT; Max-Age=2592000 rguuid=true; expires=Sat, 09-Dec-2017 21:40:25 GMT; Max-Age=2592000 rgisanonymous=true; expires=Sat, 09-Dec-2017 21:40:25 GMT; Max-Age=2592000
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cookie set InitFormData
create.leadid.com/2.4.0/ 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.4.0/InitFormData?msn=3&pid=7d3894a4-b15e-4d34-936d-c77a74bb6a76&token=CAD7F2D1-02AC-4DF6-C1C2-1886036874DC&_=142707559
Requested by
Host: d1tprjo2w7krrh.cloudfront.net
URL: https://d1tprjo2w7krrh.cloudfront.net/campaign/4f5f9ac8-85c0-44e4-b195-5c860af35787.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.204.158 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-7-204-158.compute-1.amazonaws.com
Software
nginx/1.10.1 / PHP/5.6.29
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Origin
https://www.getmyrefinance.com
Accept-Encoding
gzip, deflate
Host
create.leadid.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Content-type
application/x-www-form-urlencoded
Accept
*/*
Cache-Control
no-cache
Referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
Connection
keep-alive
Content-Length
43106
Referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
Origin
https://www.getmyrefinance.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Thu, 09 Nov 2017 21:40:25 GMT
Content-Encoding
gzip
Server
nginx/1.10.1
X-Powered-By
PHP/5.6.29
Access-Control-Max-Age
1728000
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Set-Cookie
rgisanonymous=false; expires=Sat, 09-Dec-2017 21:40:25 GMT; Max-Age=2592000 rguserid=99336097-aa61-45ef-96c9-844593281168; expires=Sat, 09-Dec-2017 21:40:25 GMT; Max-Age=2592000 rguuid=true; expires=Sat, 09-Dec-2017 21:40:25 GMT; Max-Age=2592000 rgisanonymous=true; expires=Sat, 09-Dec-2017 21:40:25 GMT; Max-Age=2592000
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cookie set Snap
create.leadid.com/2.4.0/ 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.4.0/Snap?msn=4&pid=7d3894a4-b15e-4d34-936d-c77a74bb6a76&token=CAD7F2D1-02AC-4DF6-C1C2-1886036874DC&_=142707560
Requested by
Host: d1tprjo2w7krrh.cloudfront.net
URL: https://d1tprjo2w7krrh.cloudfront.net/campaign/4f5f9ac8-85c0-44e4-b195-5c860af35787.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.169.239 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-44-169-239.compute-1.amazonaws.com
Software
nginx/1.10.1 / PHP/5.6.29
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Origin
https://www.getmyrefinance.com
Accept-Encoding
gzip, deflate
Host
create.leadid.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Content-type
application/x-www-form-urlencoded
Accept
*/*
Cache-Control
no-cache
Referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
Connection
keep-alive
Content-Length
69800
Referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
Origin
https://www.getmyrefinance.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Thu, 09 Nov 2017 21:40:26 GMT
Content-Encoding
gzip
Server
nginx/1.10.1
X-Powered-By
PHP/5.6.29
Access-Control-Max-Age
1728000
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Set-Cookie
rgisanonymous=false; expires=Sat, 09-Dec-2017 21:40:26 GMT; Max-Age=2592000 rguserid=3d3fe9f2-7774-4ecc-aa3e-2c56ebdfbd24; expires=Sat, 09-Dec-2017 21:40:26 GMT; Max-Age=2592000 rguuid=true; expires=Sat, 09-Dec-2017 21:40:26 GMT; Max-Age=2592000 rgisanonymous=true; expires=Sat, 09-Dec-2017 21:40:26 GMT; Max-Age=2592000
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
/
www.facebook.com/tr/ 		44 B
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1345687412191082&ev=Microdata&dl=https%3A%2F%2Fwww.getmyrefinance.com%2Ff%2Fe%2F%3F_s%3D76%26sub_1%3DGMR-Pops-Ron%26sub_5%3D44935720%26requestid%3D44935720%26sourceid%3D76&rl=&if=false&ts=1510263625887&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%7D&cd[Meta]=%7B%22title%22%3A%22Compare%20Home%20Mortgage%20Refinance%20Rates%20%7C%20Get%20My%20Refinance%22%2C%22meta%3Adescription%22%3A%22Get%20personalized%20home%20refinance%20rates%20with%20Get%20My%20Refinance%E2%80%99s%20lender%20comparison%20tool.%20It%E2%80%99s%20a%20quick%20and%20effective%20way%20to%20compare%20rates%20from%20all%20the%20top%20lenders.%22%7D&v=2.8.1&o=28
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

:path
/tr/?id=1345687412191082&ev=Microdata&dl=https%3A%2F%2Fwww.getmyrefinance.com%2Ff%2Fe%2F%3F_s%3D76%26sub_1%3DGMR-Pops-Ron%26sub_5%3D44935720%26requestid%3D44935720%26sourceid%3D76&rl=&if=false&ts=1510263625887&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%7D&cd[Meta]=%7B%22title%22%3A%22Compare%20Home%20Mortgage%20Refinance%20Rates%20%7C%20Get%20My%20Refinance%22%2C%22meta%3Adescription%22%3A%22Get%20personalized%20home%20refinance%20rates%20with%20Get%20My%20Refinance%E2%80%99s%20lender%20comparison%20tool.%20It%E2%80%99s%20a%20quick%20and%20effective%20way%20to%20compare%20rates%20from%20all%20the%20top%20lenders.%22%7D&v=2.8.1&o=28
pragma
no-cache
cookie
fr=0GsXAsqGcP5psN7DZ..BaBMtI...1.0.BaBMtI.
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.facebook.com
referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
:scheme
https
:method
GET
Referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 09 Nov 2017 21:40:25 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
set-cookie
content-length
44
expires
Thu, 09 Nov 2017 21:40:25 GMT
/
www.facebook.com/tr/ 		44 B
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1740593736157411&ev=Microdata&dl=https%3A%2F%2Fwww.getmyrefinance.com%2Ff%2Fe%2F%3F_s%3D76%26sub_1%3DGMR-Pops-Ron%26sub_5%3D44935720%26requestid%3D44935720%26sourceid%3D76&rl=&if=false&ts=1510263625987&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%7D&cd[Meta]=%7B%22title%22%3A%22Compare%20Home%20Mortgage%20Refinance%20Rates%20%7C%20Get%20My%20Refinance%22%2C%22meta%3Adescription%22%3A%22Get%20personalized%20home%20refinance%20rates%20with%20Get%20My%20Refinance%E2%80%99s%20lender%20comparison%20tool.%20It%E2%80%99s%20a%20quick%20and%20effective%20way%20to%20compare%20rates%20from%20all%20the%20top%20lenders.%22%7D&v=2.8.1&o=28
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

:path
/tr/?id=1740593736157411&ev=Microdata&dl=https%3A%2F%2Fwww.getmyrefinance.com%2Ff%2Fe%2F%3F_s%3D76%26sub_1%3DGMR-Pops-Ron%26sub_5%3D44935720%26requestid%3D44935720%26sourceid%3D76&rl=&if=false&ts=1510263625987&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%7D&cd[Meta]=%7B%22title%22%3A%22Compare%20Home%20Mortgage%20Refinance%20Rates%20%7C%20Get%20My%20Refinance%22%2C%22meta%3Adescription%22%3A%22Get%20personalized%20home%20refinance%20rates%20with%20Get%20My%20Refinance%E2%80%99s%20lender%20comparison%20tool.%20It%E2%80%99s%20a%20quick%20and%20effective%20way%20to%20compare%20rates%20from%20all%20the%20top%20lenders.%22%7D&v=2.8.1&o=28
pragma
no-cache
cookie
fr=0GsXAsqGcP5psN7DZ..BaBMtI...1.0.BaBMtI.
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.facebook.com
referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
:scheme
https
:method
GET
Referer
https://www.getmyrefinance.com/f/e/?_s=76&sub_1=GMR-Pops-Ron&sub_5=44935720&requestid=44935720&sourceid=76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 09 Nov 2017 21:40:26 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
set-cookie
content-length
44
expires
Thu, 09 Nov 2017 21:40:26 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
code.ionicframework.com
URL
http://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
Domain
d2m2wsoho8qq12.cloudfront.net
URL
https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=CAD7F2D1-02AC-4DF6-C1C2-1886036874DC&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.4.0&lck=4F5F9AC8-85C0-44E4-B195-5C860AF35787

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Domain/Path Name / Value
.www.getmyrefinance.com/ Name: _gat
Value: 1
.www.getmyrefinance.com/ Name: _gid
Value: GA1.3.255805131.1510263624
.www.getmyrefinance.com/ Name: _ga
Value: GA1.3.2057143075.1510263624
www.getmyrefinance.com/ Name: uuid
Value: 01ab7d7a-b21d-4886-9ac2-bd5c7f7f2366

85 Console Messages

Source Level URL
Text
console-api log URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
is click
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api log URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
is click
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
populateOptions
console-api log URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
is click
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
populateOptions
console-api log URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
is click
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
populateOptions
console-api log URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
is click
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
populateOptions
console-api log URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
is click
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
populateOptions
console-api log URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
is click
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
populateOptions
console-api log URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
is click
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
populateOptions
console-api log URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
is click
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
populateOptions
console-api log URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
is click
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
populateOptions
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
populateOptions
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
populateOptions
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
populateOptions
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
populateOptions
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
populateOptions
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
populateOptions
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
populateOptions
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
populateOptions
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
populateOptions
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
populateOptions
console-api debug URL: https://www.getmyrefinance.com/js/scripts.js(Line 8)
Message:
initElement

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blacksmith.goodmeasure.io
code.ionicframework.com
connect.facebook.net
create.leadid.com
d1tprjo2w7krrh.cloudfront.net
d2m2wsoho8qq12.cloudfront.net
dn3nmb5yt1ysw.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
lpnjump.com
mygosecure.com
stats.g.doubleclick.net
www.facebook.com
www.getmyrefinance.com
www.goodmeasure.link
www.google-analytics.com
www.googletagmanager.com
code.ionicframework.com
d2m2wsoho8qq12.cloudfront.net
216.137.61.15
2400:cb00:2048:1::6819:7b63
2400:cb00:2048:1::6819:7c63
2a00:1450:4001:806::2003
2a00:1450:4001:806::200a
2a00:1450:4001:81d::200e
2a00:1450:4001:821::2008
2a00:1450:400c:c04::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.198.193.13
34.200.85.68
34.205.7.227
34.225.232.90
52.222.168.154
52.44.169.239
52.7.204.158
54.210.163.231
03ea084cca13780de106a935c01fb46bbc1e2d8a81680095f375b0006aa52f8d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
185d9ae24438163e341b86ae98979f0948615aa10aad6ab22de77fdb83b8ddd1
1dcf008dc0c68133a23012ad030fd9522c163d98333835210eeb82cd8de60ce3
22da7d45508222276b737ccd7f4b4be7d2b791ac65a7c8d3851e2ec1bdf00a76
27afb66208080d9f913090a564bb81b07fda8b0652adc1f578465e4e87157952
321431863214da0c3da6e90eb68de5560504be27e394507fb65897787db5460a
377e74d94f8ee8dc4329e128992f726e2abb2f72389c215ddce332309da0f386
45fa5c9e6fed4bf92ae35aec5d65164af6365cb957bbfeaa81c96d7aad186c5a
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
52726fb580d6bffc46615863ddbf4c319524b5a68fb484be2972bdad4fd0310d
5d7c184f73407fd0b6e92743095a0d2a5cb5d3b853ce898798c24ef87d622db1
5e700835ec05293a3d0f9e354e7d038319d34521cd279e782198dff6d1dd58f2
6001acc03602271a1bc001aeb7ccdc7a39ebc4fc94ba5943e45226cb30ad8b50
7ecc2c3451a802daa94f11282c7cdc33b31c9b425d5bb1deceec651432abccf5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a763b56d3623402129d369636ce18253893ead112a9733a3ad81e6cbf9787a0
92ac508220f5bb60ec94e07650528eb66625f82a4740ada068cde05365781286
941cc503df31552ac196bf2523d1c52b84269f35b1c58106ca5b2b353f720c0e
94c51dccb26f9d7180122e2c47d19b01f36291f6aa687837de0dc5df71ce1c83
9be1ea6051aea02f8bf627ddf688ae70ea57a464b21819117b745c0fad295be3
9ed8d0405bfd3dfc42779322685993a6a303579ebad7405b5ce42931416129ea
9fefba373e2d8f887fe9a7165e8b062b23eff486a2c4225f824fff48c97325fe
a3b3c4f67bf2b44294215e2be76f12794e6b142edec201e199c93c38739f2bfc
a65e43dff7ad9c617e763b99743aac1364d0e606e6352763eb795dea2f35af98
acd490a53b11adfda6357e73054ca7f08003ef1dc37ce1f7a87f1eafedda9e85
aefbfd0ae51125357109771033d6533d4136e76e38392e654292452d88580058
d51aad42ed7f937bdd4f4b0e8310e1db33b1f73b15fe161f560276bd871e95db
de42e4e82346d2dbad8026cd7043baa70da054ed0824d7a44af548bdb40d4ceb
e1591f46ec1345804720502fe936742853d4205cc7a47e55585ea505ce45b892
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e89017e6d9e56bf06ddf30202428f7227c163c7eff22b18f1295a1d369534248
f5ebf7c62ae9f804a847508acdfcafe690b51975936afd80d91a76780ccb3916
fa9d151570e9b67a1fc4fb2debb09b4b4e6215ddf1b8b6c035331ec613e07f49