www.fharateguide.com Open in urlscan Pro
2606:4700:20::681a:fb2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.fharateguide.com/idv.fhtml?formFlowConfigId=2795&estprg=1&viewType=MOBILE&mp_value1=&mp_value2=&mp_value3=&formfl...
Effective URL:
https://www.fharateguide.com/idv.fhtml?formFlowConfigId=2795&estprg=1&viewType=MOBILE&mp_value1=&mp_value2=&mp_value3=&formfl...
Submission: On December 04 via manual (December 4th 2023, 3:30:39 pm UTC) from IL — Scanned from DE

Summary HTTP 95 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 35 IPs in 5 countries across 29 domains to perform 95 HTTP transactions. The main IP is 2606:4700:20::681a:fb2, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.fharateguide.com.
TLS certificate: Issued by E1 on November 11th 2023. Valid for: 3 months.

This is the only time www.fharateguide.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2606:4700:20:... 2606:4700:20::681a:fb2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	18.154.71.162 18.154.71.162	16509 (AMAZON-02) (AMAZON-02)
8	54.183.47.202 54.183.47.202	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
3 3	18.66.242.136 18.66.242.136	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
2 2	18.245.62.57 18.245.62.57	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.234.192.68 54.234.192.68	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
14	13.77.127.157 13.77.127.157	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
3	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	52.9.79.152 52.9.79.152	16509 (AMAZON-02) (AMAZON-02)
1 4	2600:9000:224... 2600:9000:224a:4600:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a05:d018:cc3... 2a05:d018:cc3:fe04:3014:5030:a5b6:caa6	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	54.228.71.178 54.228.71.178	16509 (AMAZON-02) (AMAZON-02)
1	65.9.7.176 65.9.7.176	16509 (AMAZON-02) (AMAZON-02)
2	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
7	35.169.192.238 35.169.192.238	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
3	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1	108.156.253.23 108.156.253.23	16509 (AMAZON-02) (AMAZON-02)
1	18.232.222.202 18.232.222.202	14618 (AMAZON-AES) (AMAZON-AES)
95	35

8 2606:4700:20::681a:fb2 (United States)

ASN13335 (CLOUDFLARENET, US)

www.fharateguide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.154.71.162 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-154-71-162.dus51.r.cloudfront.net

d2qcrzwi3hrnuy.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.183.47.202 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-183-47-202.us-west-1.compute.amazonaws.com

static.terramatrixmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

cdn-us.trustev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.trustev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.242.136 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-66-242-136.dus51.r.cloudfront.net

d1tkl1e3k37gw7.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.62.57 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-245-62-57.fra60.r.cloudfront.net

dv50pvmrizz2v.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.234.192.68 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-234-192-68.compute-1.amazonaws.com

finance.mediaalpha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 13.77.127.157 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

app.trustev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.ipqscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.9.79.152 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-9-79-152.us-west-1.compute.amazonaws.com

www.dataverify123.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:224a:4600:6:9280:1080:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe04:3014:5030:a5b6:caa6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.228.71.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-71-178.eu-west-1.compute.amazonaws.com

mpsnare.iesnare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.7.176 (Hollywood, United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-7-176.fra56.r.cloudfront.net

d1tprjo2w7krrh.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.169.192.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-192-238.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.253.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-253-23.dus51.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.232.222.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-232-222-202.compute-1.amazonaws.com

deviceid.trueleadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	trustev.com cdn-us.trustev.com — Cisco Umbrella Rank: 59032 cdn.trustev.com — Cisco Umbrella Rank: 97605 app.trustev.com — Cisco Umbrella Rank: 69025	45 KB
8	terramatrixmedia.com static.terramatrixmedia.com	503 KB
8	cloudfront.net 6 redirects d2qcrzwi3hrnuy.cloudfront.net d1tkl1e3k37gw7.cloudfront.net dv50pvmrizz2v.cloudfront.net d1tprjo2w7krrh.cloudfront.net d2m2wsoho8qq12.cloudfront.net	129 KB
8	fharateguide.com www.fharateguide.com	77 KB
7	leadid.com create.leadid.com — Cisco Umbrella Rank: 17342	4 KB
6	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2693 www.google.com — Cisco Umbrella Rank: 2	982 B
5	adroll.com 1 redirects s.adroll.com — Cisco Umbrella Rank: 3061 d.adroll.com — Cisco Umbrella Rank: 1380	27 KB
3	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 225	1 KB
3	iesnare.com mpsnare.iesnare.com — Cisco Umbrella Rank: 5165	21 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6765	669 B
3	bing.com bat.bing.com — Cisco Umbrella Rank: 329	14 KB
3	yimg.com s.yimg.com — Cisco Umbrella Rank: 630	7 KB
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 75 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 ajax.googleapis.com — Cisco Umbrella Rank: 340	93 KB
2	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1308	877 B
2	dataverify123.com www.dataverify123.com — Cisco Umbrella Rank: 775708	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	85 KB
2	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1020 trc.taboola.com — Cisco Umbrella Rank: 648	20 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	186 KB
2	mediaalpha.com finance.mediaalpha.com — Cisco Umbrella Rank: 306189	3 KB
1	trueleadid.com deviceid.trueleadid.com — Cisco Umbrella Rank: 18884	2 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 590	29 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	185 B
1	ipqscdn.com www.ipqscdn.com — Cisco Umbrella Rank: 34534	68 KB
1	gstatic.com fonts.gstatic.com	48 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 988	7 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	7 KB
0	yourloanupdate.com Failed links.yourloanupdate.com Failed
95	29

	Domain	Requested by
14	app.trustev.com	www.fharateguide.com
8	static.terramatrixmedia.com	www.fharateguide.com static.terramatrixmedia.com
8	www.fharateguide.com	www.fharateguide.com
7	create.leadid.com	www.fharateguide.com deviceid.trueleadid.com
4	region1.analytics.google.com	www.googletagmanager.com
4	s.adroll.com	1 redirects www.fharateguide.com
3	bam.nr-data.net	www.fharateguide.com
3	mpsnare.iesnare.com	www.fharateguide.com
3	www.google.de	www.fharateguide.com
3	bat.bing.com	www.fharateguide.com
3	s.yimg.com	www.fharateguide.com
3	www.google-analytics.com	www.fharateguide.com
3	d1tkl1e3k37gw7.cloudfront.net	3 redirects
2	sp.analytics.yahoo.com	www.fharateguide.com
2	www.google.com	www.fharateguide.com
2	www.dataverify123.com	www.fharateguide.com
2	connect.facebook.net	www.fharateguide.com
2	stats.g.doubleclick.net	www.fharateguide.com www.googletagmanager.com
2	www.googletagmanager.com	www.fharateguide.com
2	finance.mediaalpha.com	www.fharateguide.com
2	dv50pvmrizz2v.cloudfront.net	2 redirects
2	ajax.googleapis.com	www.fharateguide.com
1	deviceid.trueleadid.com	d2m2wsoho8qq12.cloudfront.net
1	d2m2wsoho8qq12.cloudfront.net	www.fharateguide.com
1	js-agent.newrelic.com	www.fharateguide.com
1	d1tprjo2w7krrh.cloudfront.net	www.fharateguide.com
1	www.facebook.com	www.fharateguide.com
1	trc.taboola.com	www.fharateguide.com
1	d.adroll.com	www.fharateguide.com
1	cdn.taboola.com	www.fharateguide.com
1	googleads.g.doubleclick.net	www.fharateguide.com
1	www.ipqscdn.com	www.fharateguide.com
1	cdn.trustev.com	www.fharateguide.com
1	fonts.gstatic.com	fonts.googleapis.com
1	maxcdn.bootstrapcdn.com	www.fharateguide.com
1	cdn-us.trustev.com	www.fharateguide.com
1	fonts.googleapis.com	www.fharateguide.com
1	cdnjs.cloudflare.com	www.fharateguide.com
1	d2qcrzwi3hrnuy.cloudfront.net	1 redirects
0	links.yourloanupdate.com Failed	www.fharateguide.com
95	40

This site contains links to these domains. Also see Links.

Domain
www.optout-vxwx.net
www.securerights.org
nmlsconsumeraccess.org

Subject Issuer	Validity	Valid
fharateguide.com E1	`2023-11-11` - `2024-02-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sni1d11bgl.wpc.edgecastcdn.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-04` - `2024-12-04`	a year	crt.sh
bootstrapcdn.com GTS CA 1P5	`2023-11-30` - `2024-02-28`	3 months	crt.sh
mediaalpha.com Amazon RSA 2048 M01	`2023-06-11` - `2024-07-09`	a year	crt.sh
static.terramatrixmedia.com Amazon RSA 2048 M01	`2023-03-29` - `2024-04-26`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sni16c6gl.wpc.edgecastcdn.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-10` - `2024-06-09`	a year	crt.sh
*.trustev.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-03` - `2024-10-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
ipqscdn.com GTS CA 1P5	`2023-12-03` - `2024-03-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-11-06` - `2023-12-27`	2 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-12` - `2023-12-11`	3 months	crt.sh
*.dataverify123.com Amazon RSA 2048 M01	`2023-02-19` - `2024-03-19`	a year	crt.sh
s.adroll.com Amazon RSA 2048 M01	`2023-06-03` - `2024-07-01`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2023-10-09` - `2024-11-07`	a year	crt.sh
mpsnare.iesnare.com DigiCert SHA2 High Assurance Server CA	`2023-05-01` - `2024-05-29`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-10-24` - `2024-04-17`	6 months	crt.sh
create.leadid.com Amazon RSA 2048 M02	`2023-08-21` - `2024-09-17`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh
deviceid.trueleadid.com Amazon RSA 2048 M02	`2023-11-08` - `2024-12-06`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.fharateguide.com/idv.fhtml?formFlowConfigId=2795&estprg=1&viewType=MOBILE&mp_value1=&mp_value2=&mp_value3=&formflowconfigid=2795&irgwc=1&viewtype=mobile&clickid=soryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0&irc=8749
Frame ID: A2325BF465B3ED95EA5BFA8A7F359E09
Requests: 84 HTTP requests in this frame

Frame: https://cdn.trustev.com/trustevIFrame.html
Frame ID: C74C0A4C917432B248A5A503A837E41D
Requests: 1 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=F33690DB-147C-B4A6-4491-F22F6E2D5BF2&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=D40B3CEF-3C1F-401B-86FA-CCAB4A93CB80&lac=8BEAE6FA-9692-852F-AE73-DDD9BAA92D70
Frame ID: 5B6B39562940A9EFEE4FC4F8710CA546
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=F33690DB-147C-B4A6-4491-F22F6E2D5BF2&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=D40B3CEF-3C1F-401B-86FA-CCAB4A93CB80&lac=8BEAE6FA-9692-852F-AE73-DDD9BAA92D70
Frame ID: 514BAA07A1D7C02A64806CDB0ED68D9D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mortgage News and Rates - FHA Rate Guide

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

95
Requests

92 %
HTTPS

57 %
IPv6

29
Domains

40
Subdomains

35
IPs

5
Countries

1403 kB
Transfer

3431 kB
Size

28
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://www.optout-vxwx.net/o-vxwx-z79-b9ac94a49e51a27d898e9dbf42cc68e1
Title: Unsubscribe

Search URL Search Domain Scan URL

URL: https://www.securerights.org/networkmembers.html
Title: Lenders

Search URL Search Domain Scan URL

URL: https://www.securerights.org/licenses.html
Title: Licenses

Search URL Search Domain Scan URL

URL: https://www.securerights.org/ccpa.html
Title: California Privacy Notice

Search URL Search Domain Scan URL

URL: http://nmlsconsumeraccess.org/EntityDetails.aspx/COMPANY/3175
Title: NMLS License Access Page

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://d2qcrzwi3hrnuy.cloudfront.net/LTI-1985/css/all.min__vrelease_v54.css HTTP 301
https://static.terramatrixmedia.com/LTI-1985/css/all.min__vrelease_v54.css

Request Chain 4

https://d1tkl1e3k37gw7.cloudfront.net/LTI-966/sprites/icon-sprites-MINT-v2__vrelease_v54.png HTTP 301
https://static.terramatrixmedia.com/LTI-966/sprites/icon-sprites-MINT-v2__vrelease_v54.png

Request Chain 7

https://dv50pvmrizz2v.cloudfront.net/LTI-545/img/backgrounds/logo-fha__vrelease_v54.png HTTP 301
https://static.terramatrixmedia.com/LTI-545/img/backgrounds/logo-fha__vrelease_v54.png

Request Chain 9

https://d1tkl1e3k37gw7.cloudfront.net/LTI-2683/js/all.min__vrelease_v54.js HTTP 301
https://static.terramatrixmedia.com/LTI-2683/js/all.min__vrelease_v54.js

Request Chain 10

https://d1tkl1e3k37gw7.cloudfront.net/fs3/js/slideshow-1.3.1__vrelease_v54.js HTTP 301
https://static.terramatrixmedia.com/fs3/js/slideshow-1.3.1__vrelease_v54.js

Request Chain 14

https://dv50pvmrizz2v.cloudfront.net/fs3/js/simple-exit-pop__vrelease_v54.js HTTP 301
https://static.terramatrixmedia.com/fs3/js/simple-exit-pop__vrelease_v54.js

Request Chain 58

https://s.adroll.com/j/pre/A2IU5VI3AJGQDAMYX7JDQX/MYPZQKA7TRG6RBG6IN7LNN/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

95 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request idv.fhtml Show response
www.fharateguide.com/ 232 KB
57 KB 2639ms
2510ms Document
text/html 2606:4700:20::681a:fb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fharateguide.com/idv.fhtml?formFlowConfigId=2795&estprg=1&viewType=MOBILE&mp_value1=&mp_value2=&mp_value3=&formflowconfigid=2795&irgwc=1&viewtype=mobile&clickid=soryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0&irc=8749

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fb2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e36fff089ca9117ffe74524ad4ad114c343f3e1e2ae7afeb0c1d965969aac794

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 83051746bb0f9bbe-FRA
content-encoding: br
content-language: en-US
content-type: text/html;charset=UTF-8
date: Mon, 04 Dec 2023 15:30:32 GMT
expires: Mon, 04 Dec 2023 15:30:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" CP="NOI DSP COR LAW CUR CONi TELi OUR DELi SAMi BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EJJYQFWiwO%2FYbpVali0%2Fsp0NvCFT%2B%2FxP5KiNAQ%2BSQlgR2IIJp6hjcL35aFLCxhQE9hoM6zOvXaylnFotCG4uq8FpqFititvnTC0Z22jW1yq4ktwj2CjtpG4Ze3Fgb%2BSas12%2B4Jx67%2Fna063FKSwJ48om"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2

200

all.min__vrelease_v54.css
static.terramatrixmedia.com/LTI-1985/css/
Redirect Chain

https://d2qcrzwi3hrnuy.cloudfront.net/LTI-1985/css/all.min__vrelease_v54.css
https://static.terramatrixmedia.com/LTI-1985/css/all.min__vrelease_v54.css

39 KB
9 KB

666ms
204ms

Stylesheet
text/css

54.183.47.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.terramatrixmedia.com/LTI-1985/css/all.min__vrelease_v54.css

Requested by

Host: www.fharateguide.com
URL: https://www.fharateguide.com/idv.fhtml?formFlowConfigId=2795&estprg=1&viewType=MOBILE&mp_value1=&mp_value2=&mp_value3=&formflowconfigid=2795&irgwc=1&viewtype=mobile&clickid=soryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0&irc=8749

Protocol

Server

54.183.47.202 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-183-47-202.us-west-1.compute.amazonaws.com

Software

Resource Hash

3da210564ca58e91378d59e3124bc0e1287ec757253982c2fb0da0fc083be7fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:30:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 17 Nov 2023 09:27:08 GMT
server
etag: W/"39733-1700213228000"
x-frame-options: DENY
content-type: text/css
p3p: CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 8061
x-xss-protection: 1; mode=block
expires: Thu, 01 Dec 2033 15:30:32 GMT

Redirect headers

Date: Sun, 03 Dec 2023 20:02:08 GMT
Via: 1.1 27f45b37d8058458a0fcf5f41e20288a.cloudfront.net (CloudFront)
Server: awselb/2.0
X-Amz-Cf-Pop: DUS51-P4
Age: 70104
X-Cache: Hit from cloudfront
Content-Type: text/html
Location: https://static.terramatrixmedia.com:443/LTI-1985/css/all.min__vrelease_v54.css
Connection: keep-alive
Content-Length: 134
X-Amz-Cf-Id: tc06Cq8jUk9BxCx4eEPG4mCZzBLdRvqLrQmUGh_aQppdYtXhCP2kaA==

GET
H2 200 jquery-ui.min.css
cdnjs.cloudflare.com/ajax/libs/jqueryui/1.11.4/ 29 KB
7 KB 133ms
51ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.11.4/jquery-ui.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

550ceb9559bb4237527909ff21e719804f6b9df337f741f756821c0c9963392b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:30:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1944861
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6421
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-75d3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ucQW5nNm1ZehNnvEbVf7SejdkCaf36PFpe6OWv%2B672OH2ZeTuufCxs7oqljFT%2Bl3BYPMLsCRnItHiWlLLNTnZaIMeml8Sjd2c1luxrQj2u%2F56lHR9IWLnZBc6osAJwtouKTk1O0myNLC0cXnLp2WCWeT"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 830517572fb636dc-FRA
expires: Sat, 23 Nov 2024 15:30:32 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 139ms
52ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:300,400,600,700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9506e290d65fb683ae0f44c26664983adbdc1540c493f532774852cbe6350d69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Dec 2023 15:30:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 15:30:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Dec 2023 15:30:32 GMT

GET
H2 200 trustev.min.js Show response
cdn-us.trustev.com/ 35 KB
35 KB 216ms
40ms Script
application/octet-stream 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-us.trustev.com/trustev.min.js
Requested by: Host: www.fharateguide.com
URL: https://www.fharateguide.com/idv.fhtml?formFlowConfigId=2795&estprg=1&viewType=MOBILE&mp_value1=&mp_value2=&mp_value3=&formflowconfigid=2795&irgwc=1&viewtype=mobile&clickid=soryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0&irc=8749
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CE4) /
Resource Hash: 32af4f2fc5fa005f5e129be5e61796337b091a0c6e8670f0b718350340d9d398

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 04 Dec 2023 15:30:32 GMT
last-modified: Fri, 03 Mar 2023 10:24:10 GMT
server: ECAcc (frc/4CE4)
content-md5: uTaDcHHu1dicuLte5Ks0cQ==
age: 276458
etag: "0x8DB1BD16DB746F9"
x-cache: HIT
content-type: application/octet-stream
x-ms-request-id: 93fc720c-701e-0055-2243-2408b1000000
x-ms-version: 2014-02-14
accept-ranges: bytes
content-length: 35386
x-ms-lease-state: available

GET
H2

200

icon-sprites-MINT-v2__vrelease_v54.png
static.terramatrixmedia.com/LTI-966/sprites/
Redirect Chain

https://d1tkl1e3k37gw7.cloudfront.net/LTI-966/sprites/icon-sprites-MINT-v2__vrelease_v54.png
https://static.terramatrixmedia.com/LTI-966/sprites/icon-sprites-MINT-v2__vrelease_v54.png

125 KB
121 KB

822ms
398ms

Image
image/png

54.183.47.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.terramatrixmedia.com/LTI-966/sprites/icon-sprites-MINT-v2__vrelease_v54.png

Requested by

Protocol

Server

54.183.47.202 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-183-47-202.us-west-1.compute.amazonaws.com

Software

Resource Hash

7368f124fb247deb6e0bd874d14c51ca626552a153cfc5e68ffd543dd9b925cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:30:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 17 Nov 2023 09:27:08 GMT
server
etag: W/"127806-1700213228000"
x-frame-options: DENY
content-type: image/png
p3p: CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: max-age=315360000
accept-ranges: bytes
x-xss-protection: 1; mode=block
expires: Thu, 01 Dec 2033 15:30:32 GMT

Redirect headers

Date: Mon, 04 Dec 2023 07:43:35 GMT
Via: 1.1 0616b48dd6be4cda83365410ecccbda4.cloudfront.net (CloudFront)
Server: awselb/2.0
X-Amz-Cf-Pop: DUS51-P1
Age: 28017
X-Cache: Hit from cloudfront
Content-Type: text/html
Location: https://static.terramatrixmedia.com:443/LTI-966/sprites/icon-sprites-MINT-v2__vrelease_v54.png
Connection: keep-alive
Content-Length: 134
X-Amz-Cf-Id: e8gqGSw89QeZcR6UDJ3ql9AAqtTpMWzTMNQfHZxJfi3QWfZKjbY26g==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ 90 KB
33 KB 127ms
40ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 18:16:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 249250
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33018
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 18:16:22 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/ 223 KB
59 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/jquery-ui.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9671f8be70ad94a5362e60f4656d5d53ba214d32ab70a3f9d1603d7dadf9d1c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 15:02:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 520081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60529
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Nov 2024 15:02:31 GMT

GET
H2

200

logo-fha__vrelease_v54.png
static.terramatrixmedia.com/LTI-545/img/backgrounds/
Redirect Chain

https://dv50pvmrizz2v.cloudfront.net/LTI-545/img/backgrounds/logo-fha__vrelease_v54.png
https://static.terramatrixmedia.com/LTI-545/img/backgrounds/logo-fha__vrelease_v54.png

4 KB
5 KB

809ms
632ms

Image
image/png

54.183.47.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.terramatrixmedia.com/LTI-545/img/backgrounds/logo-fha__vrelease_v54.png

Requested by

Protocol

Server

54.183.47.202 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-183-47-202.us-west-1.compute.amazonaws.com

Software

Resource Hash

545a5cb57f71c341497eaf49b054c688a8c0f800e8be807d9e8fed87fc7a1519

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:30:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 17 Nov 2023 09:27:08 GMT
server
etag: W/"4291-1700213228000"
x-frame-options: DENY
content-type: image/png
p3p: CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 4040
x-xss-protection: 1; mode=block
expires: Thu, 01 Dec 2033 15:30:32 GMT

Redirect headers

Date: Sun, 03 Dec 2023 21:53:09 GMT
Via: 1.1 765a91ad9951d0108fc1de53e348bac4.cloudfront.net (CloudFront)
Server: awselb/2.0
X-Amz-Cf-Pop: FRA60-P5
Age: 63443
X-Cache: Hit from cloudfront
Content-Type: text/html
Location: https://static.terramatrixmedia.com:443/LTI-545/img/backgrounds/logo-fha__vrelease_v54.png
Connection: keep-alive
Content-Length: 134
X-Amz-Cf-Id: g_FauP1dgvYG-KOUdOSuh2AF22R_9V7Ja50RhnKCUKE3Vl7kcV9wZw==

GET
H2 200 introlend_logo.svg
www.fharateguide.com/fs3/moneytips/svg/ 3 KB
2 KB 1386ms
1385ms Image
image/svg+xml 2606:4700:20::681a:fb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fharateguide.com/fs3/moneytips/svg/introlend_logo.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fb2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59909de6b987ae640a2484a8e048a41b8fc5d312837b81be89060c1e0ea36b6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/idv.fhtml?formFlowConfigId=2795&estprg=1&viewType=MOBILE&mp_value1=&mp_value2=&mp_value3=&formflowconfigid=2795&irgwc=1&viewtype=mobile&clickid=soryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0&irc=8749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:30:34 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
p3p: CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Nov 2023 09:27:10 GMT
server: cloudflare
etag: W/"2613-1700213230000"
x-frame-options: DENY
access-control-max-age: 1728000, 1728000
content-type: image/svg+xml
access-control-allow-origin: *, *
access-control-allow-methods: POST, GET, POST, GET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DJ2zhegrp6pR%2BkmVYeMNywfib0bKcDoDxmwcvQsQC3C7K59Wo9t9Qec4%2FqcRWGoJSulf8wKE0AMWgIc%2FUx%2FU4tZEyBOwWQfMA%2F10QfI%2BLc4fq8roJ524D0F6Jkao813ipiAY5uX2U9n5n67NB5kJYa%2Fv"}],"group":"cf-nel","max_age":604800}
cf-ray: 8305175bb9e89bbe-FRA
access-control-allow-headers: X-Auth-Token, X-PINGOTHER, origin, X-Requested-With, Content-Type, Accept, X-Auth-Token, X-PINGOTHER, origin, X-Requested-With, Content-Type, Accept

GET
H2

200

all.min__vrelease_v54.js Show response
static.terramatrixmedia.com/LTI-2683/js/
Redirect Chain

https://d1tkl1e3k37gw7.cloudfront.net/LTI-2683/js/all.min__vrelease_v54.js
https://static.terramatrixmedia.com/LTI-2683/js/all.min__vrelease_v54.js

766 KB
215 KB

364ms
364ms

Script
application/javascript

54.183.47.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.terramatrixmedia.com/LTI-2683/js/all.min__vrelease_v54.js

Requested by

Protocol

Server

54.183.47.202 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-183-47-202.us-west-1.compute.amazonaws.com

Software

Resource Hash

0754933b9ef7cfc5bcb81ee59da3b29230b98419499c4033273413590dd05f10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:30:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 17 Nov 2023 09:27:08 GMT
server
etag: W/"784672-1700213228000"
x-frame-options: DENY
content-type: application/javascript
p3p: CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: max-age=315360000
accept-ranges: bytes
x-xss-protection: 1; mode=block
expires: Thu, 01 Dec 2033 15:30:33 GMT

Redirect headers

Date: Mon, 04 Dec 2023 00:57:44 GMT
Via: 1.1 0616b48dd6be4cda83365410ecccbda4.cloudfront.net (CloudFront)
Server: awselb/2.0
X-Amz-Cf-Pop: DUS51-P1
Age: 52368
X-Cache: Hit from cloudfront
Content-Type: text/html
Location: https://static.terramatrixmedia.com:443/LTI-2683/js/all.min__vrelease_v54.js
Connection: keep-alive
Content-Length: 134
X-Amz-Cf-Id: XBP61I_zFwAlLfBZzRf8y89iMy1QKciLwYJeploI3iMLSNRi2RCLBg==

GET
H2

200

slideshow-1.3.1__vrelease_v54.js Show response
static.terramatrixmedia.com/fs3/js/
Redirect Chain

https://d1tkl1e3k37gw7.cloudfront.net/fs3/js/slideshow-1.3.1__vrelease_v54.js
https://static.terramatrixmedia.com/fs3/js/slideshow-1.3.1__vrelease_v54.js

38 KB
10 KB

317ms
317ms

Script
application/javascript

54.183.47.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.terramatrixmedia.com/fs3/js/slideshow-1.3.1__vrelease_v54.js

Requested by

Protocol

Server

54.183.47.202 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-183-47-202.us-west-1.compute.amazonaws.com

Software

Resource Hash

bb6b0b0e3a14b7057231bbbc35244144587fa5dc6bc18c6e19fac459596c51c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:30:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Nov 2023 09:27:10 GMT
server
etag: W/"38883-1700213230000"
access-control-max-age: 1728000
access-control-allow-methods: POST, GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-frame-options: DENY
accept-ranges: bytes
access-control-allow-headers: X-Auth-Token, X-PINGOTHER, origin, X-Requested-With, Content-Type, Accept
expires: Thu, 01 Dec 2033 15:30:33 GMT

Redirect headers

Date: Sun, 03 Dec 2023 18:52:45 GMT
Via: 1.1 0616b48dd6be4cda83365410ecccbda4.cloudfront.net (CloudFront)
Server: awselb/2.0
X-Amz-Cf-Pop: DUS51-P1
Age: 74267
X-Cache: Hit from cloudfront
Content-Type: text/html
Location: https://static.terramatrixmedia.com:443/fs3/js/slideshow-1.3.1__vrelease_v54.js
Connection: keep-alive
Content-Length: 134
X-Amz-Cf-Id: oUx-XlcUL37RerIU3PrckPoybD-U8hrFnFf2Xz5coIfMHjr3jHDSGw==

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 156ms
71ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fharateguide.com/
Origin: https://www.fharateguide.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:30:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 722
cdn-cachedat: 10/31/2023 18:48:06
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 2feea0b0a30b41bc96c7f7a78b6db073
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 8305175c3c5b30c4-FRA
cdn-requestpullsuccess: True

GET
H2 200 iframe-messenger.js Show response
www.fharateguide.com/fs3/js/ 2 KB
2 KB 1409ms
1408ms Script
application/javascript 2606:4700:20::681a:fb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fharateguide.com/fs3/js/iframe-messenger.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fb2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1a38a669c821907c49e5cad42342da8b4307b8c8eb32a5a11b169f84d7fd8e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/idv.fhtml?formFlowConfigId=2795&estprg=1&viewType=MOBILE&mp_value1=&mp_value2=&mp_value3=&formflowconfigid=2795&irgwc=1&viewtype=mobile&clickid=soryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0&irc=8749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:30:34 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
p3p: CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Nov 2023 09:27:10 GMT
server: cloudflare
etag: W/"1553-1700213230000"
access-control-max-age: 1728000
access-control-allow-methods: POST, GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WrRaZcgGLacyaUvk2Dpx5m1IEuedkXfR%2FF5FaEAtsshCRiMCmHTO9AS4gT72%2Fqjze1Fha3%2BtUz9VUAjcPB%2FvFyEILq3l8BtpebUMx%2BuORwG7GIEmUPl85xQT1O3J2A4YVUcqdHOe0VaFOgLU23P3mnFX"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
x-frame-options: DENY
cf-ray: 8305175bb9ea9bbe-FRA
access-control-allow-headers: X-Auth-Token, X-PINGOTHER, origin, X-Requested-With, Content-Type, Accept
vary: Accept-Encoding
expires: Thu, 01 Dec 2033 15:30:34 GMT

GET
H2 200 all-listing-lti-1376.min.js Show response
www.fharateguide.com/fs3/js/ 14 KB
5 KB 1376ms
1375ms Script
application/javascript 2606:4700:20::681a:fb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fharateguide.com/fs3/js/all-listing-lti-1376.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fb2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6a894385f6c43c5092453d582f6333d32f70c63e3b67705b0718949f4d95d9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/idv.fhtml?formFlowConfigId=2795&estprg=1&viewType=MOBILE&mp_value1=&mp_value2=&mp_value3=&formflowconfigid=2795&irgwc=1&viewtype=mobile&clickid=soryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0&irc=8749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:30:34 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
p3p: CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Nov 2023 09:27:10 GMT
server: cloudflare
etag: W/"13892-1700213230000"
access-control-max-age: 1728000
access-control-allow-methods: POST, GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3lA8EG5ggqWY%2B694BiLXBv%2B3IHBVYPEPG%2BPkCR31nk2T2yMeZkAp0413TgIMeWX%2B7Czv111Qy23FvuTmMvGPk7s7xzVeYesHOxQQVLSebHt5np2wQAeiiRMyA9CWGT7CcGWePq1snN7v8YmyM%2FUSCuM%2B"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
x-frame-options: DENY
cf-ray: 8305175bb9ed9bbe-FRA
access-control-allow-headers: X-Auth-Token, X-PINGOTHER, origin, X-Requested-With, Content-Type, Accept
vary: Accept-Encoding
expires: Thu, 01 Dec 2033 15:30:34 GMT

GET
H2

200

simple-exit-pop__vrelease_v54.js Show response
static.terramatrixmedia.com/fs3/js/
Redirect Chain

https://dv50pvmrizz2v.cloudfront.net/fs3/js/simple-exit-pop__vrelease_v54.js
https://static.terramatrixmedia.com/fs3/js/simple-exit-pop__vrelease_v54.js

4 KB
3 KB

371ms
371ms

Script
application/javascript

54.183.47.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.terramatrixmedia.com/fs3/js/simple-exit-pop__vrelease_v54.js

Requested by

Protocol

Server

54.183.47.202 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-183-47-202.us-west-1.compute.amazonaws.com

Software

Resource Hash

ce111ebfbef57c8cab7a379ac2a0df362a6db501c3928e8d8a1d7b430b14f3dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:30:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 1279
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Nov 2023 09:27:10 GMT
server
etag: W/"3772-1700213230000"
access-control-max-age: 1728000
access-control-allow-methods: POST, GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-frame-options: DENY
accept-ranges: bytes
access-control-allow-headers: X-Auth-Token, X-PINGOTHER, origin, X-Requested-With, Content-Type, Accept
expires: Thu, 01 Dec 2033 15:30:33 GMT

Redirect headers

Date: Sun, 03 Dec 2023 17:45:56 GMT
Via: 1.1 765a91ad9951d0108fc1de53e348bac4.cloudfront.net (CloudFront)
Server: awselb/2.0
X-Amz-Cf-Pop: FRA60-P5
Age: 78276
X-Cache: Hit from cloudfront
Content-Type: text/html
Location: https://static.terramatrixmedia.com:443/fs3/js/simple-exit-pop__vrelease_v54.js
Connection: keep-alive
Content-Length: 134
X-Amz-Cf-Id: 13LbGsUgAkZsYlxEl3XN61MCUX5SmH3393vf7jXeztObwKQKDk9UlQ==

GET
H2 200 serve.js Show response
finance.mediaalpha.com/js/ 6 KB
3 KB 379ms
122ms Script
application/javascript 54.234.192.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://finance.mediaalpha.com/js/serve.js
Requested by: Host: www.fharateguide.com
URL: https://www.fharateguide.com/idv.fhtml?formFlowConfigId=2795&estprg=1&viewType=MOBILE&mp_value1=&mp_value2=&mp_value3=&formflowconfigid=2795&irgwc=1&viewtype=mobile&clickid=soryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0&irc=8749
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.234.192.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-192-68.compute-1.amazonaws.com
Software: Apache /
Resource Hash: c29913e5caca5b7736d05d1d91f998ab67e282a8f3f6ff908a4ad060b05bcd6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:30:33 GMT
content-encoding: gzip
server: Apache
content-length: 2582
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8

GET
H2 200 common.js Show response
www.fharateguide.com/fs3/js/ 24 KB
7 KB 1426ms
1426ms Script
application/javascript 2606:4700:20::681a:fb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fharateguide.com/fs3/js/common.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fb2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f505a560ead2884aa6007a3a601e58b270df5001e1038585f97ca3f7b56fda23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/idv.fhtml?formFlowConfigId=2795&estprg=1&viewType=MOBILE&mp_value1=&mp_value2=&mp_value3=&formflowconfigid=2795&irgwc=1&viewtype=mobile&clickid=soryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0&irc=8749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:30:34 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
p3p: CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Nov 2023 09:27:10 GMT
server: cloudflare
etag: W/"24412-1700213230000"
access-control-max-age: 1728000
access-control-allow-methods: POST, GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kEYDGEzo9HsHA0qSbSj3XZ62PFviUn5CuLvaVTcnyXJjLm3Xp%2BqlF%2BYQxlYBA7RBoCZrHQTtwaNMYtvcASHFrezCyhUGbUKqBLjlhWkAxBwKSbR%2F3zJZoftYDaPc605B16%2FmUy6n5SMo8UH91ju2gD0G"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
x-frame-options: DENY
cf-ray: 8305175bb9ef9bbe-FRA
access-control-allow-headers: X-Auth-Token, X-PINGOTHER, origin, X-Requested-With, Content-Type, Accept
vary: Accept-Encoding
expires: Thu, 01 Dec 2033 15:30:34 GMT

GET
H2 200 footer-icons-v2.png
static.terramatrixmedia.com/LTI-774/img/ 19 KB
20 KB 391ms
390ms Image
image/png 54.183.47.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.terramatrixmedia.com/LTI-774/img/footer-icons-v2.png

Requested by

Host: static.terramatrixmedia.com
URL: https://static.terramatrixmedia.com/LTI-1985/css/all.min__vrelease_v54.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.183.47.202 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-183-47-202.us-west-1.compute.amazonaws.com

Software

Resource Hash

158af7b21bd63bd34985512c1ab4b7952c4a5891a908fb6a7063bd14ca3f3fa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.terramatrixmedia.com/LTI-1985/css/all.min__vrelease_v54.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:30:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 17 Nov 2023 09:27:08 GMT
server
etag: W/"19432-1700213228000"
x-frame-options: DENY
content-type: image/png
p3p: CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: max-age=315360000
accept-ranges: bytes
x-xss-protection: 1; mode=block
expires: Thu, 01 Dec 2033 15:30:33 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/ 47 KB
48 KB 125ms
40ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:300,400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.fharateguide.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:01:37 GMT
x-content-type-options: nosniff
age: 412136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48208
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Nov 2024 21:01:37 GMT

GET
H2 200 icon-sprites-MINT-v2.png
static.terramatrixmedia.com/LTI-966/sprites/ 125 KB
121 KB 204ms
204ms Image
image/png 54.183.47.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.terramatrixmedia.com/LTI-966/sprites/icon-sprites-MINT-v2.png

Requested by

Host: static.terramatrixmedia.com
URL: https://static.terramatrixmedia.com/LTI-1985/css/all.min__vrelease_v54.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.183.47.202 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-183-47-202.us-west-1.compute.amazonaws.com

Software

Resource Hash

7368f124fb247deb6e0bd874d14c51ca626552a153cfc5e68ffd543dd9b925cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.terramatrixmedia.com/LTI-1985/css/all.min__vrelease_v54.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:30:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 17 Nov 2023 09:27:08 GMT
server
etag: W/"127806-1700213228000"
x-frame-options: DENY
content-type: image/png
p3p: CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: max-age=315360000
accept-ranges: bytes
x-xss-protection: 1; mode=block
expires: Thu, 01 Dec 2033 15:30:34 GMT

POST
H2 200 idv.fhtml Show response
www.fharateguide.com/ 63 B
1 KB 1272ms
1272ms XHR
application/json 2606:4700:20::681a:fb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fharateguide.com/idv.fhtml?formFlowConfigId=2795&estprg=1&viewType=MOBILE

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fb2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25e38dca8f39f5dd8b605c93d08f6aeb1fe2f14fd374754e5284c8eb06f814f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: VQcCUlRRDBAHUlRWBQUHVVI=
tracestate: 43622@nr=0-1-1153224-772307950-53845e67ccae2193----1701703834353
traceparent: 00-d5f8de12e8922ff5c890341c25e90000-53845e67ccae2193-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjExNTMyMjQiLCJhcCI6Ijc3MjMwNzk1MCIsImlkIjoiNTM4NDVlNjdjY2FlMjE5MyIsInRyIjoiZDVmOGRlMTJlODkyMmZmNWM4OTAzNDFjMjVlOTAwMDAiLCJ0aSI6MTcwMTcwMzgzNDM1MywidGsiOiI0MzYyMiJ9fQ==
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Referer: https://www.fharateguide.com/idv.fhtml?formFlowConfigId=2795&estprg=1&viewType=MOBILE&mp_value1=&mp_value2=&mp_value3=&formflowconfigid=2795&irgwc=1&viewtype=mobile&clickid=soryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0&irc=8749
X-Requested-With: XMLHttpRequest

Response headers

date: Mon, 04 Dec 2023 15:30:35 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yQfT1N3O0esauB1LaFaqNOWljpV9KwvBtvTN1iCscZ4r2LlK1xc%2FRSpjQiu%2FKZSn0J9g3fAy%2FWMascUh3RzcebQv1J9m18akVV2Hjy3ixPvQGCK2xuHv5k09on%2BGbLXvmAonevZXodeIN8w%2FFW4PKhub"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=UTF-8
content-language: en-US
p3p: CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cf-ray: 83051764d82a9bbe-FRA
x-xss-protection: 1; mode=block

POST
H2 200 idv.fhtml Show response
www.fharateguide.com/ 13 B
1 KB 1354ms
1353ms XHR
application/json 2606:4700:20::681a:fb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fb2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c9d64ce7719748bf26cd81580ea58245e2a130baf32cd5fc92e08602626c26c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: VQcCUlRRDBAHUlRWBQUHVVI=
tracestate: 43622@nr=0-1-1153224-772307950-25e965c585096ee2----1701703834359
traceparent: 00-4607de81280ce4263320d77036f4db00-25e965c585096ee2-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjExNTMyMjQiLCJhcCI6Ijc3MjMwNzk1MCIsImlkIjoiMjVlOTY1YzU4NTA5NmVlMiIsInRyIjoiNDYwN2RlODEyODBjZTQyNjMzMjBkNzcwMzZmNGRiMDAiLCJ0aSI6MTcwMTcwMzgzNDM1OSwidGsiOiI0MzYyMiJ9fQ==
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.fharateguide.com/idv.fhtml?formFlowConfigId=2795&estprg=1&viewType=MOBILE&mp_value1=&mp_value2=&mp_value3=&formflowconfigid=2795&irgwc=1&viewtype=mobile&clickid=soryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0&irc=8749
X-Requested-With: XMLHttpRequest

Response headers

date: Mon, 04 Dec 2023 15:30:35 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qh7po3udRBWLkiuGxUxkfXwy4R2b6INoX9Jmn6KM24Nt2CDJghN6rVy8LZ%2FSkB78lT5V67Ujki8XXtVJOZ7EclIA9JhLThR%2FazZJ0M03ZW6tFglc931emC4dVniHJeb5S0XwMP5955%2Br61lphuNe4yaP"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=UTF-8
content-language: en-US
p3p: CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cf-ray: 83051764d8359bbe-FRA
x-xss-protection: 1; mode=block

GET
H2 200 trustevIFrame.html Show response
cdn.trustev.com/ Frame C74C 7 KB
8 KB 208ms
40ms Document
text/html 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustev.com/trustevIFrame.html
Requested by: Host: www.fharateguide.com
URL: https://www.fharateguide.com/idv.fhtml?formFlowConfigId=2795&estprg=1&viewType=MOBILE&mp_value1=&mp_value2=&mp_value3=&formflowconfigid=2795&irgwc=1&viewtype=mobile&clickid=soryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0&irc=8749
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CC9) /
Resource Hash: ea9d101fe0f9989216afd8f7af3ff8ec2d3c70e3e54463eb64556ad0561627dc

Request headers

Referer: https://www.fharateguide.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 395377
content-length: 7584
content-type: text/html
date: Mon, 04 Dec 2023 15:30:34 GMT
etag: "0x8D4B2650924FD31"
last-modified: Tue, 13 Jun 2017 14:03:58 GMT
server: ECAcc (frc/4CC9)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 66360d10-d01e-005c-5b2e-234d62000000
x-ms-version: 2014-02-14

OPTIONS
H/1.1 200
OK javascript
app.trustev.com/api/v2.0/configuration/ Frame 0
0 628ms
124ms Preflight 13.77.127.157
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://app.trustev.com/api/v2.0/configuration/javascript
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.77.127.157 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-publickey,x-tu-dv-js-version
Access-Control-Request-Method: GET
Origin: https://www.fharateguide.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type,x-publickey,x-tu-dv-js-version
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Mon, 04 Dec 2023 15:30:34 GMT
Request-Context: appId=cid-v1:d65921b2-8e68-4ce4-bca8-e9340c0ca8cc

OPTIONS
H/1.1 200
OK session
app.trustev.com/api/v2.0/ Frame 0
0 648ms
123ms Preflight 13.77.127.157
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://app.trustev.com/api/v2.0/session
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.77.127.157 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-publickey,x-tu-dv-js-version
Access-Control-Request-Method: POST
Origin: https://www.fharateguide.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type,x-publickey,x-tu-dv-js-version
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Mon, 04 Dec 2023 15:30:34 GMT
Request-Context: appId=cid-v1:d65921b2-8e68-4ce4-bca8-e9340c0ca8cc

GET
H/1.1 200
OK javascript Show response
app.trustev.com/api/v2.0/configuration/ 140 B
488 B 154ms
154ms XHR
application/json 13.77.127.157
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://app.trustev.com/api/v2.0/configuration/javascript
Requested by: Host: www.fharateguide.com
URL: https://www.fharateguide.com/idv.fhtml?formFlowConfigId=2795&estprg=1&viewType=MOBILE&mp_value1=&mp_value2=&mp_value3=&formflowconfigid=2795&irgwc=1&viewtype=mobile&clickid=soryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0&irc=8749
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.77.127.157 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2631a642b5823ff716ff86be7d401be7213010aaeb04c1f03a525de45b9bbc0f

Request headers

X-PublicKey: 1185696a25c34df49e5caa9544eff7f8
Referer: https://www.fharateguide.com/
X-TU-DV-JS-Version: v3.9.30420
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

Expires: -1
Pragma: no-cache
Date: Mon, 04 Dec 2023 15:30:34 GMT
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Request-Context,Content-Length,Date
Cache-Control: no-cache
Content-Length: 140
Request-Context: appId=cid-v1:d65921b2-8e68-4ce4-bca8-e9340c0ca8cc

POST
H/1.1 200
OK session Show response
app.trustev.com/api/v2.0/ 125 B
473 B 197ms
196ms XHR
application/json 13.77.127.157
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://app.trustev.com/api/v2.0/session
Requested by: Host: www.fharateguide.com
URL: https://www.fharateguide.com/idv.fhtml?formFlowConfigId=2795&estprg=1&viewType=MOBILE&mp_value1=&mp_value2=&mp_value3=&formflowconfigid=2795&irgwc=1&viewtype=mobile&clickid=soryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0&irc=8749
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.77.127.157 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0f995c662e7fea906e7784a80382fb7eb927cc7c2c07104c2d4ab2dd68c3d246

Request headers

X-PublicKey: 1185696a25c34df49e5caa9544eff7f8
Referer: https://www.fharateguide.com/
X-TU-DV-JS-Version: v3.9.30420
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

Expires: -1
Pragma: no-cache
Date: Mon, 04 Dec 2023 15:30:35 GMT
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Request-Context,Content-Length,Date
Cache-Control: no-cache
Content-Length: 125
Request-Context: appId=cid-v1:d65921b2-8e68-4ce4-bca8-e9340c0ca8cc

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 125ms
39ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 04 Dec 2023 14:31:39 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3535
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 04 Dec 2023 16:31:39 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 330 KB
101 KB 152ms
66ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WQZQGX

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

02cd4bfe74923e68e6065d569e48aa029fcf4a9782cb1b8542eb4d0083be7ac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:30:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 102507
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Dec 2023 15:30:34 GMT

GET
H2 200 learn.js Show response
www.ipqscdn.com/api/*/bKWZMw9sFq3FmZmaDzhv54Q0Dhi7FIEXEKyHXBNidhMklx8TdK3ISD5IgWppvTiyGzwOKpS8j16tAzwzM1cCoxhaHutAOPjDLD2JkxeditSZnuLTlqrsb8J1vkEjjXGePQmjrUiIHTM5R6rvt3s1Q2vX5TS0lr5hbFmnK6inXwL39u2... 138 KB
68 KB 150ms
56ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ipqscdn.com/api/*/bKWZMw9sFq3FmZmaDzhv54Q0Dhi7FIEXEKyHXBNidhMklx8TdK3ISD5IgWppvTiyGzwOKpS8j16tAzwzM1cCoxhaHutAOPjDLD2JkxeditSZnuLTlqrsb8J1vkEjjXGePQmjrUiIHTM5R6rvt3s1Q2vX5TS0lr5hbFmnK6inXwL39u2s8IQQMIruI06IUwnMahK3jaCJKtW2lmdausc6uyjUcE1518x5B2Orkn9McUOExd2E6HVFuSMGAsnwHXmS/learn.js
Requested by: Host: www.fharateguide.com
URL: https://www.fharateguide.com/idv.fhtml?formFlowConfigId=2795&estprg=1&viewType=MOBILE&mp_value1=&mp_value2=&mp_value3=&formflowconfigid=2795&irgwc=1&viewtype=mobile&clickid=soryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0&irc=8749
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.27
Resource Hash: cf49b28eb561f8a99ac82cfeaeb0203af8b22adc455361b4c2856231f47675fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:30:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7891
x-powered-by: PHP/7.4.27
alt-svc: h3=":443"; ma=86400
pragma: cache
last-modified: Mon, 04 Dec 2023 13:19:03 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nPbA%2BpGBgYE78FnHsIekAXRpyepQ2OZvZQ63k3eqc0bpb6xwASU14TeMI0rwZqHyYxfKBx%2Bo8H9gAAbHwOJ97oYwMpkTk4WhuV%2BYaxiOnMajYbbpsBDd2BpjwB%2BVVTOgjSAEFdpH3gjNElBs2E0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-robots-tag: noindex
cf-ray: 830517658a9230f3-FRA
expires: Tue, 05 Dec 2023 08:19:03 GMT

POST
H2 200 save-signup-data Show response
www.fharateguide.com/moneytips/api/moneytips/2795/ 16 B
1 KB 1326ms
1325ms XHR
application/json 2606:4700:20::681a:fb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fharateguide.com/moneytips/api/moneytips/2795/save-signup-data

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fb2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: VQcCUlRRDBAHUlRWBQUHVVI=
tracestate: 43622@nr=0-1-1153224-772307950-df804956e476f4c5----1701703834374
traceparent: 00-25d6f8ed2920e50a680e6294c4acad00-df804956e476f4c5-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjExNTMyMjQiLCJhcCI6Ijc3MjMwNzk1MCIsImlkIjoiZGY4MDQ5NTZlNDc2ZjRjNSIsInRyIjoiMjVkNmY4ZWQyOTIwZTUwYTY4MGU2Mjk0YzRhY2FkMDAiLCJ0aSI6MTcwMTcwMzgzNDM3NCwidGsiOiI0MzYyMiJ9fQ==
Content-Type: application/json; charset=UTF-8
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.fharateguide.com/idv.fhtml?formFlowConfigId=2795&estprg=1&viewType=MOBILE&mp_value1=&mp_value2=&mp_value3=&formflowconfigid=2795&irgwc=1&viewtype=mobile&clickid=soryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0&irc=8749
X-Requested-With: XMLHttpRequest

Response headers

date: Mon, 04 Dec 2023 15:30:35 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oikcBNsbdkEjdZxs%2FUZ3KSMA%2BYSIcxa8ql3Mv6%2Bw39W0irhRLjUJYW5XPQdwOgSJV%2By3aNccMa0s%2FMoE%2FKWwf8GYl90fEGkxmw6HdcxgYvyOstLqutYs4OlgK5thL%2BNanyMwG6a4DsEY8jo0phOmQpBR"}],"group":"cf-nel","max_age":604800}
content-type: application/json
p3p: CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cf-ray: 83051764f8589bbe-FRA
x-xss-protection: 1; mode=block

GET
H2 200 serve_.js Show response
finance.mediaalpha.com/js/ 62 B
193 B 152ms
152ms Script
text/javascript 54.234.192.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://finance.mediaalpha.com/js/serve_.js?z=~type~E~placement_id~~rntg_my08dhV8FlmbEH-fFv663FLwg~~version~17~sub_1~~M~~data~{~zip~0}~local_hour~16&d=mediaalpha_placeholder&_=241061809
Requested by: Host: www.fharateguide.com
URL: https://www.fharateguide.com/idv.fhtml?formFlowConfigId=2795&estprg=1&viewType=MOBILE&mp_value1=&mp_value2=&mp_value3=&formflowconfigid=2795&irgwc=1&viewtype=mobile&clickid=soryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0&irc=8749
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.234.192.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-192-68.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 57ad168a2a74016657ec73973269b90e789f216800f3a0248ba832e7e5611b45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:30:34 GMT
content-encoding: gzip
server: Apache
content-length: 76
vary: Accept-Encoding
content-type: text/javascript

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
163 B 47ms
46ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=309562411&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fharateguide.com%2Fidv.fhtml%3FformFlowConfigId%3D2795%26estprg%3D1%26viewType%3DMOBILE%26mp_value1%3D%26mp_value2%3D%26mp_value3%3D%26formflowconfigid%3D2795%26irgwc%3D1%26viewtype%3Dmobile%26clickid%3Dsoryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0%26irc%3D8749&dp=%3FformFlowConfigId%3D2795%26estprg%3D1%26viewType%3DMOBILE%26mp_value1%3D%26mp_value2%3D%26mp_value3%3D%26formflowconfigid%3D2795%26irgwc%3D1%26viewtype%3Dmobile%26clickid%3Dsoryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0%26irc%3D8749%26p%3DLANDER%26slide%3D1%26slide_name%3DPRODUCT%26ffsid%3Dffs-018c-3573d10e-1073&ul=en-us&de=UTF-8&dt=Mortgage%20News%20and%20Rates%20-%20FHA%20Rate%20Guide&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAABAAAAAC~&jid=759347343&gjid=1135064575&cid=696862411.1701703835&tid=UA-338775-5&_gid=777523628.1701703835&_slc=1&cd1=&cd2=MOBILE&cd3=FORM&cd4=2795&cd5=&z=1654465459

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

95e3d8082118cfe74c314a78a84468884853736689ccebc9f9df736d32f7ba1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fharateguide.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 15:30:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fharateguide.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
353 B 144ms
48ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-338775-5&cid=696862411.1701703835&jid=759347343&gjid=1135064575&_gid=777523628.1701703835&_u=YGBAgAABAAAAAG~&z=1915428153

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fharateguide.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 04 Dec 2023 15:30:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fharateguide.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 39ms
39ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=309562411&t=pageview&_s=2&dl=https%3A%2F%2Fwww.fharateguide.com%2Fidv.fhtml%3FformFlowConfigId%3D2795%26estprg%3D1%26viewType%3DMOBILE%26mp_value1%3D%26mp_value2%3D%26mp_value3%3D%26formflowconfigid%3D2795%26irgwc%3D1%26viewtype%3Dmobile%26clickid%3Dsoryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0%26irc%3D8749&dp=%2Fidv.fhtml%3FformFlowConfigId%3D2795%26estprg%3D1%26viewType%3DMOBILE%26gclid%3D&ul=en-us&de=UTF-8&dt=Mortgage%20News%20and%20Rates%20-%20FHA%20Rate%20Guide&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAABAAAAAG~&jid=&gjid=&cid=696862411.1701703835&tid=UA-338775-5&_gid=777523628.1701703835&cd1=&cd2=MOBILE&cd3=FORM&cd4=2795&cd5=&z=941079792

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 22:37:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 60766
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 256 KB
85 KB 60ms
60ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QSN0HYPY8W&cx=c&_slc=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

74cd3ffd586529aa8c49c561c52f65b14b7af471a64a67b683c8130c9cea0332

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:30:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86920
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Dec 2023 15:30:34 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/872149984/ 3 KB
2 KB 141ms
55ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/872149984/?random=1701703834629&cv=11&fst=1701703834629&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v71021901&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.fharateguide.com%2Fidv.fhtml%3FformFlowConfigId%3D2795%26estprg%3D1%26viewType%3DMOBILE%26mp_value1%3D%26mp_value2%3D%26mp_value3%3D%26formflowconfigid%3D2795%26irgwc%3D1%26viewtype%3Dmobile%26clickid%3Dsoryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0%26irc%3D8749&label=PJgkCIHCuXMQ4OfvnwM&hn=www.googleadservices.com&frm=0&tiba=Mortgage%20News%20and%20Rates%20-%20FHA%20Rate%20Guide&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1b4c08a1f461577b46ba669456e3820b13b4af87cfcdf8a912e2c498c1a74cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 15:30:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1442
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/leadpoint-sc/ 64 KB
20 KB 390ms
301ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/leadpoint-sc/tfa.js
Requested by: Host: www.fharateguide.com
URL: https://www.fharateguide.com/idv.fhtml?formFlowConfigId=2795&estprg=1&viewType=MOBILE&mp_value1=&mp_value2=&mp_value3=&formflowconfigid=2795&irgwc=1&viewtype=mobile&clickid=soryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0&irc=8749
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a997aab4562c7cdc0428b543380ccd77ad71e6a22d8bd37f0426216223f192fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: FSnhfEZx0DvI9oHuO9Rm3c8R2rPxqfZ8
content-encoding: gzip
via: 1.1 varnish
date: Mon, 04 Dec 2023 15:30:35 GMT
x-amz-request-id: KK731CBXB6GXD80S
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS
x-amz-replication-status: COMPLETED
content-length: 19962
x-amz-id-2: s3C/93h23nFxH2WlrdBr3BaIn+nTh9wsRIfaSJuveQjZOl2DFHmMqM/WAMmUmiOyeLVSOwCqwR0=
x-served-by: cache-fra-etou8220033-FRA
last-modified: Sun, 03 Dec 2023 11:17:04 GMT
server: AmazonS3
x-timer: S1701703835.796982,VS0,VE207
etag: "80707d38f697355cc1e1e4552c014db5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 29
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 18 KB
7 KB 129ms
40ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:29:07 GMT
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: YDGSTQFZ65568Q6C
age: 88
x-amz-server-side-encryption: AES256
x-amz-id-2: 0l/858FxgUAouGPuvFK3eSWdv4DdR1TOVxj9aMrQzenQHNzDzVigIbCh6Bg9udyWycfQA4Kd9RsAye370FC5sA==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
server: ATS
etag: "5c6ed25dce803fd84288922b8928409e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 145ms
63ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 04 Dec 2023 15:30:34 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4E9CEA03FB8345779BED30BC3E93141F Ref B: FRA31EDGE0611 Ref C: 2023-12-04T15:30:34Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 119ms
40ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 04 Dec 2023 15:30:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: jTWWH49D/UzrDUgmiYeL+bvc7+L3HSoudCF8ABOY/J8kGb02hyIvdW1QCvK/QBH7QRC0AVtZQxCQ5C7QvhLCZg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 leadid_code.ilp Show response
www.dataverify123.com/ 374 B
1 KB 617ms
208ms Script
text/javascript 52.9.79.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dataverify123.com/leadid_code.ilp?a=33711
Requested by: Host: www.fharateguide.com
URL: https://www.fharateguide.com/idv.fhtml?formFlowConfigId=2795&estprg=1&viewType=MOBILE&mp_value1=&mp_value2=&mp_value3=&formflowconfigid=2795&irgwc=1&viewtype=mobile&clickid=soryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0&irc=8749
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.9.79.152 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-79-152.us-west-1.compute.amazonaws.com
Software: /
Resource Hash: b812c28e8434cd7648cae9bc37458c25306d994989a7090fd429727e253ef7fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Mon, 04 Dec 2023 15:45:35 GMT
date: Mon, 04 Dec 2023 15:30:35 GMT
cache-control: max-age=900000
content-language: en-US
p3p: CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", CP="NOI DSP COR LAW CUR CONi TELi OUR DELi SAMi BUS UNI"
content-length: 374
content-type: text/javascript;charset=ISO-8859-1

GET 1515ba44
links.yourloanupdate.com/gs/vD/c/ 0
0

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 77 KB
24 KB 153ms
42ms Script
text/javascript 2600:9000:224a:4600:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.fharateguide.com
URL: https://www.fharateguide.com/idv.fhtml?formFlowConfigId=2795&estprg=1&viewType=MOBILE&mp_value1=&mp_value2=&mp_value3=&formflowconfigid=2795&irgwc=1&viewtype=mobile&clickid=soryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0&irc=8749
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:4600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 04973f96fb9c6e41af1fc9486d48e8936d01498f8eedb266616bacd866e2e6c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

X-Amz-Version-Id: WR87b7q5q8oup3pL2O5SSN.NVO0Ke7cd
Content-Encoding: gzip
Via: 1.1 8d4901eb4989773bb579fc1597e54ea8.cloudfront.net (CloudFront)
Date: Mon, 04 Dec 2023 15:19:54 GMT
Age: 640
X-Amz-Cf-Pop: DUS51-P1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 31 Oct 2023 15:28:28 GMT
Server: AmazonS3
Etag: W/"c7df5f519bb5d8f62bef23196a8ec659"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 9XOors-kR5Jz404TBgWYL4X8AFQ_GilH2TDyFRlp2S03CAmdLuN0uw==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
258 B 133ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-QSN0HYPY8W&gtm=45je3bt0v9164385229&_p=1701703834364&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=696862411.1701703835&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AhAI&_s=1&dl=https%3A%2F%2Fwww.fharateguide.com%2Fidv.fhtml%3FformFlowConfigId%3D2795%26estprg%3D1%26viewType%3DMOBILE%26mp_value1%3D%26mp_value2%3D%26mp_value3%3D%26formflowconfigid%3D2795%26irgwc%3D1%26viewtype%3Dmobile%26clickid%3Dsoryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0%26irc%3D8749&dp=%3FformFlowConfigId%3D2795%26estprg%3D1%26viewType%3DMOBILE%26mp_value1%3D%26mp_value2%3D%26mp_value3%3D%26formflowconfigid%3D2795%26irgwc%3D1%26viewtype%3Dmobile%26clickid%3Dsoryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0%26irc%3D8749%26p%3DLANDER%26slide%3D1%26slide_name%3DPRODUCT%26ffsid%3Dffs-018c-3573d10e-1073&dt=Mortgage%20News%20and%20Rates%20-%20FHA%20Rate%20Guide&sid=1701703834&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_2=MOBILE&ep.ua_dimension_3=FORM&ep.ua_dimension_4=2795&tfd=5277
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QSN0HYPY8W&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 15:30:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fharateguide.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 48ms
48ms Ping
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-QSN0HYPY8W&cid=696862411.1701703835&gtm=45je3bt0v9164385229&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QSN0HYPY8W&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 15:30:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fharateguide.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 132ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-QSN0HYPY8W&gtm=45je3bt0v9164385229&_p=1701703834364&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=696862411.1701703835&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABgI&_s=2&dl=https%3A%2F%2Fwww.fharateguide.com%2Fidv.fhtml%3FformFlowConfigId%3D2795%26estprg%3D1%26viewType%3DMOBILE%26mp_value1%3D%26mp_value2%3D%26mp_value3%3D%26formflowconfigid%3D2795%26irgwc%3D1%26viewtype%3Dmobile%26clickid%3Dsoryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0%26irc%3D8749&dp=%3FformFlowConfigId%3D2795%26estprg%3D1%26viewType%3DMOBILE%26mp_value1%3D%26mp_value2%3D%26mp_value3%3D%26formflowconfigid%3D2795%26irgwc%3D1%26viewtype%3Dmobile%26clickid%3Dsoryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0%26irc%3D8749%26p%3DLANDER%26slide%3D1%26slide_name%3DPRODUCT%26ffsid%3Dffs-018c-3573d10e-1073&dt=Mortgage%20News%20and%20Rates%20-%20FHA%20Rate%20Guide&sid=1701703834&sct=1&seg=0&cu=USD&en=page_1&_c=1&ep.ua_dimension_2=MOBILE&ep.ua_dimension_3=FORM&ep.ua_dimension_4=2795&epn.value=0&_et=2&tfd=5279
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QSN0HYPY8W&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 15:30:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fharateguide.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 47ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-QSN0HYPY8W&gtm=45je3bt0v9164385229&_p=1701703834364&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=696862411.1701703835&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AhAI&_s=3&dl=https%3A%2F%2Fwww.fharateguide.com%2Fidv.fhtml%3FformFlowConfigId%3D2795%26estprg%3D1%26viewType%3DMOBILE%26mp_value1%3D%26mp_value2%3D%26mp_value3%3D%26formflowconfigid%3D2795%26irgwc%3D1%26viewtype%3Dmobile%26clickid%3Dsoryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0%26irc%3D8749&dp=%2Fidv.fhtml%3FformFlowConfigId%3D2795%26estprg%3D1%26viewType%3DMOBILE%26gclid%3D&dt=Mortgage%20News%20and%20Rates%20-%20FHA%20Rate%20Guide&sid=1701703834&sct=1&seg=1&en=page_view&_ee=1&ep.ua_dimension_2=MOBILE&ep.ua_dimension_3=FORM&ep.ua_dimension_4=2795&_et=1&tfd=5290
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QSN0HYPY8W&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 15:30:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fharateguide.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 47ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-QSN0HYPY8W&gtm=45je3bt0v9164385229&_p=1701703834364&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=696862411.1701703835&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABgI&_s=4&dl=https%3A%2F%2Fwww.fharateguide.com%2Fidv.fhtml%3FformFlowConfigId%3D2795%26estprg%3D1%26viewType%3DMOBILE%26mp_value1%3D%26mp_value2%3D%26mp_value3%3D%26formflowconfigid%3D2795%26irgwc%3D1%26viewtype%3Dmobile%26clickid%3Dsoryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0%26irc%3D8749&dp=%2Fidv.fhtml%3FformFlowConfigId%3D2795%26estprg%3D1%26viewType%3DMOBILE%26gclid%3D&dt=Mortgage%20News%20and%20Rates%20-%20FHA%20Rate%20Guide&sid=1701703834&sct=1&seg=1&cu=USD&en=page_1&_c=1&ep.ua_dimension_2=MOBILE&ep.ua_dimension_3=FORM&ep.ua_dimension_4=2795&_et=1&epn.value=0&tfd=5290
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QSN0HYPY8W&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 15:30:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fharateguide.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 152ms
66ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QSN0HYPY8W&cid=696862411.1701703835&gtm=45je3bt0v9164385229&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=2060094753

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 15:30:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 151ms
66ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-338775-5&cid=696862411.1701703835&jid=759347343&_u=YGBAgAABAAAAAG~&z=1020529946

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 15:30:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 128ms
67ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-338775-5&cid=696862411.1701703835&jid=759347343&_u=YGBAgAABAAAAAG~&z=1020529946

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 15:30:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/872149984/ 42 B
455 B 116ms
52ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/872149984/?random=1701703834629&cv=11&fst=1701702000000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v71021901&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.fharateguide.com%2Fidv.fhtml%3FformFlowConfigId%3D2795%26estprg%3D1%26viewType%3DMOBILE%26mp_value1%3D%26mp_value2%3D%26mp_value3%3D%26formflowconfigid%3D2795%26irgwc%3D1%26viewtype%3Dmobile%26clickid%3Dsoryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0%26irc%3D8749&label=PJgkCIHCuXMQ4OfvnwM&frm=0&tiba=Mortgage%20News%20and%20Rates%20-%20FHA%20Rate%20Guide&fmt=3&is_vtc=1&cid=CAQSGwDICaaN469LV5Xhxa3Tr0mgrEf0j5FuLpQ0fg&random=3229559495&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 15:30:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/872149984/ 42 B
455 B 96ms
54ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/872149984/?random=1701703834629&cv=11&fst=1701702000000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v71021901&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.fharateguide.com%2Fidv.fhtml%3FformFlowConfigId%3D2795%26estprg%3D1%26viewType%3DMOBILE%26mp_value1%3D%26mp_value2%3D%26mp_value3%3D%26formflowconfigid%3D2795%26irgwc%3D1%26viewtype%3Dmobile%26clickid%3Dsoryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0%26irc%3D8749&label=PJgkCIHCuXMQ4OfvnwM&frm=0&tiba=Mortgage%20News%20and%20Rates%20-%20FHA%20Rate%20Guide&fmt=3&is_vtc=1&cid=CAQSGwDICaaN469LV5Xhxa3Tr0mgrEf0j5FuLpQ0fg&random=3229559495&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 15:30:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 5663198.js Show response
bat.bing.com/p/action/ 0
118 B 64ms
64ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5663198.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 04 Dec 2023 15:30:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8C5BDFFA903246DB9A8B33E547AE2586 Ref B: FRA31EDGE0611 Ref C: 2023-12-04T15:30:34Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
287 B 148ms
148ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5663198&Ver=2&mid=293ef846-67eb-46e6-af62-683403e41db9&sid=115b735092ba11ee882c69989844255f&vid=115ba3c092ba11eeb18751d12cc9ef88&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Mortgage%20News%20and%20Rates%20-%20FHA%20Rate%20Guide&kw=refinance,%20mortgage%20calculator&p=https%3A%2F%2Fwww.fharateguide.com%2Fidv.fhtml%3FformFlowConfigId%3D2795%26estprg%3D1%26viewType%3DMOBILE%26mp_value1%3D%26mp_value2%3D%26mp_value3%3D%26formflowconfigid%3D2795%26irgwc%3D1%26viewtype%3Dmobile%26clickid%3Dsoryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0%26irc%3D8749%230&r=&lt=4974&evt=pageLoad&sv=1&rn=390707

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 04 Dec 2023 15:30:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BC044391FD8B4810AE6433365301C3E3 Ref B: FRA31EDGE0611 Ref C: 2023-12-04T15:30:34Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 422383.json Show response
s.yimg.com/wi/config/ 2 B
159 B 498ms
420ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/422383.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:30:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: E68VERXA0N986YTM
age: 3
content-length: 22
x-amz-id-2: EEeHGG2l2I6gMJXEZbHmz6e++O16btcgz++vWRHHID0dB55a7VWxnt4XwvT48AmIt+baTqa11s4=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

GET
H2 200 10032102.json Show response
s.yimg.com/wi/config/ 2 B
496 B 225ms
147ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10032102.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:30:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: KK7FHTHPBR3DMCG6
age: 3
content-length: 22
x-amz-id-2: +j3RiYUjhggx0BefkHMOu/GaYdiCYAGxcEN+DfCiNPhco+YF45hIwUkgpXh/3U+Lmv750pu4G6/y50qrkodMKA==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/A2IU5VI3AJGQDAMYX7JDQX/MYPZQKA7TRG6RBG6IN7LNN/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
756 B

97ms
43ms

Script
application/javascript

2600:9000:224a:4600:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: www.fharateguide.com
URL: https://www.fharateguide.com/idv.fhtml?formFlowConfigId=2795&estprg=1&viewType=MOBILE&mp_value1=&mp_value2=&mp_value3=&formflowconfigid=2795&irgwc=1&viewtype=mobile&clickid=soryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0&irc=8749
Protocol: HTTP/1.1
Server: 2600:9000:224a:4600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date: Sun, 03 Dec 2023 19:42:20 GMT
Via: 1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
Age: 71307
X-Amz-Cf-Pop: DUS51-P1
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: fMA0A6bxitAeowM8i-SL9WRQhr2rnLkVhlDiWZdoEBdMrODSABlmhA==

Redirect headers

Date: Mon, 04 Dec 2023 07:43:44 GMT
Via: 1.1 8d4901eb4989773bb579fc1597e54ea8.cloudfront.net (CloudFront)
Age: 28009
X-Amz-Cf-Pop: DUS51-P1
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: K7UHbkaNOirSqnw5tAruTeVj_E1nnZ7lM7HOM4W15V3JDRkHpSKIHA==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/A2IU5VI3AJGQDAMYX7JDQX/MYPZQKA7TRG6RBG6IN7LNN/ 0
805 B 662ms
634ms Script
text/javascript 2600:9000:224a:4600:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/A2IU5VI3AJGQDAMYX7JDQX/MYPZQKA7TRG6RBG6IN7LNN/index.js
Requested by: Host: www.fharateguide.com
URL: https://www.fharateguide.com/idv.fhtml?formFlowConfigId=2795&estprg=1&viewType=MOBILE&mp_value1=&mp_value2=&mp_value3=&formflowconfigid=2795&irgwc=1&viewtype=mobile&clickid=soryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0&irc=8749
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:4600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

X-Amz-Version-Id: Q5PgFoDiUb4c54JY_dmtl_jhW2pN6MhP
Date: Mon, 04 Dec 2023 15:30:36 GMT
Via: 1.1 8d4901eb4989773bb579fc1597e54ea8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUS51-P1
X-Amz-Server-Side-Encryption: AES256
X-Cache: RefreshHit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Sun, 03 Dec 2023 11:43:49 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: _vTRXgt39aCS7Ebd4zMmTBOQXoh5aFybtY0OVVvJ66efpvbnzPQT6w==

GET
H2 200 620872564766010 Show response
connect.facebook.net/signals/config/ 115 KB
31 KB 170ms
169ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/620872564766010?v=2.9.138&r=stable&domain=www.fharateguide.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

22724a42290e0649abca8f68b97b7f7c1274a8d09cb7de5dc1fd5e5a573f192c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 04 Dec 2023 15:30:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: W7h/rjqj26fNrRyhtB+ys+ukSBdpEB0nefgf4ZOcZEd/LDL6Fd+atL/hz4pyYIrPXShdkfDyI/mmYVTFIfGauA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 A2IU5VI3AJGQDAMYX7JDQX Show response
d.adroll.com/consent/check/ 492 B
585 B 179ms
55ms Script
application/javascript 2a05:d018:cc3:fe04:3014:5030:a5b6:caa6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/A2IU5VI3AJGQDAMYX7JDQX?pv=67153407479.61036&arrfrr=https%3A%2F%2Fwww.fharateguide.com%2Fidv.fhtml%3FformFlowConfigId%3D2795%26estprg%3D1%26viewType%3DMOBILE%26mp_value1%3D%26mp_value2%3D%26mp_value3%3D%26formflowconfigid%3D2795%26irgwc%3D1%26viewtype%3Dmobile%26clickid%3Dsoryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0%26irc%3D8749%230&_s=9abd2f7e12121e57cf8c0e85154917c5&_b=2
Requested by: Host: www.fharateguide.com
URL: https://www.fharateguide.com/idv.fhtml?formFlowConfigId=2795&estprg=1&viewType=MOBILE&mp_value1=&mp_value2=&mp_value3=&formflowconfigid=2795&irgwc=1&viewtype=mobile&clickid=soryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0&irc=8749
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe04:3014:5030:a5b6:caa6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 15a8849583430d67adf23e41817a2c85f9b61fcd4fa265688139a6ffecd4cf82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:30:35 GMT
server: nginx/1.22.1
content-length: 492
content-type: application/javascript

GET
H2 204 mark
trc.taboola.com/1013168/log/3/ 0
274 B 53ms
53ms Image
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/1013168/log/3/mark?tim=16%3A30%3A35.034&item-url=https%3A//www.fharateguide.com/idv.fhtml%3FformFlowConfigId%3D2795%26estprg%3D1%26viewType%3DMOBILE%26mp_value1%3D%26mp_value2%3D%26mp_value3%3D%26formflowconfigid%3D2795%26irgwc%3D1%26viewtype%3Dmobile%26clickid%3Dsoryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0%26irc%3D8749%230&marking-type=external_FHARG
Requested by: Host: www.fharateguide.com
URL: https://www.fharateguide.com/idv.fhtml?formFlowConfigId=2795&estprg=1&viewType=MOBILE&mp_value1=&mp_value2=&mp_value3=&formflowconfigid=2795&irgwc=1&viewtype=mobile&clickid=soryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0&irc=8749
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/idv.fhtml?formFlowConfigId=2795&estprg=1&viewType=MOBILE&mp_value1=&mp_value2=&mp_value3=&formflowconfigid=2795&irgwc=1&viewtype=mobile&clickid=soryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0&irc=8749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms: 10
date: Mon, 04 Dec 2023 15:30:35 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7796
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-etou8220033-FRA
pragma: no-cache
server: nginx
x-timer: S1701703835.057656,VS0,VE10
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 156ms
40ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=620872564766010&ev=PageView&dl=https%3A%2F%2Fwww.fharateguide.com&rl=&if=false&ts=1701703835153&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmgoogletagmanager&ec=0&o=4124&fbp=fb.1.1701703835151.949727119&pm=1&hrl=ece6e2&ler=empty&it=1701703834849&coo=false&cs_cc=1&cas=2110194172355720%2C1711419028979206&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 04 Dec 2023 15:30:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK wdp.js Show response
mpsnare.iesnare.com/early5/nLdMddw0jvDUZG3ETn8y0CEt7ZECk8Jm4N-uQ7wPu0k/ 42 KB
20 KB 205ms
59ms Script
text/javascript 54.228.71.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/early5/nLdMddw0jvDUZG3ETn8y0CEt7ZECk8Jm4N-uQ7wPu0k/wdp.js?loaderVer=5.1.0&compat=false&tp=true&tp_split=false&fp_static=false&fp_dyn=true&flash=false

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.228.71.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-71-178.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

fc9c2e3c39b0bdd78405bfcc708f7179239ee6a348fdae6ba661365c71ee95f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Dec 2023 15:30:35 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
Server: nginx
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
p3p: CP="NON DSP COR CURa"
Cache-Control: no-cache, private
Connection: keep-alive
Expires: 0

POST
H/1.1 200
OK device Show response
app.trustev.com/api/v2.0/ 0
299 B 232ms
133ms XHR
text/plain 13.77.127.157
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://app.trustev.com/api/v2.0/device
Requested by: Host: www.fharateguide.com
URL: https://www.fharateguide.com/idv.fhtml?formFlowConfigId=2795&estprg=1&viewType=MOBILE&mp_value1=&mp_value2=&mp_value3=&formflowconfigid=2795&irgwc=1&viewtype=mobile&clickid=soryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0&irc=8749
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.77.127.157 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

X-PublicKey: 1185696a25c34df49e5caa9544eff7f8
Referer: https://www.fharateguide.com/
X-TU-DV-JS-Version: v3.9.30420
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

Request-Context: appId=cid-v1:d65921b2-8e68-4ce4-bca8-e9340c0ca8cc
Pragma: no-cache
Date: Mon, 04 Dec 2023 15:30:35 GMT
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Request-Context,Content-Length,Date
Cache-Control: no-cache
Content-Length: 0
Expires: -1

POST
H/1.1 200
OK detail Show response
app.trustev.com/api/v2.0/Session/63ddbb18-f586-415d-8ed2-1ea830de1c72/ 428 B
776 B 186ms
160ms XHR
application/json 13.77.127.157
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://app.trustev.com/api/v2.0/Session/63ddbb18-f586-415d-8ed2-1ea830de1c72/detail
Requested by: Host: www.fharateguide.com
URL: https://www.fharateguide.com/idv.fhtml?formFlowConfigId=2795&estprg=1&viewType=MOBILE&mp_value1=&mp_value2=&mp_value3=&formflowconfigid=2795&irgwc=1&viewtype=mobile&clickid=soryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0&irc=8749
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.77.127.157 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3ffdf02d6a548ad952b531d770436445b2e6b6f7cf3b4c16ebf0957f1d2d743e

Request headers

X-PublicKey: 1185696a25c34df49e5caa9544eff7f8
Referer: https://www.fharateguide.com/
X-TU-DV-JS-Version: v3.9.30420
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

Expires: -1
Pragma: no-cache
Date: Mon, 04 Dec 2023 15:30:35 GMT
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Request-Context,Content-Length,Date
Cache-Control: no-cache
Content-Length: 428
Request-Context: appId=cid-v1:d65921b2-8e68-4ce4-bca8-e9340c0ca8cc

POST
H/1.1 200
OK device Show response
app.trustev.com/api/v2.0/ 0
299 B 131ms
130ms XHR
text/plain 13.77.127.157
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://app.trustev.com/api/v2.0/device
Requested by: Host: www.fharateguide.com
URL: https://www.fharateguide.com/idv.fhtml?formFlowConfigId=2795&estprg=1&viewType=MOBILE&mp_value1=&mp_value2=&mp_value3=&formflowconfigid=2795&irgwc=1&viewtype=mobile&clickid=soryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0&irc=8749
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.77.127.157 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

X-PublicKey: 1185696a25c34df49e5caa9544eff7f8
Referer: https://www.fharateguide.com/
X-TU-DV-JS-Version: v3.9.30420
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

Request-Context: appId=cid-v1:d65921b2-8e68-4ce4-bca8-e9340c0ca8cc
Pragma: no-cache
Date: Mon, 04 Dec 2023 15:30:35 GMT
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Request-Context,Content-Length,Date
Cache-Control: no-cache
Content-Length: 0
Expires: -1

GET
H/1.1 200
OK d40b3cef-3c1f-401b-86fa-ccab4a93cb80.js Show response
d1tprjo2w7krrh.cloudfront.net/campaign/ 123 KB
124 KB 532ms
428ms Script
text/javascript 65.9.7.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1tprjo2w7krrh.cloudfront.net/campaign/d40b3cef-3c1f-401b-86fa-ccab4a93cb80.js
Requested by: Host: www.fharateguide.com
URL: https://www.fharateguide.com/idv.fhtml?formFlowConfigId=2795&estprg=1&viewType=MOBILE&mp_value1=&mp_value2=&mp_value3=&formflowconfigid=2795&irgwc=1&viewtype=mobile&clickid=soryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0&irc=8749
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.7.176 Hollywood, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-7-176.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 13145c6cab273b4396e1da83a89d8f7d4ec310ca4af36524f77dfe7bc59ad94e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: Zhy4HV39BUGVY18jMrtmk2SVXtVoCcEj
Date: Mon, 04 Dec 2023 15:30:36 GMT
Via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
Last-Modified: Fri, 12 Nov 2021 01:15:46 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-C1
ETag: "31c5047335354bd1b32408d02d19a26e"
X-Cache: RefreshHit from cloudfront
Content-Type: text/javascript
Cache-Control: max-age=1800
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 126350
X-Amz-Cf-Id: xWD1wvv90P11uLiC5cBV-bvYZFp5_l1X-rT3Qls3xuCQMtUnomxnWQ==

OPTIONS
H/1.1 200
OK device
app.trustev.com/api/v2.0/ Frame 0
0 151ms
150ms Preflight 13.77.127.157
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://app.trustev.com/api/v2.0/device
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.77.127.157 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-publickey,x-tu-dv-js-version
Access-Control-Request-Method: POST
Origin: https://www.fharateguide.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type,x-publickey,x-tu-dv-js-version
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Mon, 04 Dec 2023 15:30:35 GMT
Request-Context: appId=cid-v1:d65921b2-8e68-4ce4-bca8-e9340c0ca8cc

OPTIONS
H/1.1 200
OK detail
app.trustev.com/api/v2.0/Session/63ddbb18-f586-415d-8ed2-1ea830de1c72/ Frame 0
0 124ms
124ms Preflight 13.77.127.157
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://app.trustev.com/api/v2.0/Session/63ddbb18-f586-415d-8ed2-1ea830de1c72/detail
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.77.127.157 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-publickey,x-tu-dv-js-version
Access-Control-Request-Method: POST
Origin: https://www.fharateguide.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type,x-publickey,x-tu-dv-js-version
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Mon, 04 Dec 2023 15:30:34 GMT
Request-Context: appId=cid-v1:d65921b2-8e68-4ce4-bca8-e9340c0ca8cc

OPTIONS
H/1.1 200
OK device
app.trustev.com/api/v2.0/ Frame 0
0 247ms
123ms Preflight 13.77.127.157
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://app.trustev.com/api/v2.0/device
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.77.127.157 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-publickey,x-tu-dv-js-version
Access-Control-Request-Method: POST
Origin: https://www.fharateguide.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type,x-publickey,x-tu-dv-js-version
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Mon, 04 Dec 2023 15:30:35 GMT
Request-Context: appId=cid-v1:d65921b2-8e68-4ce4-bca8-e9340c0ca8cc

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
245 B 195ms
63ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2004%20Dec%202023%2015%3A30%3A35%20GMT&n=-1&b=Mortgage%20News%20and%20Rates%20-%20FHA%20Rate%20Guide&.yp=422383&f=https%3A%2F%2Fwww.fharateguide.com%2Fidv.fhtml%3FformFlowConfigId%3D2795%26estprg%3D1%26viewType%3DMOBILE%26mp_value1%3D%26mp_value2%3D%26mp_value3%3D%26formflowconfigid%3D2795%26irgwc%3D1%26viewtype%3Dmobile%26clickid%3Dsoryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0%26irc%3D8749%230&enc=UTF-8&yv=1.15.1&tagmgr=gtm

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 15:30:35 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Mon, 04 Dec 2023 15:30:35 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
632 B 193ms
61ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&b=Mortgage%20News%20and%20Rates%20-%20FHA%20Rate%20Guide&.yp=10032102&f=https%3A%2F%2Fwww.fharateguide.com%2Fidv.fhtml%3FformFlowConfigId%3D2795%26estprg%3D1%26viewType%3DMOBILE%26mp_value1%3D%26mp_value2%3D%26mp_value3%3D%26formflowconfigid%3D2795%26irgwc%3D1%26viewtype%3Dmobile%26clickid%3Dsoryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0%26irc%3D8749%230&enc=UTF-8&yv=1.15.1&tagmgr=gtm

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 15:30:35 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Mon, 04 Dec 2023 15:30:35 GMT

GET
H/1.1 200
OK logo.js Show response
mpsnare.iesnare.com/5.7.0/nLdMddw0jvDUZG3ETn8y0CEt7ZECk8Jm4N-uQ7wPu0k/ 505 B
1 KB 57ms
56ms Script
text/javascript 54.228.71.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/5.7.0/nLdMddw0jvDUZG3ETn8y0CEt7ZECk8Jm4N-uQ7wPu0k/logo.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.228.71.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-71-178.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

78c90b7a39af592b21110f0a47be24772027261a61597a69e9a88a44ab3b9b2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 15:30:35 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Server: nginx
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
p3p: CP="NON DSP COR CURa"
Cache-Control: private
Connection: keep-alive
Expires: Tue, 03 Dec 2024 15:30:35 GMT

GET
H/1.1 206
Partial Content time.mp3
mpsnare.iesnare.com/ 504 B
881 B 105ms
55ms Media
audio/mpeg 54.228.71.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/time.mp3?nocache=0.5740360596442922

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.228.71.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-71-178.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

8cee34c450a4e7eddb1edb7833861e9ebdc4649258e69fbe267f631a14dbef44

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://www.fharateguide.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=0-

Response headers

Pragma: public
Date: Mon, 04 Dec 2023 15:30:35 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Server: nginx
Content-Type: audio/mpeg
Content-Range: bytes 0-503/504
Content-Disposition: inline; filename=time.mp3
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 504
Expires: Thu, 01 Jan 1970 00:00:00 GMT

PUT
H/1.1 200
OK ExtendedDevice Show response
app.trustev.com/api/v2.0/ 0
299 B 252ms
252ms XHR
text/plain 13.77.127.157
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://app.trustev.com/api/v2.0/ExtendedDevice
Requested by: Host: www.fharateguide.com
URL: https://www.fharateguide.com/idv.fhtml?formFlowConfigId=2795&estprg=1&viewType=MOBILE&mp_value1=&mp_value2=&mp_value3=&formflowconfigid=2795&irgwc=1&viewtype=mobile&clickid=soryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0&irc=8749
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.77.127.157 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

X-PublicKey: 1185696a25c34df49e5caa9544eff7f8
Referer: https://www.fharateguide.com/
X-TU-DV-JS-Version: v3.9.30420
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

Request-Context: appId=cid-v1:d65921b2-8e68-4ce4-bca8-e9340c0ca8cc
Pragma: no-cache
Date: Mon, 04 Dec 2023 15:30:35 GMT
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Request-Context,Content-Length,Date
Cache-Control: no-cache
Content-Length: 0
Expires: -1

OPTIONS
H/1.1 200
OK ExtendedDevice
app.trustev.com/api/v2.0/ Frame 0
0 124ms
124ms Preflight 13.77.127.157
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://app.trustev.com/api/v2.0/ExtendedDevice
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.77.127.157 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-publickey,x-tu-dv-js-version
Access-Control-Request-Method: PUT
Origin: https://www.fharateguide.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type,x-publickey,x-tu-dv-js-version
Access-Control-Allow-Methods: PUT
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Mon, 04 Dec 2023 15:30:35 GMT
Request-Context: appId=cid-v1:d65921b2-8e68-4ce4-bca8-e9340c0ca8cc

PUT
H/1.1 200
OK ExtendedDevice Show response
app.trustev.com/api/v2.0/ 0
299 B 155ms
155ms XHR
text/plain 13.77.127.157
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://app.trustev.com/api/v2.0/ExtendedDevice
Requested by: Host: www.fharateguide.com
URL: https://www.fharateguide.com/idv.fhtml?formFlowConfigId=2795&estprg=1&viewType=MOBILE&mp_value1=&mp_value2=&mp_value3=&formflowconfigid=2795&irgwc=1&viewtype=mobile&clickid=soryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0&irc=8749
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.77.127.157 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

X-PublicKey: 1185696a25c34df49e5caa9544eff7f8
Referer: https://www.fharateguide.com/
X-TU-DV-JS-Version: v3.9.30420
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

Request-Context: appId=cid-v1:d65921b2-8e68-4ce4-bca8-e9340c0ca8cc
Pragma: no-cache
Date: Mon, 04 Dec 2023 15:30:35 GMT
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Request-Context,Content-Length,Date
Cache-Control: no-cache
Content-Length: 0
Expires: -1

OPTIONS
H/1.1 200
OK ExtendedDevice
app.trustev.com/api/v2.0/ Frame 0
0 124ms
123ms Preflight 13.77.127.157
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://app.trustev.com/api/v2.0/ExtendedDevice
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.77.127.157 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-publickey,x-tu-dv-js-version
Access-Control-Request-Method: PUT
Origin: https://www.fharateguide.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type,x-publickey,x-tu-dv-js-version
Access-Control-Allow-Methods: PUT
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Mon, 04 Dec 2023 15:30:35 GMT
Request-Context: appId=cid-v1:d65921b2-8e68-4ce4-bca8-e9340c0ca8cc

POST
H2 200 GenerateToken Show response
create.leadid.com/2.11.9/ 36 B
660 B 585ms
310ms XHR
text/plain 35.169.192.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/GenerateToken?msn=1&pid=41cc744e-afc5-49a2-8e46-b98be140c858&_=233872958

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.169.192.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-169-192-238.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b1c3a76db5f0e13b31bc50a7feffba39e137450c2f0a0b2b0ac7bb6ecfc6610b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.fharateguide.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 04 Dec 2023 15:30:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 nr-spa-1.248.0.min.js Show response
js-agent.newrelic.com/ 87 KB
29 KB 129ms
39ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1.248.0.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8e4147148517b1b092a5bf8fb1fb4e78b568bdc40a127ec16732de62ddbb472a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.fharateguide.com/
Origin: https://www.fharateguide.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: WdicPIzDGJD8og5dR8sXZo1iUf3RkEzi
content-encoding: br
via: 1.1 varnish
date: Mon, 04 Dec 2023 15:30:35 GMT
strict-transport-security: max-age=300
x-amz-request-id: KPSAA6596B5W9WAE
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 29446
x-amz-id-2: kK7PfSmN+43+Jj0qkIS4Cd0s6EyntbGFa2u05oT4gNKZizW0KbsABqTWJcaxq3TCCYeEjgaLlvk=
x-served-by: cache-fra-etou8220064-FRA
last-modified: Thu, 16 Nov 2023 17:54:54 GMT
server: AmazonS3
x-timer: S1701703836.988382,VS0,VE0
etag: "9aea0ff91a800a354637269e96e31dac"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 175019

POST
H/1.1 200
OK 8bb6f53a8a Show response
bam.nr-data.net/1/ 40 B
469 B 457ms
335ms XHR
text/plain 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/8bb6f53a8a?a=765424036&v=1.248.0&to=Y1ZbbUFWDxVSVBULWlocalxBQQ0DRxgVB0dGUlRYR0UIHh5RDhBYR1ZLT1ZF&rst=6629&ck=0&s=612d379dfdec7d21&ref=https://www.fharateguide.com/idv.fhtml&af=err,xhr,stn,ins,spa&ap=2267&be=2639&fe=3833&dc=2335&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1701703829408,%22n%22:0,%22f%22:0,%22dn%22:45,%22dne%22:45,%22c%22:45,%22s%22:84,%22ce%22:130,%22rq%22:130,%22rp%22:2639,%22rpe%22:2815,%22di%22:4966,%22ds%22:4966,%22de%22:4974,%22dc%22:6471,%22l%22:6471,%22le%22:6472%7D,%22navigation%22:%7B%7D%7D&fp=3498&fcp=3516
Requested by: Host: www.fharateguide.com
URL: https://www.fharateguide.com/idv.fhtml?formFlowConfigId=2795&estprg=1&viewType=MOBILE&mp_value1=&mp_value2=&mp_value3=&formflowconfigid=2795&irgwc=1&viewtype=mobile&clickid=soryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0&irc=8749
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24c98b3653a1a89489a370d23ab35375bba6bf386f5c2cf8a34f59f1ee7ab2ee

Request headers

Referer: https://www.fharateguide.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

Date: Mon, 04 Dec 2023 15:30:36 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.fharateguide.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
CF-Ray: 830517701a32266d-TXL
Content-Length: 40

GET
H/1.1 200
OK iframe.html Show response
d2m2wsoho8qq12.cloudfront.net/ Frame 5B6B 3 KB
2 KB 156ms
42ms Document
text/html 108.156.253.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=F33690DB-147C-B4A6-4491-F22F6E2D5BF2&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=D40B3CEF-3C1F-401B-86FA-CCAB4A93CB80&lac=8BEAE6FA-9692-852F-AE73-DDD9BAA92D70

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.156.253.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-253-23.dus51.r.cloudfront.net

Software

nginx /

Resource Hash

e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.fharateguide.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 49506
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 04 Dec 2023 01:45:30 GMT
ETag: W/"653c2b77-dbb"
Last-Modified: Fri, 27 Oct 2023 21:28:23 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Via: 1.1 5db4f6b1c04035a37ba6548e89b362be.cloudfront.net (CloudFront)
X-Amz-Cf-Id: Cn0e4brEXSE0X1fOtNU49zkQwmJ6vkZfbcgzBn98-GxApHgKrSFSAg==
X-Amz-Cf-Pop: DUS51-P2
X-Cache: Hit from cloudfront

POST
H2 200 SaveDom Show response
create.leadid.com/2.11.9/ 0
623 B 120ms
120ms XHR
text/plain 35.169.192.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/SaveDom?msn=2&pid=41cc744e-afc5-49a2-8e46-b98be140c858&token=F33690DB-147C-B4A6-4491-F22F6E2D5BF2&_=233872959

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.169.192.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-169-192-238.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.fharateguide.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 04 Dec 2023 15:30:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.9/ 0
623 B 236ms
235ms XHR
text/plain 35.169.192.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/InitFormData?msn=3&pid=41cc744e-afc5-49a2-8e46-b98be140c858&token=F33690DB-147C-B4A6-4491-F22F6E2D5BF2&_=233872960

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.169.192.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-169-192-238.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.fharateguide.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 04 Dec 2023 15:30:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK 8bb6f53a8a Show response
bam.nr-data.net/resources/1/ 36 B
421 B 345ms
344ms XHR
text/plain 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/resources/1/8bb6f53a8a?a=765424036&v=1.248.0&to=Y1ZbbUFWDxVSVBULWlocalxBQQ0DRxgVB0dGUlRYR0UIHh5RDhBYR1ZLT1ZF&rst=7114&ck=0&s=612d379dfdec7d21&ref=https://www.fharateguide.com/idv.fhtml&st=1701703829408&hr=0&fts=1701703829408&n=26&fsh=1
Requested by: Host: www.fharateguide.com
URL: https://www.fharateguide.com/idv.fhtml?formFlowConfigId=2795&estprg=1&viewType=MOBILE&mp_value1=&mp_value2=&mp_value3=&formflowconfigid=2795&irgwc=1&viewtype=mobile&clickid=soryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0&irc=8749
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d301b9c4167e0e45a1e6138720080f04d7aad7281bcb2766fe1c5410617bf93a

Request headers

Referer: https://www.fharateguide.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

Date: Mon, 04 Dec 2023 15:30:36 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.fharateguide.com
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 830517725f40266d-TXL
Content-Length: 36

POST
H/1.1 200
OK 8bb6f53a8a Show response
bam.nr-data.net/events/1/ 24 B
408 B 760ms
701ms XHR
image/gif 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/8bb6f53a8a?a=765424036&v=1.248.0&to=Y1ZbbUFWDxVSVBULWlocalxBQQ0DRxgVB0dGUlRYR0UIHh5RDhBYR1ZLT1ZF&rst=7182&ck=0&s=612d379dfdec7d21&ref=https://www.fharateguide.com/idv.fhtml
Requested by: Host: www.fharateguide.com
URL: https://www.fharateguide.com/idv.fhtml?formFlowConfigId=2795&estprg=1&viewType=MOBILE&mp_value1=&mp_value2=&mp_value3=&formflowconfigid=2795&irgwc=1&viewtype=mobile&clickid=soryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0&irc=8749
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.fharateguide.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

Date: Mon, 04 Dec 2023 15:30:37 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.fharateguide.com
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 8305177328fc266d-TXL
Content-Length: 24

GET
H2 200 iframe.html Show response
deviceid.trueleadid.com/ Frame 514B 4 KB
2 KB 378ms
117ms Document
text/html 18.232.222.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://deviceid.trueleadid.com/iframe.html?token=F33690DB-147C-B4A6-4491-F22F6E2D5BF2&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=D40B3CEF-3C1F-401B-86FA-CCAB4A93CB80&lac=8BEAE6FA-9692-852F-AE73-DDD9BAA92D70
Requested by: Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=F33690DB-147C-B4A6-4491-F22F6E2D5BF2&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=D40B3CEF-3C1F-401B-86FA-CCAB4A93CB80&lac=8BEAE6FA-9692-852F-AE73-DDD9BAA92D70
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.232.222.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-232-222-202.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

Referer: https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=86400 public
content-encoding: gzip
content-type: text/html
date: Mon, 04 Dec 2023 15:30:36 GMT
etag: W/"6554d155-1049"
expires: Tue, 05 Dec 2023 15:30:36 GMT
last-modified: Wed, 15 Nov 2023 14:10:29 GMT
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
server: nginx

GET
H2 200 sr.js Show response
www.dataverify123.com/ 768 B
1 KB 196ms
196ms Script
text/javascript 52.9.79.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dataverify123.com/sr.js?a=33711&i=17593&lidtn=F33690DB-147C-B4A6-4491-F22F6E2D5BF2
Requested by: Host: www.fharateguide.com
URL: https://www.fharateguide.com/idv.fhtml?formFlowConfigId=2795&estprg=1&viewType=MOBILE&mp_value1=&mp_value2=&mp_value3=&formflowconfigid=2795&irgwc=1&viewtype=mobile&clickid=soryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0&irc=8749
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.9.79.152 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-79-152.us-west-1.compute.amazonaws.com
Software: /
Resource Hash: d74b91bcaa6e26528bad640b78cbca10bb77a2e77d770d57db57a1e534a10c79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fharateguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR CONi TELi OUR DELi SAMi BUS UNI"
date: Mon, 04 Dec 2023 15:30:36 GMT
cache-control: max-age=900
expires: Mon, 04 Dec 2023 15:45:36 GMT
content-length: 768
content-type: text/javascript;charset=ISO-8859-1

POST
H2 200 Snap Show response
create.leadid.com/2.11.9/ 0
623 B 238ms
121ms XHR
text/plain 35.169.192.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/Snap?msn=4&pid=41cc744e-afc5-49a2-8e46-b98be140c858&token=F33690DB-147C-B4A6-4491-F22F6E2D5BF2&_=233872961

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.169.192.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-169-192-238.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.fharateguide.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 04 Dec 2023 15:30:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.9/ 0
623 B 180ms
180ms XHR
text/plain 35.169.192.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/InitFormData?msn=5&pid=41cc744e-afc5-49a2-8e46-b98be140c858&token=F33690DB-147C-B4A6-4491-F22F6E2D5BF2&_=233872962

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.169.192.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-169-192-238.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.fharateguide.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 04 Dec 2023 15:30:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 SaveDeviceId.js Show response
create.leadid.com/2.11.9/ Frame 514B 0
627 B 361ms
127ms Script
text/javascript 35.169.192.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/SaveDeviceId.js?lac=8BEAE6FA-9692-852F-AE73-DDD9BAA92D70&lck=D40B3CEF-3C1F-401B-86FA-CCAB4A93CB80&methods=48&token=F33690DB-147C-B4A6-4491-F22F6E2D5BF2&uuid=22f71865e7e7423e9add20dfce7c4265

Requested by

Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=F33690DB-147C-B4A6-4491-F22F6E2D5BF2&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=D40B3CEF-3C1F-401B-86FA-CCAB4A93CB80&lac=8BEAE6FA-9692-852F-AE73-DDD9BAA92D70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.169.192.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-169-192-238.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deviceid.trueleadid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:30:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 Snap Show response
create.leadid.com/2.11.9/ 0
623 B 237ms
121ms XHR
text/plain 35.169.192.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/Snap?msn=6&pid=41cc744e-afc5-49a2-8e46-b98be140c858&token=F33690DB-147C-B4A6-4491-F22F6E2D5BF2&_=233872963

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.169.192.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-169-192-238.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.fharateguide.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 04 Dec 2023 15:30:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: links.yourloanupdate.com
URL: https://links.yourloanupdate.com/gs/vD/c/1515ba44

Verdicts & Comments Add Verdict or Comment

438 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.fharateguide.com/	1969-12-31 23:59:59	Name: viewType Value: MOBILE
www.fharateguide.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: EE6C1B08BB46C6F0B664B91D2776F3B7
.fharateguide.com/	1970-01-21 02:17:43	Name: ESTN Value: 1
.www.fharateguide.com/	1970-01-21 02:17:43	Name: tt_web_user Value: wu-2130706433-1701703831801-6318115725341231432
www.fharateguide.com/	1969-12-31 23:59:59	Name: SERVERID Value: awsga2
www.fharateguide.com/	1970-01-20 16:41:45	Name: slideManagerCurrentSlideNumber-2795 Value: 0
.fharateguide.com/	1970-01-21 02:17:43	Name: _ga Value: GA1.2.696862411.1701703835
.fharateguide.com/	1970-01-20 16:43:10	Name: _gid Value: GA1.2.777523628.1701703835
.fharateguide.com/	1970-01-20 16:41:43	Name: _gat Value: 1
static.terramatrixmedia.com/	1970-01-20 16:51:48	Name: AWSALBTGCORS Value: 6PaOznEO6RIygvYw59ILiZXFgKbzu3PSkmgmVBEBmMnSK5zyYQFzN2pPmKnnpC320HAjRNyYdyqa2Jvnmo8JfemwlMLgsFCitZjfMwfDDgPJYnTigMNCcTeGQGz0TQ3xMYf6DlCdogk5ewVzzOmZIDDTA6PXyNM3p92b/o6EW7/9/5cRmcQ=
static.terramatrixmedia.com/	1970-01-20 16:51:48	Name: AWSALBCORS Value: fPGJUDS2B76BQZqb6iVDeHp/gMxrlzJZDznzb7FCK/TP+JniRH1SIU3cGUPAnicP3lmy9Qc/63VNl0lU1LIze5YmOSV56mGOlCp+5fgz8v+qIPevXn3/pRtSm3c6
.fharateguide.com/	1970-01-21 02:17:43	Name: _ga_QSN0HYPY8W Value: GS1.2.1701703834.1.1.1701703834.60.0.0
.doubleclick.net/	1970-01-20 16:41:44	Name: test_cookie Value: CheckForPermission
.fharateguide.com/	1970-01-20 16:43:10	Name: _uetsid Value: 115b735092ba11ee882c69989844255f
.fharateguide.com/	1970-01-21 02:03:19	Name: _uetvid Value: 115ba3c092ba11eeb18751d12cc9ef88
.bing.com/	1970-01-21 02:03:19	Name: MUID Value: 23C4BCF5CD616746266CAF28CCEA66DB
.fharateguide.com/	1970-01-20 18:51:19	Name: _fbp Value: fb.1.1701703835151.949727119
www.fharateguide.com/	1970-01-20 16:41:44	Name: jsConfig-1185696a25c34df49e5caa9544eff7f8 Value: {"configuration":{"javascript":{"locationServices":null,"passiveAuth":{"enabled":false,"passiveAuthURL":null},"deviceId":{"enabled":true}}}}
www.fharateguide.com/	1970-01-20 16:41:45	Name: tsid-1185696a25c34df49e5caa9544eff7f8 Value: 63ddbb18-f586-415d-8ed2-1ea830de1c72
mpsnare.iesnare.com/	1970-01-21 01:27:19	Name: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef Value: owA+i3meiNHumsxna6SeQc+jGHtMbbtwcz5Aa7gU/WY=
.yahoo.com/	1970-01-21 01:27:41	Name: A3 Value: d=AQABBJvwbWUCEMTlyp39qDiblWJOqqSXAU4FEgEBAQFCb2V3ZeAJyiMA_eMAAA&S=AQAAAlN8oci9NEFQ1rVoaRYeF4k
www.fharateguide.com/	1970-01-20 16:51:48	Name: AWSALBTG Value: JdlyMIg9MTon8WLwY4Fs38gehavXQkbVR5j1wXGaqweEdZHiV+iZQ0+obbbeiO4s+yekKbTLJpTWQr3WWMdA2IDI/te8QrkZq9M2vrRxrUuIKjGmGlW4S7k0OTf2EPmVHm6mGrhVjujSyCfT1q5nkGofXIicpz4lrXLisw3BHlOCaYpHq0A=
www.fharateguide.com/	1970-01-20 16:51:48	Name: AWSALBTGCORS Value: JdlyMIg9MTon8WLwY4Fs38gehavXQkbVR5j1wXGaqweEdZHiV+iZQ0+obbbeiO4s+yekKbTLJpTWQr3WWMdA2IDI/te8QrkZq9M2vrRxrUuIKjGmGlW4S7k0OTf2EPmVHm6mGrhVjujSyCfT1q5nkGofXIicpz4lrXLisw3BHlOCaYpHq0A=
www.fharateguide.com/	1970-01-20 16:51:48	Name: AWSALB Value: o10Zopcr4NYv7tBf5umaeEuchbh76CjQxaZ2nSiVjuxVrLUDmUqSZeTlfDn4HUE69eMG5Qk6FyS9p/chD/+XKec+c7gI7d8XgruJ1Z/qQd2S0oZM8a8m6BE4cM8E
www.fharateguide.com/	1970-01-20 16:51:48	Name: AWSALBCORS Value: o10Zopcr4NYv7tBf5umaeEuchbh76CjQxaZ2nSiVjuxVrLUDmUqSZeTlfDn4HUE69eMG5Qk6FyS9p/chD/+XKec+c7gI7d8XgruJ1Z/qQd2S0oZM8a8m6BE4cM8E
www.fharateguide.com/	1969-12-31 23:59:59	Name: leadid_token-8BEAE6FA-9692-852F-AE73-DDD9BAA92D70-D40B3CEF-3C1F-401B-86FA-CCAB4A93CB80 Value: F33690DB-147C-B4A6-4491-F22F6E2D5BF2
www.dataverify123.com/	1970-01-20 16:51:48	Name: AWSALBCORS Value: eNvQSGtB4uxXSNiZJr5wPjL/xFDCEQ8Wx5qoYMqVve3c1MvCEDo4f9cBDeRp+eT/Ypfb71acarQc4h3jYl+ziPIB4z7PDNF4t/47dM9QMyUfRfkcyTGC/vcdtoej
.deviceid.trueleadid.com/	1970-01-21 02:17:43	Name: uuid Value: 22f71865e7e7423e9add20dfce7c4265

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://www.fharateguide.com/idv.fhtml?formFlowConfigId=2795&estprg=1&viewType=MOBILE&mp_value1=&mp_value2=&mp_value3=&formflowconfigid=2795&irgwc=1&viewtype=mobile&clickid=soryigygzxypr3iyyptx3wabukfqmmsqrt8ovy0&irc=8749(Line 20) Message: Listener added for a synchronous 'DOMSubtreeModified' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
network	error	URL: https://links.yourloanupdate.com/gs/vD/c/1515ba44 Message: Failed to load resource: net::ERR_CONNECTION_RESET

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
app.trustev.com
bam.nr-data.net
bat.bing.com
cdn-us.trustev.com
cdn.taboola.com
cdn.trustev.com
cdnjs.cloudflare.com
connect.facebook.net
create.leadid.com
d.adroll.com
d1tkl1e3k37gw7.cloudfront.net
d1tprjo2w7krrh.cloudfront.net
d2m2wsoho8qq12.cloudfront.net
d2qcrzwi3hrnuy.cloudfront.net
deviceid.trueleadid.com
dv50pvmrizz2v.cloudfront.net
finance.mediaalpha.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js-agent.newrelic.com
links.yourloanupdate.com
maxcdn.bootstrapcdn.com
mpsnare.iesnare.com
region1.analytics.google.com
s.adroll.com
s.yimg.com
sp.analytics.yahoo.com
static.terramatrixmedia.com
stats.g.doubleclick.net
trc.taboola.com
www.dataverify123.com
www.facebook.com
www.fharateguide.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.ipqscdn.com
links.yourloanupdate.com
108.156.253.23
13.77.127.157
151.101.1.44
151.101.2.137
162.247.241.14
18.154.71.162
18.232.222.202
18.245.62.57
18.66.242.136
2001:4860:4802:32::36
212.82.100.181
2600:9000:224a:4600:6:9280:1080:93a1
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:20::681a:fb2
2606:4700::6811:190e
2606:4700::6812:acf
2620:1ec:c11::200
2a00:1288:80:807::1
2a00:1450:4001:803::2003
2a00:1450:4001:80b::2008
2a00:1450:4001:80f::2004
2a00:1450:4001:813::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:831::200a
2a00:1450:400c:c06::9b
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a05:d018:cc3:fe04:3014:5030:a5b6:caa6
2a06:98c1:3120::3
35.169.192.238
52.9.79.152
54.183.47.202
54.228.71.178
54.234.192.68
65.9.7.176
02cd4bfe74923e68e6065d569e48aa029fcf4a9782cb1b8542eb4d0083be7ac1
04973f96fb9c6e41af1fc9486d48e8936d01498f8eedb266616bacd866e2e6c5
0754933b9ef7cfc5bcb81ee59da3b29230b98419499c4033273413590dd05f10
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0f995c662e7fea906e7784a80382fb7eb927cc7c2c07104c2d4ab2dd68c3d246
13145c6cab273b4396e1da83a89d8f7d4ec310ca4af36524f77dfe7bc59ad94e
158af7b21bd63bd34985512c1ab4b7952c4a5891a908fb6a7063bd14ca3f3fa8
15a8849583430d67adf23e41817a2c85f9b61fcd4fa265688139a6ffecd4cf82
1c9d64ce7719748bf26cd81580ea58245e2a130baf32cd5fc92e08602626c26c
22724a42290e0649abca8f68b97b7f7c1274a8d09cb7de5dc1fd5e5a573f192c
24c98b3653a1a89489a370d23ab35375bba6bf386f5c2cf8a34f59f1ee7ab2ee
25e38dca8f39f5dd8b605c93d08f6aeb1fe2f14fd374754e5284c8eb06f814f2
2631a642b5823ff716ff86be7d401be7213010aaeb04c1f03a525de45b9bbc0f
32af4f2fc5fa005f5e129be5e61796337b091a0c6e8670f0b718350340d9d398
3da210564ca58e91378d59e3124bc0e1287ec757253982c2fb0da0fc083be7fe
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3ffdf02d6a548ad952b531d770436445b2e6b6f7cf3b4c16ebf0957f1d2d743e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
545a5cb57f71c341497eaf49b054c688a8c0f800e8be807d9e8fed87fc7a1519
550ceb9559bb4237527909ff21e719804f6b9df337f741f756821c0c9963392b
57ad168a2a74016657ec73973269b90e789f216800f3a0248ba832e7e5611b45
59909de6b987ae640a2484a8e048a41b8fc5d312837b81be89060c1e0ea36b6c
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
7368f124fb247deb6e0bd874d14c51ca626552a153cfc5e68ffd543dd9b925cf
74cd3ffd586529aa8c49c561c52f65b14b7af471a64a67b683c8130c9cea0332
78c90b7a39af592b21110f0a47be24772027261a61597a69e9a88a44ab3b9b2d
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
8cee34c450a4e7eddb1edb7833861e9ebdc4649258e69fbe267f631a14dbef44
8e4147148517b1b092a5bf8fb1fb4e78b568bdc40a127ec16732de62ddbb472a
9506e290d65fb683ae0f44c26664983adbdc1540c493f532774852cbe6350d69
95e3d8082118cfe74c314a78a84468884853736689ccebc9f9df736d32f7ba1d
9671f8be70ad94a5362e60f4656d5d53ba214d32ab70a3f9d1603d7dadf9d1c1
a997aab4562c7cdc0428b543380ccd77ad71e6a22d8bd37f0426216223f192fe
b1c3a76db5f0e13b31bc50a7feffba39e137450c2f0a0b2b0ac7bb6ecfc6610b
b812c28e8434cd7648cae9bc37458c25306d994989a7090fd429727e253ef7fd
bb6b0b0e3a14b7057231bbbc35244144587fa5dc6bc18c6e19fac459596c51c5
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c1a38a669c821907c49e5cad42342da8b4307b8c8eb32a5a11b169f84d7fd8e2
c1b4c08a1f461577b46ba669456e3820b13b4af87cfcdf8a912e2c498c1a74cd
c29913e5caca5b7736d05d1d91f998ab67e282a8f3f6ff908a4ad060b05bcd6f
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ce111ebfbef57c8cab7a379ac2a0df362a6db501c3928e8d8a1d7b430b14f3dc
cf49b28eb561f8a99ac82cfeaeb0203af8b22adc455361b4c2856231f47675fe
d301b9c4167e0e45a1e6138720080f04d7aad7281bcb2766fe1c5410617bf93a
d74b91bcaa6e26528bad640b78cbca10bb77a2e77d770d57db57a1e534a10c79
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e36fff089ca9117ffe74524ad4ad114c343f3e1e2ae7afeb0c1d965969aac794
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6a894385f6c43c5092453d582f6333d32f70c63e3b67705b0718949f4d95d9f
ea9d101fe0f9989216afd8f7af3ff8ec2d3c70e3e54463eb64556ad0561627dc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f505a560ead2884aa6007a3a601e58b270df5001e1038585f97ca3f7b56fda23
fc9c2e3c39b0bdd78405bfcc708f7179239ee6a348fdae6ba661365c71ee95f8

www.fharateguide.com Open in urlscan Pro 2606:4700:20::681a:fb2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

95 Requests

92 %HTTPS

57 %IPv6

29 Domains

40 Subdomains

35 IPs

5 Countries

1403 kBTransfer

3431 kBSize

28 Cookies

5 Outgoing links

Redirected requests

95 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.fharateguide.com Open in urlscan Pro
2606:4700:20::681a:fb2 Public Scan

Screenshot
Live screenshot

Full Image

95
Requests

92 %
HTTPS

57 %
IPv6

29
Domains

40
Subdomains

35
IPs

5
Countries

1403 kB
Transfer

3431 kB
Size

28
Cookies

95 HTTP transactions
0 data transactions