ocsp.starfieldtech.com/
192.124.249.24 2.1 kB IP 192.124.249.24:0
Hash 81524bf8c38f6d7590f9a035187264d5
b4fd4f392378cfc7750c82f8e820a47b8b0e7416
bcba702d34b4addaf917a58f33b9b9f0ef0bfc98ddbf33b105bbc8ad5e746087
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 08 Dec 2023 14:35:57 GMT
Content-Type: application/ocsp-response
Content-Length: 2149
Connection: keep-alive
X-Sucuri-ID: 15024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 08 Dec 2023 07:58:17 GMT
Expires: Sat, 09 Dec 2023 07:58:17 GMT
ETag: "b4fd4f392378cfc7750c82f8e820a47b8b0e7416"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
www.lmbahsj2.com/DQ7MW8/83KB7S/?source_id=EGM&sub1=SECCAPS-A
35.201.76.131302 Found 316 B URL User Request GET HTTP/2 www.lmbahsj2.com/DQ7MW8/83KB7S/?source_id=EGM&sub1=SECCAPS-A
IP 35.201.76.131:443
Certificate IssuerStarfield Technologies, Inc.
Subjectlmbahsj2.com
Fingerprint19:8A:1C:6D:15:5F:1E:82:A2:B6:F3:E1:A8:82:E4:C5:EE:3C:46:53
ValidityFri, 28 Apr 2023 21:05:02 GMT - Mon, 13 May 2024 15:10:13 GMT
File type HTML document, ASCII text, with very long lines (314)
Hash 013c61b38b142a9d3fcc1fc4cdcca88f
91299edec5e2554edeb3747a4357c1e9b611a2b1
10e216a345fe75e4df8998fb445ea6acf48adb74f4f19365db8f4aa3847b0729
GET /DQ7MW8/83KB7S/?source_id=EGM&sub1=SECCAPS-A HTTP/1.1
Host: www.lmbahsj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Fri, 08 Dec 2023 14:35:58 GMT
content-type: text/html; charset=utf-8
content-length: 316
accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
location: https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
set-cookie: uniqueClick_83KB7S=38544cc0-c64d-4915-83f5-57fba02ff3d6:1702046158; Path=/; Expires=Sat, 09 Dec 2023 14:35:58 GMT; Secure; SameSite=None
transaction_id=92bc792a678d4d3aac6777601f10fd8b; Path=/; Expires=Thu, 07 Mar 2024 14:35:58 GMT; Secure; SameSite=None
vary: Origin
x-eflow-request-id: c196deea-ca6e-4e8c-b416-80e0cd8dd794
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
192.124.249.23 2.1 kB IP 192.124.249.23:0
Hash 81524bf8c38f6d7590f9a035187264d5
b4fd4f392378cfc7750c82f8e820a47b8b0e7416
bcba702d34b4addaf917a58f33b9b9f0ef0bfc98ddbf33b105bbc8ad5e746087
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 08 Dec 2023 14:35:58 GMT
Content-Type: application/ocsp-response
Content-Length: 2149
Connection: keep-alive
X-Sucuri-ID: 15023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 08 Dec 2023 07:58:17 GMT
Expires: Sat, 09 Dec 2023 07:58:17 GMT
ETag: "b4fd4f392378cfc7750c82f8e820a47b8b0e7416"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
content.refinance.quickenloans.com/msql/Testimonial_Stars_-_LMB_LRE_FNL_00015.png
104.18.13.43200 OK 551 B URL GET HTTP/2 content.refinance.quickenloans.com/msql/Testimonial_Stars_-_LMB_LRE_FNL_00015.png
IP 104.18.13.43:443
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerCloudflare, Inc.
Subjectrefinance.quickenloans.com
Fingerprint1C:BA:47:A1:B9:5E:06:39:AC:47:A6:A8:49:17:24:B4:31:E4:F0:75
ValidityMon, 20 Nov 2023 00:00:00 GMT - Tue, 19 Nov 2024 23:59:59 GMT
File type PNG image data, 100 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 90732fd581b4624530c995d70d3f17a8
6704549936ece70f840129dcca57a5e56ff0cac5
8bda4c30752b1529c25cf00cc9049534a89ad2428ed35c5000038ea81a08be6a
GET /msql/Testimonial_Stars_-_LMB_LRE_FNL_00015.png HTTP/1.1
Host: content.refinance.quickenloans.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://money.quickencompare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 08 Dec 2023 14:36:00 GMT
content-type: image/png
content-length: 551
last-modified: Fri, 17 Nov 2023 05:34:25 GMT
x-amz-server-side-encryption: AES256
etag: "90732fd581b4624530c995d70d3f17a8"
x-cache: Hit from cloudfront
via: 1.1 a52c33748955378f279062b7fc7ef91e.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: bs_FMuQrXpr4E6RFzDrM-xp7z-EnND8iJht3e1YQEgYSxE7PQx6mdQ==
cf-cache-status: REVALIDATED
expires: Fri, 08 Dec 2023 18:36:00 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
set-cookie: __cf_bm=YAJLybJY7.JbO0yx2AfSt7yPIuT8XX0ZOPaiyamD1eA-1702046160-0-AeY6rfvaL8x4H/Bz5zvVl25WsOyYnfy6L8JKo2tp7lw889QT/oJq9AkaJ0EJYgK/7NouKI/9g19oCcsqYwVucSA=; path=/; expires=Fri, 08-Dec-23 15:06:00 GMT; domain=.refinance.quickenloans.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=2592000
content-security-policy: frame-ancestors 'self' *.lowermybills.com *.quickenloans.com app.optimizely.com analytics.google.com
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8325bcf3a8b856c0-OSL
X-Firefox-Spdy: h2
use.typekit.net/msd8xng.css
23.36.76.122200 OK 680 B URL GET HTTP/2 use.typekit.net/msd8xng.css
IP 23.36.76.122:443
ASN #20940 Akamai International B.V.
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (516)
Hash 20203a97a8fb7c1ce2353ecc67ea540d
69dd242bcc9927260938d83c99e59453871ebba4
56af1865c3c674da77191c0c3f9c9a01789e64b2851675d878cb03b5bc57a353
GET /msd8xng.css HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://money.quickencompare.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 680
date: Fri, 08 Dec 2023 14:36:00 GMT
X-Firefox-Spdy: h2
cs-cdn.deviceatlas.com/dacs.js
52.58.191.183200 OK 22 kB URL GET HTTP/2 cs-cdn.deviceatlas.com/dacs.js
IP 52.58.191.183:443
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerGoDaddy.com, Inc.
Subject*.deviceatlas.com
Fingerprint24:8E:6E:64:30:97:51:E1:A5:07:DB:42:13:5B:15:27:BA:6F:10:C2
ValiditySat, 04 Mar 2023 07:26:21 GMT - Thu, 04 Apr 2024 07:26:21 GMT
File type ASCII text, with very long lines (21816)
Hash 610a4ab640dd5cfa6750aa2623357f51
6f425451f0dffa8b2a418857da82c5d28e2db9e8
fe49fc14b70cfc4f3edbc08e58087ca0f6e948a953c3eaeabdc7e78f512e5a22
GET /dacs.js HTTP/1.1
Host: cs-cdn.deviceatlas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://money.quickencompare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.17.9
date: Fri, 08 Dec 2023 14:36:00 GMT
content-type: application/javascript
content-length: 21909
last-modified: Thu, 09 Nov 2023 13:50:26 GMT
etag: "610a4ab640dd5cfa6750aa2623357f51"
expires: Fri, 08 Dec 2023 14:35:59 GMT
cache-control: no-cache
x-cache: HIT
accept-ch: DPR,Width,Viewport-Width,Viewport-Height,Device-Memory,RTT,Downlink,ECT,Lang,Sec-CH-DPR,Sec-CH-Width,Sec-CH-Viewport-Width,Sec-CH-Viewport-Height,Sec-CH-Device-Memory,Sec-CH-RTT,Sec-CH-Downlink,Sec-CH-ECT,Sec-CH-Lang,Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Bitness,Sec-CH-UA-WoW64,Sec-CH-Prefers-Reduced-Motion,Sec-CH-Prefers-Reduced-Transparency,Sec-CH-Prefers-Contrast,Sec-CH-Forced-Colors,Sec-CH-Prefers-Color-Scheme,Sec-CH-Prefers-Reduced-Data
accept-ranges: bytes
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
static-lre.refinance.enhancedrefinow.com/vendor.67a1d66e4ad0509192e9.js
104.18.5.105200 OK 197 kB URL GET HTTP/2 static-lre.refinance.enhancedrefinow.com/vendor.67a1d66e4ad0509192e9.js
IP 104.18.5.105:443
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerCloudflare, Inc.
Subjectenhancedrefinow.com
FingerprintCC:38:9A:93:4C:BD:74:FE:30:18:77:1F:80:24:AF:9E:02:FA:AB:56
ValidityFri, 03 Mar 2023 00:00:00 GMT - Fri, 01 Mar 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Size 197 kB (197336 bytes)
Hash af6349f4c32ba3c91c24c427bdbacbc0
1563256da36c7ad66418d765be98421750d4d447
d94ea0bc30d8e1ccbba258dcf282ae1db1071795b3caf38903c8b4cb577db1bb
GET /vendor.67a1d66e4ad0509192e9.js HTTP/1.1
Host: static-lre.refinance.enhancedrefinow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://money.quickencompare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 08 Dec 2023 14:36:00 GMT
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 10:47:04 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
etag: W/"0e80b2b8d6f895c55fb9aefe511479b6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5a96272b81254403ef5ef083d36ce62a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: VEL_ZSoR_Lsi5mfBiIbZUYwyJ8gM1-0s3fly79AqbuPeB9p5H3tAVA==
cf-cache-status: REVALIDATED
expires: Fri, 08 Dec 2023 18:36:00 GMT
cache-control: public, max-age=14400
set-cookie: __cf_bm=Omb0xUvu.P8YpTmWJ1R5NKL8rkUzVjfTJdK.YaSrDQw-1702046160-0-AXtW0l7qDRM1KRdpWdaYzCdkUQ82mGE/9MZZ6f9vUswq+2XEjVzVOTpbLxU+SqWuSoM9FjbPJE7MWIyoEsVPj1s=; path=/; expires=Fri, 08-Dec-23 15:06:00 GMT; domain=.enhancedrefinow.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=2592000
content-security-policy: frame-ancestors 'self' *.lowermybills.com *.quickenloans.com app.optimizely.com analytics.google.com
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8325bcf3dc5d56c9-OSL
X-Firefox-Spdy: h2
content.quickencompare.com/qc/refi-images/QC-Logo.png
104.18.29.109200 OK 58 kB URL GET HTTP/2 content.quickencompare.com/qc/refi-images/QC-Logo.png
IP 104.18.29.109:443
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint8A:4F:F5:9D:CC:0B:84:6F:19:29:53:3F:57:FA:AF:13:47:78:8C:D4
ValidityMon, 20 Feb 2023 00:00:00 GMT - Tue, 20 Feb 2024 23:59:59 GMT
File type PNG image data, 1084 x 400, 8-bit/color RGBA, non-interlaced\012- data
Hash 521752a26258e4864b241e2d53ffe6fb
197a15424a4f1def49ad620d2e5efc5fc1629829
c361b0d16f182441c533ead38d28a79b93c42473cfb5fbd0f5eebc2e64ea18a5
GET /qc/refi-images/QC-Logo.png HTTP/1.1
Host: content.quickencompare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
DNT: 1
Connection: keep-alive
Cookie: visitorId=976d9683-a360-401d-9aa2-6e62aa115154; __cf_bm=nReyGEUG_FM4juS9cJzu463S.6anTSx8yoCus4yrZZw-1702046159-0-ARJmq5htPamGHqacCiA9bHma8kCMehsPbAIi37DTkE7hwAewu5QoVemc7y4DY6/FeAb8lRDC/i/gCzNpKM+hxrQ=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 08 Dec 2023 14:36:00 GMT
content-type: image/png
content-length: 58295
last-modified: Thu, 23 Nov 2023 14:00:50 GMT
x-amz-server-side-encryption: AES256
etag: "521752a26258e4864b241e2d53ffe6fb"
x-cache: Hit from cloudfront
via: 1.1 660625642e0df86c41275db1ce1ac922.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: U8pU3G3HW7WBe2VyT8NlgJNZtgvXi-MtAZmVk3BVW5dxeJihjEpY1A==
cf-cache-status: REVALIDATED
expires: Fri, 08 Dec 2023 18:36:00 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=2592000
content-security-policy: frame-ancestors 'self' *.lowermybills.com *.quickenloans.com app.optimizely.com analytics.google.com
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8325bcf3aa220afe-OSL
X-Firefox-Spdy: h2
content.quickencompare.com/nmn/logo/qc-financial-control.png
104.18.29.109200 OK 13 kB URL GET HTTP/2 content.quickencompare.com/nmn/logo/qc-financial-control.png
IP 104.18.29.109:443
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint8A:4F:F5:9D:CC:0B:84:6F:19:29:53:3F:57:FA:AF:13:47:78:8C:D4
ValidityMon, 20 Feb 2023 00:00:00 GMT - Tue, 20 Feb 2024 23:59:59 GMT
File type PNG image data, 281 x 168, 8-bit/color RGBA, non-interlaced\012- data
Hash d9164fb30114b13fdb91bd8011b5f71b
45307fb107b9e0ec642b98d3b2153467cb00b633
442b0856c633c8a41e1566de5aea94873cfa27b85e74e2fb2df4c92b55ab5608
GET /nmn/logo/qc-financial-control.png HTTP/1.1
Host: content.quickencompare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
DNT: 1
Connection: keep-alive
Cookie: visitorId=976d9683-a360-401d-9aa2-6e62aa115154; __cf_bm=nReyGEUG_FM4juS9cJzu463S.6anTSx8yoCus4yrZZw-1702046159-0-ARJmq5htPamGHqacCiA9bHma8kCMehsPbAIi37DTkE7hwAewu5QoVemc7y4DY6/FeAb8lRDC/i/gCzNpKM+hxrQ=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 08 Dec 2023 14:36:00 GMT
content-type: image/png
content-length: 12630
last-modified: Thu, 23 Nov 2023 14:00:50 GMT
x-amz-server-side-encryption: AES256
etag: "d9164fb30114b13fdb91bd8011b5f71b"
x-cache: Hit from cloudfront
via: 1.1 7f7d86a250c539fe4431535882cf4e4e.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: zfxTiOIo3IJzwm1cRVtMH4HPWz4K38uiW_ZFnPNXB5Nj7-eBTUyoLQ==
cf-cache-status: REVALIDATED
expires: Fri, 08 Dec 2023 18:36:00 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=2592000
content-security-policy: frame-ancestors 'self' *.lowermybills.com *.quickenloans.com app.optimizely.com analytics.google.com
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8325bcf3aa1f0afe-OSL
X-Firefox-Spdy: h2
use.typekit.net/af/5066eb/00000000000000007735fdbb/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
23.36.76.122200 OK 11 kB URL GET HTTP/2 use.typekit.net/af/5066eb/00000000000000007735fdbb/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
IP 23.36.76.122:443
ASN #20940 Akamai International B.V.
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 10552, version 1.0\012- data
Hash dfd4158df5a1e052abac4fbd93e09fb1
9db6d016f4c8b240634f9334ec8c11b27a8926fd
d3a3bb6d91875a850f5ab1dd85446084933aefde6a0c183689ce585e568f4ee3
GET /af/5066eb/00000000000000007735fdbb/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://money.quickencompare.com
DNT: 1
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 10552
etag: "3ffc31f2c2e0e0a0bd3e7a4f831f835ccfabcbde"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Fri, 08 Dec 2023 14:36:01 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/bf384f/00000000000000007735fdb7/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
23.36.76.122200 OK 10 kB URL GET HTTP/2 use.typekit.net/af/bf384f/00000000000000007735fdb7/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
IP 23.36.76.122:443
ASN #20940 Akamai International B.V.
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 10520, version 1.0\012- data
Hash 9c062dccf131a3086c8150e06794fe67
0030407cafb86d8e591e93904d1c070c3b9c08ae
19aefb2c51bd12339798e6877c1317ca2edd1ccf827b9cddb622dc094031a8f0
GET /af/bf384f/00000000000000007735fdb7/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://money.quickencompare.com
DNT: 1
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 10520
etag: "2be4f5725e5a1282789d7f7270687fcf4d372bef"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Fri, 08 Dec 2023 14:36:01 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/070c63/00000000000000007735fdb6/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
23.36.76.122200 OK 11 kB URL GET HTTP/2 use.typekit.net/af/070c63/00000000000000007735fdb6/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
IP 23.36.76.122:443
ASN #20940 Akamai International B.V.
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 10888, version 1.0\012- data
Hash 865a9070be41e8b5d8258be1bf57cab1
2f7e1a72d4897a263394a4f07892c9389b954212
eaa07ae8e4a20bddf808a50bb9e635664a986e2878e458899442b156c7a49e50
GET /af/070c63/00000000000000007735fdb6/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://money.quickencompare.com
DNT: 1
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 10888
etag: "b7140404e35689beadfbc7c2c96a907cf5aaa352"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Fri, 08 Dec 2023 14:36:01 GMT
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.227200 OK 33 kB URL GET HTTP/2 fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.227:443
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 33092, version 1.0\012- data
Hash 057478083c1d55ea0c2182b24f6dd72f
caf557cd276a76992084efc4c8857b66791a6b7f
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://money.quickencompare.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 23:21:56 GMT
expires: Fri, 06 Dec 2024 23:21:56 GMT
cache-control: public, max-age=31536000
age: 54845
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
content.quickencompare.com/qc/refi-images/BG-BLUE-ICON-WHITE.png
104.18.29.109200 OK 60 kB URL GET HTTP/2 content.quickencompare.com/qc/refi-images/BG-BLUE-ICON-WHITE.png
IP 104.18.29.109:443
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint8A:4F:F5:9D:CC:0B:84:6F:19:29:53:3F:57:FA:AF:13:47:78:8C:D4
ValidityMon, 20 Feb 2023 00:00:00 GMT - Tue, 20 Feb 2024 23:59:59 GMT
File type PNG image data, 2980 x 820, 8-bit/color RGBA, non-interlaced\012- data
Hash 0b525d003df460ee3ef27bb82defdb43
0e1f1b12bc01d745e847d91f64727e1bde0cf019
78f6112cc353f90b0f71f3b1c2a5571b1b620290dd2048dc073eb91217c590e7
GET /qc/refi-images/BG-BLUE-ICON-WHITE.png HTTP/1.1
Host: content.quickencompare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static-lre.refinance.enhancedrefinow.com/
Cookie: visitorId=976d9683-a360-401d-9aa2-6e62aa115154; __cf_bm=nReyGEUG_FM4juS9cJzu463S.6anTSx8yoCus4yrZZw-1702046159-0-ARJmq5htPamGHqacCiA9bHma8kCMehsPbAIi37DTkE7hwAewu5QoVemc7y4DY6/FeAb8lRDC/i/gCzNpKM+hxrQ=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 08 Dec 2023 14:36:01 GMT
content-type: image/png
content-length: 60242
last-modified: Mon, 27 Nov 2023 15:34:00 GMT
x-amz-server-side-encryption: AES256
etag: "0b525d003df460ee3ef27bb82defdb43"
x-cache: RefreshHit from cloudfront
via: 1.1 f6020f10d519a41b0c116dad7dcb2798.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: Z0TvvSdbNGuv03uzzFkfV90xM-LN3oC_ofnT5p9t4TKs4kTK_5WgiA==
cf-cache-status: REVALIDATED
expires: Fri, 08 Dec 2023 18:36:01 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=2592000
content-security-policy: frame-ancestors 'self' *.lowermybills.com *.quickenloans.com app.optimizely.com analytics.google.com
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8325bcff8a990afe-OSL
X-Firefox-Spdy: h2
www.redditstatic.com/ads/pixel.js
151.101.129.140200 OK 7.4 kB URL GET HTTP/2 www.redditstatic.com/ads/pixel.js
IP 151.101.129.140:443
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerDigiCert Inc
Subjectwww.redditstatic.com
Fingerprint5B:10:93:15:D0:06:B8:27:DD:C8:15:7C:8A:49:4B:AD:06:D3:8E:15
ValidityFri, 25 Aug 2023 00:00:00 GMT - Wed, 21 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (23776)
Hash 78b6c68984a6ce5b3fcac1c6a9cad00c
02e1d366a17506cea8adfe5a15949aca89719a02
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f
GET /ads/pixel.js HTTP/1.1
Host: www.redditstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://money.quickencompare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Thu, 15 Jun 2023 20:49:59 GMT
etag: "4a205643a240cb95fa82289d62b5af7e"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=60
content-encoding: gzip
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 08 Dec 2023 14:36:02 GMT
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 7409
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
192.124.249.24 2.1 kB IP 192.124.249.24:0
Hash 81524bf8c38f6d7590f9a035187264d5
b4fd4f392378cfc7750c82f8e820a47b8b0e7416
bcba702d34b4addaf917a58f33b9b9f0ef0bfc98ddbf33b105bbc8ad5e746087
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 08 Dec 2023 14:36:02 GMT
Content-Type: application/ocsp-response
Content-Length: 2149
Connection: keep-alive
X-Sucuri-ID: 15024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 08 Dec 2023 07:58:17 GMT
Expires: Sat, 09 Dec 2023 07:58:17 GMT
ETag: "b4fd4f392378cfc7750c82f8e820a47b8b0e7416"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
www.googletagmanager.com/gtag/js?id=AW-319191520
142.250.74.168200 OK 75 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=AW-319191520
IP 142.250.74.168:443
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (4179)
Hash 81b5bb8bd24c0da562cfecb35cfc9c2d
99966e6fa329a49bb9b20e6889342edaa474db62
efdea119456ca38b17c2652aafcc0027d56006654fa31c393ddab0ea3e15f58e
GET /gtag/js?id=AW-319191520 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://money.quickencompare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 08 Dec 2023 14:36:02 GMT
expires: Fri, 08 Dec 2023 14:36:02 GMT
cache-control: private, max-age=900
last-modified: Fri, 08 Dec 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75414
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Montserrat:wght@400;500;700&display=swap
142.250.74.106200 OK 76 kB URL GET HTTP/2 fonts.googleapis.com/css2?family=Montserrat:wght@400;500;700&display=swap
IP 142.250.74.106:443
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type gzip compressed data, max compression\012- data
Hash 221796c019303a2c51f2f73d7ad03a9c
3e8f5f47fed88688c6c61e3b9072af01649a6d0d
4d20e794ccf7e702b352d4820bcf2ae767e6ca0b24a670605eece9d3e6853e29
GET /css2?family=Montserrat:wght@400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://money.quickencompare.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 08 Dec 2023 14:35:59 GMT
date: Fri, 08 Dec 2023 14:35:59 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-11411986938
142.250.74.168200 OK 81 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=AW-11411986938
IP 142.250.74.168:443
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (4179)
Hash 5212802d4b2599af71c5e5c9bf52b94c
c2d36c63dd8c22600299c4de627c0ebce0b244b2
0c6cd51fe549c9c27dfe788d063313c4868db3e21ea807f255624832d8615198
GET /gtag/js?id=AW-11411986938 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://money.quickencompare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 08 Dec 2023 14:36:02 GMT
expires: Fri, 08 Dec 2023 14:36:02 GMT
cache-control: private, max-age=900
last-modified: Fri, 08 Dec 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 80917
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-10865694633
142.250.74.168200 OK 76 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=AW-10865694633
IP 142.250.74.168:443
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (4179)
Hash 660961a3f9cc31fd27449dd0c07c6107
5d4c2198be6fcd7fdbd58d465f616d5a749bde4d
8dfb98b7cced2dfc953565ea0fc1f2074f7c2f9f5fa9510a02a8f17e014d143b
GET /gtag/js?id=AW-10865694633 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://money.quickencompare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 08 Dec 2023 14:36:02 GMT
expires: Fri, 08 Dec 2023 14:36:02 GMT
cache-control: private, max-age=900
last-modified: Fri, 08 Dec 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75509
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/destination?id=AW-320492720&l=dataLayer&cx=c
142.250.74.168200 OK 76 kB URL GET HTTP/3 www.googletagmanager.com/gtag/destination?id=AW-320492720&l=dataLayer&cx=c
IP 142.250.74.168:443
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (4179)
Hash a10d0f77e45f198744f8acf3cf52b076
6e21e1c72b1c5d702b8487c87d5503ce5638d65a
0bd9f4988ec56677ed91ce284b3dadf83f22a86c240fde2f951e95dee1b1bc3f
GET /gtag/destination?id=AW-320492720&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://money.quickencompare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 08 Dec 2023 14:36:02 GMT
expires: Fri, 08 Dec 2023 14:36:02 GMT
cache-control: private, max-age=900
last-modified: Fri, 08 Dec 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75638
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
rum-http-intake.logs.datadoghq.com/v1/input/pub6a529f19365581f6a44df4d3740084c6?ddsource=browser&ddtags=sdk_version%3A3.11.0%2Cenv%3Aprod%2Cservice%3Alre-ern-webapp%2Cversion%3A1.0.3%20d-M6NP3BZ42&batch_time=1702046168956
3.233.159.178200 OK 2 B URL POST HTTP/2 rum-http-intake.logs.datadoghq.com/v1/input/pub6a529f19365581f6a44df4d3740084c6?ddsource=browser&ddtags=sdk_version%3A3.11.0%2Cenv%3Aprod%2Cservice%3Alre-ern-webapp%2Cversion%3A1.0.3%20d-M6NP3BZ42&batch_time=1702046168956
IP 3.233.159.178:443
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerDigiCert Inc
Subject*.logs.datadoghq.com
Fingerprint29:24:46:A8:06:E2:F4:15:BE:A6:74:80:B3:36:D5:3D:E7:D5:15:99
ValidityWed, 22 Mar 2023 00:00:00 GMT - Fri, 22 Mar 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /v1/input/pub6a529f19365581f6a44df4d3740084c6?ddsource=browser&ddtags=sdk_version%3A3.11.0%2Cenv%3Aprod%2Cservice%3Alre-ern-webapp%2Cversion%3A1.0.3%20d-M6NP3BZ42&batch_time=1702046168956 HTTP/1.1
Host: rum-http-intake.logs.datadoghq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 15339
Origin: https://money.quickencompare.com
DNT: 1
Connection: keep-alive
Referer: https://money.quickencompare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 08 Dec 2023 14:36:02 GMT
content-type: application/json
content-length: 2
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
pix.revjet.com/track/pd3521?__noscript=false&__cbf=revjet.callbacks.cb1702046169178&location=https%3A%2F%2Fmoney.quickencompare.com%2F%3Fmoid%3D307646%26sourceid%3Daffl_everflow_qc-mon_143_259%26pkey1%3D259%26pkey2%3DSECCAPS-A%26pkey3%3D92bc792a678d4d3aac6777601f10fd8b%26pkey%3D%26sid%3D143%26cmpid%3D143%26crtid%3D%26oid%3D143%26affid%3D259%26_ef_transaction_id%3D92bc792a678d4d3aac6777601f10fd8b&referrer=&creditProfile=&firstMortgageBalance=&firstMortgageInterestRate=&hasFHALoan=&homeValue=&loanToValue=&propertyCity=&propertyDescription=&propertyState=&propertyZipCode=&rateType=&typeOfLoan=&loanRefiPurpose=
5.9.20.98200 OK 46 B URL GET HTTP/2 pix.revjet.com/track/pd3521?__noscript=false&__cbf=revjet.callbacks.cb1702046169178&location=https%3A%2F%2Fmoney.quickencompare.com%2F%3Fmoid%3D307646%26sourceid%3Daffl_everflow_qc-mon_143_259%26pkey1%3D259%26pkey2%3DSECCAPS-A%26pkey3%3D92bc792a678d4d3aac6777601f10fd8b%26pkey%3D%26sid%3D143%26cmpid%3D143%26crtid%3D%26oid%3D143%26affid%3D259%26_ef_transaction_id%3D92bc792a678d4d3aac6777601f10fd8b&referrer=&creditProfile=&firstMortgageBalance=&firstMortgageInterestRate=&hasFHALoan=&homeValue=&loanToValue=&propertyCity=&propertyDescription=&propertyState=&propertyZipCode=&rateType=&typeOfLoan=&loanRefiPurpose=
IP 5.9.20.98:443
ASN #24940 Hetzner Online GmbH
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerSectigo Limited
Subject*.revjet.com
Fingerprint03:20:65:55:CD:08:1C:F0:68:28:E7:A4:5F:21:09:76:87:BF:9D:81
ValidityMon, 20 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash ba43362c32b7c63d1291479b4f4d9020
dbcda434072be7dffb609f222b60e1ebfc194b16
8c421b4080c183ef1aed880e63dd511d3c195e0f911a6cbe973ec81c6e402e63
GET /track/pd3521?__noscript=false&__cbf=revjet.callbacks.cb1702046169178&location=https%3A%2F%2Fmoney.quickencompare.com%2F%3Fmoid%3D307646%26sourceid%3Daffl_everflow_qc-mon_143_259%26pkey1%3D259%26pkey2%3DSECCAPS-A%26pkey3%3D92bc792a678d4d3aac6777601f10fd8b%26pkey%3D%26sid%3D143%26cmpid%3D143%26crtid%3D%26oid%3D143%26affid%3D259%26_ef_transaction_id%3D92bc792a678d4d3aac6777601f10fd8b&referrer=&creditProfile=&firstMortgageBalance=&firstMortgageInterestRate=&hasFHALoan=&homeValue=&loanToValue=&propertyCity=&propertyDescription=&propertyState=&propertyZipCode=&rateType=&typeOfLoan=&loanRefiPurpose= HTTP/1.1
Host: pix.revjet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://money.quickencompare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 08 Dec 2023 14:36:02 GMT
content-type: text/javascript
content-length: 46
set-cookie: trx=6760958590264762246; Max-Age=63072000; Expires=Sun, 07 Dec 2025 14:36:02 GMT; Path=/; Domain=.revjet.com; Secure; SameSite=None
X-Firefox-Spdy: h2
rum-http-intake.logs.datadoghq.com/v1/input/pub6a529f19365581f6a44df4d3740084c6?ddsource=browser&ddtags=sdk_version%3A3.11.0%2Cenv%3Aprod%2Cservice%3Alre-ern-webapp%2Cversion%3A1.0.3%20d-M6NP3BZ42&batch_time=1702046169418
3.233.159.178200 OK 2 B URL POST HTTP/2 rum-http-intake.logs.datadoghq.com/v1/input/pub6a529f19365581f6a44df4d3740084c6?ddsource=browser&ddtags=sdk_version%3A3.11.0%2Cenv%3Aprod%2Cservice%3Alre-ern-webapp%2Cversion%3A1.0.3%20d-M6NP3BZ42&batch_time=1702046169418
IP 3.233.159.178:443
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerDigiCert Inc
Subject*.logs.datadoghq.com
Fingerprint29:24:46:A8:06:E2:F4:15:BE:A6:74:80:B3:36:D5:3D:E7:D5:15:99
ValidityWed, 22 Mar 2023 00:00:00 GMT - Fri, 22 Mar 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /v1/input/pub6a529f19365581f6a44df4d3740084c6?ddsource=browser&ddtags=sdk_version%3A3.11.0%2Cenv%3Aprod%2Cservice%3Alre-ern-webapp%2Cversion%3A1.0.3%20d-M6NP3BZ42&batch_time=1702046169418 HTTP/1.1
Host: rum-http-intake.logs.datadoghq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 15948
Origin: https://money.quickencompare.com
DNT: 1
Connection: keep-alive
Referer: https://money.quickencompare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 08 Dec 2023 14:36:02 GMT
content-type: application/json
content-length: 2
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
a44325.actonservice.com/cdnr/forpci43/acton/bn/tracker/44325
207.189.124.43200 4.9 kB URL GET HTTP/1.1 a44325.actonservice.com/cdnr/forpci43/acton/bn/tracker/44325
IP 207.189.124.43:443
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerSectigo Limited
Subject*.actonservice.com
FingerprintEE:F0:2F:E8:AA:FB:08:13:5C:9C:84:FB:04:6E:60:5B:4D:EB:B0:2E
ValidityWed, 31 May 2023 00:00:00 GMT - Sat, 29 Jun 2024 23:59:59 GMT
Hash bed2e43e5eb10b25eefe40693d0de4a1
5a0acb09cf5fb693d35d2e57e815c291a335d89d
13ce417e4b20037e99ac2621fb3bb79be4b77aaf13f00c388d40c3d32992e45f
GET /cdnr/forpci43/acton/bn/tracker/44325 HTTP/1.1
Host: a44325.actonservice.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://money.quickencompare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
P3P: CP="Act-On does not have a P3P policy. Learn why here: https://act-on.com/p3p-policy/"
Set-Cookie: wp44325="XXWVYDDDDDDTVUZXWMW-HTXW-XBYL-CZIC-LMAZTLKXTIZBDgNssDDD"; Path=/; Max-Age=31536000; Domain=.actonservice.com; SameSite=None; Secure; Version=1
Content-Type: application/javascript;charset=utf-8
Content-Length: 4850
Date: Fri, 08 Dec 2023 14:36:02 GMT
X-Cnection: close
Strict-Transport-Security: max-age=16070400
www.quickencompare.com/wp-content/uploads/2022/05/cropped-QC_Icotype_Circle_Red-192x192.png
104.18.29.109200 OK 11 kB URL GET HTTP/2 www.quickencompare.com/wp-content/uploads/2022/05/cropped-QC_Icotype_Circle_Red-192x192.png
IP 104.18.29.109:443
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint8A:4F:F5:9D:CC:0B:84:6F:19:29:53:3F:57:FA:AF:13:47:78:8C:D4
ValidityMon, 20 Feb 2023 00:00:00 GMT - Tue, 20 Feb 2024 23:59:59 GMT
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 33459eb6a3bd646afe5d2b592d70a184
3dbe306f999a2d9d3ac37fcbd664100e3dc9e4dd
a3cbfe4e63c8a005a557d34d2bf2041a470c86c629429b4ec9d695a59c951fce
GET /wp-content/uploads/2022/05/cropped-QC_Icotype_Circle_Red-192x192.png HTTP/1.1
Host: www.quickencompare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
DNT: 1
Connection: keep-alive
Cookie: visitorId=976d9683-a360-401d-9aa2-6e62aa115154; __cf_bm=nReyGEUG_FM4juS9cJzu463S.6anTSx8yoCus4yrZZw-1702046159-0-ARJmq5htPamGHqacCiA9bHma8kCMehsPbAIi37DTkE7hwAewu5QoVemc7y4DY6/FeAb8lRDC/i/gCzNpKM+hxrQ=; _rdt_uuid=1702046169133.cbf79ccb-3675-4c4d-b743-3c3a20a1acb6; _gcl_au=1.1.1264768823.1702046169
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 08 Dec 2023 14:36:03 GMT
content-type: image/png
content-length: 10913
cache-control: public, max-age=31622400
etag: "646f8388-2aa1"
expires: Sun, 08 Dec 2024 14:36:03 GMT
last-modified: Thu, 25 May 2023 15:49:28 GMT
strict-transport-security: max-age=2592000
x-pantheon-styx-hostname: styx-fe1-a-685d4d5969-p4htw
x-styx-req-id: 32d64d26-67a0-11ee-8ab1-a68b0bac51fb
x-served-by: cache-chi-kigq8000146-CHI, cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-timer: S1701973987.519388,VS0,VE126
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 72177
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: frame-ancestors 'self' *.lowermybills.com *.quickenloans.com app.optimizely.com analytics.google.com
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8325bd0708810afe-OSL
X-Firefox-Spdy: h2
bat.bing.com/bat.js
13.107.21.200200 OK 13 kB IP 13.107.21.200:443
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
File type Unicode text, UTF-8 text, with very long lines (46103), with no line terminators
Hash 7f75f159026f3a2c8cccda487b43157b
021cf5c854db063cd79bf0394c24eb994e095640
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://money.quickencompare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 13175
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ranges: bytes
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B52F01F818F1424480EDA8AAD6474927 Ref B: OSL30EDGE0317 Ref C: 2023-12-08T14:36:03Z
date: Fri, 08 Dec 2023 14:36:02 GMT
X-Firefox-Spdy: h2
www.quickencompare.com/wp-content/uploads/2022/05/cropped-QC_Icotype_Circle_Red-32x32.png
104.18.29.109200 OK 1.5 kB URL GET HTTP/2 www.quickencompare.com/wp-content/uploads/2022/05/cropped-QC_Icotype_Circle_Red-32x32.png
IP 104.18.29.109:443
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint8A:4F:F5:9D:CC:0B:84:6F:19:29:53:3F:57:FA:AF:13:47:78:8C:D4
ValidityMon, 20 Feb 2023 00:00:00 GMT - Tue, 20 Feb 2024 23:59:59 GMT
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 08c465daeab64895569e93e51c762db7
06d83a5d5da54777459439485a5a410776f22375
1bf8b66be3259665a6d9791e0dfbd82bd2f574a01bad981e3d4e66d71f137e78
GET /wp-content/uploads/2022/05/cropped-QC_Icotype_Circle_Red-32x32.png HTTP/1.1
Host: www.quickencompare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
DNT: 1
Connection: keep-alive
Cookie: visitorId=976d9683-a360-401d-9aa2-6e62aa115154; __cf_bm=nReyGEUG_FM4juS9cJzu463S.6anTSx8yoCus4yrZZw-1702046159-0-ARJmq5htPamGHqacCiA9bHma8kCMehsPbAIi37DTkE7hwAewu5QoVemc7y4DY6/FeAb8lRDC/i/gCzNpKM+hxrQ=; _rdt_uuid=1702046169133.cbf79ccb-3675-4c4d-b743-3c3a20a1acb6; _gcl_au=1.1.1264768823.1702046169
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 08 Dec 2023 14:36:03 GMT
content-type: image/png
content-length: 1462
cache-control: public, max-age=31622400
etag: "646f8388-5b6"
expires: Sun, 08 Dec 2024 14:36:03 GMT
last-modified: Thu, 25 May 2023 15:49:28 GMT
strict-transport-security: max-age=2592000
x-pantheon-styx-hostname: styx-fe1-a-b8448654b-5nhpm
x-styx-req-id: fcf64b0f-565f-11ee-9089-d2e2ed9d6f4f
x-served-by: cache-chi-klot8100095-CHI, cache-bma1667-BMA
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-timer: S1701701162.825696,VS0,VE131
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 264344
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: frame-ancestors 'self' *.lowermybills.com *.quickenloans.com app.optimizely.com analytics.google.com
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8325bd07087d0afe-OSL
X-Firefox-Spdy: h2
www.google.com/pagead/1p-conversion/320492720/?random=1702046169322&cv=11&fst=1702046169322&bg=ffffff&guid=ON&async=1>m=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1280&u_h=1024&url=https%3A%2F%2Fmoney.quickencompare.com%2F%3Fmoid%3D307646%26sourceid%3Daffl_everflow_qc-mon_143_259%26pkey1%3D259%26pkey2%3DSECCAPS-A%26pkey3%3D92bc792a678d4d3aac6777601f10fd8b%26pkey%3D%26sid%3D143%26cmpid%3D143%26crtid%3D%26oid%3D143%26affid%3D259%26_ef_transaction_id%3D92bc792a678d4d3aac6777601f10fd8b&label=xSwBCJum9PsCELCp6ZgB&hn=www.google.com&frm=0&tiba=QuickenCompare%20Money%20-%20QUESTIONS>m_ee=1&auid=1264768823.1702046169&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
142.250.74.100302 Found 63 B URL GET HTTP/2 www.google.com/pagead/1p-conversion/320492720/?random=1702046169322&cv=11&fst=1702046169322&bg=ffffff&guid=ON&async=1>m=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1280&u_h=1024&url=https%3A%2F%2Fmoney.quickencompare.com%2F%3Fmoid%3D307646%26sourceid%3Daffl_everflow_qc-mon_143_259%26pkey1%3D259%26pkey2%3DSECCAPS-A%26pkey3%3D92bc792a678d4d3aac6777601f10fd8b%26pkey%3D%26sid%3D143%26cmpid%3D143%26crtid%3D%26oid%3D143%26affid%3D259%26_ef_transaction_id%3D92bc792a678d4d3aac6777601f10fd8b&label=xSwBCJum9PsCELCp6ZgB&hn=www.google.com&frm=0&tiba=QuickenCompare%20Money%20-%20QUESTIONS>m_ee=1&auid=1264768823.1702046169&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP 142.250.74.100:443
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT
File type ASCII text, with no line terminators
Hash ad8b6f08655797587cdec719a94efe59
182adf5a140796f81e930649d05654dbf22fd5b7
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
GET /pagead/1p-conversion/320492720/?random=1702046169322&cv=11&fst=1702046169322&bg=ffffff&guid=ON&async=1>m=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1280&u_h=1024&url=https%3A%2F%2Fmoney.quickencompare.com%2F%3Fmoid%3D307646%26sourceid%3Daffl_everflow_qc-mon_143_259%26pkey1%3D259%26pkey2%3DSECCAPS-A%26pkey3%3D92bc792a678d4d3aac6777601f10fd8b%26pkey%3D%26sid%3D143%26cmpid%3D143%26crtid%3D%26oid%3D143%26affid%3D259%26_ef_transaction_id%3D92bc792a678d4d3aac6777601f10fd8b&label=xSwBCJum9PsCELCp6ZgB&hn=www.google.com&frm=0&tiba=QuickenCompare%20Money%20-%20QUESTIONS>m_ee=1&auid=1264768823.1702046169&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://money.quickencompare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 14:36:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/320492720/?random=1702046169322&cv=11&fst=1702046169322&bg=ffffff&guid=ON&async=1>m=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1280&u_h=1024&url=https%3A%2F%2Fmoney.quickencompare.com%2F%3Fmoid%3D307646%26sourceid%3Daffl_everflow_qc-mon_143_259%26pkey1%3D259%26pkey2%3DSECCAPS-A%26pkey3%3D92bc792a678d4d3aac6777601f10fd8b%26pkey%3D%26sid%3D143%26cmpid%3D143%26crtid%3D%26oid%3D143%26affid%3D259%26_ef_transaction_id%3D92bc792a678d4d3aac6777601f10fd8b&label=xSwBCJum9PsCELCp6ZgB&hn=www.google.com&frm=0&tiba=QuickenCompare%20Money%20-%20QUESTIONS>m_ee=1&auid=1264768823.1702046169&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.lmbahsj2.com/sdk/click?effp=725a9a464860515bcdb576360962c546&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b&oid=143&affid=259&__cc=&async=json
35.201.76.131200 OK 87 B URL GET HTTP/3 www.lmbahsj2.com/sdk/click?effp=725a9a464860515bcdb576360962c546&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b&oid=143&affid=259&__cc=&async=json
IP 35.201.76.131:443
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerStarfield Technologies, Inc.
Subjectlmbahsj2.com
Fingerprint19:8A:1C:6D:15:5F:1E:82:A2:B6:F3:E1:A8:82:E4:C5:EE:3C:46:53
ValidityFri, 28 Apr 2023 21:05:02 GMT - Mon, 13 May 2024 15:10:13 GMT
File type JSON data\012- , ASCII text
Hash be8ec018b20dc81844ac027ae9ca0a21
25970722e18a46a65b644b2a46083d31a9fa4000
7939806ffd6b5d6fd215d472d42fc70ec7b920c9dc6b2479d740bdbf0bb3972f
GET /sdk/click?effp=725a9a464860515bcdb576360962c546&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b&oid=143&affid=259&__cc=&async=json HTTP/1.1
Host: www.lmbahsj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://money.quickencompare.com
DNT: 1
Connection: keep-alive
Referer: https://money.quickencompare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
server: nginx
date: Fri, 08 Dec 2023 14:36:03 GMT
content-type: application/json; charset=utf-8
content-length: 87
accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
access-control-allow-credentials: true
access-control-allow-origin: https://money.quickencompare.com
set-cookie: uniqueClick=5a0ba9cb-1097-487c-9bf0-a461f6983257:1702046163; Path=/; Expires=Sat, 09 Dec 2023 14:36:03 GMT; Secure; SameSite=None
transaction_id=92bc792a678d4d3aac6777601f10fd8b; Path=/; Expires=Thu, 07 Mar 2024 14:36:03 GMT; Secure; SameSite=None
vary: Origin
x-eflow-request-id: 020372ad-0db9-4397-98ff-0b05083dd6ee
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
a44325.actonservice.com/acton/bn/44325?target=https%3A%2F%2Fmoney.quickencompare.com%2F%3Fmoid%3D307646%26sourceid%3Daffl_everflow_qc-mon_143_259%26pkey1%3D259%26pkey2%3DSECCAPS-A%26pkey3%3D92bc792a678d4d3aac6777601f10fd8b%26pkey%3D%26sid%3D143%26cmpid%3D143%26crtid%3D%26oid%3D143%26affid%3D259%26_ef_transaction_id%3D92bc792a678d4d3aac6777601f10fd8b&ref=&v=2&ts=1702046169011&nc=0
207.189.124.43200 43 B URL GET HTTP/1.1 a44325.actonservice.com/acton/bn/44325?target=https%3A%2F%2Fmoney.quickencompare.com%2F%3Fmoid%3D307646%26sourceid%3Daffl_everflow_qc-mon_143_259%26pkey1%3D259%26pkey2%3DSECCAPS-A%26pkey3%3D92bc792a678d4d3aac6777601f10fd8b%26pkey%3D%26sid%3D143%26cmpid%3D143%26crtid%3D%26oid%3D143%26affid%3D259%26_ef_transaction_id%3D92bc792a678d4d3aac6777601f10fd8b&ref=&v=2&ts=1702046169011&nc=0
IP 207.189.124.43:443
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerSectigo Limited
Subject*.actonservice.com
FingerprintEE:F0:2F:E8:AA:FB:08:13:5C:9C:84:FB:04:6E:60:5B:4D:EB:B0:2E
ValidityWed, 31 May 2023 00:00:00 GMT - Sat, 29 Jun 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash f7f26805de1a1f270e665bf7873d7e19
c32085898c6e36d361d4b8017087de90e1b8465c
2188414d64d2930eb54f4731b6eb9a931358ba625d1cd7535a889409218609d2
GET /acton/bn/44325?target=https%3A%2F%2Fmoney.quickencompare.com%2F%3Fmoid%3D307646%26sourceid%3Daffl_everflow_qc-mon_143_259%26pkey1%3D259%26pkey2%3DSECCAPS-A%26pkey3%3D92bc792a678d4d3aac6777601f10fd8b%26pkey%3D%26sid%3D143%26cmpid%3D143%26crtid%3D%26oid%3D143%26affid%3D259%26_ef_transaction_id%3D92bc792a678d4d3aac6777601f10fd8b&ref=&v=2&ts=1702046169011&nc=0 HTTP/1.1
Host: a44325.actonservice.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://money.quickencompare.com/
Cookie: wp44325="XXWVYDDDDDDTVUZXWMW-HTXW-XBYL-CZIC-LMAZTLKXTIZBDgNssDDD"
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Set-Cookie: wp44325="XXWVYDDDDDDTVUZXWMW-HTXW-XBYL-CZIC-LMAZTLKXTIZBDLVTXKBTZ-WMWJ-XVVI-ITWY-AXKMKJWLXLYHDjNpJrLgJhtiHkL_JhtDD"; Path=/; Max-Age=31536000; Domain=.actonservice.com; SameSite=None; Secure; Version=1
P3P: CP="Act-On does not have a P3P policy. Learn why here: https://act-on.com/p3p-policy/"
Content-Type: image/gif
Content-Length: 43
Date: Fri, 08 Dec 2023 14:36:02 GMT
X-Cnection: close
Strict-Transport-Security: max-age=16070400
Vary: Accept-Encoding
bat.bing.com/p/action/146000783.js
13.107.21.200204 No Content 0 B URL GET HTTP/2 bat.bing.com/p/action/146000783.js
IP 13.107.21.200:443
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/146000783.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://money.quickencompare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6F871225B0A44BE683E2FE51FE9B2FEB Ref B: OSL30EDGE0317 Ref C: 2023-12-08T14:36:03Z
date: Fri, 08 Dec 2023 14:36:02 GMT
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=146000783&Ver=2&mid=54528a34-bc11-4277-926b-64b89c2925df&sid=20f6945095d711ee80c7993d0622159e&vid=20f6985095d711eebf5c35ffd50bdc63&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=QuickenCompare%20Money%20-%20QUESTIONS&p=https%3A%2F%2Fmoney.quickencompare.com%2F%3Fmoid%3D307646%26sourceid%3Daffl_everflow_qc-mon_143_259%26pkey1%3D259%26pkey2%3DSECCAPS-A%26pkey3%3D92bc792a678d4d3aac6777601f10fd8b%26pkey%3D%26sid%3D143%26cmpid%3D143%26crtid%3D%26oid%3D143%26affid%3D259%26_ef_transaction_id%3D92bc792a678d4d3aac6777601f10fd8b&r=<=4566&evt=pageLoad&sv=1&rn=87939
13.107.21.200204 No Content 0 B URL GET HTTP/2 bat.bing.com/action/0?ti=146000783&Ver=2&mid=54528a34-bc11-4277-926b-64b89c2925df&sid=20f6945095d711ee80c7993d0622159e&vid=20f6985095d711eebf5c35ffd50bdc63&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=QuickenCompare%20Money%20-%20QUESTIONS&p=https%3A%2F%2Fmoney.quickencompare.com%2F%3Fmoid%3D307646%26sourceid%3Daffl_everflow_qc-mon_143_259%26pkey1%3D259%26pkey2%3DSECCAPS-A%26pkey3%3D92bc792a678d4d3aac6777601f10fd8b%26pkey%3D%26sid%3D143%26cmpid%3D143%26crtid%3D%26oid%3D143%26affid%3D259%26_ef_transaction_id%3D92bc792a678d4d3aac6777601f10fd8b&r=<=4566&evt=pageLoad&sv=1&rn=87939
IP 13.107.21.200:443
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=146000783&Ver=2&mid=54528a34-bc11-4277-926b-64b89c2925df&sid=20f6945095d711ee80c7993d0622159e&vid=20f6985095d711eebf5c35ffd50bdc63&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=QuickenCompare%20Money%20-%20QUESTIONS&p=https%3A%2F%2Fmoney.quickencompare.com%2F%3Fmoid%3D307646%26sourceid%3Daffl_everflow_qc-mon_143_259%26pkey1%3D259%26pkey2%3DSECCAPS-A%26pkey3%3D92bc792a678d4d3aac6777601f10fd8b%26pkey%3D%26sid%3D143%26cmpid%3D143%26crtid%3D%26oid%3D143%26affid%3D259%26_ef_transaction_id%3D92bc792a678d4d3aac6777601f10fd8b&r=<=4566&evt=pageLoad&sv=1&rn=87939 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://money.quickencompare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=0928B8256B616C2D0BBEABC46A366D75; domain=.bing.com; expires=Wed, 01-Jan-2025 14:36:03 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3C0D44A6D7E64D5384B74B0E5317350B Ref B: OSL30EDGE0317 Ref C: 2023-12-08T14:36:03Z
date: Fri, 08 Dec 2023 14:36:02 GMT
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/320492720/?random=1702046169322&cv=11&fst=1702046169322&bg=ffffff&guid=ON&async=1>m=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1280&u_h=1024&url=https%3A%2F%2Fmoney.quickencompare.com%2F%3Fmoid%3D307646%26sourceid%3Daffl_everflow_qc-mon_143_259%26pkey1%3D259%26pkey2%3DSECCAPS-A%26pkey3%3D92bc792a678d4d3aac6777601f10fd8b%26pkey%3D%26sid%3D143%26cmpid%3D143%26crtid%3D%26oid%3D143%26affid%3D259%26_ef_transaction_id%3D92bc792a678d4d3aac6777601f10fd8b&label=xSwBCJum9PsCELCp6ZgB&hn=www.google.com&frm=0&tiba=QuickenCompare%20Money%20-%20QUESTIONS>m_ee=1&auid=1264768823.1702046169&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y
142.250.74.163200 OK 63 B URL GET HTTP/2 www.google.no/pagead/1p-conversion/320492720/?random=1702046169322&cv=11&fst=1702046169322&bg=ffffff&guid=ON&async=1>m=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1280&u_h=1024&url=https%3A%2F%2Fmoney.quickencompare.com%2F%3Fmoid%3D307646%26sourceid%3Daffl_everflow_qc-mon_143_259%26pkey1%3D259%26pkey2%3DSECCAPS-A%26pkey3%3D92bc792a678d4d3aac6777601f10fd8b%26pkey%3D%26sid%3D143%26cmpid%3D143%26crtid%3D%26oid%3D143%26affid%3D259%26_ef_transaction_id%3D92bc792a678d4d3aac6777601f10fd8b&label=xSwBCJum9PsCELCp6ZgB&hn=www.google.com&frm=0&tiba=QuickenCompare%20Money%20-%20QUESTIONS>m_ee=1&auid=1264768823.1702046169&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y
IP 142.250.74.163:443
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerGoogle Trust Services LLC
Subject*.google.no
Fingerprint6E:E4:BC:4A:67:5E:46:6A:B3:E4:CA:61:A7:C0:97:AB:14:F0:34:32
ValidityMon, 23 Oct 2023 11:27:27 GMT - Mon, 15 Jan 2024 11:27:26 GMT
File type ASCII text, with no line terminators
Hash ad8b6f08655797587cdec719a94efe59
182adf5a140796f81e930649d05654dbf22fd5b7
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
GET /pagead/1p-conversion/320492720/?random=1702046169322&cv=11&fst=1702046169322&bg=ffffff&guid=ON&async=1>m=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1280&u_h=1024&url=https%3A%2F%2Fmoney.quickencompare.com%2F%3Fmoid%3D307646%26sourceid%3Daffl_everflow_qc-mon_143_259%26pkey1%3D259%26pkey2%3DSECCAPS-A%26pkey3%3D92bc792a678d4d3aac6777601f10fd8b%26pkey%3D%26sid%3D143%26cmpid%3D143%26crtid%3D%26oid%3D143%26affid%3D259%26_ef_transaction_id%3D92bc792a678d4d3aac6777601f10fd8b&label=xSwBCJum9PsCELCp6ZgB&hn=www.google.com&frm=0&tiba=QuickenCompare%20Money%20-%20QUESTIONS>m_ee=1&auid=1264768823.1702046169&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://money.quickencompare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 14:36:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
script.anura.io/request.js?instance=3439535758&exid=031df85b-9801-5331-badd-1ad7b5917356&source=affl_everflow_qc-mon_143_259&campaign=SECCAPS-A&651020434517
3.8.43.133200 OK 26 kB URL GET HTTP/2 script.anura.io/request.js?instance=3439535758&exid=031df85b-9801-5331-badd-1ad7b5917356&source=affl_everflow_qc-mon_143_259&campaign=SECCAPS-A&651020434517
IP 3.8.43.133:443
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerAmazon
Subjectscript.anura.io
Fingerprint83:CF:23:67:0B:B9:DB:BB:65:3F:31:44:AD:06:8B:B2:7E:B4:E1:20
ValidityMon, 16 Oct 2023 00:00:00 GMT - Wed, 13 Nov 2024 23:59:59 GMT
File type ASCII text, with very long lines (9731)
Hash e06ce3e745ad4bd2246a32651a69b97c
8b4708fd18545f0ff9ab9c7e4bbe76a5265f0967
540ea53d585a8c8572d037d3f742b86adc72a61ff1254c21d99666132d7f96c3
GET /request.js?instance=3439535758&exid=031df85b-9801-5331-badd-1ad7b5917356&source=affl_everflow_qc-mon_143_259&campaign=SECCAPS-A&651020434517 HTTP/1.1
Host: script.anura.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://money.quickencompare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 08 Dec 2023 14:36:03 GMT
content-type: application/javascript; charset=utf-8
server: nginx
vary: Accept-Encoding
expires: Sun, 28 Dec 1980 18:57:00 EST
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
s.yimg.com/wi/config/10194306.json
87.248.119.252200 OK 22 B URL GET HTTP/2 s.yimg.com/wi/config/10194306.json
IP 87.248.119.252:443
ASN #203220 Yahoo! UK Services Limited
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerDigiCert Inc
Subject*.api.fantasysports.yahoo.com
Fingerprint73:32:A8:90:C9:6F:41:1C:ED:AA:2A:95:41:24:4E:E2:B2:AB:FB:D6
ValidityMon, 06 Nov 2023 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /wi/config/10194306.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://money.quickencompare.com
DNT: 1
Connection: keep-alive
Referer: https://money.quickencompare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: CB4JNAN7J229ZYC4
x-amz-id-2: cGqBgNjckEUB+wBsD6G95EQMQBbMorbIlQr0xZRaTtzKnA2k7iQ5knf8zUzJ3McjC9OuxRGlfak=
content-type: application/json
date: Fri, 08 Dec 2023 14:36:03 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
content-encoding: gzip
content-length: 22
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
rum-http-intake.logs.datadoghq.com/v1/input/pub6a529f19365581f6a44df4d3740084c6?ddsource=browser&ddtags=sdk_version%3A3.11.0%2Cenv%3Aprod%2Cservice%3Alre-ern-webapp%2Cversion%3A1.0.3%20d-M6NP3BZ42&batch_time=1702046170707
3.233.159.178200 OK 2 B URL POST HTTP/2 rum-http-intake.logs.datadoghq.com/v1/input/pub6a529f19365581f6a44df4d3740084c6?ddsource=browser&ddtags=sdk_version%3A3.11.0%2Cenv%3Aprod%2Cservice%3Alre-ern-webapp%2Cversion%3A1.0.3%20d-M6NP3BZ42&batch_time=1702046170707
IP 3.233.159.178:443
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerDigiCert Inc
Subject*.logs.datadoghq.com
Fingerprint29:24:46:A8:06:E2:F4:15:BE:A6:74:80:B3:36:D5:3D:E7:D5:15:99
ValidityWed, 22 Mar 2023 00:00:00 GMT - Fri, 22 Mar 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /v1/input/pub6a529f19365581f6a44df4d3740084c6?ddsource=browser&ddtags=sdk_version%3A3.11.0%2Cenv%3Aprod%2Cservice%3Alre-ern-webapp%2Cversion%3A1.0.3%20d-M6NP3BZ42&batch_time=1702046170707 HTTP/1.1
Host: rum-http-intake.logs.datadoghq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 16117
Origin: https://money.quickencompare.com
DNT: 1
Connection: keep-alive
Referer: https://money.quickencompare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 08 Dec 2023 14:36:04 GMT
content-type: application/json
content-length: 2
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
ads.anura.io/showads.js?90682510282
54.230.111.55200 OK 0 B URL GET HTTP/2 ads.anura.io/showads.js?90682510282
IP 54.230.111.55:443
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerAmazon
Subjectads.anura.io
Fingerprint69:66:FA:26:E2:E4:89:00:9A:F7:DE:2C:F6:5A:C2:B9:58:04:5D:E6
ValidityTue, 30 May 2023 00:00:00 GMT - Thu, 27 Jun 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /showads.js?90682510282 HTTP/1.1
Host: ads.anura.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://money.quickencompare.com
DNT: 1
Connection: keep-alive
Referer: https://money.quickencompare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Thu, 07 Dec 2023 19:40:31 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Du6zb8Dv3-qXvua8ZYJwFyDg-swqmJLjpXnFJluEopaf1aWetHocnA==
age: 68132
X-Firefox-Spdy: h2
content.quickencompare.com/nmn/logo/dollar-money-icon-small.svg
104.18.29.109200 OK 7.6 kB URL GET HTTP/2 content.quickencompare.com/nmn/logo/dollar-money-icon-small.svg
IP 104.18.29.109:443
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint8A:4F:F5:9D:CC:0B:84:6F:19:29:53:3F:57:FA:AF:13:47:78:8C:D4
ValidityMon, 20 Feb 2023 00:00:00 GMT - Tue, 20 Feb 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (7675), with no line terminators
Hash 9c7fa5ca9ac7adf457a83b5aed9fe269
d527d4db3df8b0adb6af6408d9ab45c3ec67dc02
f647b5bacc626969604abca8928075eb34accf47048b1ffa58e2cc56c08b0d3a
GET /nmn/logo/dollar-money-icon-small.svg HTTP/1.1
Host: content.quickencompare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
DNT: 1
Connection: keep-alive
Cookie: visitorId=976d9683-a360-401d-9aa2-6e62aa115154; __cf_bm=nReyGEUG_FM4juS9cJzu463S.6anTSx8yoCus4yrZZw-1702046159-0-ARJmq5htPamGHqacCiA9bHma8kCMehsPbAIi37DTkE7hwAewu5QoVemc7y4DY6/FeAb8lRDC/i/gCzNpKM+hxrQ=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 08 Dec 2023 14:36:00 GMT
content-type: image/svg+xml
last-modified: Thu, 23 Nov 2023 14:00:50 GMT
x-amz-server-side-encryption: AES256
etag: W/"3b280fb1b5f603b076383e1ca6ea531f"
x-cache: Hit from cloudfront
via: 1.1 6528f10684ec39317f94ed2a540d88b4.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: Ani-paQksdVynqIW9BXjlj0Gx7_MvsMOT21oA0uKpKBIop_r2N12Ew==
cf-cache-status: REVALIDATED
expires: Fri, 08 Dec 2023 18:36:00 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
strict-transport-security: max-age=2592000
content-security-policy: frame-ancestors 'self' *.lowermybills.com *.quickenloans.com app.optimizely.com analytics.google.com
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8325bcf3aa210afe-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
cdn-refinance.enhancedrefinow.com/pixel-616e834028d94a75ecaf.js
104.18.5.105200 OK 154 kB URL GET HTTP/2 cdn-refinance.enhancedrefinow.com/pixel-616e834028d94a75ecaf.js
IP 104.18.5.105:443
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerCloudflare, Inc.
Subjectenhancedrefinow.com
FingerprintCC:38:9A:93:4C:BD:74:FE:30:18:77:1F:80:24:AF:9E:02:FA:AB:56
ValidityFri, 03 Mar 2023 00:00:00 GMT - Fri, 01 Mar 2024 23:59:59 GMT
Size 154 kB (153814 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel-616e834028d94a75ecaf.js HTTP/1.1
Host: cdn-refinance.enhancedrefinow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://money.quickencompare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 08 Dec 2023 14:36:01 GMT
content-type: application/javascript; charset=UTF-8
x-dns-prefetch-control: off
strict-transport-security: max-age=2592000
x-download-options: noopen
referrer-policy: same-origin
cache-control: public, max-age=14400
last-modified: Tue, 05 Dec 2023 23:27:35 GMT
etag: W/"258d6-18c3c4eef05"
cf-cache-status: MISS
expires: Fri, 08 Dec 2023 18:36:01 GMT
set-cookie: __cf_bm=wlhDV6Jb7vPbOKJCloIQbJFeSWsSoCxcoesvm1Rdm6g-1702046161-0-AS2HQ0Q1Bps2AQB34MooSbOmxWs1rXLmMLQoPx9HY4NwKjo7asbWaMQlajUUkE7dmcLN9xgM8aFLJ4KnUiANpUI=; path=/; expires=Fri, 08-Dec-23 15:06:01 GMT; domain=.enhancedrefinow.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
content-security-policy: frame-ancestors 'self' *.lowermybills.com *.quickenloans.com app.optimizely.com analytics.google.com
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8325bcf3ac3556c9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
money.quickencompare.com/visitor
104.18.29.109200 OK 231 B URL POST HTTP/2 money.quickencompare.com/visitor
IP 104.18.29.109:443
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint8A:4F:F5:9D:CC:0B:84:6F:19:29:53:3F:57:FA:AF:13:47:78:8C:D4
ValidityMon, 20 Feb 2023 00:00:00 GMT - Tue, 20 Feb 2024 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 820d81cea9c67c8563a00e4d9a9bb29b
84783805db35b2fe7f9519119def78c2a23e0528
b62ccaa7ef93881342e0d53749ac53fff15cad621425e7cc0c406d122daa6538
POST /visitor HTTP/1.1
Host: money.quickencompare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Content-Type: application/json
Content-Length: 1515
Origin: https://money.quickencompare.com
DNT: 1
Connection: keep-alive
Cookie: visitorId=976d9683-a360-401d-9aa2-6e62aa115154; sourceId=affl_everflow_qc-mon_143_259; connect.sid=s%3AJs9j82OmSUWNQPNWsZpPBUI8NztNnPON.Vo8i3xL9apcWd%2BOBeYofRfIH%2BSr1RuDKkaINlUBKkis; BIGipServerpl.prod-lreernwapp-lnd=!v+/04d+r6BZa1xVYWO5LSMyMNc4rD1WfHvJ08XcY49RCKkreEUvB6U3MDW2rzb7xosxksDTr9LxJ0sk=; __cf_bm=nReyGEUG_FM4juS9cJzu463S.6anTSx8yoCus4yrZZw-1702046159-0-ARJmq5htPamGHqacCiA9bHma8kCMehsPbAIi37DTkE7hwAewu5QoVemc7y4DY6/FeAb8lRDC/i/gCzNpKM+hxrQ=; DAPROPS="bS:0|scsVersion:2.4.5|bcookieSupport:1|bcss.animations:1|bcss.columns:1|bcss.transforms:1|bcss.transitions:1|sdeviceAspectRatio:1280/1024|sdevicePixelRatio:1|idisplayColorDepth:24|bflashCapable:0|bhtml.audio.ogg:1|bhtml.audio.mp3:1|bhtml.audio.wav:1|bhtml.audio.m4a:1|bhtml.canvas:1|bhtml.inlinesvg:1|bhtml.svg:1|bhtml.video.ap4x:0|bhtml.video.av1:1|bhtml.video.ogg:1|bhtml.video.h264:1|bhtml.video.webm:1|bjs.accessDom:1|bjs.applicationCache:0|bjs.deviceMotion:1|bjs.geoLocation:1|bjs.indexedDB:1|bjs.json:1|bjs.localStorage:1|bjs.modifyCss:1|bjs.modifyDom:1|bjs.querySelector:1|bjs.sessionStorage:1|bjs.supportBasicJavaScript:1|bjs.supportConsoleLog:1|bjs.supportEventListener:1|bjs.supportEvents:1|bjs.webGl:1|bjs.webSockets:1|bjs.webSqlDatabase:0|bjs.webWorkers:1|bjs.xhr:1|srendererRef:02919241789|sscreenWidthHeight:1280/1024|stimeZone:UTC|buserMedia:1|saudioRef:25450949bE:0"
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 08 Dec 2023 14:36:02 GMT
content-type: application/json; charset=utf-8
x-dns-prefetch-control: off
strict-transport-security: max-age=2592000
x-download-options: noopen
referrer-policy: same-origin
cache-control: no-store
etag: W/"e7-xO6EJlDDN3o8NObj8SS8aKkI/Hw"
cf-cache-status: DYNAMIC
content-security-policy: frame-ancestors 'self' *.lowermybills.com *.quickenloans.com app.optimizely.com analytics.google.com
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8325bd01ac340afe-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
static-lre.refinance.enhancedrefinow.com/manifest.d7f9016d0e5da5649c5f.js
104.18.5.105200 OK 13 kB URL GET HTTP/2 static-lre.refinance.enhancedrefinow.com/manifest.d7f9016d0e5da5649c5f.js
IP 104.18.5.105:443
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerCloudflare, Inc.
Subjectenhancedrefinow.com
FingerprintCC:38:9A:93:4C:BD:74:FE:30:18:77:1F:80:24:AF:9E:02:FA:AB:56
ValidityFri, 03 Mar 2023 00:00:00 GMT - Fri, 01 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (12636), with no line terminators
Hash ab05865229c4be0e25398c314b00a787
ffabd971a1d77d782aec1370f52e8f1d83769c82
a261d93839339ffe4e77dead49be5380abb6b61fdbd67d735e01ccd17bae918f
GET /manifest.d7f9016d0e5da5649c5f.js HTTP/1.1
Host: static-lre.refinance.enhancedrefinow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://money.quickencompare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 08 Dec 2023 14:36:00 GMT
content-type: application/javascript
last-modified: Mon, 13 Nov 2023 19:49:34 GMT
etag: W/"ab05865229c4be0e25398c314b00a787"
x-amz-server-side-encryption: AES256
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: j6xQDrVNaIhrWO44n7p_cS7sPJVO2HTWlWu5NqGBxiq0BcirAWMkGA==
cf-cache-status: REVALIDATED
expires: Fri, 08 Dec 2023 18:36:00 GMT
cache-control: public, max-age=14400
set-cookie: __cf_bm=mE82UF8ouwIu4QROgHVjW83uf_6lX5QyPR3UsPfJydo-1702046160-0-AclQZ8sr4jOa+QcnUU+jmAlC/9RVFA812we9XEFolEpAZLpuK8Psz4swaPKsDh9mWujyk6/SMbgjOk4bM/jzC/o=; path=/; expires=Fri, 08-Dec-23 15:06:00 GMT; domain=.enhancedrefinow.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=2592000
content-security-policy: frame-ancestors 'self' *.lowermybills.com *.quickenloans.com app.optimizely.com analytics.google.com
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8325bcf3dc5856c9-OSL
X-Firefox-Spdy: h2
www.lmbahsj2.com/scripts/sdk/everflow.js
35.201.76.131200 OK 61 kB URL GET HTTP/2 www.lmbahsj2.com/scripts/sdk/everflow.js
IP 35.201.76.131:443
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerStarfield Technologies, Inc.
Subjectlmbahsj2.com
Fingerprint19:8A:1C:6D:15:5F:1E:82:A2:B6:F3:E1:A8:82:E4:C5:EE:3C:46:53
ValidityFri, 28 Apr 2023 21:05:02 GMT - Mon, 13 May 2024 15:10:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /scripts/sdk/everflow.js HTTP/1.1
Host: www.lmbahsj2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://money.quickencompare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 08 Dec 2023 14:36:02 GMT
content-type: text/javascript
accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
cache-control: max-age=14400
vary: Origin
x-eflow-request-id: f25a8de9-fa2d-447c-ac1f-93bcab230399
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static-lre.refinance.enhancedrefinow.com/main.93e3cac8409e105ab51a.css
104.18.5.105200 OK 176 kB URL GET HTTP/2 static-lre.refinance.enhancedrefinow.com/main.93e3cac8409e105ab51a.css
IP 104.18.5.105:443
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerCloudflare, Inc.
Subjectenhancedrefinow.com
FingerprintCC:38:9A:93:4C:BD:74:FE:30:18:77:1F:80:24:AF:9E:02:FA:AB:56
ValidityFri, 03 Mar 2023 00:00:00 GMT - Fri, 01 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (45544)
Size 176 kB (175557 bytes)
Hash 51281ef41f6e2e58b368816515b69b7b
0c82a25d8cc39e108175154e244bcb2490b18b0d
64cc6c3ae44025a0b21f96431acbdc5fe1601b19e27cfd4dfa0651dbb6776f33
GET /main.93e3cac8409e105ab51a.css HTTP/1.1
Host: static-lre.refinance.enhancedrefinow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://money.quickencompare.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 08 Dec 2023 14:36:00 GMT
content-type: text/css
last-modified: Mon, 13 Nov 2023 19:49:34 GMT
etag: W/"51281ef41f6e2e58b368816515b69b7b"
x-amz-server-side-encryption: AES256
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cQWHkrqEyqhTeJXjNNmvwKJQWJN5-Z9Ogl1iTx76tVdfXcT0CRjncw==
cf-cache-status: REVALIDATED
expires: Fri, 08 Dec 2023 18:36:00 GMT
cache-control: public, max-age=14400
set-cookie: __cf_bm=jKeQf56y_Wctaavww7mGVkcmTmRjO1Lg8vG2bZFgrE8-1702046160-0-ATQcqv+C+k7Ec/JZVSdrmwZVNfEJeoTX24oQCmBSzizwO2LH6eBOI9eweHPI+r8k4vCqwdCmM1ykcsGKzgyPAiM=; path=/; expires=Fri, 08-Dec-23 15:06:00 GMT; domain=.enhancedrefinow.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=2592000
content-security-policy: frame-ancestors 'self' *.lowermybills.com *.quickenloans.com app.optimizely.com analytics.google.com
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8325bcf39c1c56c9-OSL
X-Firefox-Spdy: h2
s.yimg.com/wi/ytc.js
87.248.119.252200 OK 18 kB IP 87.248.119.252:443
ASN #203220 Yahoo! UK Services Limited
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerDigiCert Inc
Subject*.api.fantasysports.yahoo.com
Fingerprint73:32:A8:90:C9:6F:41:1C:ED:AA:2A:95:41:24:4E:E2:B2:AB:FB:D6
ValidityMon, 06 Nov 2023 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (18187), with no line terminators
Hash 5c6ed25dce803fd84288922b8928409e
3ccc10546ae12f160bacac1e9e422af091ea4a41
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://money.quickencompare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: 6U7hpp8nI0ixD3Hc6+qLJWsj2b9iJPWCM/xKPOO0l70oFb+FRwyPoClRWpdDhNyEweJuo9OE5LJJRSzXTZZTdA==
x-amz-request-id: A2T4WCSK39DYEF3H
date: Fri, 08 Dec 2023 14:04:56 GMT
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "5c6ed25dce803fd84288922b8928409e-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 1868
content-encoding: gzip
content-length: 6262
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ats-carp-promotion: 1, 1
X-Firefox-Spdy: h2
script.anura.io/response.json
3.8.43.133200 OK 151 B URL POST HTTP/2 script.anura.io/response.json
IP 3.8.43.133:443
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerAmazon
Subjectscript.anura.io
Fingerprint83:CF:23:67:0B:B9:DB:BB:65:3F:31:44:AD:06:8B:B2:7E:B4:E1:20
ValidityMon, 16 Oct 2023 00:00:00 GMT - Wed, 13 Nov 2024 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 2950c067f8f01afc63f2b7f35e3ebe8b
301a76c7f88913a1fa15761fdac22d39cac45b27
20c1e075f130969475cf05e65e3d6ff153fbbda360181b6f453406e377623caf
POST /response.json HTTP/1.1
Host: script.anura.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 5442
Origin: https://money.quickencompare.com
DNT: 1
Connection: keep-alive
Referer: https://money.quickencompare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 08 Dec 2023 14:36:04 GMT
content-type: application/json; charset=utf-8
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: POST
expires: Sun, 28 Dec 1980 18:57:00 EST
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
104.18.29.109200 OK 25 kB URL User Request GET HTTP/2 money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
IP 104.18.29.109:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint8A:4F:F5:9D:CC:0B:84:6F:19:29:53:3F:57:FA:AF:13:47:78:8C:D4
ValidityMon, 20 Feb 2023 00:00:00 GMT - Tue, 20 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b HTTP/1.1
Host: money.quickencompare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 08 Dec 2023 14:35:59 GMT
content-type: text/html; charset=utf-8
x-dns-prefetch-control: off
strict-transport-security: max-age=2592000
x-download-options: noopen
referrer-policy: same-origin
cache-control: no-store
cf-cache-status: DYNAMIC
set-cookie: visitorId=976d9683-a360-401d-9aa2-6e62aa115154; Domain=.quickencompare.com; Path=/; Expires=Sat, 07 Dec 2024 14:35:58 GMT
sourceId=affl_everflow_qc-mon_143_259; Path=/; Expires=Fri, 15 Dec 2023 14:35:58 GMT
connect.sid=s%3AJs9j82OmSUWNQPNWsZpPBUI8NztNnPON.Vo8i3xL9apcWd%2BOBeYofRfIH%2BSr1RuDKkaINlUBKkis; Path=/; Expires=Fri, 15 Dec 2023 14:35:59 GMT; HttpOnly
BIGipServerpl.prod-lreernwapp-lnd=!v+/04d+r6BZa1xVYWO5LSMyMNc4rD1WfHvJ08XcY49RCKkreEUvB6U3MDW2rzb7xosxksDTr9LxJ0sk=; path=/; Httponly; Secure
__cf_bm=nReyGEUG_FM4juS9cJzu463S.6anTSx8yoCus4yrZZw-1702046159-0-ARJmq5htPamGHqacCiA9bHma8kCMehsPbAIi37DTkE7hwAewu5QoVemc7y4DY6/FeAb8lRDC/i/gCzNpKM+hxrQ=; path=/; expires=Fri, 08-Dec-23 15:05:59 GMT; domain=.quickencompare.com; HttpOnly; Secure; SameSite=None
content-security-policy: frame-ancestors 'self' *.lowermybills.com *.quickenloans.com app.optimizely.com analytics.google.com
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8325bce91aaf0afe-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
static-lre.refinance.enhancedrefinow.com/main.93e3cac8409e105ab51a.js
104.18.5.105200 OK 811 kB URL GET HTTP/2 static-lre.refinance.enhancedrefinow.com/main.93e3cac8409e105ab51a.js
IP 104.18.5.105:443
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerCloudflare, Inc.
Subjectenhancedrefinow.com
FingerprintCC:38:9A:93:4C:BD:74:FE:30:18:77:1F:80:24:AF:9E:02:FA:AB:56
ValidityFri, 03 Mar 2023 00:00:00 GMT - Fri, 01 Mar 2024 23:59:59 GMT
Size 811 kB (810885 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /main.93e3cac8409e105ab51a.js HTTP/1.1
Host: static-lre.refinance.enhancedrefinow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://money.quickencompare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 08 Dec 2023 14:36:00 GMT
content-type: application/javascript
last-modified: Mon, 13 Nov 2023 19:49:34 GMT
etag: W/"dec41562bede99a23e8a683bb0b2c7a7"
x-amz-server-side-encryption: AES256
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: EJy6PytxORPNYh-TGOTN6W-_ThcOjbKUjHTMw5tSApe4obskrYLi1A==
cf-cache-status: REVALIDATED
expires: Fri, 08 Dec 2023 18:36:00 GMT
cache-control: public, max-age=14400
set-cookie: __cf_bm=WC_tEWI_SUzlRB2fbhrJzt078gmHidYtsQb4gV46uOE-1702046160-0-AahJ+2rIh770dcpjL1xIJKeT2f9TE2H8XZbjJnsdFRNc6AB1Eq9cVn6tuQkOw53393tckPO/ZBGTgXgPlaokoeo=; path=/; expires=Fri, 08-Dec-23 15:06:00 GMT; domain=.enhancedrefinow.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=2592000
content-security-policy: frame-ancestors 'self' *.lowermybills.com *.quickenloans.com app.optimizely.com analytics.google.com
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8325bcf3dc5656c9-OSL
X-Firefox-Spdy: h2
money.quickencompare.com/track
104.18.29.109200 OK 246 B URL POST HTTP/2 money.quickencompare.com/track
IP 104.18.29.109:443
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint8A:4F:F5:9D:CC:0B:84:6F:19:29:53:3F:57:FA:AF:13:47:78:8C:D4
ValidityMon, 20 Feb 2023 00:00:00 GMT - Tue, 20 Feb 2024 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 40cfec07d16b968ce99df15ef043e1ef
2d5be0b97509fa2589900410b5b2f7fbf3873d5e
a9d7e021b6db3c6a82710e1d587e9c86b282b852944a1475642b25bdcc39f807
POST /track HTTP/1.1
Host: money.quickencompare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Content-Type: application/json
Content-Length: 472
Origin: https://money.quickencompare.com
DNT: 1
Connection: keep-alive
Cookie: visitorId=976d9683-a360-401d-9aa2-6e62aa115154; sourceId=affl_everflow_qc-mon_143_259; connect.sid=s%3AJs9j82OmSUWNQPNWsZpPBUI8NztNnPON.Vo8i3xL9apcWd%2BOBeYofRfIH%2BSr1RuDKkaINlUBKkis; BIGipServerpl.prod-lreernwapp-lnd=!v+/04d+r6BZa1xVYWO5LSMyMNc4rD1WfHvJ08XcY49RCKkreEUvB6U3MDW2rzb7xosxksDTr9LxJ0sk=; __cf_bm=nReyGEUG_FM4juS9cJzu463S.6anTSx8yoCus4yrZZw-1702046159-0-ARJmq5htPamGHqacCiA9bHma8kCMehsPbAIi37DTkE7hwAewu5QoVemc7y4DY6/FeAb8lRDC/i/gCzNpKM+hxrQ=; DAPROPS="bS:0|scsVersion:2.4.5|bcookieSupport:1|bcss.animations:1|bcss.columns:1|bcss.transforms:1|bcss.transitions:1|sdeviceAspectRatio:1280/1024|sdevicePixelRatio:1|idisplayColorDepth:24|bflashCapable:0|bhtml.audio.ogg:1|bhtml.audio.mp3:1|bhtml.audio.wav:1|bhtml.audio.m4a:1|bhtml.canvas:1|bhtml.inlinesvg:1|bhtml.svg:1|bhtml.video.ap4x:0|bhtml.video.av1:1|bhtml.video.ogg:1|bhtml.video.h264:1|bhtml.video.webm:1|bjs.accessDom:1|bjs.applicationCache:0|bjs.deviceMotion:1|bjs.geoLocation:1|bjs.indexedDB:1|bjs.json:1|bjs.localStorage:1|bjs.modifyCss:1|bjs.modifyDom:1|bjs.querySelector:1|bjs.sessionStorage:1|bjs.supportBasicJavaScript:1|bjs.supportConsoleLog:1|bjs.supportEventListener:1|bjs.supportEvents:1|bjs.webGl:1|bjs.webSockets:1|bjs.webSqlDatabase:0|bjs.webWorkers:1|bjs.xhr:1|srendererRef:02919241789|sscreenWidthHeight:1280/1024|stimeZone:UTC|buserMedia:1|saudioRef:25450949bE:0"; _dd_s=rum=1&id=35fc17e5-eaa0-49f4-886d-48b7227ce21b&created=1702046168945&expire=1702047068945; _rdt_uuid=1702046169133.cbf79ccb-3675-4c4d-b743-3c3a20a1acb6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 08 Dec 2023 14:36:02 GMT
content-type: application/json; charset=utf-8
x-dns-prefetch-control: off
strict-transport-security: max-age=2592000
x-download-options: noopen
referrer-policy: same-origin
cache-control: no-store
etag: W/"f6-UWIDwLWjzlnvk1OPS1AVTNGVoxs"
cf-cache-status: DYNAMIC
content-security-policy: frame-ancestors 'self' *.lowermybills.com *.quickenloans.com app.optimizely.com analytics.google.com
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8325bd033d9a0afe-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-320492720
142.250.74.168200 OK 212 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=AW-320492720
IP 142.250.74.168:443
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (4179)
Size 212 kB (211760 bytes)
Hash 0e15cb67511eb360a6083c279210d336
bf591fae4451caaacb9cd51e5c80da7958b3b34d
01c8da48c092f25f31db23c09f69d9adb8c7ee6e1e7ee05544d5e1bce4d24e5c
GET /gtag/js?id=AW-320492720 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://money.quickencompare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 08 Dec 2023 14:36:02 GMT
expires: Fri, 08 Dec 2023 14:36:02 GMT
cache-control: private, max-age=900
last-modified: Fri, 08 Dec 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75529
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
money.quickencompare.com/app-configuration/?path=/lendingLeadGen/fraud/anura/enabled
104.18.29.109200 OK 4 B URL GET HTTP/2 money.quickencompare.com/app-configuration/?path=/lendingLeadGen/fraud/anura/enabled
IP 104.18.29.109:443
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint8A:4F:F5:9D:CC:0B:84:6F:19:29:53:3F:57:FA:AF:13:47:78:8C:D4
ValidityMon, 20 Feb 2023 00:00:00 GMT - Tue, 20 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash b326b5062b2f0e69046810717534cb09
5ffe533b830f08a0326348a9160afafc8ada44db
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
GET /app-configuration/?path=/lendingLeadGen/fraud/anura/enabled HTTP/1.1
Host: money.quickencompare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
DNT: 1
Connection: keep-alive
Cookie: visitorId=976d9683-a360-401d-9aa2-6e62aa115154; sourceId=affl_everflow_qc-mon_143_259; connect.sid=s%3AJs9j82OmSUWNQPNWsZpPBUI8NztNnPON.Vo8i3xL9apcWd%2BOBeYofRfIH%2BSr1RuDKkaINlUBKkis; BIGipServerpl.prod-lreernwapp-lnd=!v+/04d+r6BZa1xVYWO5LSMyMNc4rD1WfHvJ08XcY49RCKkreEUvB6U3MDW2rzb7xosxksDTr9LxJ0sk=; __cf_bm=nReyGEUG_FM4juS9cJzu463S.6anTSx8yoCus4yrZZw-1702046159-0-ARJmq5htPamGHqacCiA9bHma8kCMehsPbAIi37DTkE7hwAewu5QoVemc7y4DY6/FeAb8lRDC/i/gCzNpKM+hxrQ=; DAPROPS="bS:0|scsVersion:2.4.5|bcookieSupport:1|bcss.animations:1|bcss.columns:1|bcss.transforms:1|bcss.transitions:1|sdeviceAspectRatio:1280/1024|sdevicePixelRatio:1|idisplayColorDepth:24|bflashCapable:0|bhtml.audio.ogg:1|bhtml.audio.mp3:1|bhtml.audio.wav:1|bhtml.audio.m4a:1|bhtml.canvas:1|bhtml.inlinesvg:1|bhtml.svg:1|bhtml.video.ap4x:0|bhtml.video.av1:1|bhtml.video.ogg:1|bhtml.video.h264:1|bhtml.video.webm:1|bjs.accessDom:1|bjs.applicationCache:0|bjs.deviceMotion:1|bjs.geoLocation:1|bjs.indexedDB:1|bjs.json:1|bjs.localStorage:1|bjs.modifyCss:1|bjs.modifyDom:1|bjs.querySelector:1|bjs.sessionStorage:1|bjs.supportBasicJavaScript:1|bjs.supportConsoleLog:1|bjs.supportEventListener:1|bjs.supportEvents:1|bjs.webGl:1|bjs.webSockets:1|bjs.webSqlDatabase:0|bjs.webWorkers:1|bjs.xhr:1|srendererRef:02919241789|sscreenWidthHeight:1280/1024|stimeZone:UTC|buserMedia:1|saudioRef:25450949bE:0"
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 08 Dec 2023 14:36:02 GMT
content-type: text/html; charset=utf-8
x-dns-prefetch-control: off
strict-transport-security: max-age=2592000
x-download-options: noopen
referrer-policy: same-origin
cache-control: no-store
cf-cache-status: DYNAMIC
content-security-policy: frame-ancestors 'self' *.lowermybills.com *.quickenloans.com app.optimizely.com analytics.google.com
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8325bd01bc410afe-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
p.typekit.net/p.css?s=1&k=msd8xng&ht=tk&f=37513.37518.37522&a=121980931&app=typekit&e=css
23.36.76.184200 OK 5 B URL GET HTTP/2 p.typekit.net/p.css?s=1&k=msd8xng&ht=tk&f=37513.37518.37522&a=121980931&app=typekit&e=css
IP 23.36.76.184:443
ASN #20940 Akamai International B.V.
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 825e67eeb6b4bfac7536fc639a56ec43
574a45385ae62544c7424e6f06417f0370b1a532
c10ff60fd741e3b2b97479f16f45e5fa57449629f4d032f647fd23041a6ad7b1
GET /p.css?s=1&k=msd8xng&ht=tk&f=37513.37518.37522&a=121980931&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: text/css
content-length: 5
last-modified: Tue, 07 Mar 2023 19:56:00 GMT
etag: "640796d0-5"
cache-control: public, max-age=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
date: Fri, 08 Dec 2023 14:36:00 GMT
X-Firefox-Spdy: h2
ads.revjet.com/analytics?acu=6680
65.109.98.106200 OK 20 kB URL GET HTTP/2 ads.revjet.com/analytics?acu=6680
IP 65.109.98.106:443
ASN #24940 Hetzner Online GmbH
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerSectigo Limited
Subject*.revjet.com
Fingerprint03:20:65:55:CD:08:1C:F0:68:28:E7:A4:5F:21:09:76:87:BF:9D:81
ValidityMon, 20 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (1311)
Hash 26ec352468322f70910e03feb9b8b8fb
18878e8adcd809ad7a4850c8698efd24b22c04e5
2d84cdbfaf9b2bc0ba30bc5f67e45d03b265b52c3cfe24353e09175b1fb0fdfb
GET /analytics?acu=6680 HTTP/1.1
Host: ads.revjet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://money.quickencompare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 08 Dec 2023 14:36:02 GMT
content-type: application/javascript
last-modified: Thu, 20 Jul 2023 16:46:10 GMT
etag: W/"64b964d2-4c14"
expires: Fri, 08 Dec 2023 14:46:02 GMT
cache-control: max-age=600
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
www.datadoghq-browser-agent.com/datadog-rum-v3.js
54.230.111.221200 OK 118 kB URL GET HTTP/2 www.datadoghq-browser-agent.com/datadog-rum-v3.js
IP 54.230.111.221:443
Requested by https://money.quickencompare.com/?moid=307646&sourceid=affl_everflow_qc-mon_143_259&pkey1=259&pkey2=SECCAPS-A&pkey3=92bc792a678d4d3aac6777601f10fd8b&pkey=&sid=143&cmpid=143&crtid=&oid=143&affid=259&_ef_transaction_id=92bc792a678d4d3aac6777601f10fd8b
Certificate IssuerDigiCert Inc
Subject*.datadoghq-browser-agent.com
FingerprintFC:83:1B:FF:12:98:28:60:E5:F1:DC:73:0D:BC:6F:81:22:A7:F1:6D
ValiditySat, 14 Jan 2023 00:00:00 GMT - Tue, 16 Jan 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 118 kB (117677 bytes)
Hash 647fda9a4d3d74344732d76cf1fff47c
01720d421ce3373f1a1958a1d85edfae5ab5f442
4375ebb4771e6dbb66555214b78781f96a3f6fc43f26b6e9acc4a4751551706b
GET /datadog-rum-v3.js HTTP/1.1
Host: www.datadoghq-browser-agent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://money.quickencompare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 03 Jan 2022 16:36:14 GMT
server: AmazonS3
content-encoding: br
date: Fri, 08 Dec 2023 14:36:01 GMT
cache-control: max-age=14400, s-maxage=60
etag: W/"647fda9a4d3d74344732d76cf1fff47c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PTlERKfrnGZFdmJgeMmN2tF8DEvWCPfFE-fD0H_F2CmkPDKAHUcVdA==
age: 14
timing-allow-origin: *
X-Firefox-Spdy: h2