ottoinsurance.com Open in urlscan Pro
2600:1f13:51c:4402:66dc:e805:5573:b70e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://f.lowestautosavings.com/
Effective URL:
https://ottoinsurance.com/home.html?s2=404
Submission: On October 25 via manual (October 25th 2022, 1:24:04 pm UTC) from IN — Scanned from DE

Summary HTTP 48 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 14 domains to perform 48 HTTP transactions. The main IP is 2600:1f13:51c:4402:66dc:e805:5573:b70e, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is ottoinsurance.com. The Cisco Umbrella rank of the primary domain is 781769.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 26th 2022. Valid for: a year.

This is the only time ottoinsurance.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 15	76.76.21.98 76.76.21.98	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:1f13:51c... 2600:1f13:51c:4400:7839:e1fd:b64:2bda	16509 (AMAZON-02) (AMAZON-02)
15	2600:1f13:51c... 2600:1f13:51c:4402:66dc:e805:5573:b70e	16509 (AMAZON-02) (AMAZON-02)
1	99.80.125.13 99.80.125.13	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:27b6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	34.236.64.108 34.236.64.108	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:20e... 2600:9000:20eb:4c00:1c:7f1a:6680:93a1	16509 (AMAZON-02) (AMAZON-02)
3	52.22.23.67 52.22.23.67	14618 (AMAZON-AES) (AMAZON-AES)
1	13.225.84.125 13.225.84.125	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
48	15

15 76.76.21.98 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

f.lowestautosavings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f13:51c:4400:7839:e1fd:b64:2bda (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)

l.ottoinsurance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2600:1f13:51c:4402:66dc:e805:5573:b70e (Boardman, United States)

ASN16509 (AMAZON-02, US)

ottoinsurance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.125.13 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-125-13.eu-west-1.compute.amazonaws.com

vitals.vercel-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:27b6 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.236.64.108 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-64-108.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:4c00:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.22.23.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-23-67.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.84.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-125.fra2.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	ottoinsurance.com 1 redirects l.ottoinsurance.com ottoinsurance.com — Cisco Umbrella Rank: 781769	160 KB
15	lowestautosavings.com 2 redirects f.lowestautosavings.com	144 KB
6	trustedform.com 1 redirects api.trustedform.com — Cisco Umbrella Rank: 25908 cdn.trustedform.com — Cisco Umbrella Rank: 29116	41 KB
3	leadid.com create.leadid.com — Cisco Umbrella Rank: 15175	2 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6045	656 B
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
2	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43	3 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 131	17 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	185 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	52 KB
1	cloudfront.net d2m2wsoho8qq12.cloudfront.net	2 KB
1	lidstatic.com create.lidstatic.com — Cisco Umbrella Rank: 25961	39 KB
1	vercel-insights.com vitals.vercel-insights.com — Cisco Umbrella Rank: 11828	133 B
0	trueleadid.com Failed deviceid.trueleadid.com Failed
48	14

	Domain	Requested by
15	ottoinsurance.com	f.lowestautosavings.com ottoinsurance.com
15	f.lowestautosavings.com	2 redirects f.lowestautosavings.com
4	api.trustedform.com	1 redirects api.trustedform.com cdn.trustedform.com
3	create.leadid.com	create.lidstatic.com
2	www.google.de	ottoinsurance.com
2	www.google.com	1 redirects ottoinsurance.com
2	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	cdn.trustedform.com	api.trustedform.com
1	www.facebook.com	ottoinsurance.com
1	www.googletagmanager.com	ottoinsurance.com
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	create.lidstatic.com	f.lowestautosavings.com
1	vitals.vercel-insights.com	f.lowestautosavings.com
1	l.ottoinsurance.com	1 redirects
0	deviceid.trueleadid.com Failed	d2m2wsoho8qq12.cloudfront.net
48	16

This site contains links to these domains. Also see Links.

Domain
l.ottoinsurance.com
www.facebook.com
twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
f.lowestautosavings.com R3	`2022-08-24` - `2022-11-22`	3 months	crt.sh
*.ottoinsurance.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-26` - `2023-02-20`	a year	crt.sh
vercel-insights.com Amazon	`2022-09-23` - `2023-10-21`	a year	crt.sh
lidstatic.com Cloudflare Inc ECC CA-3	`2022-03-30` - `2023-03-30`	a year	crt.sh
create.leadid.com Amazon	`2022-09-21` - `2023-10-19`	a year	crt.sh
*.trustedform.com Amazon	`2022-09-11` - `2023-10-09`	a year	crt.sh
cdn.trustedform.com Amazon	`2022-04-14` - `2023-05-13`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-03` - `2022-11-01`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://ottoinsurance.com/home.html?s2=404
Frame ID: 09B6712035D4C421398666EAEBB7DB9F
Requests: 50 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=78959B31-C6F5-E9D4-7FE4-08960ACB73A3&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=1BB270D1-0FD6-8B6B-EF5E-AC1F8668F748&lac=005B3277-7DD6-01E2-6D37-54D36A1B5104
Frame ID: E8152B09D66CB29CE310C1E8DDE2D62A
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=78959B31-C6F5-E9D4-7FE4-08960ACB73A3&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=1BB270D1-0FD6-8B6B-EF5E-AC1F8668F748&lac=005B3277-7DD6-01E2-6D37-54D36A1B5104
Frame ID: EBAB8C69F3689F01D2168CA4CFE9460B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Get your insurance policy quoted from the best sources. Compare Rates Today!

Page URL History Show full URLs

http://f.lowestautosavings.com/ HTTP 308
https://f.lowestautosavings.com/ HTTP 307
https://f.lowestautosavings.com/en/auto/insurance Page URL
https://l.ottoinsurance.com/auto HTTP 302
https://ottoinsurance.com/home.html?s2=404 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

48
Requests

94 %
HTTPS

60 %
IPv6

14
Domains

16
Subdomains

15
IPs

3
Countries

460 kB
Transfer

1051 kB
Size

3
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://l.ottoinsurance.com/auto?form=2001&affid=1154&s1=otto_homepage&s2=404
Title: Auto

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Ott0Insurance

Search URL Search Domain Scan URL

URL: https://twitter.com/OttoInsurance

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCLpu8tUqooCqvwyC2FgQraQ

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://f.lowestautosavings.com/ HTTP 308
https://f.lowestautosavings.com/ HTTP 307
https://f.lowestautosavings.com/en/auto/insurance Page URL
https://l.ottoinsurance.com/auto HTTP 302
https://ottoinsurance.com/home.html?s2=404 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://f.lowestautosavings.com/ HTTP 308
https://f.lowestautosavings.com/ HTTP 307
https://f.lowestautosavings.com/en/auto/insurance

Request Chain 15

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16667042380760.007686606790488826&invert_field_sensitivity=false HTTP 301
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16667042380760.007686606790488826&invert_field_sensitivity=false

Request Chain 48

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/776761050/?random=718167951&cv=9&fst=1666704239382&num=1&label=SuwCCJyX55YBENrdsfIC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaj0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fottoinsurance.com%2Fhome.html%3Fs2%3D404&ref=https%3A%2F%2Ff.lowestautosavings.com%2F&tiba=Get%20your%20insurance%20policy%20quoted%20from%20the%20best%20sources.%20Compare%20Rates%20Today!&auid=529656925.1666704239&gtm_ee=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=b-NXY4WZGP6K9fgP-OOyqAc&sscte=1&crd=&pscrd=EkxDaEFJOEpMZW1nWVFvTk9vazhxSHRwZGRFaVVBbktFYjdwdmVrZ2FtSnVFNUQtUzJoUmZqRmVaZXRuNjg3NjZvY2dsX05NcXhaajBJGldDaEFJOEpMZW1nWVF4ZXVla0pEUHJNdzlFaTBBWXp2Z2d0VjBnQ05MMEtuQzlyeVdCYUtFVXJCX0M1cnROd09YeUJIR3doSVNEQW1HR1lpWU53NGxJdFk HTTP 302
https://www.google.com/pagead/1p-conversion/776761050/?random=718167951&cv=9&fst=1666704239382&num=1&label=SuwCCJyX55YBENrdsfIC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaj0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fottoinsurance.com%2Fhome.html%3Fs2%3D404&ref=https%3A%2F%2Ff.lowestautosavings.com%2F&tiba=Get%20your%20insurance%20policy%20quoted%20from%20the%20best%20sources.%20Compare%20Rates%20Today!&auid=529656925.1666704239&gtm_ee=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOEpMZW1nWVFvTk9vazhxSHRwZGRFaVVBbktFYjdwdmVrZ2FtSnVFNUQtUzJoUmZqRmVaZXRuNjg3NjZvY2dsX05NcXhaajBJGldDaEFJOEpMZW1nWVF4ZXVla0pEUHJNdzlFaTBBWXp2Z2d0VjBnQ05MMEtuQzlyeVdCYUtFVXJCX0M1cnROd09YeUJIR3doSVNEQW1HR1lpWU53NGxJdFk&is_vtc=1&ocp_id=b-NXY4WZGP6K9fgP-OOyqAc&random=744221443&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/776761050/?random=718167951&cv=9&fst=1666704239382&num=1&label=SuwCCJyX55YBENrdsfIC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaj0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fottoinsurance.com%2Fhome.html%3Fs2%3D404&ref=https%3A%2F%2Ff.lowestautosavings.com%2F&tiba=Get%20your%20insurance%20policy%20quoted%20from%20the%20best%20sources.%20Compare%20Rates%20Today!&auid=529656925.1666704239&gtm_ee=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOEpMZW1nWVFvTk9vazhxSHRwZGRFaVVBbktFYjdwdmVrZ2FtSnVFNUQtUzJoUmZqRmVaZXRuNjg3NjZvY2dsX05NcXhaajBJGldDaEFJOEpMZW1nWVF4ZXVla0pEUHJNdzlFaTBBWXp2Z2d0VjBnQ05MMEtuQzlyeVdCYUtFVXJCX0M1cnROd09YeUJIR3doSVNEQW1HR1lpWU53NGxJdFk&is_vtc=1&ocp_id=b-NXY4WZGP6K9fgP-OOyqAc&random=744221443&resp=GooglemKTybQhCsO&ipr=y&prhg=0

48 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

insurance Show response
f.lowestautosavings.com/en/auto/
Redirect Chain

http://f.lowestautosavings.com/
https://f.lowestautosavings.com/
https://f.lowestautosavings.com/en/auto/insurance

2 KB
1 KB

402ms
401ms

Document
text/html

76.76.21.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://f.lowestautosavings.com/en/auto/insurance

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Next.js

Resource Hash

eb64bcde769884e3a7e437e7a9c0cc9b75e295d28c826b490079b0bcd5aca891

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 25 Oct 2022 13:23:57 GMT
etag: W/"8e0-MCciN3UGW8EwE8qBWQTSv1nxbpw"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /en/auto/insurance
x-powered-by: Next.js
x-vercel-cache: MISS
x-vercel-id: fra1::iad1::v2sr5-1666704237134-736e0b58a164

Redirect headers

cache-control: public, max-age=0, must-revalidate
content-type: text/html
date: Tue, 25 Oct 2022 13:23:57 GMT
location: /en/auto/insurance
server: Vercel
strict-transport-security: max-age=63072000
x-vercel-cache: MISS
x-vercel-id: fra1::v2sr5-1666704237116-e830d82d4fc5

GET
H2 200 3f4f121ac6015233.css
f.lowestautosavings.com/_next/static/css/ 19 KB
5 KB 22ms
22ms Stylesheet
text/css 76.76.21.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://f.lowestautosavings.com/_next/static/css/3f4f121ac6015233.css

Requested by

Host: f.lowestautosavings.com
URL: https://f.lowestautosavings.com/en/auto/insurance

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

38a491d3b1dd8ef731f0fe8aec813f1d2a8e99e226bee5ec6cc42ec8b2a54c43

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f.lowestautosavings.com/en/auto/insurance
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:23:57 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1:fra1::t9tbk-1666704237538-b8be3ed383a4
age: 367258
x-matched-path: /_next/static/css/3f4f121ac6015233.css
etag: W/"25047f2a21a527ff194125754126ff06"
x-vercel-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="3f4f121ac6015233.css"

GET
H2 200 webpack-b23d585ead71d80d.js Show response
f.lowestautosavings.com/_next/static/chunks/ 6 KB
3 KB 21ms
21ms Script
application/javascript 76.76.21.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://f.lowestautosavings.com/_next/static/chunks/webpack-b23d585ead71d80d.js

Requested by

Host: f.lowestautosavings.com
URL: https://f.lowestautosavings.com/en/auto/insurance

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

3d0ef1b6c712c157d55e58514b005761f7bc319cabcc36e2832061b21a16cc6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f.lowestautosavings.com/en/auto/insurance
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:23:57 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1:fra1::f7zvg-1666704237539-48aa8242e238
age: 367258
x-matched-path: /_next/static/chunks/webpack-b23d585ead71d80d.js
etag: W/"b7dbfb99759c0408b830bc4d00c1f105"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="webpack-b23d585ead71d80d.js"

GET
H2 200 framework-5f4595e5518b5600.js Show response
f.lowestautosavings.com/_next/static/chunks/ 127 KB
43 KB 24ms
23ms Script
application/javascript 76.76.21.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://f.lowestautosavings.com/_next/static/chunks/framework-5f4595e5518b5600.js

Requested by

Host: f.lowestautosavings.com
URL: https://f.lowestautosavings.com/en/auto/insurance

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f.lowestautosavings.com/en/auto/insurance
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:23:57 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1:fra1::kk9x9-1666704237556-aa5186778ecb
age: 367258
x-matched-path: /_next/static/chunks/framework-5f4595e5518b5600.js
etag: W/"623da2092ab9e81400d81fad9017f0ba"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="framework-5f4595e5518b5600.js"

GET
H2 200 main-cbd25601a3e4e2ed.js Show response
f.lowestautosavings.com/_next/static/chunks/ 102 KB
29 KB 298ms
297ms Script
application/javascript 76.76.21.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://f.lowestautosavings.com/_next/static/chunks/main-cbd25601a3e4e2ed.js

Requested by

Host: f.lowestautosavings.com
URL: https://f.lowestautosavings.com/en/auto/insurance

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

1f3571fbd1d380ac472f10c899c95080041b9ff73294f3fca909b502a597009a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f.lowestautosavings.com/en/auto/insurance
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:23:57 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1:fra1::t9tbk-1666704237557-bf7d32e75cc2
age: 0
x-matched-path: /_next/static/chunks/main-cbd25601a3e4e2ed.js
etag: W/"300380cb2528584531e6bdf3a2ec1ed9"
x-vercel-cache: MISS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="main-cbd25601a3e4e2ed.js"

GET
H2 200 _app-0e72c87ae617ca57.js Show response
f.lowestautosavings.com/_next/static/chunks/pages/ 78 KB
23 KB 214ms
213ms Script
application/javascript 76.76.21.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://f.lowestautosavings.com/_next/static/chunks/pages/_app-0e72c87ae617ca57.js

Requested by

Host: f.lowestautosavings.com
URL: https://f.lowestautosavings.com/en/auto/insurance

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

2bb436baad4f4798ab42e52b3ace7c25da73a4faafaab1e34703066b5c118e76

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f.lowestautosavings.com/en/auto/insurance
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:23:57 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1:fra1::f77r2-1666704237560-17f6ed3a0508
age: 367258
x-matched-path: /_next/static/chunks/pages/_app-0e72c87ae617ca57.js
etag: W/"067a3f493c57762e4fc77e6310fd9271"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="_app-0e72c87ae617ca57.js"

GET
H2 200 29107295-fbcfe2172188e46f.js Show response
f.lowestautosavings.com/_next/static/chunks/ 70 KB
26 KB 23ms
22ms Script
application/javascript 76.76.21.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://f.lowestautosavings.com/_next/static/chunks/29107295-fbcfe2172188e46f.js

Requested by

Host: f.lowestautosavings.com
URL: https://f.lowestautosavings.com/en/auto/insurance

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

50f24e516ae1c0492e06b1c81d1fd961f22cb35a5f9f55ec8bb8f4a10b7f5d51

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f.lowestautosavings.com/en/auto/insurance
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:23:57 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1:fra1::xx7n2-1666704237557-9a817d4d7ed2
age: 367258
x-matched-path: /_next/static/chunks/29107295-fbcfe2172188e46f.js
etag: W/"f624310e2238ffb6669f475421f19547"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="29107295-fbcfe2172188e46f.js"

GET
H2 200 99-113ef820c81091a6.js Show response
f.lowestautosavings.com/_next/static/chunks/ 29 KB
8 KB 150ms
149ms Script
application/javascript 76.76.21.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://f.lowestautosavings.com/_next/static/chunks/99-113ef820c81091a6.js

Requested by

Host: f.lowestautosavings.com
URL: https://f.lowestautosavings.com/en/auto/insurance

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

23354bbead489770448b9e823775ec1326b01acba4ae649c945bdc41faec1e78

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f.lowestautosavings.com/en/auto/insurance
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:23:57 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1:fra1::f7zvg-1666704237557-d4d8f0a87a04
age: 0
x-matched-path: /_next/static/chunks/99-113ef820c81091a6.js
etag: W/"2ff223fd9b641ba4b2cff577d68e2d51"
x-vercel-cache: MISS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="99-113ef820c81091a6.js"

GET
H2 200 insurance-08192a6c18a0bbf7.js Show response
f.lowestautosavings.com/_next/static/chunks/pages/auto/ 8 KB
2 KB 340ms
339ms Script
application/javascript 76.76.21.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://f.lowestautosavings.com/_next/static/chunks/pages/auto/insurance-08192a6c18a0bbf7.js

Requested by

Host: f.lowestautosavings.com
URL: https://f.lowestautosavings.com/en/auto/insurance

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

6c8c7173f7bb2a00968a959f017093e8e0cbd057fd1651a1568751430d3c5ddd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f.lowestautosavings.com/en/auto/insurance
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:23:57 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1:fra1::zp687-1666704237569-3669a0a73007
age: 0
x-matched-path: /_next/static/chunks/pages/auto/insurance-08192a6c18a0bbf7.js
etag: W/"628e553de2187635fc45933b91efd73a"
x-vercel-cache: MISS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="insurance-08192a6c18a0bbf7.js"

GET
H2 200 _buildManifest.js Show response
f.lowestautosavings.com/_next/static/tPNWJXKzDkajtNo-6fHQJ/ 2 KB
985 B 251ms
250ms Script
application/javascript 76.76.21.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://f.lowestautosavings.com/_next/static/tPNWJXKzDkajtNo-6fHQJ/_buildManifest.js

Requested by

Host: f.lowestautosavings.com
URL: https://f.lowestautosavings.com/en/auto/insurance

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

54561bf37bcdbb5e6e1ddad10af0b9c4652924d0fe478767fb98b2aa374c27e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f.lowestautosavings.com/en/auto/insurance
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:23:57 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1:fra1::6h8g5-1666704237557-041bff575dd0
age: 0
x-matched-path: /_next/static/tPNWJXKzDkajtNo-6fHQJ/_buildManifest.js
etag: W/"46faa9b99a9b000cfe414b9020692556"
x-vercel-cache: MISS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="_buildManifest.js"

GET
H2 200 _ssgManifest.js Show response
f.lowestautosavings.com/_next/static/tPNWJXKzDkajtNo-6fHQJ/ 77 B
250 B 166ms
165ms Script
application/javascript 76.76.21.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://f.lowestautosavings.com/_next/static/tPNWJXKzDkajtNo-6fHQJ/_ssgManifest.js

Requested by

Host: f.lowestautosavings.com
URL: https://f.lowestautosavings.com/en/auto/insurance

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f.lowestautosavings.com/en/auto/insurance
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:23:57 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1:fra1::x5v84-1666704237557-312055343074
age: 367258
x-matched-path: /_next/static/tPNWJXKzDkajtNo-6fHQJ/_ssgManifest.js
etag: "b6652df95db52feb4daf4eca35380933"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="_ssgManifest.js"
accept-ranges: bytes
content-length: 77

GET
H2 200 _middlewareManifest.js Show response
f.lowestautosavings.com/_next/static/tPNWJXKzDkajtNo-6fHQJ/ 92 B
281 B 21ms
20ms Script
application/javascript 76.76.21.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://f.lowestautosavings.com/_next/static/tPNWJXKzDkajtNo-6fHQJ/_middlewareManifest.js

Requested by

Host: f.lowestautosavings.com
URL: https://f.lowestautosavings.com/en/auto/insurance

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f.lowestautosavings.com/en/auto/insurance
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:23:57 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1:fra1::w6lv8-1666704237557-306a88fc699c
age: 367258
x-matched-path: /_next/static/tPNWJXKzDkajtNo-6fHQJ/_middlewareManifest.js
etag: "7c3f7e060745668041278118c0bb3d6d"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="_middlewareManifest.js"
accept-ranges: bytes
content-length: 92

GET
H2 200 214.87819aedb5633fe2.js
f.lowestautosavings.com/_next/static/chunks/ 3 KB
2 KB 159ms
159ms Script
application/javascript 76.76.21.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://f.lowestautosavings.com/_next/static/chunks/214.87819aedb5633fe2.js

Requested by

Host: f.lowestautosavings.com
URL: https://f.lowestautosavings.com/_next/static/chunks/webpack-b23d585ead71d80d.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f.lowestautosavings.com/en/auto/insurance
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:23:58 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1:fra1::f77r2-1666704237917-80b438e31627
age: 367258
x-matched-path: /_next/static/chunks/214.87819aedb5633fe2.js
etag: W/"4a3ae3e876ce60b2ecd0b1c26a107d5a"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="214.87819aedb5633fe2.js"

GET
H2

200

Primary Request home.html Show response
ottoinsurance.com/
Redirect Chain

https://l.ottoinsurance.com/auto
https://ottoinsurance.com/home.html?s2=404

43 KB
11 KB

708ms
341ms

Document
text/html

2600:1f13:51c:4402:66dc:e805:5573:b70e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ottoinsurance.com/home.html?s2=404
Requested by: Host: f.lowestautosavings.com
URL: https://f.lowestautosavings.com/_next/static/chunks/pages/_app-0e72c87ae617ca57.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:51c:4402:66dc:e805:5573:b70e Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 276d9880259a4fef1f3afb0d973435eb145588958ea9f37a7068b9733f5caeaf

Request headers

Referer: https://f.lowestautosavings.com/en/auto/insurance
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Tue, 25 Oct 2022 13:23:58 GMT
etag: W/"6352a87b-adad"
last-modified: Fri, 21 Oct 2022 14:11:07 GMT
server: nginx
vary: Accept-Encoding

Redirect headers

content-length: 0
date: Tue, 25 Oct 2022 13:23:58 GMT
location: https://ottoinsurance.com/home.html?s2=404

POST
H2 200 vitals
vitals.vercel-insights.com/v1/ 2 B
133 B 129ms
39ms Ping
text/plain 99.80.125.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vitals.vercel-insights.com/v1/vitals
Requested by: Host: f.lowestautosavings.com
URL: https://f.lowestautosavings.com/_next/static/chunks/main-cbd25601a3e4e2ed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.125.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-125-13.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://f.lowestautosavings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 25 Oct 2022 13:23:58 GMT
x-ratelimit-reset: 2
x-ratelimit-limit: 1000
content-length: 2
x-ratelimit-remaining: 999
content-type: text/plain; charset=utf-8

GET
H2 200 1bb270d1-0fd6-8b6b-ef5e-ac1f8668f748.js
create.lidstatic.com/campaign/ 123 KB
39 KB 493ms
434ms Script
text/javascript 2606:4700:10::6816:27b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/1bb270d1-0fd6-8b6b-ef5e-ac1f8668f748.js?snippet_version=2
Requested by: Host: f.lowestautosavings.com
URL: https://f.lowestautosavings.com/_next/static/chunks/main-cbd25601a3e4e2ed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:27b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f.lowestautosavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:23:58 GMT
x-amz-version-id: TxnJQPzW6UEp8tJ0_T0eahgMO2HdJ_96
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Fri, 12 Nov 2021 00:43:51 GMT
server: cloudflare
x-amz-request-id: BVFZXXPXB0658E35
etag: W/"518ac5a6796a686ea00515a98b10ee5d"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1800
x-amz-replication-status: COMPLETED
cf-ray: 75fb45107e765c6e-FRA
x-amz-id-2: 1LhvRLNlaSHVje007KlgdF1POEiVKnb3c28n9zGrdpf/Jk1E3wwLEq2hE7XKl95Y1J2ekejrLH8=

GET
H2

200

bootstrap.js
cdn.trustedform.com/
Redirect Chain

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16667042380760.007686606790488826&invert_field_sensitivity=false
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16667042380760.007686606790488826&invert_field_sensitivity=false

8 KB
4 KB

224ms
174ms

Script
application/javascript

2600:9000:20eb:4c00:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16667042380760.007686606790488826&invert_field_sensitivity=false
Protocol: H2
Server: 2600:9000:20eb:4c00:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f.lowestautosavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:23:59 GMT
x-amz-version-id: zf4ijuzvSsU0Tal.ZZJLDHqE7VqwjEi9
content-encoding: gzip
last-modified: Mon, 24 Oct 2022 17:48:28 GMT
server: AmazonS3
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
etag: W/"647d5353b63df3b4ed201da87c98cc2d"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: TZ51zBoE37cTuwwXZtJu9-D1ETSgSIwuCJ39dF19JjNOU8cSksgo9A==

Redirect headers

location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16667042380760.007686606790488826&invert_field_sensitivity=false
date: Tue, 25 Oct 2022 13:23:58 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

POST
H2 200 GenerateToken
create.leadid.com/2.11.9/ 36 B
660 B 375ms
161ms XHR
text/plain 52.22.23.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/GenerateToken?msn=1&pid=afdd312f-6562-4f23-b062-ee34b888fc4b&_=244263884

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/1bb270d1-0fd6-8b6b-ef5e-ac1f8668f748.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.22.23.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-23-67.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://f.lowestautosavings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 25 Oct 2022 13:23:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 201 certs
api.trustedform.com/ 475 B
686 B 309ms
103ms XHR
application/json 34.236.64.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16667042380760.007686606790488826&invert_field_sensitivity=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.64.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-64-108.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Referer: https://f.lowestautosavings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Oct 2022 13:23:58 GMT
server: Cowboy
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 475

GET
H2 200 trustedform-1.8.30.js
cdn.trustedform.com/ 99 KB
37 KB 22ms
21ms Script
application/javascript 2600:9000:20eb:4c00:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/trustedform-1.8.30.js
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16667042380760.007686606790488826&invert_field_sensitivity=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4c00:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f.lowestautosavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id: C4KqA2Ml8NtIH1tcFWoBNv3GWDN3hi8K
content-encoding: gzip
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
date: Tue, 25 Oct 2022 13:23:58 GMT
last-modified: Mon, 24 Oct 2022 17:48:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 6
etag: W/"a5b5dad6197e972a745a719bfccfb334"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: sHTnaxfMYhK0HCWcTLHpJ7UOO0JYJZRc2No2EhP7Sj_NK-J3tjGdkg==

GET
H/1.1 200
OK iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame E815 3 KB
2 KB 82ms
15ms Document
text/html 13.225.84.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=78959B31-C6F5-E9D4-7FE4-08960ACB73A3&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=1BB270D1-0FD6-8B6B-EF5E-AC1F8668F748&lac=005B3277-7DD6-01E2-6D37-54D36A1B5104

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/1bb270d1-0fd6-8b6b-ef5e-ac1f8668f748.js?snippet_version=2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.225.84.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-84-125.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://f.lowestautosavings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 27970
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 25 Oct 2022 05:43:34 GMT
ETag: W/"63472048-dbb"
Last-Modified: Wed, 12 Oct 2022 20:15:04 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Via: 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
X-Amz-Cf-Id: BqMtdFUhOucxg-A-LV4ohLG43sNeeFLehK6JducJpjZx-f7wgnuxdQ==
X-Amz-Cf-Pop: FRA2-C2
X-Cache: Hit from cloudfront

POST
H2 200 SaveDom
create.leadid.com/2.11.9/ 0
624 B 111ms
111ms XHR
text/plain 52.22.23.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/SaveDom?msn=2&pid=afdd312f-6562-4f23-b062-ee34b888fc4b&token=78959B31-C6F5-E9D4-7FE4-08960ACB73A3&_=244263885

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/1bb270d1-0fd6-8b6b-ef5e-ac1f8668f748.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.22.23.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-23-67.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://f.lowestautosavings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 25 Oct 2022 13:23:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData
create.leadid.com/2.11.9/ 0
623 B 108ms
108ms XHR
text/plain 52.22.23.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/InitFormData?msn=3&pid=afdd312f-6562-4f23-b062-ee34b888fc4b&token=78959B31-C6F5-E9D4-7FE4-08960ACB73A3&_=244263886

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/1bb270d1-0fd6-8b6b-ef5e-ac1f8668f748.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.22.23.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-23-67.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://f.lowestautosavings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 25 Oct 2022 13:23:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 snapshot
api.trustedform.com/certs/af3c3bea90db78f953cf277dc92fb50f6a31f66b/ 0
159 B 104ms
103ms XHR
text/plain 34.236.64.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/af3c3bea90db78f953cf277dc92fb50f6a31f66b/snapshot
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.30.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.64.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-64-108.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Referer: https://f.lowestautosavings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 25 Oct 2022 13:23:59 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

POST
H2 204 fingerprints
api.trustedform.com/certs/af3c3bea90db78f953cf277dc92fb50f6a31f66b/ 0
159 B 113ms
112ms XHR
text/plain 34.236.64.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/af3c3bea90db78f953cf277dc92fb50f6a31f66b/fingerprints
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.30.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.64.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-64-108.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Referer: https://f.lowestautosavings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 25 Oct 2022 13:23:59 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

GET iframe.html
deviceid.trueleadid.com/ Frame EBAB 0
0

GET
H2 404 roboto-v20-latin-regular.woff2
ottoinsurance.com/fonts/ 0
0 173ms
172ms Other
text/html 2600:1f13:51c:4402:66dc:e805:5573:b70e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ottoinsurance.com/fonts/roboto-v20-latin-regular.woff2
Requested by: Host: ottoinsurance.com
URL: https://ottoinsurance.com/home.html?s2=404
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:51c:4402:66dc:e805:5573:b70e Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://ottoinsurance.com/home.html?s2=404
Origin: https://ottoinsurance.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:23:59 GMT
content-encoding: gzip
server: nginx
etag: W/"6352a8c9-3a96"
vary: Accept-Encoding
content-type: text/html

GET
H2 404 roboto-v20-latin-700.woff2
ottoinsurance.com/fonts/ 0
0 173ms
173ms Other
text/html 2600:1f13:51c:4402:66dc:e805:5573:b70e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ottoinsurance.com/fonts/roboto-v20-latin-700.woff2
Requested by: Host: ottoinsurance.com
URL: https://ottoinsurance.com/home.html?s2=404
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:51c:4402:66dc:e805:5573:b70e Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://ottoinsurance.com/home.html?s2=404
Origin: https://ottoinsurance.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:23:59 GMT
content-encoding: gzip
server: nginx
etag: W/"6352a8c9-3a96"
vary: Accept-Encoding
content-type: text/html

GET
H2 404 roboto-v20-latin-500.woff2
ottoinsurance.com/fonts/ 0
0 342ms
341ms Other
text/html 2600:1f13:51c:4402:66dc:e805:5573:b70e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ottoinsurance.com/fonts/roboto-v20-latin-500.woff2
Requested by: Host: ottoinsurance.com
URL: https://ottoinsurance.com/home.html?s2=404
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:51c:4402:66dc:e805:5573:b70e Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://ottoinsurance.com/home.html?s2=404
Origin: https://ottoinsurance.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:23:59 GMT
content-encoding: gzip
server: nginx
etag: W/"6352a8c9-3a96"
vary: Accept-Encoding
content-type: text/html

GET
H2 404 roboto-v20-latin-300.woff2
ottoinsurance.com/fonts/ 0
0 173ms
173ms Other
text/html 2600:1f13:51c:4402:66dc:e805:5573:b70e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ottoinsurance.com/fonts/roboto-v20-latin-300.woff2
Requested by: Host: ottoinsurance.com
URL: https://ottoinsurance.com/home.html?s2=404
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:51c:4402:66dc:e805:5573:b70e Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://ottoinsurance.com/home.html?s2=404
Origin: https://ottoinsurance.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:23:59 GMT
content-encoding: gzip
server: nginx
etag: W/"6352a8c9-3a96"
vary: Accept-Encoding
content-type: text/html

GET
H2 404 roboto-v20-latin-900.woff2
ottoinsurance.com/fonts/ 0
0 174ms
173ms Other
text/html 2600:1f13:51c:4402:66dc:e805:5573:b70e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ottoinsurance.com/fonts/roboto-v20-latin-900.woff2
Requested by: Host: ottoinsurance.com
URL: https://ottoinsurance.com/home.html?s2=404
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:51c:4402:66dc:e805:5573:b70e Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://ottoinsurance.com/home.html?s2=404
Origin: https://ottoinsurance.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:23:59 GMT
content-encoding: gzip
server: nginx
etag: W/"6352a8c9-3a96"
vary: Accept-Encoding
content-type: text/html

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 134 KB
52 KB 67ms
29ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-776761050

Requested by

Host: ottoinsurance.com
URL: https://ottoinsurance.com/home.html?s2=404

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

02fbae82e160f308b36e7edb0a65bab25a8f9b6c61ad1a1707389564eae1ce5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ottoinsurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:23:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52884
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 25 Oct 2022 13:23:59 GMT

GET
H2 200 tr
www.facebook.com/ 0
185 B 57ms
16ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=201047007923936&ev=PageView&noscript=1

Requested by

Host: ottoinsurance.com
URL: https://ottoinsurance.com/home.html?s2=404

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ottoinsurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 25 Oct 2022 13:23:59 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 90 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 Otto_BlueLogo.webp
ottoinsurance.com/assets/form-imgs/ 10 KB
10 KB 339ms
337ms Image
image/webp 2600:1f13:51c:4402:66dc:e805:5573:b70e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ottoinsurance.com/assets/form-imgs/Otto_BlueLogo.webp
Requested by: Host: ottoinsurance.com
URL: https://ottoinsurance.com/home.html?s2=404
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:51c:4402:66dc:e805:5573:b70e Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 669dc3fce1945847d7c874deaaee5c5b930bb6336aa44d8d277ae29337b285a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ottoinsurance.com/home.html?s2=404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Tue, 25 Oct 2022 13:23:59 GMT
last-modified: Fri, 21 Oct 2022 14:11:07 GMT
server: nginx
etag: "6352a87b-28d4"
content-type: image/webp
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 10452
expires: Wed, 25 Oct 2023 13:23:59 GMT

GET
H2 200 icon-sprite.webp
ottoinsurance.com/assets/LP/Otto2/ 762 B
992 B 339ms
338ms Image
image/webp 2600:1f13:51c:4402:66dc:e805:5573:b70e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ottoinsurance.com/assets/LP/Otto2/icon-sprite.webp
Requested by: Host: ottoinsurance.com
URL: https://ottoinsurance.com/home.html?s2=404
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:51c:4402:66dc:e805:5573:b70e Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c716ec794783fe2a3bd10a229f16d7bc598ad81eaa4684248efff50598992a46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ottoinsurance.com/home.html?s2=404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Tue, 25 Oct 2022 13:23:59 GMT
last-modified: Fri, 21 Oct 2022 14:11:07 GMT
server: nginx
etag: "6352a87b-2fa"
content-type: image/webp
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 762
expires: Wed, 25 Oct 2023 13:23:59 GMT

GET
H2 200 otto_text_bubble.webp
ottoinsurance.com/assets/LP/Otto3/ 52 KB
52 KB 340ms
338ms Image
image/webp 2600:1f13:51c:4402:66dc:e805:5573:b70e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ottoinsurance.com/assets/LP/Otto3/otto_text_bubble.webp
Requested by: Host: ottoinsurance.com
URL: https://ottoinsurance.com/home.html?s2=404
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:51c:4402:66dc:e805:5573:b70e Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 727d6546fa931043ec0ec23d30dcf38087e0398e2aaadb570bcb083109d9abf1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ottoinsurance.com/home.html?s2=404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Tue, 25 Oct 2022 13:23:59 GMT
last-modified: Fri, 21 Oct 2022 14:11:07 GMT
server: nginx
etag: "6352a87b-d042"
content-type: image/webp
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 53314
expires: Wed, 25 Oct 2023 13:23:59 GMT

GET
H2 200 auto.webp
ottoinsurance.com/assets/LP/Otto3/ 4 KB
4 KB 513ms
512ms Image
image/webp 2600:1f13:51c:4402:66dc:e805:5573:b70e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ottoinsurance.com/assets/LP/Otto3/auto.webp
Requested by: Host: ottoinsurance.com
URL: https://ottoinsurance.com/home.html?s2=404
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:51c:4402:66dc:e805:5573:b70e Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ad05bad46dc4d779368a6abe6cd53b8894723050641be9d43198bb045cae3f9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ottoinsurance.com/home.html?s2=404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Tue, 25 Oct 2022 13:23:59 GMT
last-modified: Fri, 21 Oct 2022 14:11:07 GMT
server: nginx
etag: "6352a87b-e1e"
content-type: image/webp
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 3614
expires: Wed, 25 Oct 2023 13:23:59 GMT

GET
H2 200 pet.webp
ottoinsurance.com/assets/LP/Otto3/ 3 KB
3 KB 513ms
512ms Image
image/webp 2600:1f13:51c:4402:66dc:e805:5573:b70e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ottoinsurance.com/assets/LP/Otto3/pet.webp
Requested by: Host: ottoinsurance.com
URL: https://ottoinsurance.com/home.html?s2=404
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:51c:4402:66dc:e805:5573:b70e Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 46b032f21b4bf7620773b32dbebad663c6849351f7f94746f3e9ace86ec8ab40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ottoinsurance.com/home.html?s2=404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Tue, 25 Oct 2022 13:23:59 GMT
last-modified: Fri, 21 Oct 2022 14:11:07 GMT
server: nginx
etag: "6352a87b-a30"
content-type: image/webp
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 2608
expires: Wed, 25 Oct 2023 13:23:59 GMT

GET
H2 200 home.webp
ottoinsurance.com/assets/LP/Otto3/ 3 KB
3 KB 513ms
512ms Image
image/webp 2600:1f13:51c:4402:66dc:e805:5573:b70e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ottoinsurance.com/assets/LP/Otto3/home.webp
Requested by: Host: ottoinsurance.com
URL: https://ottoinsurance.com/home.html?s2=404
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:51c:4402:66dc:e805:5573:b70e Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: aee1e70d8a95c32f561b655eff35496db337925b3962aa60c15a3296d7266586

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ottoinsurance.com/home.html?s2=404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Tue, 25 Oct 2022 13:23:59 GMT
last-modified: Fri, 21 Oct 2022 14:11:07 GMT
server: nginx
etag: "6352a87b-c7e"
content-type: image/webp
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 3198
expires: Wed, 25 Oct 2023 13:23:59 GMT

GET
H2 200 life.webp
ottoinsurance.com/assets/LP/Otto3/ 5 KB
5 KB 513ms
512ms Image
image/webp 2600:1f13:51c:4402:66dc:e805:5573:b70e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ottoinsurance.com/assets/LP/Otto3/life.webp
Requested by: Host: ottoinsurance.com
URL: https://ottoinsurance.com/home.html?s2=404
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:51c:4402:66dc:e805:5573:b70e Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 20174e5e42fda3b13adefe7032bb555291ad0800acafe37f9dea5aff75458368

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ottoinsurance.com/home.html?s2=404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Tue, 25 Oct 2022 13:23:59 GMT
last-modified: Fri, 21 Oct 2022 14:11:07 GMT
server: nginx
etag: "6352a87b-12be"
content-type: image/webp
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 4798
expires: Wed, 25 Oct 2023 13:23:59 GMT

GET
H2 200 Otto_NewMobileFormPET.webp
ottoinsurance.com/assets/LP/Otto3/ 46 KB
46 KB 513ms
513ms Image
image/webp 2600:1f13:51c:4402:66dc:e805:5573:b70e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ottoinsurance.com/assets/LP/Otto3/Otto_NewMobileFormPET.webp
Requested by: Host: ottoinsurance.com
URL: https://ottoinsurance.com/home.html?s2=404
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:51c:4402:66dc:e805:5573:b70e Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2c21dcdadf66f61694093421e96eecf63c8df7499bdb0de8b457d169636aaa7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ottoinsurance.com/home.html?s2=404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Tue, 25 Oct 2022 13:23:59 GMT
last-modified: Fri, 21 Oct 2022 14:11:07 GMT
server: nginx
etag: "6352a87b-b6e2"
content-type: image/webp
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 46818
expires: Wed, 25 Oct 2023 13:23:59 GMT

GET
H2 200 otto_Compare_Device.webp
ottoinsurance.com/assets/LP/Otto3/ 24 KB
24 KB 514ms
513ms Image
image/webp 2600:1f13:51c:4402:66dc:e805:5573:b70e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ottoinsurance.com/assets/LP/Otto3/otto_Compare_Device.webp
Requested by: Host: ottoinsurance.com
URL: https://ottoinsurance.com/home.html?s2=404
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:51c:4402:66dc:e805:5573:b70e Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b5e8ff219d7086c285af4573489da277bbbbfff927329f0988c35bf76391c00f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ottoinsurance.com/home.html?s2=404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Tue, 25 Oct 2022 13:23:59 GMT
last-modified: Fri, 21 Oct 2022 14:11:07 GMT
server: nginx
etag: "6352a87b-6014"
content-type: image/webp
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 24596
expires: Wed, 25 Oct 2023 13:23:59 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
15 KB 81ms
29ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-776761050

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

8c1f103985ca72fdbd172c878fef875d9e50327c2baac26ce1b80d4a4fbf15e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ottoinsurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:23:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15176
x-xss-protection: 0
server: cafe
etag: 444338200384796413
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 25 Oct 2022 13:23:59 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/776761050/ 2 KB
1 KB 99ms
61ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/776761050/?random=1666704239380&cv=9&fst=1666704239380&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaj0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fottoinsurance.com%2Fhome.html%3Fs2%3D404&ref=https%3A%2F%2Ff.lowestautosavings.com%2F&tiba=Get%20your%20insurance%20policy%20quoted%20from%20the%20best%20sources.%20Compare%20Rates%20Today!&auid=529656925.1666704239&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4e5710450b7dd557a7e54f9eca088b33025e7f2242e51eeb03c365d6ce7911c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ottoinsurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 13:23:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1112
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/776761050/ 2 KB
2 KB 28ms
27ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/776761050/?random=1666704239382&cv=9&fst=1666704239382&num=1&label=SuwCCJyX55YBENrdsfIC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaj0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fottoinsurance.com%2Fhome.html%3Fs2%3D404&ref=https%3A%2F%2Ff.lowestautosavings.com%2F&tiba=Get%20your%20insurance%20policy%20quoted%20from%20the%20best%20sources.%20Compare%20Rates%20Today!&auid=529656925.1666704239&gtm_ee=1&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

84acbc6bc7250f252d6fd10d975b717569f33e38e36fbdfbc3123a111eba4b2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ottoinsurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 13:23:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1423
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/776761050/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/776761050/?random=718167951&cv=9&fst=1666704239382&num=1&label=SuwCCJyX55YBENrdsfIC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200...
https://www.google.com/pagead/1p-conversion/776761050/?random=718167951&cv=9&fst=1666704239382&num=1&label=SuwCCJyX55YBENrdsfIC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...
https://www.google.de/pagead/1p-conversion/776761050/?random=718167951&cv=9&fst=1666704239382&num=1&label=SuwCCJyX55YBENrdsfIC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_...

42 B
108 B

49ms
48ms

Image
image/gif

2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/776761050/?random=718167951&cv=9&fst=1666704239382&num=1&label=SuwCCJyX55YBENrdsfIC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaj0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fottoinsurance.com%2Fhome.html%3Fs2%3D404&ref=https%3A%2F%2Ff.lowestautosavings.com%2F&tiba=Get%20your%20insurance%20policy%20quoted%20from%20the%20best%20sources.%20Compare%20Rates%20Today!&auid=529656925.1666704239&gtm_ee=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOEpMZW1nWVFvTk9vazhxSHRwZGRFaVVBbktFYjdwdmVrZ2FtSnVFNUQtUzJoUmZqRmVaZXRuNjg3NjZvY2dsX05NcXhaajBJGldDaEFJOEpMZW1nWVF4ZXVla0pEUHJNdzlFaTBBWXp2Z2d0VjBnQ05MMEtuQzlyeVdCYUtFVXJCX0M1cnROd09YeUJIR3doSVNEQW1HR1lpWU53NGxJdFk&is_vtc=1&ocp_id=b-NXY4WZGP6K9fgP-OOyqAc&random=744221443&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Host: ottoinsurance.com
URL: https://ottoinsurance.com/home.html?s2=404

Protocol

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ottoinsurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 13:23:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 13:23:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/776761050/?random=718167951&cv=9&fst=1666704239382&num=1&label=SuwCCJyX55YBENrdsfIC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaj0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fottoinsurance.com%2Fhome.html%3Fs2%3D404&ref=https%3A%2F%2Ff.lowestautosavings.com%2F&tiba=Get%20your%20insurance%20policy%20quoted%20from%20the%20best%20sources.%20Compare%20Rates%20Today!&auid=529656925.1666704239&gtm_ee=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOEpMZW1nWVFvTk9vazhxSHRwZGRFaVVBbktFYjdwdmVrZ2FtSnVFNUQtUzJoUmZqRmVaZXRuNjg3NjZvY2dsX05NcXhaajBJGldDaEFJOEpMZW1nWVF4ZXVla0pEUHJNdzlFaTBBWXp2Z2d0VjBnQ05MMEtuQzlyeVdCYUtFVXJCX0M1cnROd09YeUJIR3doSVNEQW1HR1lpWU53NGxJdFk&is_vtc=1&ocp_id=b-NXY4WZGP6K9fgP-OOyqAc&random=744221443&resp=GooglemKTybQhCsO&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/776761050/ 42 B
548 B 67ms
31ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/776761050/?random=1666704239380&cv=9&fst=1666702800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaj0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fottoinsurance.com%2Fhome.html%3Fs2%3D404&ref=https%3A%2F%2Ff.lowestautosavings.com%2F&tiba=Get%20your%20insurance%20policy%20quoted%20from%20the%20best%20sources.%20Compare%20Rates%20Today!&async=1&fmt=3&is_vtc=1&random=461178975&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: ottoinsurance.com
URL: https://ottoinsurance.com/home.html?s2=404

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ottoinsurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 13:23:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/776761050/ 42 B
548 B 71ms
33ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/776761050/?random=1666704239380&cv=9&fst=1666702800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaj0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fottoinsurance.com%2Fhome.html%3Fs2%3D404&ref=https%3A%2F%2Ff.lowestautosavings.com%2F&tiba=Get%20your%20insurance%20policy%20quoted%20from%20the%20best%20sources.%20Compare%20Rates%20Today!&async=1&fmt=3&is_vtc=1&random=461178975&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: ottoinsurance.com
URL: https://ottoinsurance.com/home.html?s2=404

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ottoinsurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 13:23:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=78959B31-C6F5-E9D4-7FE4-08960ACB73A3&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=1BB270D1-0FD6-8B6B-EF5E-AC1F8668F748&lac=005B3277-7DD6-01E2-6D37-54D36A1B5104

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
f.lowestautosavings.com/	1969-12-31 23:59:59	Name: leadid_token-005B3277-7DD6-01E2-6D37-54D36A1B5104-1BB270D1-0FD6-8B6B-EF5E-AC1F8668F748 Value: 78959B31-C6F5-E9D4-7FE4-08960ACB73A3
.ottoinsurance.com/	1970-01-20 09:08:00	Name: _gcl_au Value: 1.1.529656925.1666704239
.doubleclick.net/	1970-01-20 06:58:25	Name: test_cookie Value: CheckForPermission

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ottoinsurance.com/fonts/roboto-v20-latin-regular.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ottoinsurance.com/fonts/roboto-v20-latin-700.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ottoinsurance.com/fonts/roboto-v20-latin-300.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ottoinsurance.com/fonts/roboto-v20-latin-900.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ottoinsurance.com/fonts/roboto-v20-latin-500.woff2 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.trustedform.com
cdn.trustedform.com
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
f.lowestautosavings.com
googleads.g.doubleclick.net
l.ottoinsurance.com
ottoinsurance.com
vitals.vercel-insights.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
deviceid.trueleadid.com
13.225.84.125
172.217.18.98
2600:1f13:51c:4400:7839:e1fd:b64:2bda
2600:1f13:51c:4402:66dc:e805:5573:b70e
2600:9000:20eb:4c00:1c:7f1a:6680:93a1
2606:4700:10::6816:27b6
2a00:1450:4001:809::2002
2a00:1450:4001:827::2004
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::2003
2a03:2880:f12d:83:face:b00c:0:25de
34.236.64.108
52.22.23.67
76.76.21.98
99.80.125.13
02fbae82e160f308b36e7edb0a65bab25a8f9b6c61ad1a1707389564eae1ce5d
1f3571fbd1d380ac472f10c899c95080041b9ff73294f3fca909b502a597009a
20174e5e42fda3b13adefe7032bb555291ad0800acafe37f9dea5aff75458368
23354bbead489770448b9e823775ec1326b01acba4ae649c945bdc41faec1e78
276d9880259a4fef1f3afb0d973435eb145588958ea9f37a7068b9733f5caeaf
2bb436baad4f4798ab42e52b3ace7c25da73a4faafaab1e34703066b5c118e76
2c21dcdadf66f61694093421e96eecf63c8df7499bdb0de8b457d169636aaa7d
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
38a491d3b1dd8ef731f0fe8aec813f1d2a8e99e226bee5ec6cc42ec8b2a54c43
3d0ef1b6c712c157d55e58514b005761f7bc319cabcc36e2832061b21a16cc6c
46b032f21b4bf7620773b32dbebad663c6849351f7f94746f3e9ace86ec8ab40
50f24e516ae1c0492e06b1c81d1fd961f22cb35a5f9f55ec8bb8f4a10b7f5d51
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
54561bf37bcdbb5e6e1ddad10af0b9c4652924d0fe478767fb98b2aa374c27e5
669dc3fce1945847d7c874deaaee5c5b930bb6336aa44d8d277ae29337b285a1
6c8c7173f7bb2a00968a959f017093e8e0cbd057fd1651a1568751430d3c5ddd
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
727d6546fa931043ec0ec23d30dcf38087e0398e2aaadb570bcb083109d9abf1
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
84acbc6bc7250f252d6fd10d975b717569f33e38e36fbdfbc3123a111eba4b2f
8c1f103985ca72fdbd172c878fef875d9e50327c2baac26ce1b80d4a4fbf15e5
8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b
ad05bad46dc4d779368a6abe6cd53b8894723050641be9d43198bb045cae3f9d
aee1e70d8a95c32f561b655eff35496db337925b3962aa60c15a3296d7266586
b5e8ff219d7086c285af4573489da277bbbbfff927329f0988c35bf76391c00f
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
c716ec794783fe2a3bd10a229f16d7bc598ad81eaa4684248efff50598992a46
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e5710450b7dd557a7e54f9eca088b33025e7f2242e51eeb03c365d6ce7911c
eb64bcde769884e3a7e437e7a9c0cc9b75e295d28c826b490079b0bcd5aca891
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

ottoinsurance.com Open in urlscan Pro 2600:1f13:51c:4402:66dc:e805:5573:b70e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

48 Requests

94 %HTTPS

60 %IPv6

14 Domains

16 Subdomains

15 IPs

3 Countries

460 kBTransfer

1051 kBSize

3 Cookies

4 Outgoing links

Page URL History

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ottoinsurance.com Open in urlscan Pro
2600:1f13:51c:4402:66dc:e805:5573:b70e Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

94 %
HTTPS

60 %
IPv6

14
Domains

16
Subdomains

15
IPs

3
Countries

460 kB
Transfer

1051 kB
Size

3
Cookies

48 HTTP transactions
4 data transactions