quoteandinsuranceforga.com Open in urlscan Pro
34.69.219.172 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://quoteandinsuranceforga.com/
Submission: On November 02 via api (November 2nd 2023, 8:07:43 pm UTC) from US — Scanned from US

Summary HTTP 97 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 27 IPs in 2 countries across 25 domains to perform 97 HTTP transactions. The main IP is 34.69.219.172, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is quoteandinsuranceforga.com.
TLS certificate: Issued by R3 on November 1st 2023. Valid for: 3 months.

This is the only time quoteandinsuranceforga.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	34.69.219.172 34.69.219.172	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	2600:9000:250... 2600:9000:2509:e400:2:8f43:5780:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
41	152.195.54.7 152.195.54.7	15133 (EDGECAST) (EDGECAST)
2	23.36.94.118 23.36.94.118	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2607:f8b0:400... 2607:f8b0:4004:c08::5f	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.198.70.133 104.198.70.133	15169 (GOOGLE) (GOOGLE)
1 7	54.145.158.33 54.145.158.33	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4004:c06::5f	15169 (GOOGLE) (GOOGLE)
1	2600:1408:20:... 2600:1408:20:388::19f0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	63.140.38.180 63.140.38.180	14618 (AMAZON-AES) (AMAZON-AES)
1 1	52.203.187.67 52.203.187.67	14618 (AMAZON-AES) (AMAZON-AES)
1	54.208.38.52 54.208.38.52	14618 (AMAZON-AES) (AMAZON-AES)
1	104.106.226.153 104.106.226.153	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.165.83.107 18.165.83.107	16509 (AMAZON-02) (AMAZON-02)
1	18.210.108.219 18.210.108.219	14618 (AMAZON-AES) (AMAZON-AES)
2 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
4 4	172.253.62.157 172.253.62.157	15169 (GOOGLE) (GOOGLE)
2 7	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
6 6	3.225.218.10 3.225.218.10	14618 (AMAZON-AES) (AMAZON-AES)
1 1	34.202.119.60 34.202.119.60	14618 (AMAZON-AES) (AMAZON-AES)
1	34.200.157.66 34.200.157.66	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4004:c09::61	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f07... 2a03:2880:f07d:0:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a04:4e42:77::84 2a04:4e42:77::84	54113 (FASTLY) (FASTLY)
3	18.67.60.119 18.67.60.119	16509 (AMAZON-02) (AMAZON-02)
3	151.101.192.84 151.101.192.84	54113 (FASTLY) (FASTLY)
2 2	68.67.160.117 68.67.160.117	29990 (ASN-APPNEX) (ASN-APPNEX)
2	23.43.85.141 23.43.85.141	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
2	2a03:2880:f17... 2a03:2880:f171:81:face:b00c:0:25de	() ()
97	27

1 34.69.219.172 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 172.219.69.34.bc.googleusercontent.com

quoteandinsuranceforga.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2509:e400:2:8f43:5780:93a1 (United States)

ASN16509 (AMAZON-02, US)

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 152.195.54.7 (United States)

ASN15133 (EDGECAST, US)

static2.st8fm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ac2.st8fm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.statefarm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static1.st8fm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.36.94.118 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-94-118.deploy.static.akamaitechnologies.com

cdn-pci.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.198.70.133 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 133.70.198.104.bc.googleusercontent.com

mx-api.prod.mirus.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
peachy.prod.mirus.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.145.158.33 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-158-33.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1408:20:388::19f0 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

tapi.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.38.180 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-180.data.adobedc.net

smetrics.statefarm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.203.187.67 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-187-67.compute-1.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.208.38.52 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-38-52.compute-1.amazonaws.com

statefarmmutualautomobileinsurancecompany.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.106.226.153 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-106-226-153.deploy.static.akamaitechnologies.com

a8367280580.cdn-pci.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.165.83.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-83-107.iad55.r.cloudfront.net

deel-id-persistence.deel.c1.statefarm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.210.108.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-108-219.compute-1.amazonaws.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.253.62.157 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: bc-in-f157.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.225.218.10 (Ashburn, United States) 6 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.202.119.60 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-119-60.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.200.157.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-157-66.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::61 (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f07d:0:face:b00c:0:3 (Apodaca, Mexico)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:77::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.67.60.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-60-119.iad89.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.192.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.160.117 (Fairfield, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.43.85.141 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-43-85-141.deploy.static.akamaitechnologies.com

hb.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f171:81:face:b00c:0:25de (None, )

ASN- ()

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	st8fm.com static2.st8fm.com — Cisco Umbrella Rank: 119528 ac2.st8fm.com — Cisco Umbrella Rank: 110174 static1.st8fm.com — Cisco Umbrella Rank: 31700	1010 KB
10	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 353 js.adsrvr.org — Cisco Umbrella Rank: 1610 insight.adsrvr.org — Cisco Umbrella Rank: 584	9 KB
8	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 228 statefarmmutualautomobileinsurancecompany.demdex.net — Cisco Umbrella Rank: 10918	10 KB
6	yahoo.com 6 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 1460 ups.analytics.yahoo.com — Cisco Umbrella Rank: 327	2 KB
5	optimizely.com cdn-pci.optimizely.com — Cisco Umbrella Rank: 10543 tapi.optimizely.com — Cisco Umbrella Rank: 14005 a8367280580.cdn-pci.optimizely.com — Cisco Umbrella Rank: 69723 logx.optimizely.com — Cisco Umbrella Rank: 1496	144 KB
5	ensighten.com nexus.ensighten.com — Cisco Umbrella Rank: 3744	76 KB
4	doubleclick.net 4 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 245	998 B
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	36 KB
3	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 849	1 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	127 KB
3	mirus.io mx-api.prod.mirus.io — Cisco Umbrella Rank: 669861 peachy.prod.mirus.io — Cisco Umbrella Rank: 314815	20 KB
3	statefarm.com www.statefarm.com — Cisco Umbrella Rank: 21529 smetrics.statefarm.com — Cisco Umbrella Rank: 29231	3 KB
2	facebook.com www.facebook.com	185 B
2	yahoo.net hb.yahoo.net — Cisco Umbrella Rank: 938	1 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 246	2 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 847	21 KB
2	krxd.net 1 redirects usermatch.krxd.net — Cisco Umbrella Rank: 1979 beacon.krxd.net — Cisco Umbrella Rank: 758	529 B
2	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 415	833 B
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 364 fonts.googleapis.com — Cisco Umbrella Rank: 31	31 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1137	35 KB
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 376	335 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	94 KB
1	c1.statefarm deel-id-persistence.deel.c1.statefarm — Cisco Umbrella Rank: 79381	3 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1275	517 B
1	quoteandinsuranceforga.com quoteandinsuranceforga.com	15 KB
97	25

	Domain	Requested by
23	static2.st8fm.com	quoteandinsuranceforga.com static2.st8fm.com
16	static1.st8fm.com	static2.st8fm.com ajax.googleapis.com static1.st8fm.com quoteandinsuranceforga.com
7	dpm.demdex.net	1 redirects quoteandinsuranceforga.com
5	ups.analytics.yahoo.com	5 redirects
5	match.adsrvr.org	2 redirects js.adsrvr.org
5	nexus.ensighten.com	quoteandinsuranceforga.com nexus.ensighten.com
4	cm.g.doubleclick.net	4 redirects
4	cdnjs.cloudflare.com	quoteandinsuranceforga.com
3	ct.pinterest.com	static1.st8fm.com s.pinimg.com
3	js.adsrvr.org	www.googletagmanager.com insight.adsrvr.org
3	connect.facebook.net	quoteandinsuranceforga.com connect.facebook.net
2	www.facebook.com
2	hb.yahoo.net	js.adsrvr.org
2	ib.adnxs.com	2 redirects
2	insight.adsrvr.org	js.adsrvr.org
2	s.pinimg.com	quoteandinsuranceforga.com s.pinimg.com
2	peachy.prod.mirus.io	static1.st8fm.com
2	idsync.rlcdn.com	2 redirects
2	smetrics.statefarm.com	nexus.ensighten.com quoteandinsuranceforga.com
2	cdn-pci.optimizely.com	quoteandinsuranceforga.com cdn-pci.optimizely.com
2	maxcdn.bootstrapcdn.com	quoteandinsuranceforga.com
1	pixel.rubiconproject.com	js.adsrvr.org
1	www.googletagmanager.com	nexus.ensighten.com
1	beacon.krxd.net
1	usermatch.krxd.net	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	logx.optimizely.com	static1.st8fm.com
1	deel-id-persistence.deel.c1.statefarm	nexus.ensighten.com
1	a8367280580.cdn-pci.optimizely.com	cdn-pci.optimizely.com
1	statefarmmutualautomobileinsurancecompany.demdex.net	nexus.ensighten.com
1	cm.everesttech.net	1 redirects
1	tapi.optimizely.com	cdn-pci.optimizely.com
1	fonts.googleapis.com	static2.st8fm.com
1	mx-api.prod.mirus.io	quoteandinsuranceforga.com
1	www.statefarm.com	quoteandinsuranceforga.com
1	ac2.st8fm.com	quoteandinsuranceforga.com
1	ajax.googleapis.com	quoteandinsuranceforga.com
1	quoteandinsuranceforga.com
97	38

This site contains links to these domains. Also see Links.

Domain
www.statefarm.com
proofing.statefarm.com
apps.statefarm.com
financials.statefarm.com
get-id-card.delitess.c1.statefarm
www.facebook.com
search.google.com
www.instagram.com
www.linkedin.com
twitter.com
www.yelp.com
www.annpricesf.com
brokercheck.finra.org
static1.st8fm.com
trupanion.com

Subject Issuer	Validity	Valid
quoteandinsuranceforga.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
nexus.ensighten.com Amazon RSA 2048 M02	`2023-09-29` - `2024-10-27`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
statefarm.com Entrust Certification Authority - L1K	`2023-08-22` - `2024-08-22`	a year	crt.sh
cdn-pci.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-30` - `2024-01-31`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
mx-api.prod.mirus.io R3	`2023-10-22` - `2024-01-20`	3 months	crt.sh
*.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-09-04`	a year	crt.sh
smetrics.statefarm.com Entrust Certification Authority - L1K	`2023-01-20` - `2024-02-19`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
*.cdn-pci.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-30` - `2024-01-31`	a year	crt.sh
deel-id-persistence.deel.c1.statefarm Amazon RSA 2048 M02	`2023-08-01` - `2024-08-29`	a year	crt.sh
logx.optimizely.com Amazon RSA 2048 M01	`2023-06-24` - `2024-07-22`	a year	crt.sh
peachy.prod.mirus.io R3	`2023-10-11` - `2024-01-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-12` - `2023-11-10`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-31` - `2024-08-07`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
hb.yahoo.net R3	`2023-10-09` - `2024-01-07`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://quoteandinsuranceforga.com/
Frame ID: 86B0BEF61167ACB8A7356B516916870C
Requests: 78 HTTP requests in this frame

Frame: https://statefarmmutualautomobileinsurancecompany.demdex.net/dest5.html?d_nsid=0
Frame ID: F6B0CBEE7A32B9045FC8FB25A6538BDD
Requests: 6 HTTP requests in this frame

Frame: https://a8367280580.cdn-pci.optimizely.com/client_storage/a8367280580.html
Frame ID: 7628F02D188986ADC862E72550308709
Requests: 1 HTTP requests in this frame

Frame: https://deel-id-persistence.deel.c1.statefarm/
Frame ID: 10F10607FA3B7F20A4910FA5C30F89DC
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=3davbp4&ref=https%3A%2F%2Fquoteandinsuranceforga.com%2F&upid=t8xbszz&upv=1.1.0
Frame ID: FCA99C582D77B436747FE035128C6682
Requests: 2 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=ijc4snf&ref=https%3A%2F%2Fquoteandinsuranceforga.com%2F&upid=9nilek2&upv=1.1.0
Frame ID: 644B36A48C37A1BBE5D3FE3AA517E4FD
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=5612683484245028400&ttd_tdid=48b50d1b-21d8-45dd-b183-17303e6d77ba
Frame ID: 904970B052685FDA323E2C86FFFA2497
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=48b50d1b-21d8-45dd-b183-17303e6d77ba&google_gid=CAESEPDsTm4IZ-GW0tsdjZ5T_X4&google_cver=1
Frame ID: BFA169EC6F06FB861EBB01BB921B0A8F
Requests: 1 HTTP requests in this frame

Frame: https://hb.yahoo.net/cksync?cs=63&axid_e=eS0xcXFpNmJoRTJ1SEZrX0RGbmZSQXNKaUZmcl9UZlJiUH5B&gdpr=0&ovsid=48b50d1b-21d8-45dd-b183-17303e6d77ba&dpid=55953
Frame ID: F87FE3EE9E7B63186FA2F3B5DDA16C67
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=48b50d1b-21d8-45dd-b183-17303e6d77ba&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
Frame ID: 96EA31A2BD5C70464AE6D62FE9DA4354
Requests: 1 HTTP requests in this frame

Frame: https://hb.yahoo.net/cksync?cs=63&axid_e=eS0xcXFpNmJoRTJ1SEZrX0RGbmZSQXNKaUZmcl9UZlJiUH5B&gdpr=0&ovsid=48b50d1b-21d8-45dd-b183-17303e6d77ba&dpid=55953
Frame ID: BDDE333A3F5F202ED83DB09491D65D66
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=48b50d1b-21d8-45dd-b183-17303e6d77ba&google_gid=CAESEPDsTm4IZ-GW0tsdjZ5T_X4&google_cver=1
Frame ID: C8B7F08796243B7D2DDD43E369C865DE
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 70748B134CEC2F5451479ECD88671FAD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ann Price - State Farm Insurance Agent in Duluth, GA

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Handlebars (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

handlebars(?:\.runtime)?(?:-v([\d.]+?))?(?:\.min)?\.js

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

//nexus\.ensighten\.com/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

97
Requests

92 %
HTTPS

31 %
IPv6

25
Domains

38
Subdomains

27
IPs

2
Countries

1635 kB
Transfer

4701 kB
Size

34
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://www.statefarm.com/#oneX-main-content
Title: Skip to Main Content

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/

Search URL Search Domain Scan URL

URL: https://proofing.statefarm.com/forgot-ui/landing
Title: Trouble logging in?

Search URL Search Domain Scan URL

URL: https://apps.statefarm.com/CustomerRegistrationUI/
Title: Create an account

Search URL Search Domain Scan URL

URL: https://financials.statefarm.com/guest-pay/
Title: Pay a bill

Search URL Search Domain Scan URL

URL: https://get-id-card.delitess.c1.statefarm/view-insurance-card
Title: Get ID card

Search URL Search Domain Scan URL

URL: https://financials.statefarm.com/AutomatedPaymentEnroll/autoPay_billPay_LiteAuth#1
Title: autopay

Search URL Search Domain Scan URL

URL: https://apps.statefarm.com/lite-auth-paperless/
Title: paperless billing

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/agent/us/ga/duluth/ann-bishoffprice-yxtfm1ys000

Search URL Search Domain Scan URL

URL: https://www.facebook.com/116627085030446

Search URL Search Domain Scan URL

URL: https://search.google.com/local/writereview?placeid=ChIJDe7kUMWi9YgROHEcrf5NFK8

Search URL Search Domain Scan URL

URL: https://www.instagram.com/annpricesf/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/annpricesf

Search URL Search Domain Scan URL

URL: https://twitter.com/statefarmduluth

Search URL Search Domain Scan URL

URL: https://www.yelp.com/biz/IX9ZXQn4Po2DHbpPwB_7pg

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/insurance/retrievequote
Title: or continue a quote

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/agent/us/ga/duluth/ann-bishoffprice-yxtfm1ys000/map?officeAssociateId=YT4MH4M4PP5
Title: Get Directions

Search URL Search Domain Scan URL

URL: https://www.annpricesf.com/
Title: www.annpricesf.com

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/claims
Title: File a Claim

Search URL Search Domain Scan URL

URL: https://brokercheck.finra.org/
Title: FINRA's Broker Check

Search URL Search Domain Scan URL

URL: https://static1.st8fm.com/en_US/downloads/sf/customer-relationship-summary.pdf
Title: State Farm VP Management Corp. Customer Relationship Summary

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/insurance/personal-price-plan

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/insurance/home-and-property/renters

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/insurance/multiline

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/insurance/life

Search URL Search Domain Scan URL

URL: http://www.statefarm.com/IPS/prospectus/
Title: prospectus page

Search URL Search Domain Scan URL

URL: https://trupanion.com/pet-insurance/policy/view-sample-policy
Title: full policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://dpm.demdex.net/id?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1698955653877 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1698955653877

Request Chain 34

https://cm.everesttech.net/cm/dd?d_uuid=87783609850180603691372816273633965665 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZUQBhwAAAD9-TAMv

Request Chain 66

https://idsync.rlcdn.com/365868.gif?partner_uid=87783609850180603691372816273633965665 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomODc3ODM2MDk4NTAxODA2MDM2OTEzNzI4MTYyNzM2MzM5NjU2NjUQABoNCIiDkKoGEgUI6AcQAEIASgA HTTP 307
https://dpm.demdex.net/ibs:dpid=477&dpuuid=19d39222316581ff8f2d3015f2ca3ae856687840a1f3bcf424ae838d47c7759db0da87c991749652

Request Chain 68

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=ODc3ODM2MDk4NTAxODA2MDM2OTEzNzI4MTYyNzM2MzM5NjU2NjU= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=ODc3ODM2MDk4NTAxODA2MDM2OTEzNzI4MTYyNzM2MzM5NjU2NjU=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFJtAriYIidGYYD1hSoqdOk&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 70

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=quoteandinsuranceforga.com&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=quoteandinsuranceforga.com&ttd_tpi=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=48b50d1b-21d8-45dd-b183-17303e6d77ba

Request Chain 73

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=87783609850180603691372816273633965665&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58782/cms?partner_id=ADOBE&_hosted_id=87783609850180603691372816273633965665&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-xZk_CnlE2pGED1HJqFd5QHIWVA43DAZHZKQ-~A

Request Chain 74

https://usermatch.krxd.net/um/v2?partner=adobe&id=87783609850180603691372816273633965665 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=87783609850180603691372816273633965665

Request Chain 86

https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=48b50d1b-21d8-45dd-b183-17303e6d77ba HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3D48b50d1b-21d8-45dd-b183-17303e6d77ba HTTP 302
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=5612683484245028400&ttd_tdid=48b50d1b-21d8-45dd-b183-17303e6d77ba

Request Chain 87

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=NDhiNTBkMWItMjFkOC00NWRkLWIxODMtMTczMDNlNmQ3N2Jh&gdpr=0&gdpr_consent=&ttd_tdid=48b50d1b-21d8-45dd-b183-17303e6d77ba HTTP 302
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=48b50d1b-21d8-45dd-b183-17303e6d77ba&google_gid=CAESEPDsTm4IZ-GW0tsdjZ5T_X4&google_cver=1

Request Chain 88

https://ups.analytics.yahoo.com/ups/55953/sync?uid=48b50d1b-21d8-45dd-b183-17303e6d77ba&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=55953&ovsid=48b50d1b-21d8-45dd-b183-17303e6d77ba&gdpr=0&redir=true HTTP 302
https://hb.yahoo.net/cksync?cs=63&axid_e=eS0xcXFpNmJoRTJ1SEZrX0RGbmZSQXNKaUZmcl9UZlJiUH5B&gdpr=0&ovsid=48b50d1b-21d8-45dd-b183-17303e6d77ba&dpid=55953

Request Chain 91

https://ups.analytics.yahoo.com/ups/55953/sync?uid=48b50d1b-21d8-45dd-b183-17303e6d77ba&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=55953&ovsid=48b50d1b-21d8-45dd-b183-17303e6d77ba&gdpr=0&redir=true HTTP 302
https://hb.yahoo.net/cksync?cs=63&axid_e=eS0xcXFpNmJoRTJ1SEZrX0RGbmZSQXNKaUZmcl9UZlJiUH5B&gdpr=0&ovsid=48b50d1b-21d8-45dd-b183-17303e6d77ba&dpid=55953

Request Chain 92

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=NDhiNTBkMWItMjFkOC00NWRkLWIxODMtMTczMDNlNmQ3N2Jh&gdpr=0&gdpr_consent=&ttd_tdid=48b50d1b-21d8-45dd-b183-17303e6d77ba HTTP 302
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=48b50d1b-21d8-45dd-b183-17303e6d77ba&google_gid=CAESEPDsTm4IZ-GW0tsdjZ5T_X4&google_cver=1

97 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
quoteandinsuranceforga.com/ 59 KB
15 KB 377ms
122ms Document
text/html 34.69.219.172
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://quoteandinsuranceforga.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.69.219.172 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 172.219.69.34.bc.googleusercontent.com
Software: /
Resource Hash: 6a1153654760c8ea9457c4252167b85dac425c98415184c38c38f16a808288d1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 02 Nov 2023 20:07:33 GMT
vary: origin,accept-encoding
x-cheesecrd-backend: mx-api
x-cheesecrd-lookup: master:quoteandinsuranceforga.com/
x-cheesecrd-path: /
x-microsite-source: https://www.statefarm.com/agent/us/ga/duluth/ann-bishoff-price-yxtfm1ys000

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/statefarm/mirus/ 76 KB
23 KB 194ms
38ms Script
application/javascript 2600:9000:2509:e400:2:8f43:5780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Requested by: Host: quoteandinsuranceforga.com
URL: https://quoteandinsuranceforga.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2509:e400:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 558a4cb58fca5ff87e63196e14a18b3895ded0809b273f56621f250c1a0b93e2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 20:11:58 GMT
x-amz-version-id: bGwc3SeotA4HTPdBgugJN.WMG2zz4j8p
content-encoding: br
via: 1.1 f0a9678a89ea6fb10debcb7507e49828.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P2
age: 172536
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 31 Oct 2023 20:11:36 GMT
server: CloudFront
etag: W/"3b7e71dc71f23c6c58f157a6e79d0842"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
x-amz-cf-id: I1KFf3cHn4qgFTwauYUDUvUhb3TkUOstZMbQVHslNOq-lN6Jeg2PTA==

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.6/css/ 147 KB
22 KB 139ms
50ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.6/css/bootstrap.min.css

Requested by

Host: quoteandinsuranceforga.com
URL: https://quoteandinsuranceforga.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aebf611c1438dc7ec748e9a6364c734066b34bf2a1c7e2fc6511ed784635b50e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 613, 617, 617
age: 732874
cdn-cachedat: 2021-05-12 00:57:44
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:02 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 16164dda0ecd0f7f3b6ec1083390b81c
timing-allow-origin: *
cdn-requestcountrycode: US
cf-ray: 81ff0123fb224bcf-BUF
cdn-requestpullsuccess: True

GET
H2 200 normalize.css
static2.st8fm.com/en_US/dxl-1x/prod/css/lib/ 16 KB
6 KB 284ms
70ms Stylesheet
text/css 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static2.st8fm.com/en_US/dxl-1x/prod/css/lib/normalize.css

Requested by

Host: quoteandinsuranceforga.com
URL: https://quoteandinsuranceforga.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (nya/79BE) /

Resource Hash

1fe711aec93171cacefa8198f5b235bf84fde20b14a8c873a66b044373037128

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:33 GMT
content-encoding: gzip
last-modified: Mon, 30 Oct 2023 16:40:03 GMT
server: ECD (nya/79BE)
age: 12952
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
accept-ranges: bytes
content-length: 5846
expires: Fri, 03 Nov 2023 00:07:33 GMT

GET
H2 200 1x.core.css
static2.st8fm.com/en_US/dxl-1x/prod/css/ 617 KB
69 KB 243ms
34ms Stylesheet
text/css 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css

Requested by

Host: quoteandinsuranceforga.com
URL: https://quoteandinsuranceforga.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (nya/79C8) /

Resource Hash

4a3db30996d4feb1de7cb1aa05d033ce57226b3d673b71d9bbb7c6edccfa5627

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:33 GMT
content-encoding: gzip
last-modified: Mon, 30 Oct 2023 16:40:02 GMT
server: ECD (nya/79C8)
age: 469
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
accept-ranges: bytes
content-length: 70343
expires: Fri, 03 Nov 2023 00:07:33 GMT

GET
H2 200 8421581994.js Show response
cdn-pci.optimizely.com/js/ 680 KB
140 KB 147ms
44ms Script
text/javascript 23.36.94.118
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-pci.optimizely.com/js/8421581994.js

Requested by

Host: quoteandinsuranceforga.com
URL: https://quoteandinsuranceforga.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.94.118 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-36-94-118.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

fcc67db13b460832e5371afd8cc45412bab5e7a2daaecdc04984e9252ac64236

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-meta-pci_enabled: True
x-amz-version-id: MnbWjcoZ_y6CEft8zNlmRySblI7f9qzH
content-encoding: gzip
date: Thu, 02 Nov 2023 20:07:33 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: 57NJQRHSTEAKVJZ8
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 45784
x-amz-replication-status: PENDING
content-length: 142736
x-amz-id-2: Pfw23dmrior2eSLY9JsnhR2KQLGLekQvcHgTHPSSMqe8obZRpR0rv7gcRCLbRkRKQAWQia31b1A=
last-modified: Thu, 02 Nov 2023 19:16:44 GMT
server: AmazonS3
etag: "bdd047ce53ccd19572c4adc3da5145c0"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 StateFarmCommon.js Show response
static2.st8fm.com/en_US/b2c_dvts/common/js/lib/ 1 KB
874 B 444ms
235ms Script
application/javascript 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static2.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js

Requested by

Host: quoteandinsuranceforga.com
URL: https://quoteandinsuranceforga.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (daa/7CDC) /

Resource Hash

7089daf157502215443a599029db038759f29db18fe119b4de595dc5d66c3856

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 20:07:34 GMT
content-encoding: gzip
server: ECD (daa/7CDC)
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 757
expires: 0

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 129ms
40ms Script
text/javascript 2607:f8b0:4004:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: quoteandinsuranceforga.com
URL: https://quoteandinsuranceforga.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 22:45:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 163334
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Oct 2024 22:45:19 GMT

GET
H2 200 handlebars.js Show response
cdnjs.cloudflare.com/ajax/libs/handlebars.js/4.0.6/ 160 KB
29 KB 131ms
44ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/handlebars.js/4.0.6/handlebars.js

Requested by

Host: quoteandinsuranceforga.com
URL: https://quoteandinsuranceforga.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02e9c70478b4ed0444cfa8a953983e0a0388b731ec7b07662bd667d56816bf2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 657376
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 29180
last-modified: Mon, 04 May 2020 16:10:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e72-27e1d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OojSnkTHLsiEuOHSUemm%2B0zQWiHH2dg5Okv83ogUBVcWkn0w%2BNeNAMhJcJA1P%2BZJmQZoEoT2r%2F7as3yFiDe%2F%2B1JiFByuRXE6CMIJzji6xo2390Gdwkxmd3i7x9mrzCXlGULgzEn9Go7IfWoON9vzA7ef"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81ff0123fec94bd8-BUF
expires: Tue, 22 Oct 2024 20:07:33 GMT

GET
H2 200 1x.core.js Show response
static2.st8fm.com/en_US/dxl-1x/prod/js/ 340 KB
103 KB 288ms
81ms Script
application/javascript 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static2.st8fm.com/en_US/dxl-1x/prod/js/1x.core.js

Requested by

Host: quoteandinsuranceforga.com
URL: https://quoteandinsuranceforga.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (nya/79C9) /

Resource Hash

eef4b80043a4aeba715efb34d50df6f3c9246747bd2444aa9befe8687221f51c

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:33 GMT
content-encoding: gzip
last-modified: Mon, 30 Oct 2023 16:40:02 GMT
server: ECD (nya/79C9)
age: 6071
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
accept-ranges: bytes
content-length: 105356
expires: Fri, 03 Nov 2023 00:07:33 GMT

GET
H2 200 1x.client.js Show response
static2.st8fm.com/en_US/dxl-1x/prod/js/ 3 KB
1 KB 318ms
110ms Script
application/javascript 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static2.st8fm.com/en_US/dxl-1x/prod/js/1x.client.js

Requested by

Host: quoteandinsuranceforga.com
URL: https://quoteandinsuranceforga.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (nya/1C17) /

Resource Hash

e121c2f8e5ffa52a72b7a4c6dcd76e6ee6e48414991ffa1e58ad0cea7af92105

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:33 GMT
content-encoding: gzip
last-modified: Mon, 30 Oct 2023 16:40:02 GMT
server: ECD (nya/1C17)
age: 13195
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
accept-ranges: bytes
content-length: 1287
expires: Fri, 03 Nov 2023 00:07:33 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 48 KB
13 KB 133ms
51ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

Requested by

Host: quoteandinsuranceforga.com
URL: https://quoteandinsuranceforga.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1001
age: 408158
cdn-cachedat: 10/01/2022 01:42:47
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: f1b35a507a27ac9c79c5cd36b356838d
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 81ff0123fb244bcf-BUF
cdn-requestpullsuccess: True

GET
H2 200 jquery-migrate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.0.0/ 7 KB
3 KB 129ms
43ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.0.0/jquery-migrate.min.js

Requested by

Host: quoteandinsuranceforga.com
URL: https://quoteandinsuranceforga.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26494360e0db8345fef2c3e22a47055116f9cfb46f94d308684dd1036cfdeefc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 744446
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2382
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-1bab"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2qXdQpQbPm%2Bip0C0U%2BWX%2FSNygsyG6U1J3wAA1pX7%2B2fJRltbetKiDmIhkMYgPC7pP20dJ2NgZ35RgPyCGs9SQNvBxGgx11Fv911cvsXM7cwsB8UfZNT%2F%2FjgpDR51EB5js48prQQqhJ9heAgFngSYYX6p"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81ff0123feca4bd8-BUF
expires: Tue, 22 Oct 2024 20:07:33 GMT

GET
H2 200 jquery.lazy.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.6/ 5 KB
3 KB 128ms
41ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.6/jquery.lazy.min.js

Requested by

Host: quoteandinsuranceforga.com
URL: https://quoteandinsuranceforga.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b79c2cee1e5d9ece0147e076bf08b9eae8b61e1d9cd7c5715dcbc54816decaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 410545
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2092
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-139e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xBGJ8oo8E3cmTzMhdfyO810gw%2FtwbNzTQojrY3%2FKMKA12%2FUavBA5KyiG5PIvj7sIybG82QpDUDq2IkqHJbQk756kH%2BkHnoGc4uOGQinCwFCUasEzil12G1Rwg5V4LxRFBbhKV2xBfoq7wOKm7BZ3i9zr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81ff0123fec84bd8-BUF
expires: Tue, 22 Oct 2024 20:07:33 GMT

GET
H2 200 jquery.lazy.plugins.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.6/ 4 KB
2 KB 128ms
42ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.6/jquery.lazy.plugins.min.js

Requested by

Host: quoteandinsuranceforga.com
URL: https://quoteandinsuranceforga.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bc192aee347215f0a0764e0ffb8d1f9962807fcd1fdf64607e60073212b10e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 634808
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1222
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-106c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jpIOoB0pKxPMpBW48mTf6iFBW2ZQIkH%2Bf0%2BO2wJmVMDl%2F4FvADW28m7HQu4fyUwqZfKC9%2BX0hCMsiJPS2vPfYvxCyWqZ3SPLc3QZNU%2FgSvSFuV9e7WUcvubdVH2TkIo9ePPQIL8YCPxZJ636Q%2BjLB13Z"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81ff0123fecb4bd8-BUF
expires: Tue, 22 Oct 2024 20:07:33 GMT

GET
H2 200 util.min.js Show response
static2.st8fm.com/en_US/dxl/js/min/ 29 KB
9 KB 284ms
77ms Script
application/javascript 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static2.st8fm.com/en_US/dxl/js/min/util.min.js

Requested by

Host: quoteandinsuranceforga.com
URL: https://quoteandinsuranceforga.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (nya/79CC) /

Resource Hash

240422c986046f61655378669aca9bc6e6369c8f7c2897c0c73f7313eac34fed

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:33 GMT
content-encoding: gzip
last-modified: Thu, 13 Jul 2023 20:09:03 GMT
server: ECD (nya/79CC)
age: 5362
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
accept-ranges: bytes
content-length: 9231
expires: Fri, 03 Nov 2023 00:07:33 GMT

GET
H2 200 validators.min.js Show response
static2.st8fm.com/en_US/dxl/js/min/ 5 KB
2 KB 277ms
71ms Script
application/javascript 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static2.st8fm.com/en_US/dxl/js/min/validators.min.js

Requested by

Host: quoteandinsuranceforga.com
URL: https://quoteandinsuranceforga.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (nya/1C17) /

Resource Hash

c7012dbe6534ccd46097b8756ffbbcc4d030429939edb882fbb29d48298ed30f

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:33 GMT
content-encoding: gzip
last-modified: Thu, 13 Jul 2023 20:09:02 GMT
server: ECD (nya/1C17)
age: 12504
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
accept-ranges: bytes
content-length: 1489
expires: Fri, 03 Nov 2023 00:07:33 GMT

GET
H2 200 microsite.min.css
static2.st8fm.com/en_US/applications/agent/sf.gd.aoi.agentlocatormicrosite.agent-6.2.0-RC-172/styles/ 3 KB
1 KB 273ms
67ms Stylesheet
text/css 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static2.st8fm.com/en_US/applications/agent/sf.gd.aoi.agentlocatormicrosite.agent-6.2.0-RC-172/styles/microsite.min.css

Requested by

Host: quoteandinsuranceforga.com
URL: https://quoteandinsuranceforga.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (nya/79C6) /

Resource Hash

3d17b798b45775e93e25293bba964ac616e1d2a8325173ed87ad9560233c117c

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:33 GMT
content-encoding: gzip
last-modified: Mon, 23 Oct 2023 19:55:02 GMT
server: ECD (nya/79C6)
age: 237833
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
x-frame-options: DENY
accept-ranges: bytes
content-length: 1217
expires: Thu, 09 Nov 2023 20:07:33 GMT

GET
H2 200 formalColorFull.jpg
ac2.st8fm.com/associate-photos/Y/YXTFM1YS000/ 11 KB
11 KB 244ms
38ms Image
image/jpeg 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ac2.st8fm.com/associate-photos/Y/YXTFM1YS000/formalColorFull.jpg

Requested by

Host: quoteandinsuranceforga.com
URL: https://quoteandinsuranceforga.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (nya/79C5) /

Resource Hash

debfde5dcf6b60e52c187bc7ef779d68f307796ecab2572ee0b94b000e0062fe

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:33 GMT
last-modified: Sat, 21 Apr 2018 04:11:49 GMT
server: ECD (nya/79C5)
age: 6901
etag: "882ab9de26d9d31:0"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=7200
accept-ranges: bytes
content-length: 10893

GET
H2 200 stand-alone-quote.min.js Show response
static2.st8fm.com/en_US/dxl/js/min/ 17 KB
6 KB 71ms
63ms Script
application/javascript 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static2.st8fm.com/en_US/dxl/js/min/stand-alone-quote.min.js

Requested by

Host: quoteandinsuranceforga.com
URL: https://quoteandinsuranceforga.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (nya/1C5A) /

Resource Hash

8a5d94461dfc45efc41660ba3a79c6c1972c068ee0a8db506789a943be035644

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:33 GMT
content-encoding: gzip
last-modified: Thu, 13 Jul 2023 20:09:02 GMT
server: ECD (nya/1C5A)
age: 13074
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
accept-ranges: bytes
content-length: 5611
expires: Fri, 03 Nov 2023 00:07:33 GMT

GET
H2 200 PPPCreate_en_desktop.png
static2.st8fm.com/en_US/applications/agent_microsite/6.0.0/resources/Media/Campaign/ 89 KB
89 KB 71ms
63ms Image
image/png 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static2.st8fm.com/en_US/applications/agent_microsite/6.0.0/resources/Media/Campaign/PPPCreate_en_desktop.png

Requested by

Host: quoteandinsuranceforga.com
URL: https://quoteandinsuranceforga.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (nya/79C6) /

Resource Hash

020c8e2ee7e8e090e05e86d2dfa5f86863c69ed73adc74208d6d31574d793c38

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:33 GMT
last-modified: Wed, 07 Sep 2022 15:39:22 GMT
server: ECD (nya/79C6)
age: 538997
x-frame-options: DENY
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 91405
expires: Thu, 09 Nov 2023 20:07:33 GMT

GET
H2 200 AutoRentersSaveMore_en_desktop.png
static2.st8fm.com/en_US/applications/agent_microsite/6.0.0/resources/Media/Campaign/ 135 KB
135 KB 43ms
41ms Image
image/png 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static2.st8fm.com/en_US/applications/agent_microsite/6.0.0/resources/Media/Campaign/AutoRentersSaveMore_en_desktop.png

Requested by

Host: quoteandinsuranceforga.com
URL: https://quoteandinsuranceforga.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (nya/79E9) /

Resource Hash

596bc52ee5886c20a9fe66870bd80d45d166ce69dd681666ff5de3623e408df5

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:34 GMT
last-modified: Thu, 28 Apr 2022 20:21:39 GMT
server: ECD (nya/79E9)
age: 313617
x-frame-options: DENY
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 138269
expires: Thu, 09 Nov 2023 20:07:34 GMT

GET
H2 200 HomeAutoSaveMore_en_desktop.png
static2.st8fm.com/en_US/applications/agent_microsite/6.0.0/resources/Media/Campaign/ 111 KB
111 KB 46ms
45ms Image
image/png 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static2.st8fm.com/en_US/applications/agent_microsite/6.0.0/resources/Media/Campaign/HomeAutoSaveMore_en_desktop.png

Requested by

Host: quoteandinsuranceforga.com
URL: https://quoteandinsuranceforga.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (nya/79C7) /

Resource Hash

89c3f523e9d032c8cb20262621cf0aa172c7af96a82a607c84fe5e6ad87b2873

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:34 GMT
last-modified: Thu, 28 Apr 2022 20:22:01 GMT
server: ECD (nya/79C7)
age: 577061
x-frame-options: DENY
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 113960
expires: Thu, 09 Nov 2023 20:07:34 GMT

GET
H2 200 LifeHaveTheirBack_en_desktop.png
static2.st8fm.com/en_US/applications/agent_microsite/6.0.0/resources/Media/Campaign/ 16 KB
16 KB 51ms
41ms Image
image/png 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static2.st8fm.com/en_US/applications/agent_microsite/6.0.0/resources/Media/Campaign/LifeHaveTheirBack_en_desktop.png

Requested by

Host: quoteandinsuranceforga.com
URL: https://quoteandinsuranceforga.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (nya/1C5A) /

Resource Hash

2be90b0c5d60deceb297d506983af865c56dea9819a473dd29bce0f7fffd45c5

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:34 GMT
last-modified: Thu, 28 Apr 2022 20:22:04 GMT
server: ECD (nya/1C5A)
age: 543181
x-frame-options: DENY
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 16487
expires: Thu, 09 Nov 2023 20:07:34 GMT

GET
H2 200 LifeProtection_en_desktop.png
static2.st8fm.com/en_US/applications/agent_microsite/6.0.0/resources/Media/Campaign/ 16 KB
16 KB 35ms
34ms Image
image/png 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static2.st8fm.com/en_US/applications/agent_microsite/6.0.0/resources/Media/Campaign/LifeProtection_en_desktop.png

Requested by

Host: quoteandinsuranceforga.com
URL: https://quoteandinsuranceforga.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (nya/78BB) /

Resource Hash

1e58bfa4209a7a9a8237e9842c34b80b4b008feab8943b2599fe5f633c941943

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:34 GMT
last-modified: Thu, 28 Apr 2022 20:22:04 GMT
server: ECD (nya/78BB)
age: 533960
x-frame-options: DENY
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 15989
expires: Thu, 09 Nov 2023 20:07:34 GMT

GET
H2 200 cookie Show response
www.statefarm.com/agent/ 0
805 B 286ms
246ms Script
text/plain 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.statefarm.com/agent/cookie?associateID=YXTFM1YS000&app=AMS

Requested by

Host: quoteandinsuranceforga.com
URL: https://quoteandinsuranceforga.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (daa/7D72) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 20:07:34 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
server: ECD (daa/7D72)
x-frame-options: DENY
content-language: en-US
x-vcap-request-id: 9d30ee53-93a2-4c44-7714-09aaa14fbad1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 jquery.mobile-1.2.0.min.js Show response
static2.st8fm.com/en_US/applications/agent/sf.gd.aoi.agentlocatormicrosite.agent-6.2.0-RC-172/scripts/ 111 KB
39 KB 38ms
38ms Script
application/javascript 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static2.st8fm.com/en_US/applications/agent/sf.gd.aoi.agentlocatormicrosite.agent-6.2.0-RC-172/scripts/jquery.mobile-1.2.0.min.js

Requested by

Host: quoteandinsuranceforga.com
URL: https://quoteandinsuranceforga.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (nya/1C38) /

Resource Hash

b434e7b06d1e76c8ecf4b8fb260010f4b414c03da3ce0ee7fcc2391478bde1be

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:34 GMT
content-encoding: gzip
last-modified: Mon, 23 Oct 2023 19:54:02 GMT
server: ECD (nya/1C38)
age: 237832
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
x-frame-options: DENY
accept-ranges: bytes
content-length: 40312
expires: Thu, 09 Nov 2023 20:07:34 GMT

GET
H2 200 microsite.min.js Show response
static2.st8fm.com/en_US/applications/agent/sf.gd.aoi.agentlocatormicrosite.agent-6.2.0-RC-172/scripts/ 5 KB
2 KB 34ms
33ms Script
application/javascript 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static2.st8fm.com/en_US/applications/agent/sf.gd.aoi.agentlocatormicrosite.agent-6.2.0-RC-172/scripts/microsite.min.js

Requested by

Host: quoteandinsuranceforga.com
URL: https://quoteandinsuranceforga.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (nya/79E8) /

Resource Hash

a225e8717ef25aa3e2014ffcb8c8fdb986e846fafe510d4671ebbcee0b6e5244

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:34 GMT
content-encoding: gzip
last-modified: Mon, 23 Oct 2023 19:54:02 GMT
server: ECD (nya/79E8)
age: 237832
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
x-frame-options: DENY
accept-ranges: bytes
content-length: 1751
expires: Thu, 09 Nov 2023 20:07:34 GMT

GET
H2 200 peachy-client Show response
mx-api.prod.mirus.io/ 65 KB
20 KB 431ms
54ms Script
text/html 104.198.70.133
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://mx-api.prod.mirus.io/peachy-client

Requested by

Host: quoteandinsuranceforga.com
URL: https://quoteandinsuranceforga.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.70.133 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

133.70.198.104.bc.googleusercontent.com

Software

Resource Hash

6e17fa3cc4118440d1111d00c3aca6e3183e736de354210eafe140eb92dba8d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:34 GMT
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
vary: origin,accept-encoding
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1698955653877
https://dpm.demdex.net/id/rd?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1698955653877

1 KB
1 KB

52ms
52ms

XHR
application/json

54.145.158.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1698955653877

Requested by

Host: quoteandinsuranceforga.com
URL: https://quoteandinsuranceforga.com/

Protocol

HTTP/1.1

Server

54.145.158.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-145-158-33.compute-1.amazonaws.com

Software

Resource Hash

6e8d3f8642062505bedb551184b962b6bd957781bcde2018ca51a704e371f9c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v052-0f8ddb748.edge-va6.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: JVGtEc2xQ9M=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://quoteandinsuranceforga.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 648
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-va6-2-v052-0fdced055.edge-va6.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: rTxwCJdIRnc=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://quoteandinsuranceforga.com
Location: https://dpm.demdex.net/id/rd?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1698955653877
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/statefarm/mirus/ 502 B
832 B 56ms
55ms Script
text/javascript 2600:9000:2509:e400:2:8f43:5780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/statefarm/mirus/code/&publishedOn=Tue%20Oct%2031%2020:11:34%20GMT%202023&ClientID=603&PageID=https%3A%2F%2Fquoteandinsuranceforga.com%2F
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2509:e400:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 09e193c320607bc8dd22ab00f4f1a88bc9f195b5e3a576d241218f6eb7e905a6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:34 GMT
via: 1.1 f0a9678a89ea6fb10debcb7507e49828.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: IAD12-P2
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: no-cache, no-store
alt-svc: h3=":443"; ma=86400
content-length: 502
x-amz-cf-id: gB_lXvWH22bfudvM_26KEOGAeBlrpILgo94bThesqhsjY-Cl-xppEg==
expires: Thu, 02 Nov 2023 20:07:33 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 165ms
43ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700

Requested by

Host: static2.st8fm.com
URL: https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

88e2639b29c1d092cd03d6771d44efe87a08b258ea38ec607c96bfbc2e36364c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static2.st8fm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Nov 2023 20:07:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 18:28:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Nov 2023 20:07:34 GMT

GET
H/1.1 200
OK oeu1698955654334r0.7775997213881916 Show response
tapi.optimizely.com/api/targeting/8421581994/8453960666/ 31 KB
2 KB 204ms
58ms XHR
application/json 2600:1408:20:388::19f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tapi.optimizely.com/api/targeting/8421581994/8453960666/oeu1698955654334r0.7775997213881916
Requested by: Host: cdn-pci.optimizely.com
URL: https://cdn-pci.optimizely.com/js/8421581994.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1408:20:388::19f0 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx/1.15.12 / Express
Resource Hash: 059d251c85f38179f09d400e18e3029c8149f399afe7f6b8751759fcc5bec914

Request headers

Referer: https://quoteandinsuranceforga.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 02 Nov 2023 20:07:34 GMT
Content-Encoding: gzip
Server: nginx/1.15.12
X-Powered-By: Express
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://quoteandinsuranceforga.com
Cache-Control: max-age=1200
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1605

GET
H2 200 geo4.js Show response
cdn-pci.optimizely.com/js/ 310 B
748 B 38ms
36ms Script
application/javascript 23.36.94.118
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-pci.optimizely.com/js/geo4.js

Requested by

Host: cdn-pci.optimizely.com
URL: https://cdn-pci.optimizely.com/js/8421581994.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.94.118 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-36-94-118.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

8ea4cbbf296a97a0cfc323952e297c0074b3c9d1c56eb7e816ecc442396cbd5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
x-amz-version-id: OAjfW2hsfUCB6ky0IKAo94yDIUDQOyvh
date: Thu, 02 Nov 2023 20:07:35 GMT
x-amz-request-id: KB7W2C48TWF50FBR
x-amz-replication-status: COMPLETED
content-length: 310
x-amz-id-2: ti9agpDfeccBCTjAtWMFZTEIpWvXAp+uWV7H3qQKCqtT8GuvOGB+BtcmTEb/4vSXd3cntNicKFI=
server: AmazonS3
etag: "ab711da6d329d2f9dabaf111028b5243"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 id Show response
smetrics.statefarm.com/ 48 B
472 B 498ms
52ms XHR
application/x-javascript 63.140.38.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.statefarm.com/id?d_visid_ver=3.1.0&d_fieldgroup=A&mcorgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&mid=82189956763381610371788356673093385661&ts=1698955654412

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.38.180 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-38-180.data.adobedc.net

Software

jag /

Resource Hash

ae4547cc539326ff2c5e5623f87bd6e7a662857f76134ac90a7655462039ce78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://quoteandinsuranceforga.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 02 Nov 2023 20:07:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://quoteandinsuranceforga.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=ZUQBhwAAAD9-TAMv
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=87783609850180603691372816273633965665
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZUQBhwAAAD9-TAMv

42 B
940 B

56ms
51ms

Image
image/gif

54.145.158.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZUQBhwAAAD9-TAMv

Requested by

Host: quoteandinsuranceforga.com
URL: https://quoteandinsuranceforga.com/

Protocol

HTTP/1.1

Server

54.145.158.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-145-158-33.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v052-0e64da6b3.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: nYkaax/+Sss=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZUQBhwAAAD9-TAMv
Date: Thu, 02 Nov 2023 20:07:35 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 StateFarmCommon.js Show response
static1.st8fm.com/en_US/b2c_dvts/common/js/lib/ 295 KB
167 KB 289ms
237ms Script
application/javascript 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AAAGn5GLAQAAVsy_T_CJskwbjbecI2CZbSjhJoXT2x0XmzsusrwpfvO_aAM3&J5odCIZGx--z=q

Requested by

Host: static2.st8fm.com
URL: https://static2.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (daa/7D05) /

Resource Hash

992324d06a9add4641a8f42640eecee4c179a72c0d3ede5212d9e73c05aecace

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://quoteandinsuranceforga.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 02 Nov 2023 20:07:34 GMT
content-encoding: gzip
server: ECD (daa/7D05)
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=3600, immutable

GET
H2 200 ErrorPage.json Show response
static1.st8fm.com/en_US/errors/1/ 4 KB
878 B 239ms
238ms Script
application/json 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/errors/1/ErrorPage.json?callback=jQuery32105051523368561825_1698955654952&_=1698955654953

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (daa/7CDD) /

Resource Hash

c459691f5389de616773286683cd2870125551ed4020d3f29bdc161d35cc976f

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:35 GMT
content-encoding: gzip
last-modified: Tue, 07 Jul 2020 13:13:01 GMT
server: ECD (daa/7CDD)
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
x-cnection: close
accept-ranges: bytes
content-length: 636
expires: Thu, 02 Nov 2023 20:07:35 GMT

GET
H/1.1 200
OK dest5.html Show response
statefarmmutualautomobileinsurancecompany.demdex.net/ Frame F6B0 7 KB
3 KB 193ms
49ms Document
text/html 54.208.38.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://statefarmmutualautomobileinsurancecompany.demdex.net/dest5.html?d_nsid=0

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.208.38.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-208-38-52.compute-1.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://quoteandinsuranceforga.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-va6-1-v052-063b44443.edge-va6.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: CaPtW5egSuM=
content-encoding: gzip
date: Thu, 2 Nov 2023 20:07:35 GMT
last-modified: Thu, 26 Oct 2023 10:55:43 GMT
vary: accept-encoding

GET
H2 200 a8367280580.html Show response
a8367280580.cdn-pci.optimizely.com/client_storage/ Frame 7628 2 KB
1 KB 176ms
34ms Document
text/html 104.106.226.153
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a8367280580.cdn-pci.optimizely.com/client_storage/a8367280580.html

Requested by

Host: cdn-pci.optimizely.com
URL: https://cdn-pci.optimizely.com/js/8421581994.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.106.226.153 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-106-226-153.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

56cb81b020021098e18c791a1c89c16860425a190326fe8dc676d39bf992e5aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://quoteandinsuranceforga.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=120
content-encoding: gzip
content-length: 834
content-type: text/html; charset=utf-8
date: Thu, 02 Nov 2023 20:07:35 GMT
etag: "d01475d3172592ea501358d2c8b37cf9"
last-modified: Thu, 02 Nov 2023 19:16:09 GMT
server: AmazonS3
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-amz-id-2: es/LlRodCvkOcKIqZOv/EWLwOdjH5nJ1BuGOYTeGlPRPeFo+adUfPBnRpQuLnChowMt+iUYP7j0R1+JZxe8oIA==
x-amz-meta-pci_enabled: True
x-amz-replication-status: PENDING
x-amz-request-id: H6WVGP0J770RRJXK
x-amz-server-side-encryption: AES256
x-amz-version-id: f2uuWX_Gapv2FcyOrIFLdiLuxE4MrVAZ

GET
H2 200 social_media_icons.png
static1.st8fm.com/en_US/applications/agent_microsite/6.0.0/image/ 6 KB
6 KB 34ms
33ms Image
image/png 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.st8fm.com/en_US/applications/agent_microsite/6.0.0/image/social_media_icons.png
Requested by: Host: static2.st8fm.com
URL: https://static2.st8fm.com/en_US/applications/agent/sf.gd.aoi.agentlocatormicrosite.agent-6.2.0-RC-172/styles/microsite.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.54.7 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECD (nya/1C5A) /
Resource Hash: 89d9a08ed4bd71f312ebb4e119de4fbec2413c382cf0370640fac3eb3b1d318f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static2.st8fm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:35 GMT
last-modified: Tue, 29 Aug 2023 15:31:26 GMT
server: ECD (nya/1C5A)
age: 235524
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 6505
expires: Thu, 09 Nov 2023 20:07:35 GMT

GET
H2 200 chevron.svg
static2.st8fm.com/en_US/dxl-1x/prod/css/images/core/ 5 KB
1 KB 33ms
33ms Image
image/svg+xml 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static2.st8fm.com/en_US/dxl-1x/prod/css/images/core/chevron.svg

Requested by

Host: static2.st8fm.com
URL: https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (nya/79C9) /

Resource Hash

cb598957119c60141717676dceb24704495e5cac111a62cea6c34f5d89007949

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:35 GMT
content-encoding: gzip
last-modified: Tue, 19 Sep 2023 11:20:31 GMT
server: ECD (nya/79C9)
age: 4317
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
accept-ranges: bytes
content-length: 1357
expires: Fri, 03 Nov 2023 00:07:35 GMT

GET
H2 200 MecherleSans-Regular.woff2
static2.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/ 31 KB
31 KB 157ms
36ms Font
font/woff2 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static2.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/MecherleSans-Regular.woff2

Requested by

Host: static2.st8fm.com
URL: https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (nya/79CA) /

Resource Hash

891eec21df42d40440bc9c3dee3aa2dda8ada02102865925b7edc7e4802f46f6

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css
Origin: https://quoteandinsuranceforga.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:35 GMT
last-modified: Tue, 19 Sep 2023 11:20:30 GMT
server: ECD (nya/79CA)
age: 2324
x-frame-options: DENY
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
content-length: 31948
expires: Fri, 03 Nov 2023 00:07:35 GMT

GET
H2 200 MecherleSans-Medium.woff2
static2.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/ 31 KB
32 KB 158ms
37ms Font
font/woff2 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static2.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/MecherleSans-Medium.woff2

Requested by

Host: static2.st8fm.com
URL: https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (nya/1C5A) /

Resource Hash

befea78b20324739582ae2458e7b3677fd4ac77acbf60aaeb476e4fcd84e58b1

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css
Origin: https://quoteandinsuranceforga.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:35 GMT
last-modified: Tue, 19 Sep 2023 11:20:29 GMT
server: ECD (nya/1C5A)
age: 2312
x-frame-options: DENY
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
content-length: 32200
expires: Fri, 03 Nov 2023 00:07:35 GMT

GET
H2 200 MecherleSans-SemiBold.woff2
static2.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/ 31 KB
32 KB 156ms
37ms Font
font/woff2 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static2.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/MecherleSans-SemiBold.woff2

Requested by

Host: static2.st8fm.com
URL: https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (nya/1C59) /

Resource Hash

d98509f5351c7f8a41a5aa749a3ca3e1fe31984a4e8dddbe436508e69b77434e

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css
Origin: https://quoteandinsuranceforga.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:35 GMT
last-modified: Tue, 19 Sep 2023 11:20:30 GMT
server: ECD (nya/1C59)
age: 13762
x-frame-options: DENY
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
content-length: 32208
expires: Fri, 03 Nov 2023 00:07:35 GMT

GET
H2 200 MecherleSans-Bold.woff2
static2.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/ 31 KB
31 KB 205ms
86ms Font
font/woff2 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static2.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/MecherleSans-Bold.woff2

Requested by

Host: static2.st8fm.com
URL: https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (nya/1C59) /

Resource Hash

d835ef5a85deb9cccbe7c01f71fa555d72c25b49f07368645fba6022d79273a5

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css
Origin: https://quoteandinsuranceforga.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:35 GMT
last-modified: Tue, 19 Sep 2023 11:20:29 GMT
server: ECD (nya/1C59)
age: 79
x-frame-options: DENY
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
content-length: 31812
expires: Fri, 03 Nov 2023 00:07:35 GMT

GET
H2 200 MecherleLegal-Regular.woff2
static2.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/ 32 KB
32 KB 205ms
87ms Font
font/woff2 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static2.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/MecherleLegal-Regular.woff2

Requested by

Host: static2.st8fm.com
URL: https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (nya/1C15) /

Resource Hash

ca4079b45eb719dafb86f764c262fae2518608b533d4714aa5f897d961001cf1

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css
Origin: https://quoteandinsuranceforga.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:35 GMT
last-modified: Tue, 19 Sep 2023 11:20:29 GMT
server: ECD (nya/1C15)
age: 11939
x-frame-options: DENY
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
content-length: 32844
expires: Fri, 03 Nov 2023 00:07:35 GMT

GET
H3 200 54c629785cafd7b5f5af83b21c2501bf.js Show response
nexus.ensighten.com/statefarm/mirus/code/ 165 KB
49 KB 54ms
34ms Script
application/javascript 2600:9000:2509:e400:2:8f43:5780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/code/54c629785cafd7b5f5af83b21c2501bf.js?conditionId0=423109
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2509:e400:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 61a9c6943dcbc41ec34c3618adce3c5f3df9ffb54093d342d2ad350a68f44598

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 18:44:47 GMT
x-amz-version-id: FDeOzAHXgTyj2jXJB8lMNF0hrh1q1oFk
content-encoding: gzip
via: 1.1 6400936fc4525d1c60e3e8fee9d4806e.cloudfront.net (CloudFront)
age: 523369
x-amz-cf-pop: IAD12-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 27 Oct 2023 18:44:32 GMT
server: CloudFront
etag: W/"04204da7fbd370a1130c3efa7af88796"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: zoOqJaUCqmQgZ0vq31YXI7zOcoA29mK6LBM0fDrE_squpkt2NIqhHg==

GET
H3 200 329fbdab9636170eedfc1422b36a9201.js Show response
nexus.ensighten.com/statefarm/mirus/code/ 3 KB
1 KB 57ms
36ms Script
application/javascript 2600:9000:2509:e400:2:8f43:5780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/code/329fbdab9636170eedfc1422b36a9201.js?conditionId0=1539709
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2509:e400:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e8cb4f6486e9fd1ee9050b84f67b2b6d907a0496e5146b0a86c7bc6cd3925f48

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:18:21 GMT
x-amz-version-id: OuUtqcbhtGGaOSf08MnJmyHMdVrlO6kx
content-encoding: gzip
via: 1.1 6400936fc4525d1c60e3e8fee9d4806e.cloudfront.net (CloudFront)
age: 2378955
x-amz-cf-pop: IAD12-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 22 Sep 2023 18:39:58 GMT
server: CloudFront
etag: W/"8a23a755163613af04888609d47b4180"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: DD537RFnl-INUTKknlestALeINjLFlTRgFpmIOI5APMoS7Z5typvJg==

GET
H3 200 490ca4ccefe20cf502ab771ba0b689e4.js Show response
nexus.ensighten.com/statefarm/mirus/code/ 3 KB
1 KB 57ms
37ms Script
application/javascript 2600:9000:2509:e400:2:8f43:5780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/code/490ca4ccefe20cf502ab771ba0b689e4.js?conditionId0=567025
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2509:e400:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 7a2ffbc33855476429b6d831e2affa95bad9ac98656631421c899c7100da0159

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 06:23:26 GMT
x-amz-version-id: GXEkxy20k_QHgRk9R9sJLzPLYY9n6IMi
content-encoding: br
via: 1.1 6400936fc4525d1c60e3e8fee9d4806e.cloudfront.net (CloudFront)
age: 654250
x-amz-cf-pop: IAD12-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 22 Sep 2023 18:39:58 GMT
server: CloudFront
etag: W/"513d0d3858eefa5cd26ba48fe9d67289"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: MlCB4_QqXWFhhAE0Gde1OG2YY2T_PvcjYA_IbnMWMpJTXJZcWc_FFg==

GET
H2 200 navigation-footer-limited.html Show response
static1.st8fm.com/en_US/dxl-1x/prod/renders/footer/ 580 B
448 B 103ms
101ms XHR
text/html 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/renders/footer/navigation-footer-limited.html

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AAAGn5GLAQAAVsy_T_CJskwbjbecI2CZbSjhJoXT2x0XmzsusrwpfvO_aAM3&J5odCIZGx--z=q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (nya/79CC) /

Resource Hash

25dd3d1ae4d08c8e163294efa84c6941d41f4f3a0c0dc2f7d8fc699095494ccd

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept: text/html, */*; q=0.01
Referer: https://quoteandinsuranceforga.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:35 GMT
content-encoding: gzip
last-modified: Mon, 30 Oct 2023 16:40:03 GMT
server: ECD (nya/79CC)
age: 5094
vary: Accept-Encoding
x-cache: HIT
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
content-length: 345
expires: Fri, 03 Nov 2023 00:07:35 GMT

GET
H2 200 navigation-header-unauth-limited.html Show response
static1.st8fm.com/en_US/dxl-1x/prod/renders/header/ 10 KB
3 KB 101ms
101ms XHR
text/html 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/renders/header/navigation-header-unauth-limited.html

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AAAGn5GLAQAAVsy_T_CJskwbjbecI2CZbSjhJoXT2x0XmzsusrwpfvO_aAM3&J5odCIZGx--z=q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (nya/79C6) /

Resource Hash

a4ccf24e7583234274dbb21ccd8f2c33afd77fb6620b9da74eed08f7db8d18da

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept: text/html, */*; q=0.01
Referer: https://quoteandinsuranceforga.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:35 GMT
content-encoding: gzip
last-modified: Mon, 30 Oct 2023 16:40:03 GMT
server: ECD (nya/79C6)
age: 5119
vary: Accept-Encoding
x-cache: HIT
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
accept-ranges: bytes
content-length: 2777
expires: Fri, 03 Nov 2023 00:07:35 GMT

GET
H2 200 MecherleSans-RegularItalic.woff2
static2.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/ 33 KB
33 KB 75ms
75ms Font
font/woff2 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static2.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/MecherleSans-RegularItalic.woff2

Requested by

Host: static2.st8fm.com
URL: https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (nya/79E8) /

Resource Hash

1317d4275e30dc08856be654c0535788817866a5d89ef27a01898d7ae1ee3600

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css
Origin: https://quoteandinsuranceforga.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:35 GMT
last-modified: Tue, 19 Sep 2023 11:20:30 GMT
server: ECD (nya/79E8)
age: 4940
x-frame-options: DENY
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
content-length: 34016
expires: Fri, 03 Nov 2023 00:07:35 GMT

GET
H2 200 chat_32.svg Show response
static1.st8fm.com/en_US/dxl-1x/prod/css/images/icons/ 565 B
400 B 86ms
85ms XHR
image/svg+xml 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/css/images/icons/chat_32.svg

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AAAGn5GLAQAAVsy_T_CJskwbjbecI2CZbSjhJoXT2x0XmzsusrwpfvO_aAM3&J5odCIZGx--z=q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (nya/79CA) /

Resource Hash

980c9d8469c5132d294a0b1b877fbd353decdf9ae788c659bbbd07eb0e793136

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:35 GMT
content-encoding: gzip
last-modified: Tue, 19 Sep 2023 11:20:48 GMT
server: ECD (nya/79CA)
age: 4969
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
x-cnection: close
x-frame-options: DENY
accept-ranges: bytes
content-length: 308
expires: Fri, 03 Nov 2023 00:07:35 GMT

GET
H2 200 phone_32.svg Show response
static1.st8fm.com/en_US/dxl-1x/prod/css/images/icons/ 405 B
357 B 86ms
85ms XHR
image/svg+xml 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/css/images/icons/phone_32.svg

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AAAGn5GLAQAAVsy_T_CJskwbjbecI2CZbSjhJoXT2x0XmzsusrwpfvO_aAM3&J5odCIZGx--z=q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (nya/1C38) /

Resource Hash

52dab22dd893cdb9dc9d2bafe35e9733ebef85efa1410f339d6acc0478281cc5

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:35 GMT
content-encoding: gzip
last-modified: Tue, 19 Sep 2023 11:21:04 GMT
server: ECD (nya/1C38)
age: 4988
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
accept-ranges: bytes
content-length: 278
expires: Fri, 03 Nov 2023 00:07:35 GMT

GET
H2 200 email_32.svg Show response
static1.st8fm.com/en_US/dxl-1x/prod/css/images/icons/ 251 B
284 B 87ms
86ms XHR
image/svg+xml 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/css/images/icons/email_32.svg

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AAAGn5GLAQAAVsy_T_CJskwbjbecI2CZbSjhJoXT2x0XmzsusrwpfvO_aAM3&J5odCIZGx--z=q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (nya/1C17) /

Resource Hash

b3bea6904c6130332fdc7ca63b0b971b63b60752654b956ebf0e4b7753ecb09d

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:35 GMT
content-encoding: gzip
last-modified: Tue, 19 Sep 2023 11:20:53 GMT
server: ECD (nya/1C17)
age: 5038
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
accept-ranges: bytes
content-length: 206
expires: Fri, 03 Nov 2023 00:07:35 GMT

GET
H2 200 payment_32.svg Show response
static1.st8fm.com/en_US/dxl-1x/prod/css/images/icons/ 702 B
481 B 86ms
85ms XHR
image/svg+xml 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/css/images/icons/payment_32.svg

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AAAGn5GLAQAAVsy_T_CJskwbjbecI2CZbSjhJoXT2x0XmzsusrwpfvO_aAM3&J5odCIZGx--z=q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (nya/79C9) /

Resource Hash

59789b85b1a8b5dec038e5921b2b8f1a597a935d9798bfbfaa8892dad89f919c

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:35 GMT
content-encoding: gzip
last-modified: Tue, 19 Sep 2023 11:21:04 GMT
server: ECD (nya/79C9)
age: 4956
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
accept-ranges: bytes
content-length: 425
expires: Fri, 03 Nov 2023 00:07:35 GMT

GET
H2 200 id_card_32.svg Show response
static1.st8fm.com/en_US/dxl-1x/prod/css/images/icons/ 468 B
341 B 84ms
83ms XHR
image/svg+xml 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/css/images/icons/id_card_32.svg

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AAAGn5GLAQAAVsy_T_CJskwbjbecI2CZbSjhJoXT2x0XmzsusrwpfvO_aAM3&J5odCIZGx--z=q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (nya/79C9) /

Resource Hash

de10644653057a725f07b153c651cd920b75e5ca4b4e395b7a271c7620ce45d7

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:35 GMT
content-encoding: gzip
last-modified: Tue, 19 Sep 2023 11:20:56 GMT
server: ECD (nya/79C9)
age: 4689
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
content-length: 276
expires: Fri, 03 Nov 2023 00:07:35 GMT

GET
H2 200 / Show response
deel-id-persistence.deel.c1.statefarm/ Frame 10F1 3 KB
3 KB 175ms
48ms Document
text/html 18.165.83.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deel-id-persistence.deel.c1.statefarm/
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/code/54c629785cafd7b5f5af83b21c2501bf.js?conditionId0=423109
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.83.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-83-107.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bc40070eefa6ce1e808de92a6b07e5d7ca5772c108fa886d530b24443d938ab3

Request headers

Referer: https://quoteandinsuranceforga.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 53
content-length: 2640
content-type: text/html
date: Thu, 02 Nov 2023 20:06:43 GMT
etag: "b926bba51cb60a55a66ed7fd49c035c8"
last-modified: Fri, 04 Aug 2023 16:58:48 GMT
server: AmazonS3
via: 1.1 fdcbbd5c4c7c5e8b036965d289e584e2.cloudfront.net (CloudFront)
x-amz-cf-id: SjMVZWbvfLAv11kmPygIPXF7MMbdo1TMYajfRAUcOrOznUaoUYZ9Tg==
x-amz-cf-pop: IAD55-P3
x-amz-server-side-encryption: AES256
x-amz-version-id: null
x-cache: Hit from cloudfront

GET
H2 200 hashtable.js Show response
static1.st8fm.com/en_US/applications/login-interceptor/device-print/js/ 13 KB
4 KB 36ms
36ms Script
application/javascript 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/applications/login-interceptor/device-print/js/hashtable.js

Requested by

Host: static2.st8fm.com
URL: https://static2.st8fm.com/en_US/dxl-1x/prod/js/1x.core.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (nya/1C5A) /

Resource Hash

ef62646b0b21053bd22e4069e956d629cd4a64b4e35aeaaca0b522123b242c29

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:35 GMT
content-encoding: gzip
last-modified: Wed, 27 May 2020 16:33:01 GMT
server: ECD (nya/1C5A)
age: 5135
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
accept-ranges: bytes
content-length: 3518
expires: Fri, 03 Nov 2023 00:07:35 GMT

GET
H2 200 devicePrint.js Show response
static1.st8fm.com/en_US/applications/login-interceptor/device-print/js/ 36 KB
12 KB 37ms
36ms Script
application/javascript 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/applications/login-interceptor/device-print/js/devicePrint.js

Requested by

Host: static2.st8fm.com
URL: https://static2.st8fm.com/en_US/dxl-1x/prod/js/1x.core.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (nya/79CA) /

Resource Hash

6599e9c2bf5bb6c8f1a30d0f2efbae685c4fe0722101cc4b35c493e2419df8a2

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:35 GMT
content-encoding: gzip
last-modified: Wed, 27 May 2020 16:33:01 GMT
server: ECD (nya/79CA)
age: 5124
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
x-cnection: close
x-frame-options: DENY
accept-ranges: bytes
content-length: 12099
expires: Fri, 03 Nov 2023 00:07:35 GMT

GET
H2 200 state-farm-logo-4.svg
static1.st8fm.com/en_US/dxl-1x/prod/css/images/header/ 9 KB
3 KB 35ms
33ms Image
image/svg+xml 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/css/images/header/state-farm-logo-4.svg

Requested by

Host: quoteandinsuranceforga.com
URL: https://quoteandinsuranceforga.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (nya/79C6) /

Resource Hash

c46ea001dc81eea0f86c7a32507f648f78a6e4f40b14db44ebd1fe0111a10c26

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:35 GMT
content-encoding: gzip
last-modified: Tue, 19 Sep 2023 11:20:41 GMT
server: ECD (nya/79C6)
age: 5134
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
accept-ranges: bytes
content-length: 3308
expires: Fri, 03 Nov 2023 00:07:35 GMT

GET
H2 200 state-farm-logo-5.svg
static1.st8fm.com/en_US/dxl-1x/prod/css/images/header/ 3 KB
1 KB 35ms
34ms Image
image/svg+xml 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/css/images/header/state-farm-logo-5.svg

Requested by

Host: quoteandinsuranceforga.com
URL: https://quoteandinsuranceforga.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (nya/79C9) /

Resource Hash

af3b33bb6b8b4ae08f0ffa60d9b975e0b50ac4710a8c53c26d52946a6401e484

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:35 GMT
content-encoding: gzip
last-modified: Tue, 19 Sep 2023 11:20:41 GMT
server: ECD (nya/79C9)
age: 5134
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
x-cnection: close
x-frame-options: DENY
accept-ranges: bytes
content-length: 1290
expires: Fri, 03 Nov 2023 00:07:35 GMT

GET
H2 200 payment_24.svg
static1.st8fm.com/en_US/dxl-1x/prod/css/images/header/ 711 B
485 B 35ms
34ms Image
image/svg+xml 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/css/images/header/payment_24.svg

Requested by

Host: quoteandinsuranceforga.com
URL: https://quoteandinsuranceforga.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (nya/78BB) /

Resource Hash

0ce44ad25a0225d7c513554356a135752fced4df25717c7d1fe614599e91d91e

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:35 GMT
content-encoding: gzip
last-modified: Tue, 19 Sep 2023 11:20:40 GMT
server: ECD (nya/78BB)
age: 5134
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
accept-ranges: bytes
content-length: 420
expires: Fri, 03 Nov 2023 00:07:35 GMT

GET
H2 200 id_card_24.svg
static1.st8fm.com/en_US/dxl-1x/prod/css/images/header/ 561 B
359 B 36ms
35ms Image
image/svg+xml 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/css/images/header/id_card_24.svg

Requested by

Host: quoteandinsuranceforga.com
URL: https://quoteandinsuranceforga.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (nya/79CC) /

Resource Hash

ddcdedb1aaf1b36d8a30168011a50586995ac8e3102b12cbcdcb33e2cc50fd4d

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:35 GMT
content-encoding: gzip
last-modified: Tue, 19 Sep 2023 11:20:40 GMT
server: ECD (nya/79CC)
age: 5137
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
x-frame-options: DENY
accept-ranges: bytes
content-length: 316
expires: Fri, 03 Nov 2023 00:07:35 GMT

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
562 B 147ms
46ms XHR
text/plain 18.210.108.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AAAGn5GLAQAAVsy_T_CJskwbjbecI2CZbSjhJoXT2x0XmzsusrwpfvO_aAM3&J5odCIZGx--z=q
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.210.108.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-108-219.compute-1.amazonaws.com
Software: nginx/1.21.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://quoteandinsuranceforga.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 02 Nov 2023 20:07:36 GMT
Server: nginx/1.21.0
access-control-allow-methods: POST,OPTIONS
Content-Type: text/plain
access-control-allow-origin: https://quoteandinsuranceforga.com
access-control-expose-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
access-control-allow-credentials: true
Connection: keep-alive
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict
X-Request-Id: d81df12b-e069-4be6-ac79-72a0a0e2d266

GET
H/1.1

200
OK

ibs:dpid=477&dpuuid=19d39222316581ff8f2d3015f2ca3ae856687840a1f3bcf424ae838d47c7759db0da87c991749652
dpm.demdex.net/ Frame F6B0
Redirect Chain

https://idsync.rlcdn.com/365868.gif?partner_uid=87783609850180603691372816273633965665
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomODc3ODM2MDk4NTAxODA2MDM2OTEzNzI4MTYyNzM2MzM5NjU2NjUQABoNCIiDkKoGEgUI6AcQAEIASgA
https://dpm.demdex.net/ibs:dpid=477&dpuuid=19d39222316581ff8f2d3015f2ca3ae856687840a1f3bcf424ae838d47c7759db0da87c991749652

42 B
940 B

52ms
51ms

Image
image/gif

54.145.158.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=477&dpuuid=19d39222316581ff8f2d3015f2ca3ae856687840a1f3bcf424ae838d47c7759db0da87c991749652

Requested by

Host: quoteandinsuranceforga.com
URL: https://quoteandinsuranceforga.com/

Protocol

HTTP/1.1

Server

54.145.158.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-145-158-33.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v052-004a9b0ff.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: YIbEgPPWRaY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Thu, 02 Nov 2023 20:07:36 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dpm.demdex.net/ibs:dpid=477&dpuuid=19d39222316581ff8f2d3015f2ca3ae856687840a1f3bcf424ae838d47c7759db0da87c991749652
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
BLOB 200
OK ffd71e59-e092-4f40-bea9-e1d0bd133834
https://quoteandinsuranceforga.com/ 2 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://quoteandinsuranceforga.com/ffd71e59-e092-4f40-bea9-e1d0bd133834
Requested by: Host: quoteandinsuranceforga.com
URL: https://quoteandinsuranceforga.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1eec5d0bc72fba33ce753f6009a277e07041fb92d221ae5839bbc5e8fff1d0bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Length: 2479
Content-Type: text/javascript

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEFJtAriYIidGYYD1hSoqdOk&google_cver=1
dpm.demdex.net/ Frame F6B0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=ODc3ODM2MDk4NTAxODA2MDM2OTEzNzI4MTYyNzM2MzM5NjU2NjU=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=ODc3ODM2MDk4NTAxODA2MDM2OTEzNzI4MTYyNzM2MzM5NjU2NjU=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFJtAriYIidGYYD1hSoqdOk&google_cver=1?gdpr=0&gdpr_consent=

42 B
940 B

49ms
49ms

Image
image/gif

54.145.158.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFJtAriYIidGYYD1hSoqdOk&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: quoteandinsuranceforga.com
URL: https://quoteandinsuranceforga.com/

Protocol

HTTP/1.1

Server

54.145.158.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-145-158-33.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v052-075a19b27.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: HasnW4HcSTo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Thu, 02 Nov 2023 20:07:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFJtAriYIidGYYD1hSoqdOk&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 s06131988929829 Show response
smetrics.statefarm.com/b/ss/sfglobalprod/10/JS-2.1.0/ 1 KB
1 KB 62ms
61ms Script
application/x-javascript 63.140.38.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.statefarm.com/b/ss/sfglobalprod/10/JS-2.1.0/s06131988929829?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=2%2F10%2F2023%2010%3A7%3A36%204%20600&d.&nsid=0&jsonv=1&.d&D=..&mid=82189956763381610371788356673093385661&aamlh=7&ce=UTF-8&pageName=sf%3Aus%3Aagent-micro-v%3Ayxtfm1ys000&g=https%3A%2F%2Fquoteandinsuranceforga.com%2F&ch=sf%3Aus%3Aagent-micro-v&server=quoteandinsuranceforga.com&events=event44%2Cevent31&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=sf%3Aagent-micro-v%3Ayxtfm1ys000&h1=home%7Cagent-micro-v%7Cyxtfm1ys000&c4=sf%3Aagent-micro-v%3Ayxtfm1ys000&v6=quoteandinsuranceforga.com&v9=..pageName&v11=..c5&c16=https%3A%2F%2Fquoteandinsuranceforga.com%2F&v26=%2B1&v32=direct%20load&v37=%2B1&c38=en&v38=thursday%7C3%3A00pm&v50=11%2F2%2F2023&v52=..c16&v53=direct%20load&v54=n%2Fa&v55=direct%20load&v62=mozilla%2F5.0%20%28windows%20nt%2010.0%3B%20win64%3B%20x64%29%20applewebkit%2F537.36%20%28khtml%2C%20like%20gecko%29%20chrome%2F119.0.6045.105%20safari%2F537.36&c70=en-us&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&AQE=1

Requested by

Host: quoteandinsuranceforga.com
URL: https://quoteandinsuranceforga.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.38.180 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-38-180.data.adobedc.net

Software

jag /

Resource Hash

93b6e1bc8011622ae094defd28c2c69d7a864de05f7be6b6e8927dc3d6ae6a49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-aam-tid: rNlZ0kUQSbg=
date: Thu, 02 Nov 2023 20:07:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 1112
x-xss-protection: 1; mode=block
dcs: dcs-prod-va6-1-v052-02484f179.edge-va6.demdex.com 5 ms
pragma: no-cache
last-modified: Fri, 03 Nov 2023 20:07:36 GMT
server: jag
etag: 3648479491679715328-4617720690839088651
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Wed, 01 Nov 2023 20:07:36 GMT

GET
H/1.1

200
OK

ibs:dpid=903&dpuuid=48b50d1b-21d8-45dd-b183-17303e6d77ba
dpm.demdex.net/ Frame F6B0
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=quoteandinsuranceforga.com&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=quoteandinsuranceforga.com&ttd_tpi=1
https://dpm.demdex.net/ibs:dpid=903&dpuuid=48b50d1b-21d8-45dd-b183-17303e6d77ba

42 B
940 B

47ms
47ms

Image
image/gif

54.145.158.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=903&dpuuid=48b50d1b-21d8-45dd-b183-17303e6d77ba

Protocol

HTTP/1.1

Server

54.145.158.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-145-158-33.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v052-0cf5d8c0b.edge-va6.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: n2sIEo4HSGs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=903&dpuuid=48b50d1b-21d8-45dd-b183-17303e6d77ba
date: Thu, 02 Nov 2023 20:07:37 GMT
server: Kestrel
content-length: 189

OPTIONS
H2 204 pageviews
peachy.prod.mirus.io/record/3.0/projects/null/events/ Frame 0
0 208ms
49ms Preflight 104.198.70.133
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://peachy.prod.mirus.io/record/3.0/projects/null/events/pageviews

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.70.133 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

133.70.198.104.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,keen-sdk
Access-Control-Request-Method: POST
Origin: https://quoteandinsuranceforga.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,origin,referer,user-agent,x-requested-with,keen-sdk,accept-language
access-control-allow-methods: POST
access-control-allow-origin: https://quoteandinsuranceforga.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
access-control-max-age: 86400
cache-control: no-cache
date: Thu, 02 Nov 2023 20:07:37 GMT
strict-transport-security: max-age=15724800; includeSubDomains

POST
H2 200 pageviews Show response
peachy.prod.mirus.io/record/3.0/projects/null/events/ 80 B
332 B 59ms
58ms Fetch
application/json 104.198.70.133
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://peachy.prod.mirus.io/record/3.0/projects/null/events/pageviews

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AAAGn5GLAQAAVsy_T_CJskwbjbecI2CZbSjhJoXT2x0XmzsusrwpfvO_aAM3&J5odCIZGx--z=q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.70.133 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

133.70.198.104.bc.googleusercontent.com

Software

Resource Hash

f55e6f7bf9f014c73ce855f5908298ab27cb14befb72c1160bccc1f3319b2b70

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://quoteandinsuranceforga.com/
keen-sdk: javascript-5.0.1
accept-language: en-US,en;q=0.9
Authorization: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 02 Nov 2023 20:07:37 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://quoteandinsuranceforga.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
content-length: 80

GET
H/1.1

200
OK

ibs:dpid=30646
dpm.demdex.net/ Frame F6B0
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=87783609850180603691372816273633965665&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58782/cms?partner_id=ADOBE&_hosted_id=87783609850180603691372816273633965665&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-xZk_CnlE2pGED1HJqFd5QHIWVA43DAZHZKQ-~A

42 B
940 B

55ms
55ms

Image
image/gif

54.145.158.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-xZk_CnlE2pGED1HJqFd5QHIWVA43DAZHZKQ-~A

Protocol

HTTP/1.1

Server

54.145.158.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-145-158-33.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v052-074e6f665.edge-va6.demdex.com 5 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: kOghsO2oSc0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-xZk_CnlE2pGED1HJqFd5QHIWVA43DAZHZKQ-~A
date: Thu, 02 Nov 2023 20:07:37 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame F6B0
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=adobe&id=87783609850180603691372816273633965665
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=87783609850180603691372816273633965665

0
338 B

143ms
40ms

Image
text/plain

34.200.157.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=87783609850180603691372816273633965665
Protocol: H2
Server: 34.200.157.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-157-66.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-served-by: beacon-n027-ash-prod.krxd.net
date: Thu, 02 Nov 2023 20:07:37 GMT
cache-control: private, no-cache, no-store
x-request-time: D=39 t=1698955657
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=87783609850180603691372816273633965665
date: Thu, 02 Nov 2023 20:07:37 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a003-ash-prod.krxd.net

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 461 KB
94 KB 130ms
45ms Script
application/javascript 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4e69024358cd70c139396147b2d3c4b5d6416ed77b69592d287931552e0c15a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95517
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 18:30:06 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 02 Nov 2023 20:07:38 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 512ms
75ms Script
application/x-javascript 2a03:2880:f07d:0:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: quoteandinsuranceforga.com
URL: https://quoteandinsuranceforga.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f07d:0:face:b00c:0:3 Apodaca, Mexico, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 02 Nov 2023 20:07:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: fCg8VK94QoDmRMRiRFY8iJLAtoDrZNbqRWcHy21IqamJaPU4CP2dgOLVc8LVfwuCO42igAHuIo8j+bwmI7ZRPQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 4 KB
2 KB 473ms
41ms Script
application/javascript 2a04:4e42:77::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: quoteandinsuranceforga.com
URL: https://quoteandinsuranceforga.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:77::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fc2560982cfff30fef02aa5d10e4766ff66e34d63c792063cbbbc2b6aedc2d6b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:39 GMT
content-encoding: br
x-cdn: fastly
etag: "fdaf6e0bf2ec044b14167cfb27fb4d9d"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=7200
alt-svc: h3=":443";ma=600
content-length: 1785

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 5 KB
3 KB 467ms
39ms Script
application/x-javascript 18.67.60.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.60.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-60-119.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 00:13:10 GMT
Content-Encoding: gzip
Via: 1.1 6f3546b6b501aaa8c1b4750231158188.cloudfront.net (CloudFront)
Last-Modified: Tue, 01 Aug 2023 20:10:44 GMT
Server: AmazonS3
X-Amz-Cf-Pop: IAD89-P1
Age: 71670
x-amz-server-side-encryption: AES256
ETag: W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: TcuF5rVBQ0taTV7rEzyQgmgZTzqc6rJefSA9cv6IOJ7nbeyR7a7ojw==

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame FCA9 889 B
972 B 67ms
53ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=3davbp4&ref=https%3A%2F%2Fquoteandinsuranceforga.com%2F&upid=t8xbszz&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e94d4544e5f82ceef7ff46455be9b4283062969b89bf8db6ac53e7f03a415c15

Request headers

Referer: https://quoteandinsuranceforga.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Thu, 02 Nov 2023 20:07:39 GMT
server: Kestrel
vary: Accept-Encoding

GET
H2 200 main.a8feadcc.js Show response
s.pinimg.com/ct/lib/ 65 KB
19 KB 42ms
37ms Script
application/javascript 2a04:4e42:77::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.a8feadcc.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:77::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 399c9bc1b4d8f0f2da17159c0f26939bd202a1cc1425b88ce7e3d55ca49ab9c0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:39 GMT
content-encoding: br
x-cdn: fastly
etag: "87bccb74e0cdf939497ce76e1596bd38"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=1209600
alt-svc: h3=":443";ma=600
content-length: 18897

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 644B 923 B
985 B 63ms
54ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=ijc4snf&ref=https%3A%2F%2Fquoteandinsuranceforga.com%2F&upid=9nilek2&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 65a22eddcba6e152fe1ffb9ca9794aa740526d54fdfa6cb00d2b2081af41a6d1

Request headers

Referer: https://quoteandinsuranceforga.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Thu, 02 Nov 2023 20:07:39 GMT
server: Kestrel
vary: Accept-Encoding

GET
H2 200 / Show response
ct.pinterest.com/user/ 304 B
626 B 141ms
60ms XHR
application/json 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2620625450098&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1698955659355&dep=2%2CPAGE_LOAD
Requested by: Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AAAGn5GLAQAAVsy_T_CJskwbjbecI2CZbSjhJoXT2x0XmzsusrwpfvO_aAM3&J5odCIZGx--z=q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 64d82f5d2dfd91262b776894417faaedf2159d900d80de148affcb57beee794d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:07:39 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 3
alt-svc: h3=":443";ma=600
x-pinterest-rid: 5145089703615690
content-length: 174
pin-unauth: dWlkPVlUVTVaVEV3TURrdFpqVmxaaTAwTmpZd0xXSmtNVEV0T0ROa01qbGlZakJoTUdZMA
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://quoteandinsuranceforga.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: d6951f45f66563771add4a1e3ca61db071303140
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK universal_pixel.1.1.0.js Show response
js.adsrvr.org/ Frame FCA9 488 B
1003 B 61ms
36ms Script
application/x-javascript 18.67.60.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by: Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=3davbp4&ref=https%3A%2F%2Fquoteandinsuranceforga.com%2F&upid=t8xbszz&upv=1.1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.60.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-60-119.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 484ef4268f1d679c1ae88c06fc2388d39afc441465732617e5e2cdc2e3d418e2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://insight.adsrvr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 08:52:22 GMT
Via: 1.1 6f3546b6b501aaa8c1b4750231158188.cloudfront.net (CloudFront)
Last-Modified: Tue, 01 Aug 2023 20:10:40 GMT
Server: AmazonS3
X-Amz-Cf-Pop: IAD89-P1
Age: 40518
ETag: "2775054c068b37509e0798448f7fd32c"
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 488
X-Amz-Cf-Id: hl5IfDxol0-mpcX5xFz6JaHH02_LdQ30o9E0hZdNGPbRWmZGOie8Sg==

GET
H/1.1 200
OK universal_pixel.1.1.0.js Show response
js.adsrvr.org/ Frame 644B 488 B
1003 B 76ms
35ms Script
application/x-javascript 18.67.60.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by: Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=ijc4snf&ref=https%3A%2F%2Fquoteandinsuranceforga.com%2F&upid=9nilek2&upv=1.1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.60.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-60-119.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 484ef4268f1d679c1ae88c06fc2388d39afc441465732617e5e2cdc2e3d418e2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://insight.adsrvr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 08:52:22 GMT
Via: 1.1 6f3546b6b501aaa8c1b4750231158188.cloudfront.net (CloudFront)
Last-Modified: Tue, 01 Aug 2023 20:10:40 GMT
Server: AmazonS3
X-Amz-Cf-Pop: IAD89-P1
Age: 40518
ETag: "2775054c068b37509e0798448f7fd32c"
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 488
X-Amz-Cf-Id: LzrEQvoKCrDxsPZ1OL6foxYT0G9vAPclJd4h5dyTJ_B0M-zLP0wP3w==

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
212 B 113ms
60ms Image
image/gif 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2620625450098&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fquoteandinsuranceforga.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22a8feadcc%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1698955659381
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 20:07:39 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
pinterest-version: d5e81ee886163611a3e8f7face49fee6e4fb67ca
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
alt-svc: h3=":443";ma=600
x-pinterest-rid: 3665042774960173
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

appnexus Show response
match.adsrvr.org/track/cmf/ Frame 9049
Redirect Chain

https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=48b50d1b-21d8-45dd-b183-17303e6d77ba
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3D48b50d1b-21d8-45dd-b183-17303e6d77ba
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=5612683484245028400&ttd_tdid=48b50d1b-21d8-45dd-b183-17303e6d77ba

70 B
518 B

53ms
52ms

Document
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=5612683484245028400&ttd_tdid=48b50d1b-21d8-45dd-b183-17303e6d77ba
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 70
content-type: image/gif
date: Thu, 02 Nov 2023 20:07:40 GMT
server: Kestrel

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: 42509d27-bf7e-4af7-8659-7077ad0d44f7
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Thu, 02 Nov 2023 20:07:40 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=5612683484245028400&ttd_tdid=48b50d1b-21d8-45dd-b183-17303e6d77ba
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.21.3
x-proxy-origin: 96.9.249.34; 96.9.249.34; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection: 0

GET
H2

200

google Show response
match.adsrvr.org/track/cmf/ Frame BFA1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=NDhiNTBkMWItMjFkOC00NWRkLWIxODMtMTczMDNlNmQ3N2Jh&gdpr=0&gdpr_consent=&ttd_tdid=48b50d1b-21d8-45dd-b183-17303...
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=48b50d1b-21d8-45dd-b183-17303e6d77ba&google_gid=CAESEPDsTm4IZ-GW0tsdjZ5T_X4&google_cver=1

70 B
490 B

53ms
53ms

Document
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=48b50d1b-21d8-45dd-b183-17303e6d77ba&google_gid=CAESEPDsTm4IZ-GW0tsdjZ5T_X4&google_cver=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 70
content-type: image/gif
date: Thu, 02 Nov 2023 20:07:40 GMT
server: Kestrel

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 386
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 20:07:39 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=48b50d1b-21d8-45dd-b183-17303e6d77ba&google_gid=CAESEPDsTm4IZ-GW0tsdjZ5T_X4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2

200

cksync Show response
hb.yahoo.net/ Frame F87F
Redirect Chain

https://ups.analytics.yahoo.com/ups/55953/sync?uid=48b50d1b-21d8-45dd-b183-17303e6d77ba&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=55953&ovsid=48b50d1b-21d8-45dd-b183-17303e6d77ba&gdpr=0&redir=true
https://hb.yahoo.net/cksync?cs=63&axid_e=eS0xcXFpNmJoRTJ1SEZrX0RGbmZSQXNKaUZmcl9UZlJiUH5B&gdpr=0&ovsid=48b50d1b-21d8-45dd-b183-17303e6d77ba&dpid=55953

53 B
659 B

260ms
104ms

Document
image/gif

23.43.85.141
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.yahoo.net/cksync?cs=63&axid_e=eS0xcXFpNmJoRTJ1SEZrX0RGbmZSQXNKaUZmcl9UZlJiUH5B&gdpr=0&ovsid=48b50d1b-21d8-45dd-b183-17303e6d77ba&dpid=55953

Requested by

Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.43.85.141 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-43-85-141.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains max-age=604800

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-length: 53
content-type: image/gif
date: Thu, 02 Nov 2023 20:07:40 GMT
expires: Thu, 02 Nov 2023 20:07:40 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma: no-cache
server: Apache
strict-transport-security: max-age=86400 ; includeSubDomains max-age=604800
x-mnet-hl2: E

Redirect headers

age: 0
content-length: 0
date: Thu, 02 Nov 2023 20:07:40 GMT
location: https://hb.yahoo.net/cksync?cs=63&axid_e=eS0xcXFpNmJoRTJ1SEZrX0RGbmZSQXNKaUZmcl9UZlJiUH5B&gdpr=0&ovsid=48b50d1b-21d8-45dd-b183-17303e6d77ba&dpid=55953
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.87
strict-transport-security: max-age=31536000

GET
H2 200 1673276772914128 Show response
connect.facebook.net/signals/config/ 158 KB
38 KB 1756ms
1755ms Script
application/x-javascript 2a03:2880:f07d:0:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1673276772914128?v=2.9.138&r=stable&domain=quoteandinsuranceforga.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f07d:0:face:b00c:0:3 Apodaca, Mexico, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

032c7a5045188d511ab1e9112436b55e8b9b20e2e61cd049c35bfd31bd7afb2b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 02 Nov 2023 20:07:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: vDUxp5qM0wQXOPtcsGOhk7p8sjeLeRphXnX4UoQi8LmvBLso89wXWX0KHkChrfNR5YByUI0xEBkHSvzEzWf/TQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 422
Unprocessable Entity tap.php Show response
pixel.rubiconproject.com/ Frame 96EA 91 B
335 B 640ms
38ms Document
text/plain 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=48b50d1b-21d8-45dd-b183-17303e6d77ba&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 7595357c645b297a5840a6e5b5576cf6199da6f58ec9d8daa311598300fb7c15

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
X-RPHost: b3266a43228eaeab48f59934ee9159da
content-length: 91

GET
H2

200

cksync Show response
hb.yahoo.net/ Frame BDDE
Redirect Chain

https://ups.analytics.yahoo.com/ups/55953/sync?uid=48b50d1b-21d8-45dd-b183-17303e6d77ba&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=55953&ovsid=48b50d1b-21d8-45dd-b183-17303e6d77ba&gdpr=0&redir=true
https://hb.yahoo.net/cksync?cs=63&axid_e=eS0xcXFpNmJoRTJ1SEZrX0RGbmZSQXNKaUZmcl9UZlJiUH5B&gdpr=0&ovsid=48b50d1b-21d8-45dd-b183-17303e6d77ba&dpid=55953

53 B
659 B

246ms
143ms

Document
image/gif

23.43.85.141
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.yahoo.net/cksync?cs=63&axid_e=eS0xcXFpNmJoRTJ1SEZrX0RGbmZSQXNKaUZmcl9UZlJiUH5B&gdpr=0&ovsid=48b50d1b-21d8-45dd-b183-17303e6d77ba&dpid=55953

Requested by

Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.43.85.141 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-43-85-141.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains max-age=604800

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-length: 53
content-type: image/gif
date: Thu, 02 Nov 2023 20:07:40 GMT
expires: Thu, 02 Nov 2023 20:07:40 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma: no-cache
server: Apache
strict-transport-security: max-age=86400 ; includeSubDomains max-age=604800
x-mnet-hl2: E

Redirect headers

age: 0
content-length: 0
date: Thu, 02 Nov 2023 20:07:40 GMT
location: https://hb.yahoo.net/cksync?cs=63&axid_e=eS0xcXFpNmJoRTJ1SEZrX0RGbmZSQXNKaUZmcl9UZlJiUH5B&gdpr=0&ovsid=48b50d1b-21d8-45dd-b183-17303e6d77ba&dpid=55953
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.87
strict-transport-security: max-age=31536000

GET
H2

200

google Show response
match.adsrvr.org/track/cmf/ Frame C8B7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=NDhiNTBkMWItMjFkOC00NWRkLWIxODMtMTczMDNlNmQ3N2Jh&gdpr=0&gdpr_consent=&ttd_tdid=48b50d1b-21d8-45dd-b183-17303...
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=48b50d1b-21d8-45dd-b183-17303e6d77ba&google_gid=CAESEPDsTm4IZ-GW0tsdjZ5T_X4&google_cver=1

70 B
490 B

53ms
53ms

Document
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=48b50d1b-21d8-45dd-b183-17303e6d77ba&google_gid=CAESEPDsTm4IZ-GW0tsdjZ5T_X4&google_cver=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 70
content-type: image/gif
date: Thu, 02 Nov 2023 20:07:40 GMT
server: Kestrel

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 386
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 20:07:40 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=48b50d1b-21d8-45dd-b183-17303e6d77ba&google_gid=CAESEPDsTm4IZ-GW0tsdjZ5T_X4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame 7074 565 B
428 B 48ms
47ms Document
text/html 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.a8feadcc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer: https://quoteandinsuranceforga.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443";ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Thu, 02 Nov 2023 20:07:40 GMT
pinterest-version: d5e81ee886163611a3e8f7face49fee6e4fb67ca
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 0
x-pinterest-rid: 4256532538757133

GET
H3 200 1936962093151750 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 1594ms
1594ms Script
application/x-javascript 2a03:2880:f07d:0:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1936962093151750?v=2.9.138&r=stable&domain=quoteandinsuranceforga.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f07d:0:face:b00c:0:3 Apodaca, Mexico, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2638f959ccb5f2eae3d32adfe00db7b77ef35b6bb44cc74fefbcd5bad3542cb5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 02 Nov 2023 20:07:42 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: BTGIenPaPe7UbTwfhnlBj7rT0CSDEo02odqyMPoFgcdIA05ygnBDLpj6HQMsZi2JvdhPxqnTWhWSRukOug7esw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 842ms
69ms Image
text/plain 2a03:2880:f171:81:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1673276772914128&ev=PageView&dl=https%3A%2F%2Fquoteandinsuranceforga.com&rl=&if=false&ts=1698955661287&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4124&fbp=fb.1.1698955661285.1433431561&pm=1&hrl=27d316&ler=empty&it=1698955659470&coo=false&cs_cc=1&cas=1214633611919409%2C5230493466989894&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f171:81:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 02 Nov 2023 20:07:42 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
0 74ms
73ms Image
text/plain 2a03:2880:f171:81:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1936962093151750&ev=PageView&dl=https%3A%2F%2Fquoteandinsuranceforga.com%2F&rl=&if=false&ts=1698955662961&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1698955661285.1433431561&ler=empty&it=1698955659470&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f171:81:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://quoteandinsuranceforga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 02 Nov 2023 20:07:42 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

Verdicts & Comments Add Verdict or Comment

216 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
quoteandinsuranceforga.com/	1970-01-20 15:57:22	Name: __cheesecrd_version Value: master
.demdex.net/	1970-01-20 20:15:07	Name: demdex Value: 87783609850180603691372816273633965665
.quoteandinsuranceforga.com/	1970-01-21 01:31:55	Name: optimizelyEndUserId Value: oeu1698955654334r0.7775997213881916
.quoteandinsuranceforga.com/	1969-12-31 23:59:59	Name: AMCVS_AAD53BC75245B4BA0A490D4D%40AdobeOrg Value: 1
.statefarm.com/	1970-01-21 01:31:55	Name: s_ecid Value: MCMID%7C82189956763381610371788356673093385661
.everesttech.net/	1970-01-21 00:41:31	Name: everest_g_v2 Value: g_surferid~ZUQBhwAAAD9-TAMv
.dpm.demdex.net/	1970-01-20 20:15:07	Name: dpm Value: 87783609850180603691372816273633965665
.quoteandinsuranceforga.com/	1970-01-20 15:55:57	Name: s_gad Value: 1
.quoteandinsuranceforga.com/	1970-01-21 01:31:55	Name: AMCV_AAD53BC75245B4BA0A490D4D%40AdobeOrg Value: 690614123%7CMCIDTS%7C19664%7CMCMID%7C82189956763381610371788356673093385661%7CMCAAMLH-1699560454%7C7%7CMCAAMB-1699560454%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1698962854s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19671%7CvVersion%7C3.1.0
.rlcdn.com/	1970-01-21 00:41:31	Name: rlas3 Value: JQki5QNB24XQxzQSFLZBT/sm8sgFctU9pElha9thDaI=
.quoteandinsuranceforga.com/	1970-01-20 15:55:57	Name: s_pre_pn Value: sf%3Aus%3Aagent-micro-v%3Ayxtfm1ys000
.quoteandinsuranceforga.com/	1970-01-20 15:55:57	Name: s_pre_v6 Value: quoteandinsuranceforga.com
.quoteandinsuranceforga.com/	1970-01-20 15:55:57	Name: s_dl Value: 1
.quoteandinsuranceforga.com/	1969-12-31 23:59:59	Name: s_cm Value: typed%2Fbookmarkedundefinedtyped%2Fbookmarked
.quoteandinsuranceforga.com/	1970-01-21 01:31:55	Name: s_ev32 Value: %5B%5B%27direct%2520load%27%2C%271698955656683%27%5D%5D
.quoteandinsuranceforga.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.rlcdn.com/	1970-01-20 17:22:19	Name: pxrc Value: CIiDkKoGEgUI6AcQABIGCPHrARAA
.doubleclick.net/	1970-01-21 01:31:55	Name: IDE Value: AHWqTUnTIdqvAQvHsR7HE015Aqs5VU8oANs6SF8jqSiO1QmZKsSbHm6sarYLCqdVPHc
.quoteandinsuranceforga.com/	1970-01-20 20:15:07	Name: AAMC_statefarmmutualautomobileinsurancecompany_0 Value: REGION%7C7
.quoteandinsuranceforga.com/	1970-01-20 16:39:07	Name: aam_uuid Value: 87783609850180603691372816273633965665
.quoteandinsuranceforga.com/	1969-12-31 23:59:59	Name: s_session Value: s_prev_url%3Dhttps%3A%2F%2Fquoteandinsuranceforga.com%2F%7CentryProperty%3Dhttps%3A%2F%2Fquoteandinsuranceforga.com%2F%7Cs_prev_channel%3Dsf%3Aundefined%3Aagent-micro-v%7Cs_prev_ch%3Dagent-micro-v%7Cs_prev_pn%3Dyxtfm1ys000%7Cs_prev_pageName%3Dsf%3Aundefined%3Aagent-micro-v%3Ayxtfm1ys000%7Cmc%3Ddirect%20load%7Caowsv%3DNaN%7C
quoteandinsuranceforga.com/	1970-01-21 00:41:31	Name: keen Value: {%22initialReferrer%22:null}
.adsrvr.org/	1970-01-21 00:42:58	Name: TDID Value: 48b50d1b-21d8-45dd-b183-17303e6d77ba
.yahoo.com/	1970-01-21 00:41:53	Name: A3 Value: d=AQABBIkBRGUCEPxd_J9fu8LyKPJabI6i3lEFEgEBAQFTRWVNZdxS0iMA_eMAAA&S=AQAAAv2CVkgDSnwDLpQAoW6Gje4
.demdex.net/	1970-01-20 20:15:07	Name: dextp Value: 60-1-1698955656490\|771-1-1698955656655\|903-1-1698955656799\|30646-1-1698955656942\|66757-1-1698955657116
.krxd.net/	1970-01-20 20:15:07	Name: _kuid_ Value: P5HUXmUF
.quoteandinsuranceforga.com/	1970-01-20 18:05:31	Name: _gcl_au Value: 1.1.1263645849.1698955659
.pinterest.com/	1970-01-21 00:41:31	Name: ar_debug Value: 1
.quoteandinsuranceforga.com/	1970-01-21 00:41:31	Name: _pin_unauth Value: dWlkPVlUVTVaVEV3TURrdFpqVmxaaTAwTmpZd0xXSmtNVEV0T0ROa01qbGlZakJoTUdZMA
.adnxs.com/	1970-01-20 18:05:31	Name: uuid2 Value: 5612683484245028400
.analytics.yahoo.com/	1970-01-21 00:41:31	Name: IDSYNC Value: "19cu~2etw:1769~2etw:19e0~2etw"
.adsrvr.org/	1970-01-21 00:42:58	Name: TDCPM Value: CAESEgoDYWFtEgsIjqKkxKz6rTwQBRIWCgdydWJpY29uEgsIpK782az6rTwQBRIZCgpyaWdodG1lZGlhEgsI5Mn82az6rTwQBRIVCgZnb29nbGUSCwj0hP3grPqtPBAFEhcKCGFwcG5leHVzEgsIhNKi4qz6rTwQBRgFIAIoAzILCNSG_4bD-q08EAVCDyINCAESCQoFdGllcjIQAVoHaWpjNHNuZmAB
.hb.yahoo.net/	1970-01-20 16:16:05	Name: data-ttd Value: 48b50d1b-21d8-45dd-b183-17303e6d77ba~~63
.hb.yahoo.net/	1970-01-20 20:15:07	Name: visitor-id Value: 3419572606633850000V10

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://static2.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AAAGn5GLAQAAVsy_T_CJskwbjbecI2CZbSjhJoXT2x0XmzsusrwpfvO_aAM3&J5odCIZGx--z=q, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://static2.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AAAGn5GLAQAAVsy_T_CJskwbjbecI2CZbSjhJoXT2x0XmzsusrwpfvO_aAM3&J5odCIZGx--z=q, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	error	URL: https://quoteandinsuranceforga.com/ Message: Refused to execute script from 'https://www.statefarm.com/agent/cookie?associateID=YXTFM1YS000&app=AMS' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
rendering	warning	URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AAAGn5GLAQAAVsy_T_CJskwbjbecI2CZbSjhJoXT2x0XmzsusrwpfvO_aAM3&J5odCIZGx--z=q Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering	warning	URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AAAGn5GLAQAAVsy_T_CJskwbjbecI2CZbSjhJoXT2x0XmzsusrwpfvO_aAM3&J5odCIZGx--z=q Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering	warning	URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AAAGn5GLAQAAVsy_T_CJskwbjbecI2CZbSjhJoXT2x0XmzsusrwpfvO_aAM3&J5odCIZGx--z=q Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
network	error	URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=48b50d1b-21d8-45dd-b183-17303e6d77ba&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon Message: Failed to load resource: the server responded with a status of 422 (Unprocessable Entity)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a8367280580.cdn-pci.optimizely.com
ac2.st8fm.com
ajax.googleapis.com
beacon.krxd.net
cdn-pci.optimizely.com
cdnjs.cloudflare.com
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
ct.pinterest.com
deel-id-persistence.deel.c1.statefarm
dpm.demdex.net
fonts.googleapis.com
hb.yahoo.net
ib.adnxs.com
idsync.rlcdn.com
insight.adsrvr.org
js.adsrvr.org
logx.optimizely.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
mx-api.prod.mirus.io
nexus.ensighten.com
peachy.prod.mirus.io
pixel.rubiconproject.com
quoteandinsuranceforga.com
s.pinimg.com
smetrics.statefarm.com
statefarmmutualautomobileinsurancecompany.demdex.net
static1.st8fm.com
static2.st8fm.com
tapi.optimizely.com
ups.analytics.yahoo.com
usermatch.krxd.net
www.facebook.com
www.googletagmanager.com
www.statefarm.com
104.106.226.153
104.198.70.133
151.101.192.84
152.195.54.7
172.253.62.157
18.165.83.107
18.210.108.219
18.67.60.119
23.36.94.118
23.43.85.141
2600:1408:20:388::19f0
2600:9000:2509:e400:2:8f43:5780:93a1
2606:4700::6811:180e
2606:4700::6812:acf
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c08::5f
2607:f8b0:4004:c09::61
2a03:2880:f07d:0:face:b00c:0:3
2a03:2880:f171:81:face:b00c:0:25de
2a04:4e42:77::84
3.225.218.10
34.200.157.66
34.202.119.60
34.69.219.172
35.190.60.146
52.203.187.67
52.223.40.198
54.145.158.33
54.208.38.52
63.140.38.180
68.67.160.117
8.43.72.98
020c8e2ee7e8e090e05e86d2dfa5f86863c69ed73adc74208d6d31574d793c38
02e9c70478b4ed0444cfa8a953983e0a0388b731ec7b07662bd667d56816bf2c
032c7a5045188d511ab1e9112436b55e8b9b20e2e61cd049c35bfd31bd7afb2b
059d251c85f38179f09d400e18e3029c8149f399afe7f6b8751759fcc5bec914
09e193c320607bc8dd22ab00f4f1a88bc9f195b5e3a576d241218f6eb7e905a6
0bc192aee347215f0a0764e0ffb8d1f9962807fcd1fdf64607e60073212b10e3
0ce44ad25a0225d7c513554356a135752fced4df25717c7d1fe614599e91d91e
1317d4275e30dc08856be654c0535788817866a5d89ef27a01898d7ae1ee3600
1e58bfa4209a7a9a8237e9842c34b80b4b008feab8943b2599fe5f633c941943
1eec5d0bc72fba33ce753f6009a277e07041fb92d221ae5839bbc5e8fff1d0bb
1fe711aec93171cacefa8198f5b235bf84fde20b14a8c873a66b044373037128
240422c986046f61655378669aca9bc6e6369c8f7c2897c0c73f7313eac34fed
25dd3d1ae4d08c8e163294efa84c6941d41f4f3a0c0dc2f7d8fc699095494ccd
2638f959ccb5f2eae3d32adfe00db7b77ef35b6bb44cc74fefbcd5bad3542cb5
26494360e0db8345fef2c3e22a47055116f9cfb46f94d308684dd1036cfdeefc
2be90b0c5d60deceb297d506983af865c56dea9819a473dd29bce0f7fffd45c5
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
399c9bc1b4d8f0f2da17159c0f26939bd202a1cc1425b88ce7e3d55ca49ab9c0
3d17b798b45775e93e25293bba964ac616e1d2a8325173ed87ad9560233c117c
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
484ef4268f1d679c1ae88c06fc2388d39afc441465732617e5e2cdc2e3d418e2
4a3db30996d4feb1de7cb1aa05d033ce57226b3d673b71d9bbb7c6edccfa5627
4e69024358cd70c139396147b2d3c4b5d6416ed77b69592d287931552e0c15a9
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
52dab22dd893cdb9dc9d2bafe35e9733ebef85efa1410f339d6acc0478281cc5
558a4cb58fca5ff87e63196e14a18b3895ded0809b273f56621f250c1a0b93e2
56cb81b020021098e18c791a1c89c16860425a190326fe8dc676d39bf992e5aa
596bc52ee5886c20a9fe66870bd80d45d166ce69dd681666ff5de3623e408df5
59789b85b1a8b5dec038e5921b2b8f1a597a935d9798bfbfaa8892dad89f919c
61a9c6943dcbc41ec34c3618adce3c5f3df9ffb54093d342d2ad350a68f44598
64d82f5d2dfd91262b776894417faaedf2159d900d80de148affcb57beee794d
6599e9c2bf5bb6c8f1a30d0f2efbae685c4fe0722101cc4b35c493e2419df8a2
65a22eddcba6e152fe1ffb9ca9794aa740526d54fdfa6cb00d2b2081af41a6d1
6a1153654760c8ea9457c4252167b85dac425c98415184c38c38f16a808288d1
6b79c2cee1e5d9ece0147e076bf08b9eae8b61e1d9cd7c5715dcbc54816decaa
6e17fa3cc4118440d1111d00c3aca6e3183e736de354210eafe140eb92dba8d7
6e8d3f8642062505bedb551184b962b6bd957781bcde2018ca51a704e371f9c2
7089daf157502215443a599029db038759f29db18fe119b4de595dc5d66c3856
7595357c645b297a5840a6e5b5576cf6199da6f58ec9d8daa311598300fb7c15
7a2ffbc33855476429b6d831e2affa95bad9ac98656631421c899c7100da0159
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
88e2639b29c1d092cd03d6771d44efe87a08b258ea38ec607c96bfbc2e36364c
891eec21df42d40440bc9c3dee3aa2dda8ada02102865925b7edc7e4802f46f6
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
89c3f523e9d032c8cb20262621cf0aa172c7af96a82a607c84fe5e6ad87b2873
89d9a08ed4bd71f312ebb4e119de4fbec2413c382cf0370640fac3eb3b1d318f
8a5d94461dfc45efc41660ba3a79c6c1972c068ee0a8db506789a943be035644
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ea4cbbf296a97a0cfc323952e297c0074b3c9d1c56eb7e816ecc442396cbd5c
93b6e1bc8011622ae094defd28c2c69d7a864de05f7be6b6e8927dc3d6ae6a49
980c9d8469c5132d294a0b1b877fbd353decdf9ae788c659bbbd07eb0e793136
992324d06a9add4641a8f42640eecee4c179a72c0d3ede5212d9e73c05aecace
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
a225e8717ef25aa3e2014ffcb8c8fdb986e846fafe510d4671ebbcee0b6e5244
a4ccf24e7583234274dbb21ccd8f2c33afd77fb6620b9da74eed08f7db8d18da
ae4547cc539326ff2c5e5623f87bd6e7a662857f76134ac90a7655462039ce78
aebf611c1438dc7ec748e9a6364c734066b34bf2a1c7e2fc6511ed784635b50e
af3b33bb6b8b4ae08f0ffa60d9b975e0b50ac4710a8c53c26d52946a6401e484
b3bea6904c6130332fdc7ca63b0b971b63b60752654b956ebf0e4b7753ecb09d
b434e7b06d1e76c8ecf4b8fb260010f4b414c03da3ce0ee7fcc2391478bde1be
bc40070eefa6ce1e808de92a6b07e5d7ca5772c108fa886d530b24443d938ab3
befea78b20324739582ae2458e7b3677fd4ac77acbf60aaeb476e4fcd84e58b1
c459691f5389de616773286683cd2870125551ed4020d3f29bdc161d35cc976f
c46ea001dc81eea0f86c7a32507f648f78a6e4f40b14db44ebd1fe0111a10c26
c7012dbe6534ccd46097b8756ffbbcc4d030429939edb882fbb29d48298ed30f
ca4079b45eb719dafb86f764c262fae2518608b533d4714aa5f897d961001cf1
cb598957119c60141717676dceb24704495e5cac111a62cea6c34f5d89007949
d835ef5a85deb9cccbe7c01f71fa555d72c25b49f07368645fba6022d79273a5
d98509f5351c7f8a41a5aa749a3ca3e1fe31984a4e8dddbe436508e69b77434e
ddcdedb1aaf1b36d8a30168011a50586995ac8e3102b12cbcdcb33e2cc50fd4d
de10644653057a725f07b153c651cd920b75e5ca4b4e395b7a271c7620ce45d7
debfde5dcf6b60e52c187bc7ef779d68f307796ecab2572ee0b94b000e0062fe
e121c2f8e5ffa52a72b7a4c6dcd76e6ee6e48414991ffa1e58ad0cea7af92105
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
e8cb4f6486e9fd1ee9050b84f67b2b6d907a0496e5146b0a86c7bc6cd3925f48
e94d4544e5f82ceef7ff46455be9b4283062969b89bf8db6ac53e7f03a415c15
eef4b80043a4aeba715efb34d50df6f3c9246747bd2444aa9befe8687221f51c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef62646b0b21053bd22e4069e956d629cd4a64b4e35aeaaca0b522123b242c29
f55e6f7bf9f014c73ce855f5908298ab27cb14befb72c1160bccc1f3319b2b70
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
fc2560982cfff30fef02aa5d10e4766ff66e34d63c792063cbbbc2b6aedc2d6b
fcc67db13b460832e5371afd8cc45412bab5e7a2daaecdc04984e9252ac64236

quoteandinsuranceforga.com Open in urlscan Pro 34.69.219.172 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

97 Requests

92 %HTTPS

31 %IPv6

25 Domains

38 Subdomains

27 IPs

2 Countries

1635 kBTransfer

4701 kBSize

34 Cookies

28 Outgoing links

Redirected requests

97 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

quoteandinsuranceforga.com Open in urlscan Pro
34.69.219.172 Public Scan

Screenshot
Live screenshot

Full Image

97
Requests

92 %
HTTPS

31 %
IPv6

25
Domains

38
Subdomains

27
IPs

2
Countries

1635 kB
Transfer

4701 kB
Size

34
Cookies

97 HTTP transactions
1 data transactions