account.preview.marshmallow.co Open in urlscan Pro
52.31.52.130 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://account.preview.marshmallow.co/
Submission: On March 20 via automatic, source certstream-suspicious (March 20th 2020, 2:27:25 pm UTC)

Summary HTTP 43 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 19 IPs in 6 countries across 17 domains to perform 43 HTTP transactions. The main IP is 52.31.52.130, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is account.preview.marshmallow.co.
TLS certificate: Issued by Amazon on December 18th 2019. Valid for: a year.

This is the only time account.preview.marshmallow.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	52.31.52.130 52.31.52.130	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
3 3	2001:4860:480... 2001:4860:4802:36::75	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE)
1	99.86.0.85 99.86.0.85	16509 (AMAZON-02) (AMAZON-02)
1	147.75.84.91 147.75.84.91	54825 (PACKET) (PACKET)
1	89.187.165.8 89.187.165.8	60068 (CDN77) (CDN77)
1	52.36.169.40 52.36.169.40	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	143.204.208.215 143.204.208.215	16509 (AMAZON-02) (AMAZON-02)
2	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:81a::2013	15169 (GOOGLE) (GOOGLE)
1	143.204.208.90 143.204.208.90	16509 (AMAZON-02) (AMAZON-02)
1	147.75.32.105 147.75.32.105	54825 (PACKET) (PACKET)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
1	147.75.32.99 147.75.32.99	54825 (PACKET) (PACKET)
1 1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	54.68.28.166 54.68.28.166	16509 (AMAZON-02) (AMAZON-02)
43	19

17 52.31.52.130 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-52-130.eu-west-1.compute.amazonaws.com

account.preview.marshmallow.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9a (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:36::75 (United States) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.0.85 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-0-85.fra6.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.84.91 (Parsippany, United States)

ASN54825 (PACKET, US)

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.187.165.8 (Zurich, Switzerland)

ASN60068 (CDN77, GB)
PTR: zurich-6.cdn77.com

rec.smartlook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.36.169.40 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-169-40.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.208.215 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-208-215.fra53.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.208.90 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-208-90.fra53.r.cloudfront.net

d3qxef4rp70elm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.32.105 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress5

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.194.58 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.32.99 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress12

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.68.28.166 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-68-28-166.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	marshmallow.co account.preview.marshmallow.co	495 KB
4	fullstory.com www.fullstory.com rs.fullstory.com	67 KB
4	google-analytics.com 2 redirects www.google-analytics.com	18 KB
3	amplitude.com cdn.amplitude.com api.amplitude.com	18 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	76 KB
3	google.de www.google.de	328 B
3	google.com 3 redirects www.google.com	861 B
3	doubleclick.net 3 redirects stats.g.doubleclick.net googleads.g.doubleclick.net	897 B
2	facebook.net connect.facebook.net	54 KB
2	googleadservices.com www.googleadservices.com	11 KB
1	facebook.com www.facebook.com	259 B
1	cloudfront.net d3qxef4rp70elm.cloudfront.net	6 KB
1	twitter.com analytics.twitter.com	286 B
1	segment.io api.segment.io	151 B
1	smartlook.com rec.smartlook.com	9 KB
1	segment.com cdn.segment.com	83 KB
1	googletagmanager.com www.googletagmanager.com	28 KB
43	17

	Domain	Requested by
17	account.preview.marshmallow.co	account.preview.marshmallow.co
4	www.google-analytics.com	2 redirects www.googletagmanager.com account.preview.marshmallow.co
3	rs.fullstory.com	www.fullstory.com
3	www.google.de	account.preview.marshmallow.co
3	www.google.com	3 redirects
2	api.amplitude.com	cdn.amplitude.com
2	connect.facebook.net	cdn.segment.com connect.facebook.net
2	www.googleadservices.com	cdn.segment.com www.googleadservices.com
2	stats.g.doubleclick.net	2 redirects
1	googleads.g.doubleclick.net	1 redirects
1	vars.hotjar.com	static.hotjar.com
1	www.facebook.com	account.preview.marshmallow.co
1	script.hotjar.com	static.hotjar.com
1	d3qxef4rp70elm.cloudfront.net	cdn.segment.com
1	www.fullstory.com	cdn.segment.com
1	cdn.amplitude.com	cdn.segment.com
1	analytics.twitter.com	account.preview.marshmallow.co
1	api.segment.io	cdn.segment.com
1	rec.smartlook.com	cdn.segment.com
1	static.hotjar.com	cdn.segment.com
1	cdn.segment.com	account.preview.marshmallow.co
1	www.googletagmanager.com	account.preview.marshmallow.co
43	22

This site contains links to these domains. Also see Links.

Domain
intercom.help
marshmallows-blog1.ghost.io
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
local.dev.marshmallow.co Amazon	`2019-12-18` - `2021-01-18`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.segment.com DigiCert SHA2 Secure Server CA	`2019-06-24` - `2020-07-01`	a year	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
1610534878.rsc.cdn77.org Let's Encrypt Authority X3	`2020-02-25` - `2020-05-25`	3 months	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
cdn.amplitude.com Amazon	`2019-12-16` - `2021-01-16`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-03-01` - `2020-05-30`	3 months	crt.sh
*.fullstory.com COMODO RSA Domain Validation Secure Server CA	`2017-12-27` - `2021-03-26`	3 years	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2020-02-18` - `2022-02-13`	2 years	crt.sh

This page contains 2 frames:

Primary Page: https://account.preview.marshmallow.co/
Frame ID: 8DB63ECAE477EAB77A0828A4F4FFC3E8
Requests: 42 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 9AF2E9F0C53F22E1617422AE6D892BE5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<[^>]+data-react/i

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /cdn\.amplitude\.com/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /cdn\.segment\.com\/analytics\.js/i

Page Statistics

43
Requests

60 %
HTTPS

41 %
IPv6

17
Domains

22
Subdomains

19
IPs

6
Countries

867 kB
Transfer

2681 kB
Size

13
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://intercom.help/marshmallow
Title: Help

Search URL Search Domain Scan URL

URL: https://marshmallows-blog1.ghost.io/
Title: Blog

Search URL Search Domain Scan URL

URL: https://www.facebook.com/marshmallowinsurance/

Search URL Search Domain Scan URL

URL: https://twitter.com/getmarshmallow

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=762082042&t=pageview&_s=1&dl=https%3A%2F%2Faccount.preview.marshmallow.co%2F&ul=en-us&de=UTF-8&dt=Marshmallow%20Homepage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=519254793&gjid=636782125&cid=1757894287.1584714427&tid=UA-91451316-1&_gid=962165708.1584714427&_r=1&gtm=2ou3b2&z=1249626999 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-91451316-1&cid=1757894287.1584714427&jid=519254793&_gid=962165708.1584714427&gjid=636782125&_v=j81&z=1249626999 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-91451316-1&cid=1757894287.1584714427&jid=519254793&_v=j81&z=1249626999 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-91451316-1&cid=1757894287.1584714427&jid=519254793&_v=j81&z=1249626999&slf_rd=1&random=4187611134

Request Chain 29

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=762082042&t=pageview&_s=1&dl=https%3A%2F%2Faccount.preview.marshmallow.co%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Homepage&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aEDAAUAB~&jid=844487724&gjid=909170151&cid=1757894287.1584714427&tid=UA-91451316-1&_gid=962165708.1584714427&_r=1&z=1636572553 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-91451316-1&cid=1757894287.1584714427&jid=844487724&_gid=962165708.1584714427&gjid=909170151&_v=j81&z=1636572553 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-91451316-1&cid=1757894287.1584714427&jid=844487724&_v=j81&z=1636572553 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-91451316-1&cid=1757894287.1584714427&jid=844487724&_v=j81&z=1636572553&slf_rd=1&random=3888595677

Request Chain 37

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/868083726/?random=2139885798&cv=9&fst=*&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https://account.preview.marshmallow.co/&tiba=Marshmallow%20%7C%20Fairer%20Car%20Insurance%20For%20Foreign%20Born%20Drivers&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=vNJ0XtytB9eK7_UP_5Km-AU&sscte=1&crd=&gtd= HTTP 302
https://www.google.com/pagead/1p-conversion/868083726/?random=2139885798&cv=9&fst=*&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https://account.preview.marshmallow.co/&tiba=Marshmallow%20%7C%20Fairer%20Car%20Insurance%20For%20Foreign%20Born%20Drivers&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=&is_vtc=1&ocp_id=vNJ0XtytB9eK7_UP_5Km-AU&random=784649517&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/868083726/?random=2139885798&cv=9&fst=*&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https://account.preview.marshmallow.co/&tiba=Marshmallow%20%7C%20Fairer%20Car%20Insurance%20For%20Foreign%20Born%20Drivers&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=&is_vtc=1&ocp_id=vNJ0XtytB9eK7_UP_5Km-AU&random=784649517&resp=GooglemKTybQhCsO&ipr=y

43 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
account.preview.marshmallow.co/ 3 KB
2 KB 134ms
36ms Document
text/html 52.31.52.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account.preview.marshmallow.co/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.52.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-52-130.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

6dc00f17e43046a5cfcf027f3ba5f291c763f2de11ca08794a8b5f4b42d67a7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: account.preview.marshmallow.co
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
date: Fri, 20 Mar 2020 14:27:07 GMT
content-type: text/html
content-length: 1620
server: nginx
last-modified: Wed, 24 Oct 2018 08:45:34 GMT
vary: Accept-Encoding
etag: "5bd0312e-654"
content-encoding: gzip
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: no-cache, must-revalidate

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 75 KB
28 KB 44ms
41ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-91451316-1

Requested by

Host: account.preview.marshmallow.co
URL: https://account.preview.marshmallow.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2034a0b9b680eddbc92e042befc8bfe1a13220c5eefc2ef1f6e20a6d19129542

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://account.preview.marshmallow.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 20 Mar 2020 14:27:07 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28648
x-xss-protection: 0
last-modified: Fri, 20 Mar 2020 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 20 Mar 2020 14:27:07 GMT

GET
H2 200 1.31a6cf96.chunk.js Show response
account.preview.marshmallow.co/static/js/ 194 KB
62 KB 47ms
45ms Script
application/javascript 52.31.52.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account.preview.marshmallow.co/static/js/1.31a6cf96.chunk.js

Requested by

Host: account.preview.marshmallow.co
URL: https://account.preview.marshmallow.co/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.52.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-52-130.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

852979f06d60cc0677efcd1ca392265742bf81692874783d6242a3508f2012dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.preview.marshmallow.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 20 Mar 2020 14:27:07 GMT
content-encoding: gzip
referrer-policy: origin
last-modified: Wed, 24 Oct 2018 08:45:25 GMT
server: nginx
etag: W/"5bd03125-30858"
x-frame-options: DENY
content-type: application/javascript
status: 200
x-xss-protection: 1; mode=block
cache-control: max-age=315360000, public, immutable
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 main.e0f0e888.chunk.js Show response
account.preview.marshmallow.co/static/js/ 87 KB
21 KB 87ms
85ms Script
application/javascript 52.31.52.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account.preview.marshmallow.co/static/js/main.e0f0e888.chunk.js

Requested by

Host: account.preview.marshmallow.co
URL: https://account.preview.marshmallow.co/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.52.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-52-130.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e52f1bda7bc84fc90f5144b2538bba50e7daa9b30a89ab28f7480d46f66d0f0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.preview.marshmallow.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 20 Mar 2020 14:27:07 GMT
content-encoding: gzip
referrer-policy: origin
last-modified: Wed, 24 Oct 2018 08:45:25 GMT
server: nginx
etag: W/"5bd03125-15af9"
x-frame-options: DENY
content-type: application/javascript
status: 200
x-xss-protection: 1; mode=block
cache-control: max-age=315360000, public, immutable
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-91451316-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://account.preview.marshmallow.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 6512
date: Fri, 20 Mar 2020 12:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Fri, 20 Mar 2020 14:38:35 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=762082042&t=pageview&_s=1&dl=https%3A%2F%2Faccount.preview.marshmallow.co%2F&ul=en-us&de=UTF-8&dt=Marshmallow%20Homepage&sd=24-bit&sr=1600x12...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-91451316-1&cid=1757894287.1584714427&jid=519254793&_gid=962165708.1584714427&gjid=636782125&_v=j81&z=1249626999
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-91451316-1&cid=1757894287.1584714427&jid=519254793&_v=j81&z=1249626999
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-91451316-1&cid=1757894287.1584714427&jid=519254793&_v=j81&z=1249626999&slf_rd=1&random=4187611134

42 B
109 B

20ms
20ms

Image
image/gif

2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-91451316-1&cid=1757894287.1584714427&jid=519254793&_v=j81&z=1249626999&slf_rd=1&random=4187611134

Requested by

Host: account.preview.marshmallow.co
URL: https://account.preview.marshmallow.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://account.preview.marshmallow.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Mar 2020 14:27:07 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 Mar 2020 14:27:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-91451316-1&cid=1757894287.1584714427&jid=519254793&_v=j81&z=1249626999&slf_rd=1&random=4187611134
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/BWqidcLkaM6FiKadb4QM0ZdpFgfx9Xte/ 412 KB
83 KB 430ms
382ms Script
text/javascript 99.86.0.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/BWqidcLkaM6FiKadb4QM0ZdpFgfx9Xte/analytics.min.js
Requested by: Host: account.preview.marshmallow.co
URL: https://account.preview.marshmallow.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.0.85 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-0-85.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 80c77b213d725143e4783076d62c1ae58036753c324fd579beebdf924b636575

Request headers

Referer: https://account.preview.marshmallow.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 20 Mar 2020 14:27:08 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-length: 84337
via: 1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
last-modified: Fri, 13 Mar 2020 17:08:48 GMT
server: AmazonS3
etag: "4d441fd4e12c0232b01913901300667b"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: 5zucmgfMFpoqtCY35jZZ5C.JHvxky5Qa
access-control-allow-origin: *
cache-control: public, max-age=300
accept-ranges: bytes
content-type: text/javascript; charset=utf-8
x-amz-cf-id: SetJEP_tsMZzRQdOuDbifN9bCutMfVBSazUHR2BFNAbzN7-XlKgSIA==

GET
H2 200 garage-skyline.d6aac39e.svg
account.preview.marshmallow.co/static/media/ 30 KB
7 KB 39ms
37ms Image
image/svg+xml 52.31.52.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://account.preview.marshmallow.co/static/media/garage-skyline.d6aac39e.svg

Requested by

Host: account.preview.marshmallow.co
URL: https://account.preview.marshmallow.co/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.52.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-52-130.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

09e30f962c66cd6836d37e9cc45738f4e6e8fc003ea1eec104dcee6aa4158d5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.preview.marshmallow.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 14:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
content-length: 6919
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Wed, 24 Oct 2018 08:45:35 GMT
server: nginx
x-frame-options: DENY
etag: "5bd0312f-1b07"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/svg+xml
cache-control: max-age=315360000, public, immutable
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 globe.27084b9d.svg
account.preview.marshmallow.co/static/media/ 18 KB
4 KB 38ms
36ms Image
image/svg+xml 52.31.52.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://account.preview.marshmallow.co/static/media/globe.27084b9d.svg

Requested by

Host: account.preview.marshmallow.co
URL: https://account.preview.marshmallow.co/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.52.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-52-130.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

31f13e0e46c2be9f8376c78a2fc3b3f09f4d259ae7d29b70ac0bd48dc2193da2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.preview.marshmallow.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 14:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
content-length: 3629
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Wed, 24 Oct 2018 08:45:35 GMT
server: nginx
x-frame-options: DENY
etag: "5bd0312f-e2d"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/svg+xml
cache-control: max-age=315360000, public, immutable
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 international-licence.d0e785f7.svg
account.preview.marshmallow.co/static/media/ 35 KB
5 KB 40ms
38ms Image
image/svg+xml 52.31.52.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://account.preview.marshmallow.co/static/media/international-licence.d0e785f7.svg

Requested by

Host: account.preview.marshmallow.co
URL: https://account.preview.marshmallow.co/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.52.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-52-130.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

4c0c7ce2a8f774fe324ba0d1c947cb46ca19a2e798987aa0ae95e13b54a8f9b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.preview.marshmallow.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 14:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
content-length: 4783
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Wed, 24 Oct 2018 08:45:35 GMT
server: nginx
x-frame-options: DENY
etag: "5bd0312f-12af"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/svg+xml
cache-control: max-age=315360000, public, immutable
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 247.04a44f7c.svg
account.preview.marshmallow.co/static/media/ 23 KB
4 KB 40ms
38ms Image
image/svg+xml 52.31.52.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://account.preview.marshmallow.co/static/media/247.04a44f7c.svg

Requested by

Host: account.preview.marshmallow.co
URL: https://account.preview.marshmallow.co/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.52.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-52-130.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

6ea42f8004962063d2b40c8bb18bd232d12368537d2e328f2afc0803416d2c5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.preview.marshmallow.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 14:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
content-length: 3834
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Wed, 24 Oct 2018 08:45:35 GMT
server: nginx
x-frame-options: DENY
etag: "5bd0312f-efa"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/svg+xml
cache-control: max-age=315360000, public, immutable
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 TechCrunch.c8add0fa.svg
account.preview.marshmallow.co/static/media/ 4 KB
2 KB 43ms
41ms Image
image/svg+xml 52.31.52.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://account.preview.marshmallow.co/static/media/TechCrunch.c8add0fa.svg

Requested by

Host: account.preview.marshmallow.co
URL: https://account.preview.marshmallow.co/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.52.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-52-130.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

0862443de98e378ae5accdf01541bedb7b11d5a7b72a4b6121ca3a6e1a3bb863

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.preview.marshmallow.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 14:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
content-length: 1543
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Wed, 24 Oct 2018 08:45:35 GMT
server: nginx
x-frame-options: DENY
etag: "5bd0312f-607"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/svg+xml
cache-control: max-age=315360000, public, immutable
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 TheSundayTimes.106e58c1.svg
account.preview.marshmallow.co/static/media/ 155 KB
59 KB 42ms
40ms Image
image/svg+xml 52.31.52.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://account.preview.marshmallow.co/static/media/TheSundayTimes.106e58c1.svg

Requested by

Host: account.preview.marshmallow.co
URL: https://account.preview.marshmallow.co/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.52.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-52-130.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

746f5a8f594b822322e17b87235d0abfd4e17920fab23034eb11d97c8ae51110

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.preview.marshmallow.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 14:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
content-length: 60338
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Wed, 24 Oct 2018 08:45:35 GMT
server: nginx
x-frame-options: DENY
etag: "5bd0312f-ebb2"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/svg+xml
cache-control: max-age=315360000, public, immutable
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 CityAM.3133598a.svg
account.preview.marshmallow.co/static/media/ 2 KB
1 KB 43ms
41ms Image
image/svg+xml 52.31.52.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://account.preview.marshmallow.co/static/media/CityAM.3133598a.svg

Requested by

Host: account.preview.marshmallow.co
URL: https://account.preview.marshmallow.co/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.52.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-52-130.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

4401ee46f54b643910299e21df7b7b8967cd9dbd5e4b6f8568217c36730fcd0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.preview.marshmallow.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 14:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
content-length: 905
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Wed, 24 Oct 2018 08:45:35 GMT
server: nginx
x-frame-options: DENY
etag: "5bd0312f-389"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/svg+xml
cache-control: max-age=315360000, public, immutable
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 InsuranceTimes.c814124c.svg
account.preview.marshmallow.co/static/media/ 5 KB
3 KB 43ms
42ms Image
image/svg+xml 52.31.52.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://account.preview.marshmallow.co/static/media/InsuranceTimes.c814124c.svg

Requested by

Host: account.preview.marshmallow.co
URL: https://account.preview.marshmallow.co/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.52.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-52-130.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

be200b904c3c78ec3a31ac720623dfd80083c90123e6926c4bba584278f0214e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.preview.marshmallow.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 14:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
content-length: 2418
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Wed, 24 Oct 2018 08:45:34 GMT
server: nginx
x-frame-options: DENY
etag: "5bd0312e-972"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/svg+xml
cache-control: max-age=315360000, public, immutable
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 TheTimes.fe648d6f.svg
account.preview.marshmallow.co/static/media/ 151 KB
58 KB 45ms
44ms Image
image/svg+xml 52.31.52.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://account.preview.marshmallow.co/static/media/TheTimes.fe648d6f.svg

Requested by

Host: account.preview.marshmallow.co
URL: https://account.preview.marshmallow.co/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.52.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-52-130.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

122556b915c20057d61259ee0e77c8eb3c6278cf816a039dfce11025a167649d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.preview.marshmallow.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 14:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
content-length: 58736
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Wed, 24 Oct 2018 08:45:35 GMT
server: nginx
x-frame-options: DENY
etag: "5bd0312f-e570"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/svg+xml
cache-control: max-age=315360000, public, immutable
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 skyline-footer.da96abaf.svg
account.preview.marshmallow.co/static/media/ 22 KB
5 KB 46ms
45ms Image
image/svg+xml 52.31.52.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://account.preview.marshmallow.co/static/media/skyline-footer.da96abaf.svg

Requested by

Host: account.preview.marshmallow.co
URL: https://account.preview.marshmallow.co/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.52.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-52-130.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

136b62964b8ac4da7707df7cea5ea086c0076560348622a27effd251becca398

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.preview.marshmallow.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 14:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
content-length: 5224
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Wed, 24 Oct 2018 08:45:34 GMT
server: nginx
x-frame-options: DENY
etag: "5bd0312e-1468"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/svg+xml
cache-control: max-age=315360000, public, immutable
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 marshmallow-text.5159fc88.svg
account.preview.marshmallow.co/static/media/ 3 KB
1 KB 59ms
58ms Image
image/svg+xml 52.31.52.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://account.preview.marshmallow.co/static/media/marshmallow-text.5159fc88.svg

Requested by

Host: account.preview.marshmallow.co
URL: https://account.preview.marshmallow.co/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.52.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-52-130.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

397442ba6936b7d380eb3a1244408475ad8125265f3cf5fb7a0c0f936af78e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.preview.marshmallow.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 14:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
content-length: 1044
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Wed, 24 Oct 2018 08:45:35 GMT
server: nginx
x-frame-options: DENY
etag: "5bd0312f-414"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/svg+xml
cache-control: max-age=315360000, public, immutable
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 GorditaMedium.06e85c4f.otf
account.preview.marshmallow.co/static/media/ 154 KB
86 KB 58ms
57ms Font
font/opentype 52.31.52.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account.preview.marshmallow.co/static/media/GorditaMedium.06e85c4f.otf

Requested by

Host: account.preview.marshmallow.co
URL: https://account.preview.marshmallow.co/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.52.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-52-130.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

9dea8c7af2eeaa9c4b1f8aaf5b93ca2c37d455cdce0c9fcac326e38bfb0f4db8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.preview.marshmallow.co/
Origin: https://account.preview.marshmallow.co
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 20 Mar 2020 14:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
content-length: 87451
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Wed, 24 Oct 2018 08:45:35 GMT
server: nginx
x-frame-options: DENY
etag: "5bd0312f-1559b"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: font/opentype
cache-control: max-age=315360000, public, immutable
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 GorditaRegular.d9503c95.otf
account.preview.marshmallow.co/static/media/ 157 KB
88 KB 58ms
57ms Font
font/opentype 52.31.52.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account.preview.marshmallow.co/static/media/GorditaRegular.d9503c95.otf

Requested by

Host: account.preview.marshmallow.co
URL: https://account.preview.marshmallow.co/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.52.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-52-130.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

4e42984cc5fd5731ed41183ff14112549b1912dc52cf7c0ffa3a5f22a8444d43

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.preview.marshmallow.co/
Origin: https://account.preview.marshmallow.co
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 20 Mar 2020 14:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
content-length: 89198
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Wed, 24 Oct 2018 08:45:35 GMT
server: nginx
x-frame-options: DENY
etag: "5bd0312f-15c6e"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: font/opentype
cache-control: max-age=315360000, public, immutable
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 GorditaBold.ae04b3e5.otf
account.preview.marshmallow.co/static/media/ 155 KB
87 KB 57ms
57ms Font
font/opentype 52.31.52.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account.preview.marshmallow.co/static/media/GorditaBold.ae04b3e5.otf

Requested by

Host: account.preview.marshmallow.co
URL: https://account.preview.marshmallow.co/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.52.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-52-130.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

83b189e4a32eeefd0606c7516e79d5ce16f3df6735c0148799a2a4374dcbcbfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.preview.marshmallow.co/
Origin: https://account.preview.marshmallow.co
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 20 Mar 2020 14:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
content-length: 88848
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Wed, 24 Oct 2018 08:45:35 GMT
server: nginx
x-frame-options: DENY
etag: "5bd0312f-15b10"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: font/opentype
cache-control: max-age=315360000, public, immutable
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 hotjar-925116.js Show response
static.hotjar.com/c/ 3 KB
2 KB 55ms
17ms Script
application/javascript 147.75.84.91
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-925116.js?sv=6

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BWqidcLkaM6FiKadb4QM0ZdpFgfx9Xte/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.84.91 Parsippany, United States, ASN54825 (PACKET, US),

Reverse DNS

Software

Resource Hash

1b7e027beb513839ef61e4df72c524dc1fde179dad468ba2a905e9ff40e73368

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://account.preview.marshmallow.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 20 Mar 2020 14:27:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript
section-io-tag: hotjar
age: 3
status: 200
access-control-max-age: 600
section-io-cache: Hit
content-length: 1617
x-cache-hit: 1
x-frame-options: SAMEORIGIN
etag: W/a3e6c4c76fc90900d507c756d06b86f9
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=60
section-io-origin-time-seconds: 0.073
accept-ranges: bytes
section-io-id: efe12676e9dac882913a3493b6421233
section-origin-responded: true

GET
H2 200 recorder.js Show response
rec.smartlook.com/ 29 KB
9 KB 114ms
35ms Script
application/javascript 89.187.165.8
CDN77

General

Check archive.org

Show headers Download Go to

Full URL

https://rec.smartlook.com/recorder.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BWqidcLkaM6FiKadb4QM0ZdpFgfx9Xte/analytics.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.165.8 Zurich, Switzerland, ASN60068 (CDN77, GB),

Reverse DNS

zurich-6.cdn77.com

Software

CDN77-Turbo /

Resource Hash

43edc93275b9ebca895ab57e6461e9370385779d0951bf754f80c74280be2393

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://account.preview.marshmallow.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 20 Mar 2020 14:27:08 GMT
content-encoding: br
last-modified: Mon, 17 Feb 2020 08:41:17 GMT
server: CDN77-Turbo
access-control-allow-origin: *
x-edge-location: zurichCH
etag: W/"5e4a51ad-7544"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: public, max-age=600
x-edge-ip: 89.187.165.6
strict-transport-security: max-age=31536000
x-age: 219

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
151 B 545ms
180ms XHR
application/json 52.36.169.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/p
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BWqidcLkaM6FiKadb4QM0ZdpFgfx9Xte/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.36.169.40 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-169-40.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://account.preview.marshmallow.co/
Origin: https://account.preview.marshmallow.co
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 200
date: Fri, 20 Mar 2020 14:27:08 GMT
access-control-allow-origin: https://account.preview.marshmallow.co
content-length: 21
vary: Origin
content-type: application/json

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
286 B 143ms
143ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o088z&p_id=Twitter&tw_sale_amount=0&tw_order_quantity=0

Requested by

Host: account.preview.marshmallow.co
URL: https://account.preview.marshmallow.co/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://account.preview.marshmallow.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 14:27:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 65
x-xss-protection: 0
x-response-time: 119
pragma: no-cache
last-modified: Fri, 20 Mar 2020 14:27:08 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 0347ad0495caf6cfa87f51c131690f82
x-transaction: 0099e15e00fabca7
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 amplitude-5.2.2-min.gz.js Show response
cdn.amplitude.com/libs/ 54 KB
18 KB 175ms
80ms Script
application/javascript 143.204.208.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BWqidcLkaM6FiKadb4QM0ZdpFgfx9Xte/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.208.215 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-208-215.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2173f130ca59dc5554498343432f02f92ecce45c4f9381ea12b203a2978f33d4

Request headers

Referer: https://account.preview.marshmallow.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 23:40:28 GMT
content-encoding: gzip
age: 1349200
x-cache: Hit from cloudfront
status: 200
content-length: 17889
last-modified: Mon, 21 Oct 2019 15:45:34 GMT
server: AmazonS3
etag: "b568e7b3c9d94da6a1d4845b18400f7a"
x-amz-version-id: aZB1RIRJqET7nosqRtOBVideRuh0jIV6
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: BSIKJZP7lgjW5-qBTise4yDWbY9uNfCM7KrtkDXk2PWoFLJZdg0QWw==

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 26 KB
10 KB 36ms
35ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BWqidcLkaM6FiKadb4QM0ZdpFgfx9Xte/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

ea399158ef2d93ca8c14598e1ee6bfddf924d4b877c8972928d30ff23bcf1a30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://account.preview.marshmallow.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 20 Mar 2020 14:27:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 9947
x-xss-protection: 0
server: cafe
etag: 2742097851886756974
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 20 Mar 2020 14:27:08 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BWqidcLkaM6FiKadb4QM0ZdpFgfx9Xte/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://account.preview.marshmallow.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: 7WIY1kpeNItD/+YXRECbPk0bcD1bDuLJYkLoUvyRsWGcXmRo1yHgZMefqdP+1HFuv4t/WLZ6+7AA10BmWAxY3w==
x-fb-trip-id: 420120009
date: Fri, 20 Mar 2020 14:27:08 GMT, Fri, 20 Mar 2020 14:27:08 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 fs.js Show response
www.fullstory.com/s/ 185 KB
66 KB 58ms
26ms Script
application/javascript 2a00:1450:4001:81a::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fullstory.com/s/fs.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BWqidcLkaM6FiKadb4QM0ZdpFgfx9Xte/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

fe8f43f56bfa4bf042b6ca37ba7e347b20ef372b2c0396f74d7d4daf98c50f04

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://account.preview.marshmallow.co/
Origin: https://account.preview.marshmallow.co
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: gzip
server: Google Frontend
age: 158
etag: "5CjaXQ"
vary: Accept-Encoding
content-type: application/javascript
status: 200
x-cloud-trace-context: 211729260b379e8775dacff5a8f43807
cache-control: public, max-age=600
date: Fri, 20 Mar 2020 14:24:30 GMT
timing-allow-origin: *
access-control-allow-origin: *
content-length: 67112
expires: Fri, 20 Mar 2020 14:34:30 GMT

GET
H/1.1 200
OK m.js Show response
d3qxef4rp70elm.cloudfront.net/ 21 KB
6 KB 116ms
26ms Script
application/javascript 143.204.208.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3qxef4rp70elm.cloudfront.net/m.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BWqidcLkaM6FiKadb4QM0ZdpFgfx9Xte/analytics.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.208.90 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-208-90.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 79e540f8f28720a58d73c76156304088c580e1daa5a5c32d076add11d1b508a3

Request headers

Referer: https://account.preview.marshmallow.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 20 Mar 2020 04:20:58 GMT
Content-Encoding: gzip
Last-Modified: Fri, 12 Apr 2019 03:43:41 GMT
Server: AmazonS3
Age: 44075
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA53-C1
Connection: keep-alive
X-Amz-Cf-Id: nLRlZDNvrmEjqlI6_zrVRFZZd13U16FvHBTfTc2sYaINO3DFGkbmpw==

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=762082042&t=pageview&_s=1&dl=https%3A%2F%2Faccount.preview.marshmallow.co%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Homepage&sd=24-bit&sr=1600x1200&vp=1...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-91451316-1&cid=1757894287.1584714427&jid=844487724&_gid=962165708.1584714427&gjid=909170151&_v=j81&z=1636572553
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-91451316-1&cid=1757894287.1584714427&jid=844487724&_v=j81&z=1636572553
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-91451316-1&cid=1757894287.1584714427&jid=844487724&_v=j81&z=1636572553&slf_rd=1&random=3888595677

42 B
109 B

19ms
18ms

Image
image/gif

2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-91451316-1&cid=1757894287.1584714427&jid=844487724&_v=j81&z=1636572553&slf_rd=1&random=3888595677

Requested by

Host: account.preview.marshmallow.co
URL: https://account.preview.marshmallow.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://account.preview.marshmallow.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Mar 2020 14:27:08 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 Mar 2020 14:27:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-91451316-1&cid=1757894287.1584714427&jid=844487724&_v=j81&z=1636572553&slf_rd=1&random=3888595677
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
100 B 6ms
5ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=762082042&t=event&ni=1&_s=2&dl=https%3A%2F%2Faccount.preview.marshmallow.co%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Homepage&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=All&ea=Viewed%20Homepage%20Page&ev=0&_u=aEDAAUAB~&jid=&gjid=&cid=1757894287.1584714427&tid=UA-91451316-1&_gid=962165708.1584714427&z=1518019792

Requested by

Host: account.preview.marshmallow.co
URL: https://account.preview.marshmallow.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://account.preview.marshmallow.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 05 Mar 2020 02:58:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1337335
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1302423376512794 Show response
connect.facebook.net/signals/config/ 100 KB
25 KB 47ms
47ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1302423376512794?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

865892fd649cb3f6b329b49959c32332ee2c91ebc071ae641df47f01e472dc3a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://account.preview.marshmallow.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: eLijjLI+kHS6Kgu6lTTqamWWBIz88FvBIrfh1pNaYii1TAdGlEdUk3wra+CAlJiNnzUCfmK2Qeu1KAUXFpfAEw==
x-fb-trip-id: 420120009
date: Fri, 20 Mar 2020 14:27:08 GMT, Fri, 20 Mar 2020 14:27:08 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/868083726/ 2 KB
1 KB 34ms
34ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/868083726/?random=1584714428104&cv=9&fst=1584714428104&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Faccount.preview.marshmallow.co%2F&tiba=Marshmallow%20%7C%20Fairer%20Car%20Insurance%20For%20Foreign%20Born%20Drivers&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

b6eaed3cebb6c5032a034bcff6033df9573648d020e9eed9a56a1e4dc2750627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://account.preview.marshmallow.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Fri, 20 Mar 2020 14:27:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1064
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.3a2c212c6000288ee2ae.js Show response
script.hotjar.com/ 405 KB
74 KB 59ms
21ms Script
application/javascript 147.75.32.105
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.3a2c212c6000288ee2ae.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-925116.js?sv=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.32.105 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress5
Software: /
Resource Hash: b3f29b23aef1d12e38265e00a2c4c76a9fc44bb8764ef86996585d55ddd0c37c

Request headers

Referer: https://account.preview.marshmallow.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 20 Mar 2020 14:27:08 GMT
content-encoding: br
content-type: application/javascript
age: 172202
status: 200
section-io-cache: Hit
content-length: 74872
last-modified: Wed, 18 Mar 2020 14:34:13 GMT
etag: "491d4d96fc64d8d20cf96fe1c1c38207"
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.029
accept-ranges: bytes
section-io-id: 9564d2986004831ee23b3b484c9cead5
section-origin-responded: true

GET
H2 200 /
www.facebook.com/tr/ 44 B
259 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1302423376512794&ev=PageView&dl=https%3A%2F%2Faccount.preview.marshmallow.co%2F&rl=&if=false&ts=1584714428135&sw=1600&sh=1200&v=2.9.15&r=stable&a=seg&ec=0&o=28&fbp=fb.1.1584714428134.639553758&it=1584714428079&coo=false&rqm=GET

Requested by

Host: account.preview.marshmallow.co
URL: https://account.preview.marshmallow.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://account.preview.marshmallow.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 14:27:08 GMT, Fri, 20 Mar 2020 14:27:08 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 20 Mar 2020 14:27:08 GMT

POST
H2 200 page Show response
rs.fullstory.com/rec/ 3 KB
1 KB 360ms
360ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: www.fullstory.com
URL: https://www.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: ff38fc201ad6562278df335402b91b7548bd8700266bba71cdba8108f4e047d0

Request headers

Referer: https://account.preview.marshmallow.co/
Origin: https://account.preview.marshmallow.co
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 20 Mar 2020 14:27:08 GMT
content-encoding: gzip
status: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: https://account.preview.marshmallow.co
access-control-allow-credentials: true
alt-svc: clear
content-length: 1149
via: 1.1 google

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 9AF2 0
0 56ms
17ms Document
text/html 147.75.32.99
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-925116.js?sv=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.32.99 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress12
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://account.preview.marshmallow.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://account.preview.marshmallow.co/

Response headers

status: 200
date: Fri, 20 Mar 2020 14:27:08 GMT
content-type: text/html
content-length: 851
last-modified: Wed, 29 Jan 2020 12:33:12 GMT
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control: max-age=31536000
content-encoding: br
section-io-origin-status: 200
section-io-origin-time-seconds: 0.023
section-origin-responded: true
age: 4413049
vary: Accept-Encoding
section-io-cache: Hit
accept-ranges: bytes
section-io-id: 00fb5e9ea2f76f4d86cd75d1772735ac

GET
H2

200

/
www.google.de/pagead/1p-conversion/868083726/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/868083726/?random=2139885798&cv=9&fst=*&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_...
https://www.google.com/pagead/1p-conversion/868083726/?random=2139885798&cv=9&fst=*&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_...
https://www.google.de/pagead/1p-conversion/868083726/?random=2139885798&cv=9&fst=*&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_n...

42 B
110 B

23ms
23ms

Image
image/gif

2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/868083726/?random=2139885798&cv=9&fst=*&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https://account.preview.marshmallow.co/&tiba=Marshmallow%20%7C%20Fairer%20Car%20Insurance%20For%20Foreign%20Born%20Drivers&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=&is_vtc=1&ocp_id=vNJ0XtytB9eK7_UP_5Km-AU&random=784649517&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: account.preview.marshmallow.co
URL: https://account.preview.marshmallow.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://account.preview.marshmallow.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Mar 2020 14:27:08 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 Mar 2020 14:27:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/pagead/1p-conversion/868083726/?random=2139885798&cv=9&fst=*&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https://account.preview.marshmallow.co/&tiba=Marshmallow%20%7C%20Fairer%20Car%20Insurance%20For%20Foreign%20Born%20Drivers&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=&is_vtc=1&ocp_id=vNJ0XtytB9eK7_UP_5Km-AU&random=784649517&resp=GooglemKTybQhCsO&ipr=y
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
api.amplitude.com/ 7 B
167 B 648ms
238ms XHR
text/html 54.68.28.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.68.28.166 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-68-28-166.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://account.preview.marshmallow.co/
Origin: https://account.preview.marshmallow.co
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

status: 200
date: Fri, 20 Mar 2020 14:27:08 GMT
access-control-allow-origin: *
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

POST
H2 200 bundle Show response
rs.fullstory.com/rec/ 29 B
94 B 209ms
209ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle?OrgId=EJW5T&UserId=5018059058151424&SessionId=4853853499392000&PageId=6057662636589056&Seq=1&PageStart=1584714428329&PrevBundleTime=0&LastActivity=383&IsNewSession=true
Requested by: Host: www.fullstory.com
URL: https://www.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 2d79480ec90ca945c083928a086333dd4fb9e23903141b3e9d9ea08046298b78

Request headers

Referer: https://account.preview.marshmallow.co/
Origin: https://account.preview.marshmallow.co
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 20 Mar 2020 14:27:08 GMT
via: 1.1 google
status: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: https://account.preview.marshmallow.co
access-control-allow-credentials: true
alt-svc: clear
content-length: 29

POST
H2 200 / Show response
api.amplitude.com/ 7 B
167 B 252ms
252ms XHR
text/html 54.68.28.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.68.28.166 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-68-28-166.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://account.preview.marshmallow.co/
Origin: https://account.preview.marshmallow.co
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

status: 200
date: Fri, 20 Mar 2020 14:27:09 GMT
access-control-allow-origin: *
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

POST
H2 200 bundle Show response
rs.fullstory.com/rec/ 29 B
91 B 142ms
141ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle?OrgId=EJW5T&UserId=5018059058151424&SessionId=4853853499392000&PageId=6057662636589056&Seq=2&PageStart=1584714428329&PrevBundleTime=1584714428608&LastActivity=4860&IsNewSession=true
Requested by: Host: www.fullstory.com
URL: https://www.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: f8aec51e1fad3e34ae3c05e02d47f5b83020ce3e59ad56dbc7e5b9fbad6ad376

Request headers

Referer: https://account.preview.marshmallow.co/
Origin: https://account.preview.marshmallow.co
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 20 Mar 2020 14:27:13 GMT
via: 1.1 google
status: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: https://account.preview.marshmallow.co
access-control-allow-credentials: true
alt-svc: clear
content-length: 29

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
account.preview.marshmallow.co/	1969-12-31 23:59:59	Name: __veroc4 Value: %5B%5D
.marshmallow.co/	1970-01-19 16:44:32	Name: _hjid Value: 71ae9e5d-0dc0-47b1-8a78-55488f49d2d0
.marshmallow.co/	1970-01-19 08:11:54	Name: _gat Value: 1
.marshmallow.co/	1970-01-19 16:57:30	Name: ajs_group_id Value: null
account.preview.marshmallow.co/	1969-12-31 23:59:59	Name: __vero_visit Value: true
.marshmallow.co/	1970-01-19 16:57:30	Name: ajs_anonymous_id Value: %224b68dfd7-5455-4b72-8a7f-8db1c6ed037e%22
.marshmallow.co/	1970-01-19 16:57:30	Name: ajs_user_id Value: null
.marshmallow.co/	1970-01-19 08:13:20	Name: _gid Value: GA1.2.962165708.1584714427
.marshmallow.co/	1969-12-31 23:59:59	Name: amplitude_idundefinedmarshmallow.co Value: eyJvcHRPdXQiOmZhbHNlLCJzZXNzaW9uSWQiOm51bGwsImxhc3RFdmVudFRpbWUiOm51bGwsImV2ZW50SWQiOjAsImlkZW50aWZ5SWQiOjAsInNlcXVlbmNlTnVtYmVyIjowfQ==
.marshmallow.co/	1970-01-19 08:11:54	Name: _gat_gtag_UA_91451316_1 Value: 1
.marshmallow.co/	1970-01-19 10:21:30	Name: _fbp Value: fb.1.1584714428134.639553758
.marshmallow.co/	1970-01-22 23:47:54	Name: amplitude_id_235944e478a71e21f96e2676819bf215marshmallow.co Value: eyJkZXZpY2VJZCI6Ijc4NjdkYjk0LTg0ZTAtNDY4MS1hYTk5LTA4YWNjNTVmNGE3MlIiLCJ1c2VySWQiOm51bGwsIm9wdE91dCI6ZmFsc2UsInNlc3Npb25JZCI6MTU4NDcxNDQyODI1MywibGFzdEV2ZW50VGltZSI6MTU4NDcxNDQyODI1OCwiZXZlbnRJZCI6MiwiaWRlbnRpZnlJZCI6MCwic2VxdWVuY2VOdW1iZXIiOjJ9
.marshmallow.co/	1970-01-20 01:43:06	Name: _ga Value: GA1.2.1757894287.1584714427

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account.preview.marshmallow.co
analytics.twitter.com
api.amplitude.com
api.segment.io
cdn.amplitude.com
cdn.segment.com
connect.facebook.net
d3qxef4rp70elm.cloudfront.net
googleads.g.doubleclick.net
rec.smartlook.com
rs.fullstory.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
www.facebook.com
www.fullstory.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.244.42.131
143.204.208.215
143.204.208.90
147.75.32.105
147.75.32.99
147.75.84.91
2001:4860:4802:36::75
216.58.206.2
2a00:1450:4001:800::2002
2a00:1450:4001:800::200e
2a00:1450:4001:81a::2013
2a00:1450:4001:81d::2008
2a00:1450:4001:81e::2003
2a00:1450:400c:c06::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
35.186.194.58
52.31.52.130
52.36.169.40
54.68.28.166
89.187.165.8
99.86.0.85
0862443de98e378ae5accdf01541bedb7b11d5a7b72a4b6121ca3a6e1a3bb863
09e30f962c66cd6836d37e9cc45738f4e6e8fc003ea1eec104dcee6aa4158d5c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
122556b915c20057d61259ee0e77c8eb3c6278cf816a039dfce11025a167649d
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
136b62964b8ac4da7707df7cea5ea086c0076560348622a27effd251becca398
1b7e027beb513839ef61e4df72c524dc1fde179dad468ba2a905e9ff40e73368
2034a0b9b680eddbc92e042befc8bfe1a13220c5eefc2ef1f6e20a6d19129542
2173f130ca59dc5554498343432f02f92ecce45c4f9381ea12b203a2978f33d4
2d79480ec90ca945c083928a086333dd4fb9e23903141b3e9d9ea08046298b78
31f13e0e46c2be9f8376c78a2fc3b3f09f4d259ae7d29b70ac0bd48dc2193da2
397442ba6936b7d380eb3a1244408475ad8125265f3cf5fb7a0c0f936af78e34
43edc93275b9ebca895ab57e6461e9370385779d0951bf754f80c74280be2393
4401ee46f54b643910299e21df7b7b8967cd9dbd5e4b6f8568217c36730fcd0b
4c0c7ce2a8f774fe324ba0d1c947cb46ca19a2e798987aa0ae95e13b54a8f9b9
4e42984cc5fd5731ed41183ff14112549b1912dc52cf7c0ffa3a5f22a8444d43
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
6dc00f17e43046a5cfcf027f3ba5f291c763f2de11ca08794a8b5f4b42d67a7a
6ea42f8004962063d2b40c8bb18bd232d12368537d2e328f2afc0803416d2c5d
746f5a8f594b822322e17b87235d0abfd4e17920fab23034eb11d97c8ae51110
79e540f8f28720a58d73c76156304088c580e1daa5a5c32d076add11d1b508a3
80c77b213d725143e4783076d62c1ae58036753c324fd579beebdf924b636575
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83b189e4a32eeefd0606c7516e79d5ce16f3df6735c0148799a2a4374dcbcbfe
852979f06d60cc0677efcd1ca392265742bf81692874783d6242a3508f2012dd
865892fd649cb3f6b329b49959c32332ee2c91ebc071ae641df47f01e472dc3a
9dea8c7af2eeaa9c4b1f8aaf5b93ca2c37d455cdce0c9fcac326e38bfb0f4db8
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b3f29b23aef1d12e38265e00a2c4c76a9fc44bb8764ef86996585d55ddd0c37c
b6eaed3cebb6c5032a034bcff6033df9573648d020e9eed9a56a1e4dc2750627
be200b904c3c78ec3a31ac720623dfd80083c90123e6926c4bba584278f0214e
e52f1bda7bc84fc90f5144b2538bba50e7daa9b30a89ab28f7480d46f66d0f0e
ea399158ef2d93ca8c14598e1ee6bfddf924d4b877c8972928d30ff23bcf1a30
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8aec51e1fad3e34ae3c05e02d47f5b83020ce3e59ad56dbc7e5b9fbad6ad376
fe8f43f56bfa4bf042b6ca37ba7e347b20ef372b2c0396f74d7d4daf98c50f04
ff38fc201ad6562278df335402b91b7548bd8700266bba71cdba8108f4e047d0

account.preview.marshmallow.co Open in urlscan Pro 52.31.52.130 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

43 Requests

60 %HTTPS

41 %IPv6

17 Domains

22 Subdomains

19 IPs

6 Countries

867 kBTransfer

2681 kBSize

13 Cookies

4 Outgoing links

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

account.preview.marshmallow.co Open in urlscan Pro
52.31.52.130 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

60 %
HTTPS

41 %
IPv6

17
Domains

22
Subdomains

19
IPs

6
Countries

867 kB
Transfer

2681 kB
Size

13
Cookies

43 HTTP transactions
0 data transactions