2020savings.info Open in urlscan Pro
2606:4700:30::6812:287c Public Scan

Go To Rescan
Add Verdict Report

URL:
https://2020savings.info/
Submission: On December 27 via automatic, source certstream-suspicious (December 27th 2019, 7:39:25 pm UTC)

Summary HTTP 44 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 16 IPs in 7 countries across 13 domains to perform 44 HTTP transactions. The main IP is 2606:4700:30::6812:287c, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is 2020savings.info.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on December 27th 2019. Valid for: 9 months.

This is the only time 2020savings.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	2606:4700:30:... 2606:4700:30::6812:287c	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	72.247.225.88 72.247.225.88	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1 4	52.215.246.156 52.215.246.156	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	184.30.223.226 184.30.223.226	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	172.217.23.166 172.217.23.166	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2a00:1450:400... 2a00:1450:4001:820::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:824::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	172.217.22.6 172.217.22.6	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2a3::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	3.248.163.0 3.248.163.0	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	35.181.91.36 35.181.91.36	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	66.117.28.86 66.117.28.86	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
1	66.117.29.11 66.117.29.11	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
44	16

23 2606:4700:30::6812:287c (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

2020savings.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.247.225.88 (United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a72-247-225-88.deploy.static.akamaitechnologies.com

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.215.246.156 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-215-246-156.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.223.226 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a184-30-223-226.deploy.static.akamaitechnologies.com

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.166 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s22-in-f166.1e100.net

2992003.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.6 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s14-in-f6.1e100.net

fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2a3::11a6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.248.163.0 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-248-163-0.eu-west-1.compute.amazonaws.com

geico.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.181.91.36 (Paris, France)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-181-91-36.eu-west-3.compute.amazonaws.com

sadobeanalytics.geico.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.117.28.86 (United States) 1 redirects

ASN15224 (OMNITURE - Adobe Systems Inc., US)

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.117.29.11 (United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)

geico.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	2020savings.info 2020savings.info	303 KB
5	doubleclick.net 2 redirects 2992003.fls.doubleclick.net stats.g.doubleclick.net fls.doubleclick.net googleads.g.doubleclick.net	3 KB
5	demdex.net 1 redirects dpm.demdex.net geico.demdex.net	3 KB
2	geico.com sadobeanalytics.geico.com	715 B
2	google.de www.google.de	634 B
2	google.com 1 redirects www.google.com	727 B
2	go-mpulse.net s.go-mpulse.net c.go-mpulse.net	47 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	googletagmanager.com www.googletagmanager.com	55 KB
2	adobedtm.com assets.adobedtm.com	132 KB
1	omtrdc.net geico.tt.omtrdc.net	355 B
1	everesttech.net 1 redirects cm.everesttech.net	527 B
1	googleadservices.com www.googleadservices.com	10 KB
44	13

	Domain	Requested by
23	2020savings.info	2020savings.info
4	dpm.demdex.net	1 redirects 2020savings.info
2	sadobeanalytics.geico.com	assets.adobedtm.com
2	www.google.de	2020savings.info
2	www.google.com	1 redirects 2020savings.info
2	2992003.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google-analytics.com	1 redirects assets.adobedtm.com
2	www.googletagmanager.com	assets.adobedtm.com
2	assets.adobedtm.com	assets.adobedtm.com
1	geico.tt.omtrdc.net	assets.adobedtm.com
1	cm.everesttech.net	1 redirects
1	geico.demdex.net	assets.adobedtm.com
1	c.go-mpulse.net	s.go-mpulse.net
1	googleads.g.doubleclick.net	www.googleadservices.com
1	fls.doubleclick.net	assets.adobedtm.com
1	stats.g.doubleclick.net	1 redirects
1	www.googleadservices.com	www.googletagmanager.com
1	s.go-mpulse.net	2020savings.info
44	18

This site contains links to these domains. Also see Links.

Domain
ecams.geico.com
geico.app.link
commercial.geico.com
itunes.apple.com
play.google.com
media.geico.com
www.facebook.com
twitter.com
www.instagram.com
www.linkedin.com
www.youtube.com
secure.opinionlab.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-12-27` - `2020-10-09`	9 months	crt.sh
assets.adobedtm.com DigiCert SHA2 High Assurance Server CA	`2019-10-22` - `2021-10-01`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
akstat.io DigiCert SHA2 Secure Server CA	`2019-04-16` - `2020-06-14`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
www.google.de GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
www.google.com GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
sadobeanalytics.geico.com DigiCert SHA2 High Assurance Server CA	`2019-06-07` - `2020-06-11`	a year	crt.sh
*.tt.omtrdc.net DigiCert SHA2 High Assurance Server CA	`2017-10-19` - `2020-11-25`	3 years	crt.sh

This page contains 4 frames:

Primary Page: https://2020savings.info/
Frame ID: F89661CD8531AE10BCD6342D85EDE1FD
Requests: 40 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/LBAJ4-7RCLK-J6VHB-MN55E-J4AYH
Frame ID: 9765F062835CEF71F127E82E28B8F492
Requests: 2 HTTP requests in this frame

Frame: https://2992003.fls.doubleclick.net/activityi;dc_pre=COfur63K1uYCFdTFuwgdhQsEfw;src=2992003;type=retar660;cat=homep837;ord=1;num=6612476168019;gtm=2oac61;auiddc=1271886685.1577475548;u2=;~oref=https%3A%2F%2F2020savings.info%2F
Frame ID: B7640760122829F1E217BDD8A1FBCB22
Requests: 1 HTTP requests in this frame

Frame: https://geico.demdex.net/dest5.html?d_nsid=0
Frame ID: C241596A54449FFCADA171323676B9D8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Adobe DTM (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

script /\/\/assets.adobedtm.com\//i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

DoubleClick Floodlight (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /https?:\/\/fls\.doubleclick\.net/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

44
Requests

100 %
HTTPS

44 %
IPv6

13
Domains

18
Subdomains

16
IPs

7
Countries

570 kB
Transfer

2193 kB
Size

18
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://ecams.geico.com/express?action=ID_CARD&traceback=static_exp_id
Title: Get ID Cards

Search URL Search Domain Scan URL

URL: https://ecams.geico.com/express?action=VEHICLE&traceback=static_exp_veh
Title: Add A Vehicle

Search URL Search Domain Scan URL

URL: https://ecams.geico.com/express?action=PAPERLESS&traceback=static_exp_paperless
Title: Go Paperless

Search URL Search Domain Scan URL

URL: https://ecams.geico.com/activation?traceback=static
Title: Create Online Account

Search URL Search Domain Scan URL

URL: https://geico.app.link/staticInformationPanelReportaClaim
Title: Report a Claim

Search URL Search Domain Scan URL

URL: https://geico.app.link/staticInformationPanelViewClaim
Title: View a Claim

Search URL Search Domain Scan URL

URL: https://geico.app.link/staticInformationClaimsGetERS
Title: Get Roadside Help

Search URL Search Domain Scan URL

URL: https://geico.app.link/staticInfoPanelReportGlassDamage
Title: Report Glass Damage

Search URL Search Domain Scan URL

URL: https://ecams.geico.com/express?action=PAY_AND_ENROLL&traceback=static_exp_pay
Title: Make a payment

Search URL Search Domain Scan URL

URL: https://ecams.geico.com/ecams/login
Title: login

Search URL Search Domain Scan URL

URL: https://commercial.geico.com/Service/ForgotUserId.aspx
Title: User ID

Search URL Search Domain Scan URL

URL: https://commercial.geico.com/Service/ForgotPassword.aspx
Title: password

Search URL Search Domain Scan URL

URL: https://commercial.geico.com/Service/Register.aspx
Title: Sign up for online access

Search URL Search Domain Scan URL

URL: https://geico.app.link/StaticLogInPanelReportIncident
Title: Report an incident

Search URL Search Domain Scan URL

URL: https://geico.app.link/staticLogInPanelTrackClaim
Title: Track a claim

Search URL Search Domain Scan URL

URL: https://geico.app.link/staticLogInReportGlass
Title: Report glass-only damage

Search URL Search Domain Scan URL

URL: https://geico.app.link/staticHomeRequestERS
Title: Request roadside assistance

Search URL Search Domain Scan URL

URL: https://geico.app.link/staticHomeReportAnIncident
Title: Report an Incident

Search URL Search Domain Scan URL

URL: https://geico.app.link/staticHomeTrackClaim
Title: Track a claim

Search URL Search Domain Scan URL

URL: https://geico.app.link/staticHomeReportGlassDamage
Title: Report glass-only damage

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/id331763096
Title:

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.geico.mobile
Title:

Search URL Search Domain Scan URL

URL: https://media.geico.com/legal/privacy_policy.htm
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.facebook.com/geico

Search URL Search Domain Scan URL

URL: https://twitter.com/geico

Search URL Search Domain Scan URL

URL: https://www.instagram.com/geico/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/geico/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/GEICO

Search URL Search Domain Scan URL

URL: https://secure.opinionlab.com/ccc01/o.asp?id=GqhTnwhA&referer=https://2020savings.info/
Title: [+] Feedback

Search URL Search Domain Scan URL

URL: https://media.geico.com/legal/cookie_policy.html
Title: visit our cookie policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=71FF20B3534568190A490D45%40AdobeOrg&d_nsid=0&ts=1577475547647 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=71FF20B3534568190A490D45%40AdobeOrg&d_nsid=0&ts=1577475547647

Request Chain 27

https://2992003.fls.doubleclick.net/activityi;src=2992003;type=retar660;cat=homep837;ord=1;num=6612476168019;gtm=2oac61;auiddc=1271886685.1577475548;u2=;~oref=https%3A%2F%2F2020savings.info%2F HTTP 302
https://2992003.fls.doubleclick.net/activityi;dc_pre=COfur63K1uYCFdTFuwgdhQsEfw;src=2992003;type=retar660;cat=homep837;ord=1;num=6612476168019;gtm=2oac61;auiddc=1271886685.1577475548;u2=;~oref=https%3A%2F%2F2020savings.info%2F

Request Chain 28

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1990418419&t=pageview&_s=1&dl=https%3A%2F%2F2020savings.info%2F&ul=en-us&de=UTF-8&dt=An%20Insurance%20Company%20For%20Your%20Car%20And%20More%20%7C%20GEICO&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YGBACQABB~&jid=1264875774&gjid=17144954&cid=1294058962.1577475548&tid=UA-34118221-1&_gid=1114505026.1577475548&_r=1&cd2=Static%3AHomePage%3ADefault&z=1477067268 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-34118221-1&cid=1294058962.1577475548&jid=1264875774&_gid=1114505026.1577475548&gjid=17144954&_v=j79&z=1477067268 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34118221-1&cid=1294058962.1577475548&jid=1264875774&_v=j79&z=1477067268 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34118221-1&cid=1294058962.1577475548&jid=1264875774&_v=j79&z=1477067268&slf_rd=1&random=476760980

Request Chain 39

https://cm.everesttech.net/cm/dd?d_uuid=59131738552389669521861285792489936243 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XgZd2wAAFmIxXzx0

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
2020savings.info/ 134 KB
19 KB 3143ms
3106ms Document
text/html 2606:4700:30::6812:287c
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://2020savings.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:287c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

34ee9ced9a08d47f2c32568dc75129b99b0dfa699ee9e9782b75aa18249c43d9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: 2020savings.info
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User: ?1

Response headers

status: 200
date: Fri, 27 Dec 2019 19:39:07 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d43e71d2380d263c22ee12a529b1aa0bb1577475544; expires=Sun, 26-Jan-20 19:39:04 GMT; path=/; domain=.2020savings.info; HttpOnly; SameSite=Lax experiment0=HomePage_GroupB; expires=Fri, 31-Jan-2020 05:00:00 GMT; Max-Age=2971253; path=/; domain=.geico.com; secure; HttpOnly visid_incap_1684653=rXydYyzLRZCwqEE4hrnxl9ddBl4AAAAAQUIPAAAAAABOTlhfMun1/uR3L4Dxndwl; expires=Sat, 26 Dec 2020 17:08:51 GMT; path=/; Domain=.geico.com incap_ses_246_1684653=P1bMcjGdChlpKn/n/PdpA9pdBl4AAAAAIIWcWNZ5onwZWo5zsIIW5A==; path=/; Domain=.geico.com
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
content-security-policy: frame-ancestors 'none'
link: <https://assets.adobedtm.com>; rel=preconnect <https://www.googletagmanager.com>; rel=preconnect <https://dpm.demdex.net>; rel=preconnect <https://vt.myvisualiq.net>; rel=preconnect <https://t.myvisualiq.net>; rel=preconnect <https://p.tvpixel.com>; rel=preconnect <https://d.turn.com>; rel=preconnect <https://assets.adobedtm.com/launch-EN3ae031ef230c4a8191a4ab119cb86733.min.js>; rel=preload; as=script <https://www.googletagmanager.com/gtag/js?id=AW-1071224235>; rel=preload; as=script
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Incapsula
x-iinfo: 14-429743106-429783194 SNNN RT(1577475395497 148308) q(0 0 0 0) r(27 27) U5
x-akamai-transformed: 9 - 0 pmb=mRUM,3
expires: Fri, 27 Dec 2019 19:39:07 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
server-timing: edge; dur=209 origin; dur=2794 cdn-cache; desc=MISS
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 54bdc227ea076443-FRA
content-encoding: br

GET
H2 200 launch-EN3ae031ef230c4a8191a4ab119cb86733.min.js Show response
assets.adobedtm.com/ 359 KB
112 KB 111ms
35ms Script
application/x-javascript 72.247.225.88
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-EN3ae031ef230c4a8191a4ab119cb86733.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.225.88 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a72-247-225-88.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4a3f9b210aa09b6c5934047c51c7b7211e4e366a1d3da852c48cd5c42738ecd8

Request headers

Referer: https://2020savings.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 19:39:07 GMT
content-encoding: gzip
last-modified: Thu, 12 Dec 2019 14:28:38 GMT
server: AkamaiNetStorage
etag: "0ab67f09b56ec90b17ca1979d69ae84b:1576160918.670741"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 113687
expires: Fri, 27 Dec 2019 20:39:07 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 73 KB
27 KB 17ms
16ms Script
application/javascript 2a00:1450:4001:80b::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1071224235

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1eb4e009658e47071b8cd04cea5e77d8eb0599f7f40b49d874008dd07eab8441

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://2020savings.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 19:39:07 GMT
content-encoding: br
last-modified: Fri, 27 Dec 2019 18:00:00 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 27813
x-xss-protection: 0
expires: Fri, 27 Dec 2019 19:39:07 GMT

GET
H2 200 cache-base-css.php
2020savings.info/public/css/design6/ 401 KB
41 KB 64ms
63ms Stylesheet
text/css 2606:4700:30::6812:287c
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://2020savings.info/public/css/design6/cache-base-css.php

Requested by

Host: 2020savings.info
URL: https://2020savings.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:287c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

84f9fe6a3d3d534f528af5b6a9f039bba00fc9f82a2cf5b2f4f5dc6b16f44bd4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2020savings.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 19:39:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-cdn: Incapsula
status: 200
x-iinfo: 8-240659115-240659142 NNNN CT(3 7 0) RT(1577448004973 91) q(0 0 0 0) r(1 1) U5
server-timing: cdn-cache; desc=HIT, edge; dur=1
x-xss-protection: 1; mode=block
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css;charset=UTF-8
cache-control: max-age=3600
content-security-policy: frame-ancestors 'none'
cf-ray: 54bdc23b5bbc6443-FRA

GET
H2 200 geico.com.css
2020savings.info/public/css/design6/ 36 KB
6 KB 71ms
71ms Stylesheet
text/css 2606:4700:30::6812:287c
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://2020savings.info/public/css/design6/geico.com.css

Requested by

Host: 2020savings.info
URL: https://2020savings.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:287c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ec5c0aa76249db1ea1d353b8c2f35de6bcfeb0a7b513f0415fe8a628ffb2f51

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2020savings.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 19:39:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cdn: Incapsula
status: 200
x-iinfo: 7-60292391-60292392 SNNN RT(1577447993145 135) q(0 0 0 0) r(1 1) U5
server-timing: cdn-cache; desc=HIT, edge; dur=1
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Dec 2019 18:18:38 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
cache-control: max-age=14400
content-security-policy: frame-ancestors 'none'
cf-ray: 54bdc23b5bbe6443-FRA

GET
H2 200 main.css
2020savings.info/public/css/homepage/design6/ 37 KB
6 KB 72ms
72ms Stylesheet
text/css 2606:4700:30::6812:287c
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://2020savings.info/public/css/homepage/design6/main.css

Requested by

Host: 2020savings.info
URL: https://2020savings.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:287c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

387c241052e1ef182dd05f0ddac8f35a90371bb82cd0387fef42952c9f1f908b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2020savings.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 19:39:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cdn: Incapsula
status: 200
x-iinfo: 12-120346988-120346991 NNNN CT(9 10 0) RT(1577447995779 3) q(0 0 1 0) r(1 1) U5
server-timing: cdn-cache; desc=HIT, edge; dur=1
x-xss-protection: 1; mode=block
last-modified: Fri, 27 Dec 2019 14:46:30 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
cache-control: max-age=14400
content-security-policy: frame-ancestors 'none'
cf-ray: 54bdc23b5bbf6443-FRA

GET
H2 200 style.css
2020savings.info/public/experiments/homepage_bundling/ 7 KB
2 KB 108ms
107ms Stylesheet
text/css 2606:4700:30::6812:287c
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://2020savings.info/public/experiments/homepage_bundling/style.css

Requested by

Host: 2020savings.info
URL: https://2020savings.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:287c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9be62bcc59fb0722a9861b58c89971492cc3c71491c8583c3b9d542fa4e3abf0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2020savings.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 19:39:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cdn: Incapsula
status: 200
x-iinfo: 12-52233797-52233799 SNNN RT(1577447994028 1463) q(0 0 0 0) r(1 1) U5
server-timing: cdn-cache; desc=HIT, edge; dur=40
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Nov 2019 17:00:14 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
cache-control: max-age=14400
content-security-policy: frame-ancestors 'none'
cf-ray: 54bdc23b5bc16443-FRA

GET
H2 200 gecko-side.jpg
2020savings.info/public/layout_images/homepage/design6/ 11 KB
12 KB 56ms
56ms Image
image/jpeg 2606:4700:30::6812:287c
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2020savings.info/public/layout_images/homepage/design6/gecko-side.jpg

Requested by

Host: 2020savings.info
URL: https://2020savings.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:287c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e132a6fa42a04e17b952a155520660e26c6e7277c309dee420a5797ae66866c2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'

Request headers

Referer: https://2020savings.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 19:39:07 GMT
cf-cache-status: MISS
status: 200
x-image-server-response: request-17521706-23400882-73b23461
last-modified: Wed, 20 Feb 2019 15:32:36 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-type: image/jpeg
content-length: 11444
x-image-server-product: AIC
x-image-server-store-time: 1577448005
server: cloudflare
x-image-server-cpu-real: 12
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-im-result-width: 250
x-im-original-width: 250
cache-control: max-age=14400, no-transform
content-security-policy: frame-ancestors 'none'
accept-ranges: bytes
cf-ray: 54bdc23b5bc36443-FRA
x-image-server-original-size: 11797

GET
H2 200 geicoApp-AppStoreDL.jpg
2020savings.info/public/images/aboutgeico/mobile/ 2 KB
2 KB 63ms
62ms Image
image/jpeg 2606:4700:30::6812:287c
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2020savings.info/public/images/aboutgeico/mobile/geicoApp-AppStoreDL.jpg

Requested by

Host: 2020savings.info
URL: https://2020savings.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:287c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e25f1fb24df6a8cf310cf146936214d02d130ed110577628e852acd23788cd36

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'

Request headers

Referer: https://2020savings.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 19:39:07 GMT
cf-cache-status: MISS
status: 200
x-image-server-response: request-19389299-11232275-7938ab5b
last-modified: Fri, 27 Dec 2019 11:54:12 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-type: image/jpeg
content-length: 1986
x-image-server-product: AIC
x-image-server-store-time: 1577448005
server: cloudflare
x-image-server-cpu-real: 6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-im-result-width: 101
x-im-original-width: 101
cache-control: max-age=14400, no-transform
content-security-policy: frame-ancestors 'none'
accept-ranges: bytes
cf-ray: 54bdc23b5bc56443-FRA
x-image-server-original-size: 3100

GET
H2 200 geicoApp-GooglePlayDL.jpg
2020savings.info/public/images/aboutgeico/mobile/ 2 KB
2 KB 56ms
55ms Image
image/jpeg 2606:4700:30::6812:287c
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2020savings.info/public/images/aboutgeico/mobile/geicoApp-GooglePlayDL.jpg

Requested by

Host: 2020savings.info
URL: https://2020savings.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:287c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

20aaf4433987094f3d257559504456b82217e1711aaabe8ee1ea47037bd1c3a4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'

Request headers

Referer: https://2020savings.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 19:39:07 GMT
cf-cache-status: MISS
status: 200
x-image-server-response: request-22508244-76683774-96f04624
last-modified: Fri, 27 Dec 2019 11:54:12 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-type: image/jpeg
content-length: 2018
x-image-server-product: AIC
x-image-server-store-time: 1577448029
server: cloudflare
x-image-server-cpu-real: 12
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-im-result-width: 99
x-im-original-width: 99
cache-control: max-age=14400, no-transform
content-security-policy: frame-ancestors 'none'
accept-ranges: bytes
cf-ray: 54bdc23cfd816443-FRA
x-image-server-original-size: 2878

GET
H2 200 email-decode.min.js Show response
2020savings.info/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
833 B 7ms
7ms Script
application/javascript 2606:4700:30::6812:287c
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://2020savings.info/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: 2020savings.info
URL: https://2020savings.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:287c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://2020savings.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 19:39:07 GMT
content-encoding: gzip
last-modified: Wed, 18 Dec 2019 10:56:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5dfa05cc-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
cf-ray: 54bdc23bbc496443-FRA
expires: Sun, 29 Dec 2019 19:39:07 GMT

GET
H2 200 cache-base-js.php Show response
2020savings.info/public/scripts/design6/ 393 KB
80 KB 39ms
39ms Script
application/javascript 2606:4700:30::6812:287c
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://2020savings.info/public/scripts/design6/cache-base-js.php

Requested by

Host: 2020savings.info
URL: https://2020savings.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:287c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

16c442f5a59efaa05b916dc03cc9f6ec6f61a9c18454898cebd5b01650699664

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2020savings.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 19:39:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-cdn: Incapsula
status: 200
x-iinfo: 5-279503954-279653111 SNNN RT(1577447127986 877021) q(0 0 0 10) r(0 0) U5
server-timing: cdn-cache; desc=HIT, edge; dur=1
x-xss-protection: 1; mode=block
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
cache-control: max-age=3600
content-security-policy: frame-ancestors 'none'
cf-ray: 54bdc23bbc586443-FRA

GET
H2 200 jquery.cookie.js Show response
2020savings.info/public/scripts/jquery/ 4 KB
1 KB 55ms
55ms Script
application/javascript 2606:4700:30::6812:287c
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://2020savings.info/public/scripts/jquery/jquery.cookie.js

Requested by

Host: 2020savings.info
URL: https://2020savings.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:287c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f6a9c99d36c51fabdd3e290c6a7fafb8252e6f34627d37d133ee9381a7880e5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2020savings.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 19:39:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cdn: Incapsula
status: 200
x-iinfo: 5-74972651-74972652 SNNN RT(1577447939603 53602) q(0 0 0 5) r(0 0) U5
server-timing: cdn-cache; desc=HIT, edge; dur=1
x-xss-protection: 1; mode=block
last-modified: Fri, 27 Dec 2019 11:56:54 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
cache-control: max-age=14400
content-security-policy: frame-ancestors 'none'
cf-ray: 54bdc23bbc5a6443-FRA

GET
H2 200 global.js Show response
2020savings.info/public/experiments/homepage_bundling/ 40 KB
9 KB 62ms
59ms Script
application/javascript 2606:4700:30::6812:287c
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://2020savings.info/public/experiments/homepage_bundling/global.js

Requested by

Host: 2020savings.info
URL: https://2020savings.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:287c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c502e74d88896e28eecbc5953d9231f8485d69bc7f29e89d2cbe1c20a476d3f2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2020savings.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 19:39:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cdn: Incapsula
status: 200
x-iinfo: 10-21046040-21046042 SNNN RT(1577447994030 1463) q(0 0 0 0) r(1 1) U5
server-timing: cdn-cache; desc=HIT, edge; dur=1
x-xss-protection: 1; mode=block
last-modified: Fri, 27 Dec 2019 11:56:57 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
cache-control: max-age=14400
content-security-policy: frame-ancestors 'none'
cf-ray: 54bdc23c1cb46443-FRA

GET
H2 200 homepage.js Show response
2020savings.info/public/scripts/design6/ 17 KB
4 KB 53ms
52ms Script
application/javascript 2606:4700:30::6812:287c
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://2020savings.info/public/scripts/design6/homepage.js

Requested by

Host: 2020savings.info
URL: https://2020savings.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:287c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcee067183fabf9b99840993981a4ec7909252d331835f07675503263d1d25c2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2020savings.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 19:39:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cdn: Incapsula
status: 200
x-iinfo: 14-108726328-108737182 SNNN RT(1577447839712 153577) q(0 0 0 0) r(1 1) U5
server-timing: cdn-cache; desc=HIT, edge; dur=1
x-xss-protection: 1; mode=block
last-modified: Fri, 27 Dec 2019 11:56:57 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
cache-control: max-age=14400
content-security-policy: frame-ancestors 'none'
cf-ray: 54bdc23c3cc76443-FRA

GET
H2 200 app.js Show response
2020savings.info/public/experiments/homepage_bundling/ 18 KB
3 KB 67ms
66ms Script
application/javascript 2606:4700:30::6812:287c
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://2020savings.info/public/experiments/homepage_bundling/app.js

Requested by

Host: 2020savings.info
URL: https://2020savings.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:287c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

415ca1ff9d1e6787e8e53432c957673648f328adcdd160802a65ef39d2010126

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2020savings.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 19:39:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cdn: Incapsula
status: 200
x-iinfo: 14-108732576-108735346 SNNN RT(1577447924034 71465) q(0 1 1 0) r(1 1) U5
server-timing: cdn-cache; desc=HIT, edge; dur=1
x-xss-protection: 1; mode=block
last-modified: Fri, 27 Dec 2019 11:56:57 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
cache-control: max-age=14400
content-security-policy: frame-ancestors 'none'
cf-ray: 54bdc23c8d076443-FRA

GET
H2 200 geolocation.js Show response
2020savings.info/public/scripts/ 2 KB
1 KB 60ms
59ms Script
application/javascript 2606:4700:30::6812:287c
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://2020savings.info/public/scripts/geolocation.js

Requested by

Host: 2020savings.info
URL: https://2020savings.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:287c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

93586a39c2e8f51d599997b85e4ca84b8617731a54ca9c6ed1a2172835df0510

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2020savings.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 19:39:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cdn: Incapsula
status: 200
x-iinfo: 10-21046040-21046042 SNNN RT(1577447994030 245) q(0 0 0 -1) r(1 1) U5
server-timing: cdn-cache; desc=HIT, edge; dur=1
x-xss-protection: 1; mode=block
last-modified: Fri, 27 Dec 2019 11:56:55 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
cache-control: max-age=14400
content-security-policy: frame-ancestors 'none'
cf-ray: 54bdc23c8d106443-FRA

GET
H2 200 validation.js Show response
2020savings.info/public/experiments/homepage_bundling/ 2 KB
749 B 53ms
52ms Script
application/javascript 2606:4700:30::6812:287c
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://2020savings.info/public/experiments/homepage_bundling/validation.js

Requested by

Host: 2020savings.info
URL: https://2020savings.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:287c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c18806fd4e6767d02674ceb53c786c125c278a554eb2b923179287a990fe1ed

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2020savings.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 19:39:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cdn: Incapsula
status: 200
x-iinfo: 5-74972651-74972652 SNNN RT(1577447939603 55905) q(0 0 0 0) r(0 0) U5
server-timing: cdn-cache; desc=HIT, edge; dur=1
x-xss-protection: 1; mode=block
last-modified: Fri, 27 Dec 2019 11:56:57 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
cache-control: max-age=14400
content-security-policy: frame-ancestors 'none'
cf-ray: 54bdc23cfd806443-FRA

GET
H2 200 _Incapsula_Resource Show response
2020savings.info/ 119 KB
18 KB 71ms
71ms Script
application/javascript 2606:4700:30::6812:287c
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://2020savings.info/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=189672558

Requested by

Host: 2020savings.info
URL: https://2020savings.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:287c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5aaeebded4b9a32fd6d4869fd5381fa587a68af5cc91792c339ef78d41439b6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://2020savings.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Dec 2019 19:39:07 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
status: 200
cache-control: max-age=0, no-cache, no-store
server-timing: edge; dur=2, origin; dur=6, cdn-cache; desc=MISS
cf-ray: 54bdc23cfd836443-FRA
x-robots-tag: noindex
expires: Fri, 27 Dec 2019 19:39:07 GMT

GET
H/1.1

302
Found

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=71FF20B3534568190A490D45%40AdobeOrg&d_nsid=0&ts=1577475547647
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=71FF20B3534568190A490D45%40AdobeOrg&d_nsid=0&ts=1577475547647

0
-1 B

163ms
39ms

XHR

52.215.246.156
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=71FF20B3534568190A490D45%40AdobeOrg&d_nsid=0&ts=1577475547647

Requested by

Host: 2020savings.info
URL: https://2020savings.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.246.156 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-215-246-156.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://2020savings.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Location: https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=71FF20B3534568190A490D45%40AdobeOrg&d_nsid=0&ts=1577475547647
X-TID: ZW8cmIb0TO4=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://2020savings.info
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://2020savings.info
X-TID: ZW8cmIb0TO4=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=71FF20B3534568190A490D45%40AdobeOrg&d_nsid=0&ts=1577475547647
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 EXd0702fdb36c34423aee80ee4180da222-libraryCode_source.min.js Show response
assets.adobedtm.com/c118acf613a5/f856228fd8b7/6a1cef5e9950/ 73 KB
20 KB 39ms
39ms Script
application/x-javascript 72.247.225.88
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/c118acf613a5/f856228fd8b7/6a1cef5e9950/EXd0702fdb36c34423aee80ee4180da222-libraryCode_source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3ae031ef230c4a8191a4ab119cb86733.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.225.88 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a72-247-225-88.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 235252ceb9a928932b282f2136aaa78e7be0905d2da5a688d3655368180384a5

Request headers

Referer: https://2020savings.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 19:39:07 GMT
content-encoding: gzip
last-modified: Thu, 12 Dec 2019 14:28:39 GMT
server: AkamaiNetStorage
etag: "04c6250ddfd8e4655aadb4326140ea6f:1576160919.946801"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 20460
expires: Fri, 27 Dec 2019 20:39:07 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:806::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3ae031ef230c4a8191a4ab119cb86733.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://2020savings.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 3930
date: Fri, 27 Dec 2019 18:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Fri, 27 Dec 2019 20:33:37 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 73 KB
27 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:80b::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-2992003

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3ae031ef230c4a8191a4ab119cb86733.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1b31a8ebbb0efd713639d11a8cc9cccda0df6a6d12fd9d897d38dda817e702c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://2020savings.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 19:39:07 GMT
content-encoding: br
last-modified: Fri, 27 Dec 2019 18:00:00 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 27807
x-xss-protection: 0
expires: Fri, 27 Dec 2019 19:39:07 GMT

GET
H2 200 LBAJ4-7RCLK-J6VHB-MN55E-J4AYH Show response
s.go-mpulse.net/boomerang/ Frame 9765 187 KB
47 KB 107ms
34ms Script
application/javascript 184.30.223.226
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/LBAJ4-7RCLK-J6VHB-MN55E-J4AYH
Requested by: Host: 2020savings.info
URL: https://2020savings.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.223.226 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a184-30-223-226.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e0b8436d50fb200de76d7a25cf450ea238cd100197f8e9d462e9228153da873f

Request headers

Referer: https://2020savings.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 19:39:07 GMT
content-encoding: br
last-modified: Fri, 06 Dec 2019 04:51:15 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=604800
timing-allow-origin: *
content-length: 47928

GET
H2 200 lato-normal-400-latin.woff2
2020savings.info/public/design-kit/4.0/fonts/ 26 KB
26 KB 75ms
75ms Font
font/woff2 2606:4700:30::6812:287c
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://2020savings.info/public/design-kit/4.0/fonts/lato-normal-400-latin.woff2

Requested by

Host: 2020savings.info
URL: https://2020savings.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:287c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

47a3e3b64cffe3ff820ebe554ac4df940da5ed469eaddbbc13bdd3b0b1eb4479

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://2020savings.info/public/css/design6/cache-base-css.php
Origin: https://2020savings.info

Response headers

date: Fri, 27 Dec 2019 19:39:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
x-cdn: Incapsula
status: 200
x-iinfo: 4-249091527-249097656 SNNN RT(1577448005019 50818) q(0 0 0 -1) r(0 0) U5
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 26144
x-xss-protection: 1; mode=block
last-modified: Mon, 23 Nov 2015 19:48:44 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=14400
content-security-policy: frame-ancestors 'none'
accept-ranges: bytes
cf-ray: 54bdc23d0d9b6443-FRA

GET
H2 200 lato-normal-700-latin.woff2
2020savings.info/public/design-kit/4.0/fonts/ 25 KB
25 KB 54ms
53ms Font
font/woff2 2606:4700:30::6812:287c
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://2020savings.info/public/design-kit/4.0/fonts/lato-normal-700-latin.woff2

Requested by

Host: 2020savings.info
URL: https://2020savings.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:287c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

63413259cbaefb160e5ade88d65669a85beb447007edb1eb6f58daeba865822e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://2020savings.info/public/css/design6/cache-base-css.php
Origin: https://2020savings.info

Response headers

date: Fri, 27 Dec 2019 19:39:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
x-cdn: Incapsula
status: 200
x-iinfo: 4-249091523-249106711 SNNN RT(1577448005007 109362) q(0 0 0 -1) r(0 0) U5
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 25604
x-xss-protection: 1; mode=block
last-modified: Mon, 23 Nov 2015 19:48:44 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=14400
content-security-policy: frame-ancestors 'none'
accept-ranges: bytes
cf-ray: 54bdc23d1da36443-FRA

GET
H2 200 geico.ttf
2020savings.info/public/design-kit/4.0/fonts/ 73 KB
41 KB 67ms
67ms Font
font/ttf 2606:4700:30::6812:287c
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://2020savings.info/public/design-kit/4.0/fonts/geico.ttf?r5709x

Requested by

Host: 2020savings.info
URL: https://2020savings.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:287c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee59e66693ad02c90ce706027ca1c17f4b60a88fc16fa36553f86a285ddaff47

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://2020savings.info/public/css/design6/cache-base-css.php
Origin: https://2020savings.info

Response headers

date: Fri, 27 Dec 2019 19:39:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cdn: Incapsula
status: 200
x-iinfo: 7-188003803-188014898 SNNN RT(1577448005006 109363) q(0 0 0 -1) r(0 0) U5
server-timing: cdn-cache; desc=HIT, edge; dur=1
x-xss-protection: 1; mode=block
last-modified: Tue, 15 Oct 2019 15:00:25 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
content-type: font/ttf
access-control-allow-origin: *
cache-control: max-age=14400
content-security-policy: frame-ancestors 'none'
cf-ray: 54bdc23d1da56443-FRA

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 26 KB
10 KB 104ms
38ms Script
text/javascript 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1071224235

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

ad88ca7b2b18f0decee115923f36fa3ecf23bc00a513b633e32600055942b32a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2020savings.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 19:39:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9939
x-xss-protection: 0
server: cafe
etag: 6341620215770430825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 27 Dec 2019 19:39:07 GMT

GET
H2

200

activityi;dc_pre=COfur63K1uYCFdTFuwgdhQsEfw;src=2992003;type=retar660;cat=homep837;ord=1;num=6612476168019;gtm=2oac61;auiddc=1271886685.1577475548;u2=;~oref=https%3A%2F%2F2020savings.info%2F
2992003.fls.doubleclick.net/ Frame B764
Redirect Chain

https://2992003.fls.doubleclick.net/activityi;src=2992003;type=retar660;cat=homep837;ord=1;num=6612476168019;gtm=2oac61;auiddc=1271886685.1577475548;u2=;~oref=https%3A%2F%2F2020savings.info%2F?
https://2992003.fls.doubleclick.net/activityi;dc_pre=COfur63K1uYCFdTFuwgdhQsEfw;src=2992003;type=retar660;cat=homep837;ord=1;num=6612476168019;gtm=2oac61;auiddc=1271886685.1577475548;u2=;~oref=http...

0
0

47ms
47ms

Document
text/html

172.217.23.166
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://2992003.fls.doubleclick.net/activityi;dc_pre=COfur63K1uYCFdTFuwgdhQsEfw;src=2992003;type=retar660;cat=homep837;ord=1;num=6612476168019;gtm=2oac61;auiddc=1271886685.1577475548;u2=;~oref=https%3A%2F%2F2020savings.info%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1071224235

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.166 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s22-in-f166.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 2992003.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=COfur63K1uYCFdTFuwgdhQsEfw;src=2992003;type=retar660;cat=homep837;ord=1;num=6612476168019;gtm=2oac61;auiddc=1271886685.1577475548;u2=;~oref=https%3A%2F%2F2020savings.info%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://2020savings.info/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://2020savings.info/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Fri, 27 Dec 2019 19:39:07 GMT
expires: Fri, 27 Dec 2019 19:39:07 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 1448
x-xss-protection: 0
set-cookie: IDE=AHWqTUkC6UCLYtutG9fYO4godiqjqzBa4KlxRlbCp0Ek8nggMtIvpa9akMiZ6ksr; expires=Sun, 26-Dec-2021 19:39:07 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Fri, 27 Dec 2019 19:39:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://2992003.fls.doubleclick.net/activityi;dc_pre=COfur63K1uYCFdTFuwgdhQsEfw;src=2992003;type=retar660;cat=homep837;ord=1;num=6612476168019;gtm=2oac61;auiddc=1271886685.1577475548;u2=;~oref=https%3A%2F%2F2020savings.info%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 27-Dec-2019 19:54:07 GMT; path=/; domain=.doubleclick.net
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1990418419&t=pageview&_s=1&dl=https%3A%2F%2F2020savings.info%2F&ul=en-us&de=UTF-8&dt=An%20Insurance%20Company%20For%20Your%20Car%20And%20More...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-34118221-1&cid=1294058962.1577475548&jid=1264875774&_gid=1114505026.1577475548&gjid=17144954&_v=j79&z=1477067268
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34118221-1&cid=1294058962.1577475548&jid=1264875774&_v=j79&z=1477067268
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34118221-1&cid=1294058962.1577475548&jid=1264875774&_v=j79&z=1477067268&slf_rd=1&random=476760980

42 B
109 B

29ms
29ms

Image
image/gif

2a00:1450:4001:824::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34118221-1&cid=1294058962.1577475548&jid=1264875774&_v=j79&z=1477067268&slf_rd=1&random=476760980

Requested by

Host: 2020savings.info
URL: https://2020savings.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2020savings.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Dec 2019 19:39:07 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 27 Dec 2019 19:39:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34118221-1&cid=1294058962.1577475548&jid=1264875774&_v=j79&z=1477067268&slf_rd=1&random=476760980
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 geolocation.js Show response
2020savings.info/public/scripts/ 2 KB
957 B 12ms
11ms XHR
application/javascript 2606:4700:30::6812:287c
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://2020savings.info/public/scripts/geolocation.js

Requested by

Host: 2020savings.info
URL: https://2020savings.info/public/scripts/design6/cache-base-js.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:287c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

93586a39c2e8f51d599997b85e4ca84b8617731a54ca9c6ed1a2172835df0510

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://2020savings.info/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 19:39:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-cdn: Incapsula
age: 0
status: 200
x-iinfo: 10-21046040-21046042 SNNN RT(1577447994030 245) q(0 0 0 -1) r(1 1) U5
server-timing: cdn-cache; desc=HIT, edge; dur=1
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Fri, 27 Dec 2019 11:56:55 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
cache-control: max-age=14400
content-security-policy: frame-ancestors 'none'
cf-ray: 54bdc23dde836443-FRA

GET
H2 200 json Show response
fls.doubleclick.net/ 40 B
678 B 110ms
43ms Script
text/javascript 172.217.22.6
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fls.doubleclick.net/json?spot=2992003&src=&var=s_3_Integrate_DFA_get_0&host=integrate.112.2o7.net%2Fdfa_echo%3Fvar%3Ds_3_Integrate_DFA_get_0%26AQE%3D1%26A2S%3D1&ord=7044907260710

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c118acf613a5/f856228fd8b7/6a1cef5e9950/EXd0702fdb36c34423aee80ee4180da222-libraryCode_source.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.6 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f6.1e100.net

Software

cafe /

Resource Hash

e32a6ae5e43f7f652674e0f03dc23f86839f839b29ee4e63c01c93da180bb0d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://2020savings.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 19:39:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 60
x-xss-protection: 0
pragma: no-cache
server: cafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 _Incapsula_Resource
2020savings.info/ 1 B
176 B 54ms
53ms Image
text/plain 2606:4700:30::6812:287c
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2020savings.info/_Incapsula_Resource?SWKMTFSR=1&e=0.527960937145542

Requested by

Host: 2020savings.info
URL: https://2020savings.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:287c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://2020savings.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Dec 2019 19:39:07 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
status: 200
cache-control: max-age=0, no-cache, no-store
server-timing: edge; dur=1, origin; dur=2, cdn-cache; desc=MISS
cf-ray: 54bdc23e1eba6443-FRA
content-length: 1
x-robots-tag: noindex
expires: Fri, 27 Dec 2019 19:39:07 GMT

GET
H/1.1 200
OK rd Show response
dpm.demdex.net/id/ 364 B
1 KB 45ms
44ms XHR
application/json 52.215.246.156
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=71FF20B3534568190A490D45%40AdobeOrg&d_nsid=0&ts=1577475547647

Requested by

Host: 2020savings.info
URL: https://2020savings.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.246.156 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-215-246-156.eu-west-1.compute.amazonaws.com

Software

Resource Hash

4d8d19fa74e1c2324d74e37db0f91ac8e96fdeba71b979b6bd88e7168c09a037

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://2020savings.info/
Origin: https://2020savings.info
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v056-0a6a1453d.edge-irl1.demdex.com 5.64.2.20191219100008 5ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: 1hZ1HouySkc=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://2020savings.info
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 299
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1071224235/ 2 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:800::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071224235/?random=1577475547872&cv=9&fst=1577475547872&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oac61&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F2020savings.info%2F&tiba=An%20Insurance%20Company%20For%20Your%20Car%20And%20More%20%7C%20GEICO&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

4d204e65b8780db33ea7131349bca011bd2fb57db5c5ab32b501e3f2a0d085b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2020savings.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Dec 2019 19:39:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1050
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 403
Forbidden config.json Show response
c.go-mpulse.net/api/ Frame 9765 68 B
262 B 38ms
26ms XHR
application/json 2a02:26f0:6c00:2a3::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=LBAJ4-7RCLK-J6VHB-MN55E-J4AYH&d=2020savings.info&t=5258252&v=1.571.0&if=&sl=0&si=uxvuf61ye2h-NaN&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,LOGN&acao=
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/LBAJ4-7RCLK-J6VHB-MN55E-J4AYH
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:2a3::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 3217a6955b600825965f424d1cf73bc156ade880bcb4e16760cfe1771e2da89e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://2020savings.info/
Origin: https://2020savings.info

Response headers

Access-Control-Allow-Origin: https://2020savings.info
Date: Fri, 27 Dec 2019 19:39:07 GMT
Connection: keep-alive
Content-Length: 68
Content-Type: application/json

GET
H2 200 /
www.google.com/pagead/1p-user-list/1071224235/ 42 B
525 B 20ms
20ms Image
image/gif 2a00:1450:4001:820::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1071224235/?random=1577475547872&cv=9&fst=1577473200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oac61&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F2020savings.info%2F&tiba=An%20Insurance%20Company%20For%20Your%20Car%20And%20More%20%7C%20GEICO&async=1&fmt=3&is_vtc=1&random=562119201&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: 2020savings.info
URL: https://2020savings.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2020savings.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Dec 2019 19:39:07 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1071224235/ 42 B
525 B 43ms
23ms Image
image/gif 2a00:1450:4001:824::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1071224235/?random=1577475547872&cv=9&fst=1577473200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oac61&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F2020savings.info%2F&tiba=An%20Insurance%20Company%20For%20Your%20Car%20And%20More%20%7C%20GEICO&async=1&fmt=3&is_vtc=1&random=562119201&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: 2020savings.info
URL: https://2020savings.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2020savings.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Dec 2019 19:39:07 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Cookie set dest5.html
geico.demdex.net/ Frame C241 0
0 194ms
41ms Document
text/html 3.248.163.0
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://geico.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3ae031ef230c4a8191a4ab119cb86733.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.248.163.0 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-3-248-163-0.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: geico.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://2020savings.info/
Accept-Encoding: gzip, deflate, br
Cookie: demdex=59131738552389669521861285792489936243
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://2020savings.info/

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Fri, 20 Dec 2019 11:44:00 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=59131738552389669521861285792489936243;Path=/;Domain=.demdex.net;Expires=Wed, 24-Jun-2020 19:39:08 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: S8KH0Su3S2o=
Content-Length: 2764
Connection: keep-alive

GET
H2 200 id Show response
sadobeanalytics.geico.com/ 49 B
470 B 128ms
38ms XHR
application/x-javascript 35.181.91.36
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://sadobeanalytics.geico.com/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=71FF20B3534568190A490D45%40AdobeOrg&mid=59382035356953458861852089388996731653&ts=1577475547903

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3ae031ef230c4a8191a4ab119cb86733.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.181.91.36 Paris, France, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-35-181-91-36.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

8a6d79f3f676beb073b300b7bcbd5edbb2277c6aac953c88b01eaad3c8420f84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2020savings.info/
Origin: https://2020savings.info
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

status: 200
date: Fri, 27 Dec 2019 19:39:07 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-5fc496b8d4-lpmqv
vary: Origin
x-c: master-1061.Iecc33a.M0-311
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://2020savings.info
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript
content-length: 49
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=XgZd2wAAFmIxXzx0
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=59131738552389669521861285792489936243
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XgZd2wAAFmIxXzx0

42 B
915 B

42ms
41ms

Image
image/gif

52.215.246.156
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=XgZd2wAAFmIxXzx0

Requested by

Host: 2020savings.info
URL: https://2020savings.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.246.156 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-215-246-156.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://2020savings.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v056-05da78d44.edge-irl1.demdex.com 5.64.2.20191219100008 1ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: ruTtsvKrTxw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Fri, 27 Dec 2019 19:39:07 GMT
Server: AMO-cookiemap/1.1
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=XgZd2wAAFmIxXzx0
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=15,max=100
Content-Length: 0

GET
H2 200 json Show response
geico.tt.omtrdc.net/m2/geico/mbox/ 96 B
355 B 105ms
29ms XHR
application/json 66.117.29.11
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://geico.tt.omtrdc.net/m2/geico/mbox/json?mbox=Static_Global_Mbox&mboxSession=dd28b204506049f18bb46c39cf270b40&mboxPC=&mboxPage=5290cec3ab354a90a8be08040901be67&mboxRid=e8aec33f3a7948bcae43ef450a0bf0c4&mboxVersion=1.7.1&mboxCount=1&mboxTime=1577479147772&mboxHost=2020savings.info&mboxURL=https%3A%2F%2F2020savings.info%2F&mboxReferrer=&browserHeight=1200&browserWidth=1585&browserTimeOffset=60&screenHeight=1200&screenWidth=1600&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&pageName=Static%3AHomePage%3ADefault&mboxMCSDID=2D28E546BACEE111-45DA8DF7A658ABC5&vst.trk=adobeanalytics.geico.com&vst.trks=sadobeanalytics.geico.com&mboxMCGVID=59382035356953458861852089388996731653&mboxAAMB=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&mboxMCGLH=6
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3ae031ef230c4a8191a4ab119cb86733.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.117.29.11 , United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
Software: /
Resource Hash: 1700a43912af2331addad3b7887e0d89528ab7c73d3ffca8c5729810b942850d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://2020savings.info/
Origin: https://2020savings.info

Response headers

pragma: no-cache
date: Fri, 27 Dec 2019 19:39:07 GMT
status: 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://2020savings.info
cache-control: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 96
x-request-id: e8aec33f3a7948bcae43ef450a0bf0c4

GET
H2 200 s23890569524840
sadobeanalytics.geico.com/b/ss/geico-prod/1/JS-2.15.0-L9UP/ 43 B
245 B 41ms
41ms Image
image/gif 35.181.91.36
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sadobeanalytics.geico.com/b/ss/geico-prod/1/JS-2.15.0-L9UP/s23890569524840?AQB=1&ndh=1&pf=1&t=27%2F11%2F2019%2020%3A39%3A8%205%20-60&sdid=2D28E546BACEE111-45DA8DF7A658ABC5&mid=59382035356953458861852089388996731653&aamlh=6&ce=UTF-8&ns=geico&pageName=Static%3AHomePage%3ADefault&g=https%3A%2F%2F2020savings.info%2F&cc=USD&events=event32&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c2=D%3Dg&l2=Static%3AHomePage%3AGroupB&c4=New&c5=2.15.0&c14=Non-Mobile%20App%20Experience&v17=D%3Dc3&v18=D%3DpageName&v19=2%3A30PM-Friday&v21=Non-Mobile%20App%20Experience&v25=D%3Dc25&v29=D%3Dc29&v30=D%3Dc30&v31=D%3Dc31&v32=D%3Dc32&v48=nc&c74=Static%3AHomePage%3AGroupB&c75=VisitorAPI%20Present&v77=D%3Ds.campaign&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=71FF20B3534568190A490D45%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.181.91.36 Paris, France, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-35-181-91-36.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2020savings.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 19:39:08 GMT
x-content-type-options: nosniff
x-c: master-1061.Iecc33a.M0-311
p3p: CP="This is not a P3P policy"
status: 200
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 28 Dec 2019 19:39:08 GMT
server: jag
xserver: anedge-5fc496b8d4-k4z9z
etag: 3387602944535134208-4617186628106125147
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Thu, 26 Dec 2019 19:39:08 GMT

GET
H2 200 oo_tab_icon_retina.gif
2020savings.info/public/design-kit/4.0/opinion-lab/ 2 KB
2 KB 56ms
56ms Image
image/gif 2606:4700:30::6812:287c
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2020savings.info/public/design-kit/4.0/opinion-lab/oo_tab_icon_retina.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:287c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

17524463daca35e74e302dc054a4b43898e3641d0a04c1526bcfe64cc0755354

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2020savings.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Dec 2019 19:39:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
x-cdn: Incapsula
status: 200
x-iinfo: 10-347364220-347416372 SNNN RT(1577449072349 244356) q(0 0 0 2) r(0 0) U5
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 2152
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Mar 2018 17:30:53 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=14400
content-security-policy: frame-ancestors 'none'
accept-ranges: bytes
cf-ray: 54bdc240590e6443-FRA

Verdicts & Comments Add Verdict or Comment

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 23:42:27	Name: IDE Value: AHWqTUkC6UCLYtutG9fYO4godiqjqzBa4KlxRlbCp0Ek8nggMtIvpa9akMiZ6ksr
.demdex.net/	1970-01-19 10:30:27	Name: demdex Value: 59131738552389669521861285792489936243
.2020savings.info/	1969-12-31 23:59:59	Name: s_cc Value: true
.2020savings.info/	1970-01-19 06:11:17	Name: utm_gpv_pageName Value: Static%3AHomePage%3ADefault
.2020savings.info/	1970-01-19 06:54:27	Name: s_nr Value: 1577475548203-New
.2020savings.info/	1970-01-19 23:45:20	Name: mbox Value: session#dd28b204506049f18bb46c39cf270b40#1577477409\|PC#dd28b204506049f18bb46c39cf270b40.26_1#1640720349
.2020savings.info/	1969-12-31 23:59:59	Name: AMCVS_71FF20B3534568190A490D45%40AdobeOrg Value: 1
2020savings.info/	1970-01-19 06:11:15	Name: ___utmvc Value: nngjyMk1ZF1Zf1dJAxADzIXy9vXtbKtDlyp/zVXr/jsxnEmkfU0osX6EcvnwXylHeXLbUPAGeicum3B0ChuvPfY7YZ0iGogsjMiZAq3TjSkMzPt3dNJPGwcVRMjxtC6k5KLVke6tnAJOmg2MFu/Eocp2+qUvvMEtZDXmsL9wXLodXc/4+PDPCw5Id2yHUCSX1aP98FoY8do0c3k9GDGvnP1wlYw7gIsiyPu60hwFZoKqvr0yQUNpDiFWoUzkP96nZxfZ2vCqCFU+xtADu7mqmZMsDB9BiS3rXRYrGFotsI8oF/mox6CotBZoI8MfgMmgaGaFeljjJ0IR2KL7Bqt5FteuZNFM0/2b3ouYAFdWMUEXYcSd/6wVx7gcLfvmuAXngC6gvWOR1KbU7bl8Bk4uYGTs8zupp2P2Jv0KQaFX8kAKpqa8LQXaUK4zNKZrYK9RzuGlFVHhxwECAkBcp6KResDqqy7q7AKkMKBqZQASM9B0xQpsNKzsmRzT3oI0efFFElaXIIbb2LSTjydoNEHIicV5D5vyo5JH47JXPpZ+IglCPjoyJTdz918ZAun99tyTRAwo8Q8RCqOJEQTEdtkpc6GIdtlrIwyJIaHTSmkbwDbROwBlIOdbfJu1HpPujK6wJNXXxlwSn0r465S516EFlAmbXaEsPTdN7zBVo6+R9x/3e3EJHjnP582Enuvlq/5FsAcKrKaWri5cRiA206+ZD5S1T1G84CLpLs46z+Yz1jzV3ikM7qA45lx0/+zF7y4dN4ZNmsAWz5dH4TKZ+EN6wUnVNJmkxZnlycY+zVDDSIqcTq4wNwn7jaKxfrEJRCgIz5gqBJrGVOr8Uhi9+DXKvg92sKjA1/NySByEm793WFZLJpOTf9MQIpG0zauacxa4WFLUMD1dZLay9Q3njWFyzvLIapnYhV0N6AWroFfufZ2kpPQsOKLtqXi4j+aSNueVATw+nRI9AMGgPMz/sjQibUbp98fuXT+eqKgCvbqvO+AmQ3BLpgQORFh/ZoaGSiaQAioqQI/IcE8ftT1ASvoTraCV7uI9LzDzJdUY7yiw04M5uv/vbd3lzJmsPZzctZT31dviTYrwNQlNbOQ90IRI5VxfiSXnY9K7eh25t2evrG7wTiNbMVbuVvvjTEkqBYzVofVlc8Q3NREFNa2NEMy8mApYlm53yGC3NMhR4WpSdAy73ikJsBd7n8lXFLyWQ1abwrhJXthxu65MyM3TxdpIfIeJgHabC6iiLfmF+nb1PMQgKZgZxBUwwZg94asRn95oXqAFiIfJ1YoQu/3MNC9FzHL8Mm+gwrxbdfGS6S9j6ynfoFXEF3e/Irm1kFpnEb3Z0fMH7WXyrGYFxGz3JnQ1V2VccSy/exAsEs5yogd036aKIqedJt54N24cm3yIx6mVXgHbOHnUgvEiZQnFNfRbJcYk9ycnB21jVDa+2TqinzB0fQSamsmBiEDYNkVwfi0g4Nlk/yZRlD1LqqBDgw02WxclEidZTWA9rZSLfjH5PEMgCXeHAcIef+i51achGzjvaTJ28nssZGlnZXN0PSxzPU5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTg==
.2020savings.info/	1970-01-19 06:11:17	Name: s_dfa Value: geico-prod
.2020savings.info/	1970-01-19 08:20:51	Name: _gcl_au Value: 1.1.1271886685.1577475548
.2020savings.info/	1970-01-19 23:43:53	Name: AMCV_71FF20B3534568190A490D45%40AdobeOrg Value: 1585540135%7CMCIDTS%7C18258%7CMCMID%7C59382035356953458861852089388996731653%7CMCAAMLH-1578080347%7C6%7CMCAAMB-1578080347%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1577482748s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18265%7CvVersion%7C4.4.0
.doubleclick.net/	1970-01-19 08:20:51	Name: _fbp Value: fb.1.1577475547970.2012300368
.2020savings.info/	1970-01-19 23:42:27	Name: gvid Value: 59382035356953458861852089388996731653
.2020savings.info/	1970-01-19 06:11:15	Name: _gat_5c247b9625969314870c7e0f4960f5ae Value: 1
.2020savings.info/	1970-01-19 23:42:27	Name: _ga Value: GA1.2.1294058962.1577475548
.2020savings.info/	1969-12-31 23:59:59	Name: check Value: true
.2020savings.info/	1970-01-19 06:12:41	Name: _gid Value: GA1.2.1114505026.1577475548
.2020savings.info/	1970-01-19 06:54:27	Name: __cfduid Value: d43e71d2380d263c22ee12a529b1aa0bb1577475544

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2020savings.info
2992003.fls.doubleclick.net
assets.adobedtm.com
c.go-mpulse.net
cm.everesttech.net
dpm.demdex.net
fls.doubleclick.net
geico.demdex.net
geico.tt.omtrdc.net
googleads.g.doubleclick.net
s.go-mpulse.net
sadobeanalytics.geico.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
172.217.22.6
172.217.23.166
184.30.223.226
216.58.206.2
2606:4700:30::6812:287c
2a00:1450:4001:800::2002
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2008
2a00:1450:4001:820::2004
2a00:1450:4001:824::2003
2a00:1450:400c:c04::9c
2a02:26f0:6c00:2a3::11a6
3.248.163.0
35.181.91.36
52.215.246.156
66.117.28.86
66.117.29.11
72.247.225.88
0c18806fd4e6767d02674ceb53c786c125c278a554eb2b923179287a990fe1ed
16c442f5a59efaa05b916dc03cc9f6ec6f61a9c18454898cebd5b01650699664
1700a43912af2331addad3b7887e0d89528ab7c73d3ffca8c5729810b942850d
17524463daca35e74e302dc054a4b43898e3641d0a04c1526bcfe64cc0755354
1b31a8ebbb0efd713639d11a8cc9cccda0df6a6d12fd9d897d38dda817e702c5
1eb4e009658e47071b8cd04cea5e77d8eb0599f7f40b49d874008dd07eab8441
20aaf4433987094f3d257559504456b82217e1711aaabe8ee1ea47037bd1c3a4
235252ceb9a928932b282f2136aaa78e7be0905d2da5a688d3655368180384a5
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
3217a6955b600825965f424d1cf73bc156ade880bcb4e16760cfe1771e2da89e
34ee9ced9a08d47f2c32568dc75129b99b0dfa699ee9e9782b75aa18249c43d9
387c241052e1ef182dd05f0ddac8f35a90371bb82cd0387fef42952c9f1f908b
3ec5c0aa76249db1ea1d353b8c2f35de6bcfeb0a7b513f0415fe8a628ffb2f51
415ca1ff9d1e6787e8e53432c957673648f328adcdd160802a65ef39d2010126
47a3e3b64cffe3ff820ebe554ac4df940da5ed469eaddbbc13bdd3b0b1eb4479
4a3f9b210aa09b6c5934047c51c7b7211e4e366a1d3da852c48cd5c42738ecd8
4d204e65b8780db33ea7131349bca011bd2fb57db5c5ab32b501e3f2a0d085b5
4d8d19fa74e1c2324d74e37db0f91ac8e96fdeba71b979b6bd88e7168c09a037
4f6a9c99d36c51fabdd3e290c6a7fafb8252e6f34627d37d133ee9381a7880e5
5aaeebded4b9a32fd6d4869fd5381fa587a68af5cc91792c339ef78d41439b6a
63413259cbaefb160e5ade88d65669a85beb447007edb1eb6f58daeba865822e
84f9fe6a3d3d534f528af5b6a9f039bba00fc9f82a2cf5b2f4f5dc6b16f44bd4
8a6d79f3f676beb073b300b7bcbd5edbb2277c6aac953c88b01eaad3c8420f84
93586a39c2e8f51d599997b85e4ca84b8617731a54ca9c6ed1a2172835df0510
9be62bcc59fb0722a9861b58c89971492cc3c71491c8583c3b9d542fa4e3abf0
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
ad88ca7b2b18f0decee115923f36fa3ecf23bc00a513b633e32600055942b32a
c502e74d88896e28eecbc5953d9231f8485d69bc7f29e89d2cbe1c20a476d3f2
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dcee067183fabf9b99840993981a4ec7909252d331835f07675503263d1d25c2
e0b8436d50fb200de76d7a25cf450ea238cd100197f8e9d462e9228153da873f
e132a6fa42a04e17b952a155520660e26c6e7277c309dee420a5797ae66866c2
e25f1fb24df6a8cf310cf146936214d02d130ed110577628e852acd23788cd36
e32a6ae5e43f7f652674e0f03dc23f86839f839b29ee4e63c01c93da180bb0d0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee59e66693ad02c90ce706027ca1c17f4b60a88fc16fa36553f86a285ddaff47
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

2020savings.info Open in urlscan Pro 2606:4700:30::6812:287c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

44 Requests

100 %HTTPS

44 %IPv6

13 Domains

18 Subdomains

16 IPs

7 Countries

570 kBTransfer

2193 kBSize

18 Cookies

30 Outgoing links

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

2020savings.info Open in urlscan Pro
2606:4700:30::6812:287c Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

100 %
HTTPS

44 %
IPv6

13
Domains

18
Subdomains

16
IPs

7
Countries

570 kB
Transfer

2193 kB
Size

18
Cookies

44 HTTP transactions
0 data transactions