urlscan.io logo urlscan.io
SecurityTrails logo

insurance-claims-us-en-3983501.live Open in urlscan Pro
104.17.158.1  Public Scan

Go To Rescan Add Verdict Report
URL: https://insurance-claims-us-en-3983501.live/
Submission: On October 22 via automatic, source certstream-suspicious — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 2 countries across 12 domains to perform 66 HTTP transactions. The main IP is 104.17.158.1, located in and belongs to CLOUDFLARENET, US. The main domain is insurance-claims-us-en-3983501.live.
TLS certificate: Issued by WE1 on October 22nd 2024. Valid for: 3 months.
This is the only time insurance-claims-us-en-3983501.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    104.17.158.1 (None, )

ASN13335 (CLOUDFLARENET, US)
insurance-claims-us-en-3983501.live
6    2606:4700::6812:562a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
1    2600:9000:2209:d600:e:52c5:2040:93a1 (United States)

ASN16509 (AMAZON-02, US)
ob.system1onesource.com
6    108.139.29.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-41.jfk50.r.cloudfront.net
s.flocdn.com
5    2600:1f18:e8a:cd06:e361:a2ce:b047:17c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
obs.system1onesource.com
1    2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
4    2620:1ec:33::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
6    142.251.40.162 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net
www.googleadservices.com
9    142.250.81.226 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f2.1e100.net
googleads.g.doubleclick.net
10    142.250.64.68 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s30-in-f4.1e100.net
www.google.com
1    108.139.29.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-94.jfk50.r.cloudfront.net
s.flocdn.com
1    142.250.80.66 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f2.1e100.net
partner.googleadservices.com
3    2607:f8b0:4006:808::200e (United States)

ASN15169 (GOOGLE, US)
syndicatedsearch.goog
6    2607:f8b0:4006:80c::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    44.197.223.227 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-197-223-227.compute-1.amazonaws.com
soflopxl.com
7    2607:f8b0:4006:806::2002 (United States)

ASN15169 (GOOGLE, US)
td.doubleclick.net
1    2607:f8b0:4006:824::200e (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:4004:c1b::9d (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
17 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
td.doubleclick.net — Cisco Umbrella Rank: 192
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
8 KB
11 google.com
www.google.com — Cisco Umbrella Rank: 3
analytics.google.com — Cisco Umbrella Rank: 147
55 KB
7 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 89
partner.googleadservices.com — Cisco Umbrella Rank: 5125
8 KB
7 flocdn.com
s.flocdn.com — Cisco Umbrella Rank: 40742
278 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
441 KB
6 system1onesource.com
ob.system1onesource.com — Cisco Umbrella Rank: 34078
obs.system1onesource.com — Cisco Umbrella Rank: 32395
42 KB
6 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 326
153 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 348
16 KB
3 syndicatedsearch.goog
syndicatedsearch.goog — Cisco Umbrella Rank: 3282
719 B
2 soflopxl.com
soflopxl.com — Cisco Umbrella Rank: 24494
413 B
2 insurance-claims-us-en-3983501.live
insurance-claims-us-en-3983501.live
4 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 498
309 B
66 12
Domain Requested by
10 www.google.com insurance-claims-us-en-3983501.live
s.flocdn.com
9 googleads.g.doubleclick.net 6 redirects www.googletagmanager.com
7 td.doubleclick.net www.googletagmanager.com
7 s.flocdn.com insurance-claims-us-en-3983501.live
s.flocdn.com
6 www.googletagmanager.com s.flocdn.com
www.googletagmanager.com
6 www.googleadservices.com 3 redirects www.googletagmanager.com
6 cdn.cookielaw.org insurance-claims-us-en-3983501.live
cdn.cookielaw.org
5 obs.system1onesource.com ob.system1onesource.com
insurance-claims-us-en-3983501.live
4 bat.bing.com ob.system1onesource.com
bat.bing.com
insurance-claims-us-en-3983501.live
3 syndicatedsearch.goog www.google.com
2 soflopxl.com s.flocdn.com
2 insurance-claims-us-en-3983501.live
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 partner.googleadservices.com www.google.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 ob.system1onesource.com insurance-claims-us-en-3983501.live
66 17

This site contains no links.

Subject Issuer Validity Valid
insurance-claims-us-en-3983501.live
WE1		 2024-10-22 -
2025-01-20		 3 months crt.sh
cookielaw.org
WE1		 2024-10-11 -
2025-01-09		 3 months crt.sh
*.system1onesource.com
Amazon RSA 2048 M03		 2024-01-11 -
2025-02-08		 a year crt.sh
*.flocdn.com
Amazon RSA 2048 M02		 2023-12-06 -
2025-01-03		 a year crt.sh
geolocation.onetrust.com
WE1		 2024-10-11 -
2025-01-09		 3 months crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-09-16 -
2025-03-15		 6 months crt.sh
*.google.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
*.googleadservices.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
syndicatedsearch.goog
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
*.google-analytics.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
pxtres.com
Amazon RSA 2048 M02		 2024-01-20 -
2025-02-16		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
*.doubleclick.net
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh

This page contains 11 frames:

Primary Page: https://insurance-claims-us-en-3983501.live/
Frame ID: 6297319C4033B36A70580C7FFC01A068
Requests: 54 HTTP requests in this frame

Frame: https://s.flocdn.com/%40s1/dpl/4.18.10/iframe.html
Frame ID: 593CEEDC24125AB6389FF83FE18F92C1
Requests: 1 HTTP requests in this frame

Frame: https://syndicatedsearch.goog/afs/ads?adtest=off&psid=1646507740&client=dp-dotzup21_3ph_js&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Finsurance-claims-us-en-3983501.live%2Fserp%3Fsc%3DqrwAStLlmyZd10%26ivt%3Dfalse&rpqp=query&max_radlink_len=40&type=3&uiopt=false&swp=as-drid-oo-1715430907199229&rs_tt=c&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301431%2C17301433%2C17301436%2C17301542%2C17301266%2C72717107&format=r5&nocache=4821729634188656&num=0&output=afd_ads&domain_name=insurance-claims-us-en-3983501.live&v=3&bsl=8&pac=0&u_his=2&u_tz=-600&dt=1729634188657&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1200&frm=0&uio=-&cont=ads&drt=0&jsid=caf&nfp=1&jsv=685701914&rurl=https%3A%2F%2Finsurance-claims-us-en-3983501.live%2F
Frame ID: 4811E0585AA0740427B1B19DA07399EB
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/982246529?random=1729634190377&cv=11&fst=1729634190377&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v868528064za200zb844758514&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823847~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Finsurance-claims-us-en-3983501.live%2F&hn=www.googleadservices.com&frm=0&tiba=insurance-claims-us-en-3983501.live&npa=0&pscdl=noapi&auid=416064595.1729634190&fledge=1&data=event%3Dgtag.config
Frame ID: 04772DFADE8BE8B320EF2A16D10BFD80
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/982246529?random=1729634190422&cv=11&fst=1729634190422&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v868528064za200zb844758514&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823847~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Finsurance-claims-us-en-3983501.live%2F&label=sT-ICP-w_JQZEIHJr9QD&hn=www.googleadservices.com&frm=0&tiba=insurance-claims-us-en-3983501.live&gtm_ee=1&npa=0&pscdl=noapi&auid=416064595.1729634190&fledge=1&capi=1&data=event%3Dconversion&ct_cookie_present=0
Frame ID: E226E5D8F7F41A46D353B0735E40C472
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/932435890?random=1729634190453&cv=11&fst=1729634190453&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ah0za200zb844758514&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823848~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Finsurance-claims-us-en-3983501.live%2F&hn=www.googleadservices.com&frm=0&tiba=insurance-claims-us-en-3983501.live&npa=0&pscdl=noapi&auid=416064595.1729634190&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: F47FD6547E1937E5ECB2A8C52B249CF5
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/932435890?random=1729634190488&cv=11&fst=1729634190488&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ah0za200zb844758514&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823848~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Finsurance-claims-us-en-3983501.live%2F&label=HtPMCKDQp5QZELKvz7wD&hn=www.googleadservices.com&frm=0&tiba=insurance-claims-us-en-3983501.live&gtm_ee=1&npa=0&pscdl=noapi&auid=416064595.1729634190&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&ct_cookie_present=0
Frame ID: FDFB82A325D29A373154919D782C675A
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/1058340534?random=1729634190510&cv=11&fst=1729634190510&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v9100102812za200zb844758514&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823847~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Finsurance-claims-us-en-3983501.live%2F&hn=www.googleadservices.com&frm=0&tiba=insurance-claims-us-en-3983501.live&npa=0&pscdl=noapi&auid=416064595.1729634190&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: D2BC627C3C87E5DB09C404A623C2AFC7
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/1058340534?random=1729634190548&cv=11&fst=1729634190548&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v9100102812za200zb844758514&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823847~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Finsurance-claims-us-en-3983501.live%2F&label=w8daCMaRmpQZELb90_gD&hn=www.googleadservices.com&frm=0&tiba=insurance-claims-us-en-3983501.live&gtm_ee=1&npa=0&pscdl=noapi&auid=416064595.1729634190&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&ct_cookie_present=0
Frame ID: 9454EB9EF2B9B9E52D3DFD483288059D
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-1QH44F1BG5&gacid=131178742.1729634191&gtm=45je4ah0v888902321z8844758514za200zb844758514&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101686685~101823848~101836706&z=2083677774
Frame ID: A39E22E9B6D4DDAFCED3BFC1ABC0294B
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Finsurance-claims-us-en-3983501.live
Frame ID: 2CD392279342D7A52B5BA39B83A3D1C1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

insurance-claims-us-en-3983501.live

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Page Statistics

66
Requests

86 %
HTTPS

56 %
IPv6

12
Domains

17
Subdomains

19
IPs

2
Countries

1006 kB
Transfer

2742 kB
Size

19
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://www.googleadservices.com/pagead/conversion/932435890/?label=HtPMCKDQp5QZELKvz7wD&guid=ON&script=0 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/932435890/?label=HtPMCKDQp5QZELKvz7wD&guid=ON&script=0&ct_cookie_present=false&random=1223124929&crd=CLHBsQIIsMGxAgi_yrECCLnBsQIIscOxAgiKxbECCMLJsQI&pscrd=IhMI8937uv2iiQMVaBpoCB1OzhbXMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOixodHRwczovL2luc3VyYW5jZS1jbGFpbXMtdXMtZW4tMzk4MzUwMS5saXZlLw HTTP 302
  • https://www.google.com/pagead/1p-conversion/932435890/?label=HtPMCKDQp5QZELKvz7wD&guid=ON&script=0&ct_cookie_present=false&random=1223124929&crd=CLHBsQIIsMGxAgi_yrECCLnBsQIIscOxAgiKxbECCMLJsQI&pscrd=IhMI8937uv2iiQMVaBpoCB1OzhbXMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOixodHRwczovL2luc3VyYW5jZS1jbGFpbXMtdXMtZW4tMzk4MzUwMS5saXZlLw&is_vtc=1&cid=CAQSGwDpaXnfCQziykeAMO-7A00JnQIeFcAYyhd7-g&random=1738577898
Request Chain 12
  • https://www.googleadservices.com/pagead/conversion/982246529/?label=sT-ICP-w_JQZEIHJr9QD&guid=ON&script=0 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/982246529/?label=sT-ICP-w_JQZEIHJr9QD&guid=ON&script=0&ct_cookie_present=false&random=1719054063&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybEC&pscrd=IhMIgt_7uv2iiQMVtCdoCB3n_w4uMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOixodHRwczovL2luc3VyYW5jZS1jbGFpbXMtdXMtZW4tMzk4MzUwMS5saXZlLw HTTP 302
  • https://www.google.com/pagead/1p-conversion/982246529/?label=sT-ICP-w_JQZEIHJr9QD&guid=ON&script=0&ct_cookie_present=false&random=1719054063&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybEC&pscrd=IhMIgt_7uv2iiQMVtCdoCB3n_w4uMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOixodHRwczovL2luc3VyYW5jZS1jbGFpbXMtdXMtZW4tMzk4MzUwMS5saXZlLw&is_vtc=1&cid=CAQSGwDpaXnfNjZUCXjHATMBuQUWz1dPOAvtPSorcA&random=1408514772
Request Chain 13
  • https://www.googleadservices.com/pagead/conversion/1058340534/?label=w8daCMaRmpQZELb90_gD&guid=ON&script=0 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1058340534/?label=w8daCMaRmpQZELb90_gD&guid=ON&script=0&ct_cookie_present=false&random=1430538114&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybEC&pscrd=IhMIpNz7uv2iiQMVhg1oCB2bDAy-MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOixodHRwczovL2luc3VyYW5jZS1jbGFpbXMtdXMtZW4tMzk4MzUwMS5saXZlLw HTTP 302
  • https://www.google.com/pagead/1p-conversion/1058340534/?label=w8daCMaRmpQZELb90_gD&guid=ON&script=0&ct_cookie_present=false&random=1430538114&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybEC&pscrd=IhMIpNz7uv2iiQMVhg1oCB2bDAy-MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOixodHRwczovL2luc3VyYW5jZS1jbGFpbXMtdXMtZW4tMzk4MzUwMS5saXZlLw&is_vtc=1&cid=CAQSGwDpaXnfbxBYV9nDDwuwdQjqIolYwJnaz1PJOg&random=47533718
Request Chain 54
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/982246529/?random=1160482226&cv=11&fst=1729634190422&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v868528064za200zb844758514&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823847~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Finsurance-claims-us-en-3983501.live%2F&label=sT-ICP-w_JQZEIHJr9QD&hn=www.googleadservices.com&frm=0&tiba=insurance-claims-us-en-3983501.live&gtm_ee=1&npa=0&pscdl=noapi&auid=416064595.1729634190&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECShV0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMInOiQvP2iiQMV0QpoCB247zb2MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOixodHRwczovL2luc3VyYW5jZS1jbGFpbXMtdXMtZW4tMzk4MzUwMS5saXZlL0JXQ2hFSThKcmR1QVlRZ2FYdDhMZld0YkcxQVJJc0FGN0FQWWhIbDRLQ1QwazUxVWZfTC1nNDlqUHgzTktjRmc1TThNWUxqWTlXaG0wb3dsc09HUlhqWVB3 HTTP 302
  • https://www.google.com/pagead/1p-conversion/982246529/?random=1160482226&cv=11&fst=1729634190422&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v868528064za200zb844758514&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823847~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Finsurance-claims-us-en-3983501.live%2F&label=sT-ICP-w_JQZEIHJr9QD&hn=www.googleadservices.com&frm=0&tiba=insurance-claims-us-en-3983501.live&gtm_ee=1&npa=0&pscdl=noapi&auid=416064595.1729634190&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECShV0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMInOiQvP2iiQMV0QpoCB247zb2MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOixodHRwczovL2luc3VyYW5jZS1jbGFpbXMtdXMtZW4tMzk4MzUwMS5saXZlL0JXQ2hFSThKcmR1QVlRZ2FYdDhMZld0YkcxQVJJc0FGN0FQWWhIbDRLQ1QwazUxVWZfTC1nNDlqUHgzTktjRmc1TThNWUxqWTlXaG0wb3dsc09HUlhqWVB3&is_vtc=1&cid=CAQSKQDpaXnfeowSXw0M4edE3iTJIat-b3jCGDW5qJfH4Q1pYgf9AJ4bXU_q&random=514951476
Request Chain 56
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/932435890/?random=111302747&cv=11&fst=1729634190488&bg=ffffff&guid=ON&async=1&gtm=45be4ah0za200zb844758514&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823848~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Finsurance-claims-us-en-3983501.live%2F&label=HtPMCKDQp5QZELKvz7wD&hn=www.googleadservices.com&frm=0&tiba=insurance-claims-us-en-3983501.live&gtm_ee=1&npa=0&pscdl=noapi&auid=416064595.1729634190&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECShV0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIy9GUvP2iiQMVvAxoCB3BwSnAMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOixodHRwczovL2luc3VyYW5jZS1jbGFpbXMtdXMtZW4tMzk4MzUwMS5saXZlL0JXQ2hFSThKcmR1QVlRZ2FYdDhMZld0YkcxQVJJc0FGN0FQWWpMVkxzdEdCNFYySTBqQXVELU9SNlBHTkVOY0xHdTZqNHhmelBxZkltdFJXbDNOcVdLVVJn HTTP 302
  • https://www.google.com/pagead/1p-conversion/932435890/?random=111302747&cv=11&fst=1729634190488&bg=ffffff&guid=ON&async=1&gtm=45be4ah0za200zb844758514&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823848~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Finsurance-claims-us-en-3983501.live%2F&label=HtPMCKDQp5QZELKvz7wD&hn=www.googleadservices.com&frm=0&tiba=insurance-claims-us-en-3983501.live&gtm_ee=1&npa=0&pscdl=noapi&auid=416064595.1729634190&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECShV0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIy9GUvP2iiQMVvAxoCB3BwSnAMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOixodHRwczovL2luc3VyYW5jZS1jbGFpbXMtdXMtZW4tMzk4MzUwMS5saXZlL0JXQ2hFSThKcmR1QVlRZ2FYdDhMZld0YkcxQVJJc0FGN0FQWWpMVkxzdEdCNFYySTBqQXVELU9SNlBHTkVOY0xHdTZqNHhmelBxZkltdFJXbDNOcVdLVVJn&is_vtc=1&cid=CAQSKQDpaXnfPyYFfvaWJpl-DStU8bI61ZWnDZPUhbpSUvvlJnugaGb2xnjy&random=1164273745
Request Chain 58
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1058340534/?random=963324839&cv=11&fst=1729634190548&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v9100102812za200zb844758514&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823847~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Finsurance-claims-us-en-3983501.live%2F&label=w8daCMaRmpQZELb90_gD&hn=www.googleadservices.com&frm=0&tiba=insurance-claims-us-en-3983501.live&gtm_ee=1&npa=0&pscdl=noapi&auid=416064595.1729634190&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECShV0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIhKSYvP2iiQMVxwloCB3nUy4AMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOixodHRwczovL2luc3VyYW5jZS1jbGFpbXMtdXMtZW4tMzk4MzUwMS5saXZlL0JXQ2hFSThKcmR1QVlRZ2FYdDhMZld0YkcxQVJJc0FGN0FQWWhCRk9PUUhIbFl0MDJ5aDZNS2g3M3hvSEdEQzRhUmVQTkpxZDBveHZWZ2ZjbXBqQzE4Wk0w HTTP 302
  • https://www.google.com/pagead/1p-conversion/1058340534/?random=963324839&cv=11&fst=1729634190548&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v9100102812za200zb844758514&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823847~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Finsurance-claims-us-en-3983501.live%2F&label=w8daCMaRmpQZELb90_gD&hn=www.googleadservices.com&frm=0&tiba=insurance-claims-us-en-3983501.live&gtm_ee=1&npa=0&pscdl=noapi&auid=416064595.1729634190&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECShV0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIhKSYvP2iiQMVxwloCB3nUy4AMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOixodHRwczovL2luc3VyYW5jZS1jbGFpbXMtdXMtZW4tMzk4MzUwMS5saXZlL0JXQ2hFSThKcmR1QVlRZ2FYdDhMZld0YkcxQVJJc0FGN0FQWWhCRk9PUUhIbFl0MDJ5aDZNS2g3M3hvSEdEQzRhUmVQTkpxZDBveHZWZ2ZjbXBqQzE4Wk0w&is_vtc=1&cid=CAQSKQDpaXnf8jRUyEn2RdvhwGtiQfhGdYPNX74u92fNv1RYFuLv43J2NdSH&random=1371482091

66 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
insurance-claims-us-en-3983501.live/ 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://insurance-claims-us-en-3983501.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.158.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0dbab83582959b097e984894cdd324d0bbc8593379e5e2f496ca90dc5e78476d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8d6cbcc07de3e813-DFW
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 22 Oct 2024 21:56:26 GMT
server
cloudflare
vary
Accept-Encoding
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALo4A9ch0h+1WaF7eiREQsF8ZSdjSPKx9KkKjCqabhCJSzV17noE3IU0F05CJ672CxyFRxdONAgr69GDBpn7MRECAwEAAQ==_DtwkLR2n20QH2Mnc0ZE0auWmfMXO20m45ya5CTNhNKE7YxG9IIdmaVcqXWvBlj31IaeWZaPdz0KMDYkFCXGxrQ==
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: insurance-claims-us-en-3983501.live
URL: https://insurance-claims-us-en-3983501.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7358c5616f671017f307d161644d253f0f81083b0be68f3a3fefefa33b59de5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

content-md5
qVqAwzZMp5y69q24H0KNhg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCF241BEBAA205
x-ms-lease-status
unlocked
age
470
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Wed, 23 Oct 2024 21:48:36 GMT
date
Tue, 22 Oct 2024 21:56:26 GMT
content-type
application/javascript
last-modified
Tue, 22 Oct 2024 02:32:16 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
4feaa253-b01e-009d-41c9-24e9ca000000
cf-ray
8d6cbcc3cd9e1024-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
7212
x-ms-blob-type
BlockBlob
server
cloudflare
35289458b2de2bf5220f730bdbc66486.js
ob.system1onesource.com/i/ 		108 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ob.system1onesource.com/i/35289458b2de2bf5220f730bdbc66486.js
Requested by
Host: insurance-claims-us-en-3983501.live
URL: https://insurance-claims-us-en-3983501.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:d600:e:52c5:2040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Caddy /
Resource Hash
81c4380af83723f0e78f7cfa5dd04ab06ffcb82b7ab3f0ea1d8d5044ce4cb66a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

cache-control
max-age=43200
content-encoding
gzip
etag
"1af97-1La6HJ/ACJkQ9qh1CcZfsPR/5CM"
age
8077
via
1.1 19e58616339f974c22a3a07f8f637718.cloudfront.net (CloudFront)
expires
Wed, 23 Oct 2024 07:41:50 GMT
x-cache
Hit from cloudfront
content-length
40394
x-amz-cf-id
mZFlebMLwpD7rOYbRNb0fuAu96Ei_uGKCD1JP66sLwsRXaO1Je9H_Q==
date
Tue, 22 Oct 2024 19:41:50 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
Caddy
x-amz-cf-pop
EWR53-P1
deps.js
s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/f965337ff/ 		136 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/f965337ff/deps.js
Requested by
Host: insurance-claims-us-en-3983501.live
URL: https://insurance-claims-us-en-3983501.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-41.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2350d26ef77e2164f5869f85c6923d954ac90af8033b61af9948bb11f6f1091

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://insurance-claims-us-en-3983501.live
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

access-control-max-age
60000
content-encoding
gzip
etag
W/"196fe3855f3af681fe1bee6d97b71b6b"
x-amz-version-id
DrS9krwBqsIjfQnqG3wkf53H5vRiKItO
access-control-allow-methods
GET, HEAD
via
1.1 4a1ea8b67dc2325b2469ed51d3e186ac.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-cf-id
YRtyqb_NVpwiNinDh5-5tYQSCav9nDxDAzW6wN_wGuF3fSw9BXEvkg==
date
Tue, 22 Oct 2024 21:56:28 GMT
content-type
application/javascript
last-modified
Tue, 22 Oct 2024 18:02:27 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P2
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
runtime.js
s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/f965337ff/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/f965337ff/runtime.js
Requested by
Host: insurance-claims-us-en-3983501.live
URL: https://insurance-claims-us-en-3983501.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-41.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1ed80c2416cb9f1734b9d9371c12761f9a0102d00ca0b96af77e1cb319cad6fd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://insurance-claims-us-en-3983501.live
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

access-control-max-age
60000
content-encoding
gzip
etag
W/"1caacde96913cc78bae82a886cb7d36a"
x-amz-version-id
jwsRmWWvugpfUs13lgIL0n5eixh7n4wU
access-control-allow-methods
GET, HEAD
via
1.1 4a1ea8b67dc2325b2469ed51d3e186ac.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-cf-id
C86liMz2rTUx-sFozJTxDNoOK0Z9HP-3cq70w5qAI6KLJsYvSg5SNQ==
date
Tue, 22 Oct 2024 21:56:28 GMT
content-type
application/javascript
last-modified
Tue, 22 Oct 2024 18:02:27 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P2
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
3c540673-bf8c-42bb-bcf5-5bd7df97351a.json
cdn.cookielaw.org/consent/3c540673-bf8c-42bb-bcf5-5bd7df97351a/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/3c540673-bf8c-42bb-bcf5-5bd7df97351a/3c540673-bf8c-42bb-bcf5-5bd7df97351a.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93fb36024acd3f6abe55dac0adda17eb62126c631623132c6b9b35602094a6cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

content-md5
jhz7uRgqBqUQUGl8lRNzeg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
MISS
etag
0x8DCD80B7063C8A2
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
x-content-type-options
nosniff
expires
Wed, 23 Oct 2024 21:56:27 GMT
date
Tue, 22 Oct 2024 21:56:27 GMT
content-type
application/json
last-modified
Wed, 18 Sep 2024 17:58:02 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin, cross-origin
x-ms-request-id
adab8ef6-f01e-0012-35cd-24a796000000
cf-ray
8d6cbcc55af608c8-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
1845
x-ms-blob-type
BlockBlob
server
cloudflare
ct
obs.system1onesource.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://obs.system1onesource.com/ct?id=28382&url=https%3A%2F%2Finsurance-claims-us-en-3983501.live%2F&sf=0&tpi=&ch=cheq4ppc&uvid=gar2riorpaokp5e4suoop12p&tsf=0&tsfmi=&tsfu=&cb=1729634187363&hl=2&op=0&ag=566412661&rand=7492116868897722162962669552828203166246500251037721206561985481711076082709852175571&fs=1600x1200&fst=1600x1200&np=linux%20x86_64&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDk2MjldLFsiYWJuY2giLDMxXSxbLTUsIi0iXSxbLTYsIntcIndcIjpbXCIxXCJdLFwiblwiOltdLFwiZFwiOltdfSJdLFstMTYsIjAiXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTUyLCItIl0sWy01NSwiMCJdLFstNjQsIlswLFwiXCIsW11dIl0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCJdIl0sWy0xMywiLSJdLFstMTUsIi0iXSxbLTI3LCJbMjUwLDEwLDAsXCI0Z1wiLG51bGxdIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTM0LCItIl0sWy01NywiV0UwWlYxeE9jVmhYWFZWY1N4Y0ZXbFpVU1V4TlhGMEhHV0pZU2hsWVNVbFZRR1FaRVZ4UFdGVVpXRTBaQlZoWFZsZEFWRlpNU2djWkVRTU9Bd2dNQ1FvSkFSQVZHUVZZVjFaWFFGUldURW9IQXdnQkF3b0pFQlZZVFJsNFMwdFlRQmRLWEJrUlVVMU5TVW9ERmhaV1d4ZEtRRXBOWEZRSVZsZGNTbFpNUzFwY0YxcFdWQlpRRmdvTUN3RUFEUXdCV3d0ZFhBdGJYd3dMQ3dsZkRnb0pXMTFiV2c4UERRRVBGMU5LQXdnRER3RUlEUXNRRlZoTkdVc1pFVkZOVFVsS0F4WVdWbHNYU2tCS1RWeFVDRlpYWEVwV1RFdGFYQmRhVmxRV1VCWUtEQXNCQUEwTUFWc0xYVndMVzE4TUN3c0pYdzRLQ1Z0ZFcxb1BEdzBCRHhkVFNnPT0iXSxbLTY1LCItIl0sWy02OSwiTGludXggeDg2XzY0fEdvb2dsZSBJbmMufDh8MTZ8fDAiXSxbMzcsIlszMzE2MjI0MDQ5LGZ1bmN0aW9uKG5ld1ZhbHVlKSB7XG4gICAgICAgICAgICAgIGFkZENvbnRlbnRXaW5kb3dQcm94eSh0aGlzKVxuICAgICAgICAgICAgICAvLyBSZXNldCBwcm9wZXJ0eSwgdGhlIGhvb2sgaXMgb25seSBuZWVkZWQgb25jZVxuICAgICAgICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoaWZyYW1lLCAnc3JjZG9jJywge1xuICAgICAgICAgICAgICAgIGNvbmZpZ3VyYWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgd3JpdGFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBfc3JjZG9jXG4gICAgICAgICAgICAgIH0pXG4gICAgICAgICAgICAgIF9pZnJhbWUuc3JjZG9jID0gbmV3VmFsdWVcbiAgICAgICAgICAgIH1dIl0sWy03LCItIl0sWy0xNywiMTYiXSxbLTQ0LCIwLDAsMCw1Il0sWy01OSwiZGVmYXVsdCJdLFstNjYsImdlb2xvY2F0aW9uLGNodWFmdWxsdmVyc2lvbmxpc3QsY3Jvc3NvcmlnaW5pc29sYXRlZCxzY3JlZW53YWtlbG9jayxwdWJsaWNrZXljcmVkZW50aWFsc2dldCxzaGFyZWRzdG9yYWdlc2VsZWN0dXJsLGNodWFhcmNoLGNvbXB1dGVwcmVzc3VyZSxjaHByZWZlcnNyZWR1Y2VkdHJhbnNwYXJlbmN5LHVzYixjaHNhdmVkYXRhLHB1YmxpY2tleWNyZWRlbnRpYWxzY3JlYXRlLHNoYXJlZHN0b3JhZ2UscnVuYWRhdWN0aW9uLGNodWFmb3JtZmFjdG9ycyxjaGRvd25saW5rLG90cGNyZWRlbnRpYWxzLHBheW1lbnQsY2h1YSxjaHVhbW9kZWwsY2hlY3QsYXV0b3BsYXksY2FtZXJhLHByaXZhdGVzdGF0ZXRva2VuaXNzdWFuY2UsYWNjZWxlcm9tZXRlcixjaHVhcGxhdGZvcm12ZXJzaW9uLGlkbGVkZXRlY3Rpb24scHJpdmF0ZWFnZ3JlZ2F0aW9uLGludGVyZXN0Y29ob3J0LGNodmlld3BvcnRoZWlnaHQsbG9jYWxmb250cyxjaHVhcGxhdGZvcm0sbWlkaSxjaHVhZnVsbHZlcnNpb24seHJzcGF0aWFsdHJhY2tpbmcsY2xpcGJvYXJkcmVhZCxnYW1lcGFkLGRpc3BsYXljYXB0dXJlLGtleWJvYXJkbWFwLGpvaW5hZGludGVyZXN0Z3JvdXAsY2h3aWR0aCxjaHByZWZlcnNyZWR1Y2VkbW90aW9uLGJyb3dzaW5ndG9waWNzLGVuY3J5cHRlZG1lZGlhLGd5cm9zY29wZSxzZXJpYWwsY2hydHQsY2h1YW1vYmlsZSx3aW5kb3dtYW5hZ2VtZW50LHVubG9hZCxjaGRwcixjaHByZWZlcnNjb2xvcnNjaGVtZSxjaHVhd293NjQsYXR0cmlidXRpb25yZXBvcnRpbmcsZnVsbHNjcmVlbixpZGVudGl0eWNyZWRlbnRpYWxzZ2V0LHByaXZhdGVzdGF0ZXRva2VucmVkZW1wdGlvbixoaWQsY2h1YWJpdG5lc3Msc3RvcmFnZWFjY2VzcyxzeW5jeGhyLGNoZGV2aWNlbWVtb3J5LGNodmlld3BvcnR3aWR0aCxwaWN0dXJlaW5waWN0dXJlLG1hZ25ldG9tZXRlcixjbGlwYm9hcmR3cml0ZSxtaWNyb3Bob25lIl0sWy0yMCwiLSJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTYxLCJ7XCJ3Z3NsXCI6XCI0O3BhY2tlZF80eDhfaW50ZWdlcl9kb3RfcHJvZHVjdDt1bnJlc3RyaWN0ZWRfcG9pbnRlcl9wYXJhbWV0ZXJzO3BvaW50ZXJfY29tcG9zaXRlX2FjY2VzcztyZWFkb25seV9hbmRfcmVhZHdyaXRlX3N0b3JhZ2VfdGV4dHVyZXM7XCIsXCJwY2ZcIjpcImJncmE4dW5vcm1cIn0iXSxbLTIsIjEzLGVBSFdYMS9mM3F6Q3Zia3V5bVF3Z2xJYUYzcElzZ0lJalNRKzhpS2dxSTBvc0lBaXBGRUVRUklrVWdkRVFRcFVvSlNBdENBcVNIOUd5eTdaV1orZXIvZCtlOTJid3NDU0QvMWUiXSxbLTQsIi0iXSxbLTQ3LCJQYWNpZmljL0hvbm9sdWx1LGVuLVVTLGxhdG4sZ3JlZ29yeSJdLFstOCwiLSJdLFstMTIsIm51bGwiXSxbLTE4LCJbMCwwLDAsMV0iXSxbLTM3LCItMTQ0LTY2LTE4MC0iXSxbLTUxLCItIl0sWy01OCwiLSJdLFstOSwiKyJdLFstMTAsIi0iXSxbLTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXCJkZXNjcmlwdGlvblwiXX0iXSxbLTE0LCItIl0sWy0yNCwiW10iXSxbLTI1LCItIl0sWy00MCwiMzMiXSxbLTUzLCIxMDAiXSxbLTU0LCJ7XCJoXCI6W1wiXzNcIixcIjI4NzI4OTkzMjBcIl0sXCJkXCI6W1wiXzBcIixcIjM0NjcxNTYwMDNcIl0sXCJiXCI6W10sXCJzXCI6MX0iXSxbLTcwLCItIl0sWy0yOSwiLSJdLFstMzIsIi0iXSxbLTM2LCJbXCI0LzNcIixcIjQvM1wiXSJdLFstNDYsIjAiXSxbLTY3LCItIl0sWy02OCwiLSJdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbFwiLFwidlwiOlwiaW50ZWwgaW5jLlwiLFwiclwiOlwiaW50ZWwgaXJpcyBvcGVuZ2wgZW5naW5lXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wIChvcGVuZ2wgZXMgZ2xzbCBlcyAxLjAgY2hyb21pdW0pXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjAgKG9wZW5nbCBlcyAyLjAgY2hyb21pdW0pXCIsXCJndmVuXCI6XCJ3ZWJraXRcIixcImJlblwiOjgsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0IHdlYmdsXCIsXCJzZWZcIjoxOTMwODIwMjc5LFwic2VjXCI6XCJcIn0iXSxbLTEsIi0iXSxbLTM5LCJbXCIyMDAzMDEwN1wiLDIsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixudWxsLG51bGwsdHJ1ZSw4LGZhbHNlLG51bGwsNSx0cnVlLHRydWUsbnVsbCwwLHRydWUsdHJ1ZV0iXSxbLTQ1LCI2MjAsNjc3LDAsMCwwLDU2MiwwLDAsNjQ4LDAsMCwwLDAsMCwwLDAsMCwwLDAsNjg0LDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwIl0sWy01NiwibGFuZHNjYXBlLXByaW1hcnkiXSxbLTcxLCJhMDExMDAxMDEwMDEwMDEwMTAwMDEwMTAwMTExMTEwMTAwMDAxMCJdLFstMjEsIi0iXSxbLTIzLCIrIl0sWy0zMSwiZmFsc2UiXSxbLTMzLCItIl0sWy0zNSwiWzE3Mjk2MzQxODczNDksMTBdIl0sWy0zOCwibCwtMSwtMSwwLDAsMiwwLDUyLDIwOCwzNjIsLTEsMCwsLDEzNDYsMTM0NiJdLFstNDMsIjAwMDAwMDAxMDEwMDAwMDEwMDExMTAxMTAwMTAxMTAxMDAwMDAxMCJdLFstNDgsIjAsMCJdLFstNDksIi0iXSxbLTUwLCItIl0sWy02MCwyMDddLFstNjMsIi0iXSxbImJuY2giLDEzMV0sWy0xOSwiWzExMCwxMTAsMTEwLDExMCwwLDAsMSwyNCwyNCxcIi1cIiwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTI4NSwxNjAwLDEyMDAsMCwwLDAsMCxcIi1cIixcIi1cIiwxNjAwLDEyMDBdIl0sWy0yNiwie1widGpoc1wiOjg5ODgyMzcsXCJ1amhzXCI6NjY1OTQwMSxcImpoc2xcIjo0Mjk0NzA1MTUyfSJdLFstNDEsIi0iXSxbLTQyLCIxNzI0Mjk3NjUzIl0sWy02MiwiODAiXSxbImRkYiIsIjAsMTQsMSwwLDEsMSwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMSwxLDAsMSwwLDAsMSwxLDIsMTIsMCw5LDAsMCwwLDAsMCwwLDAsMCwwLDAsNCwwLDksMSwwLDAsMCwwLDAsMCwwLDAsMSwxIl0sWyJjYiIsIjAsMCwwLDAsMCwwLDAsMCwwLDUsMCwwLDksMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCw4LDAsMSwwLDAsMCwwLDAsMSwwLDAiXV0%3D&dep=0&pre=0&sdd=%7B%7D&cri=6tQtZ7LNjV&pto=1362&ver=62&gac=-&mei=&ap=&fe=1&duid=1.1729634187.46keMrI8i24HmOlx&suid=1.1729634187.OohO08MGPBzUkPiS&tuid=1.1729634187.F8zjwSsHIDFJSvxF&fbc=-&gtm=-&it=5%2C644%2C578&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=&sck=-&io=aGA2Og%3D%3D
Requested by
Host: ob.system1onesource.com
URL: https://ob.system1onesource.com/i/35289458b2de2bf5220f730bdbc66486.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
18e4fd5688881ee0a72ed030ed88d532ce608b1c26dafbc1f36c3ae2b2a7cfe6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
https://insurance-claims-us-en-3983501.live
content-encoding
gzip
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
content-length
1464
date
Tue, 22 Oct 2024 21:56:27 GMT
content-type
text/javascript
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		71 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4da8a6638ad70698ad3d01aa0ef124aebe35c297685c0796b174822f597b1d09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept
application/json
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
access-control-allow-methods
GET, OPTIONS
cf-ray
8d6cbcc88b55cb7d-LAX
access-control-allow-origin
*
date
Tue, 22 Oct 2024 21:56:27 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
Content-Type
UiSyndication.js
s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/f965337ff/lib/ 		148 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/f965337ff/lib/UiSyndication.js
Requested by
Host: insurance-claims-us-en-3983501.live
URL: https://insurance-claims-us-en-3983501.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-41.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
15322febec2db7932313f71fa53eb904ea961b1978f2ca4c422f6af7d82eb125

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

x-amz-cf-pop
JFK50-P2
content-encoding
gzip
x-amz-version-id
yr8EYtYF4hEjaj8q0VOYIn7IXKQQTD46
etag
W/"5090889581eac811ed155642a3f61fdb"
age
8876
via
1.1 e42e8491a089e2183879e26e61dae708.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
Nu8HDFE0HWnPrfediWTpXEANt57qIeJjn8o0H7OPgmsMAp4mdg4MIw==
date
Tue, 22 Oct 2024 19:28:32 GMT
content-type
application/javascript
vary
Accept-Encoding
server
AmazonS3
last-modified
Tue, 22 Oct 2024 18:02:27 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202408.1.0/ 		453 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202408.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b18751f3a50a2525e37e8caeda2e00f3c683f1689d629dbb21f3d570a9343af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

content-md5
cSmNeMyDkvSieWRwSFHuAQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCD1496E561314
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
2179
x-content-type-options
nosniff
date
Tue, 22 Oct 2024 21:56:27 GMT
content-type
application/javascript
last-modified
Tue, 10 Sep 2024 03:34:09 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
360c2a19-601e-0017-6b23-2053e9000000
cf-ray
8d6cbcc92dd31024-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
112788
x-ms-blob-type
BlockBlob
server
cloudflare
bat.js
bat.bing.com/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: ob.system1onesource.com
URL: https://ob.system1onesource.com/i/35289458b2de2bf5220f730bdbc66486.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
gzip
etag
"028e0691d20db1:0"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7307CF5CB046422691D742F3574136F8 Ref B: LAX311000108045 Ref C: 2024-10-22T21:56:28Z
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
14570
date
Tue, 22 Oct 2024 21:56:27 GMT
content-type
application/javascript
last-modified
Wed, 16 Oct 2024 22:47:44 GMT
vary
Accept-Encoding
ce0637e6-8fd2-45fd-b88a-86da36f84d83
https://insurance-claims-us-en-3983501.live/ Frame 		0
0
/
www.google.com/pagead/1p-conversion/932435890/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/932435890/?label=HtPMCKDQp5QZELKvz7wD&guid=ON&script=0
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/932435890/?label=HtPMCKDQp5QZELKvz7wD&guid=ON&script=0&ct_cookie_present=false&random=1223124929&crd=CLHBsQIIsMGxAgi_yrECCLnBsQIIscO...
  • https://www.google.com/pagead/1p-conversion/932435890/?label=HtPMCKDQp5QZELKvz7wD&guid=ON&script=0&ct_cookie_present=false&random=1223124929&crd=CLHBsQIIsMGxAgi_yrECCLnBsQIIscOxAgiKxbECCMLJsQI&pscr...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-conversion/932435890/?label=HtPMCKDQp5QZELKvz7wD&guid=ON&script=0&ct_cookie_present=false&random=1223124929&crd=CLHBsQIIsMGxAgi_yrECCLnBsQIIscOxAgiKxbECCMLJsQI&pscrd=IhMI8937uv2iiQMVaBpoCB1OzhbXMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOixodHRwczovL2luc3VyYW5jZS1jbGFpbXMtdXMtZW4tMzk4MzUwMS5saXZlLw&is_vtc=1&cid=CAQSGwDpaXnfCQziykeAMO-7A00JnQIeFcAYyhd7-g&random=1738577898
Requested by
Host: insurance-claims-us-en-3983501.live
URL: https://insurance-claims-us-en-3983501.live/
Protocol
H3
Server
142.250.64.68 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s30-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 22 Oct 2024 21:56:28 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
location
https://www.google.com/pagead/1p-conversion/932435890/?label=HtPMCKDQp5QZELKvz7wD&guid=ON&script=0&ct_cookie_present=false&random=1223124929&crd=CLHBsQIIsMGxAgi_yrECCLnBsQIIscOxAgiKxbECCMLJsQI&pscrd=IhMI8937uv2iiQMVaBpoCB1OzhbXMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOixodHRwczovL2luc3VyYW5jZS1jbGFpbXMtdXMtZW4tMzk4MzUwMS5saXZlLw&is_vtc=1&cid=CAQSGwDpaXnfCQziykeAMO-7A00JnQIeFcAYyhd7-g&random=1738577898
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
42
date
Tue, 22 Oct 2024 21:56:28 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.com/pagead/1p-conversion/982246529/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/982246529/?label=sT-ICP-w_JQZEIHJr9QD&guid=ON&script=0
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/982246529/?label=sT-ICP-w_JQZEIHJr9QD&guid=ON&script=0&ct_cookie_present=false&random=1719054063&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisW...
  • https://www.google.com/pagead/1p-conversion/982246529/?label=sT-ICP-w_JQZEIHJr9QD&guid=ON&script=0&ct_cookie_present=false&random=1719054063&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybEC&pscrd=IhMIg...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-conversion/982246529/?label=sT-ICP-w_JQZEIHJr9QD&guid=ON&script=0&ct_cookie_present=false&random=1719054063&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybEC&pscrd=IhMIgt_7uv2iiQMVtCdoCB3n_w4uMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOixodHRwczovL2luc3VyYW5jZS1jbGFpbXMtdXMtZW4tMzk4MzUwMS5saXZlLw&is_vtc=1&cid=CAQSGwDpaXnfNjZUCXjHATMBuQUWz1dPOAvtPSorcA&random=1408514772
Requested by
Host: insurance-claims-us-en-3983501.live
URL: https://insurance-claims-us-en-3983501.live/
Protocol
H3
Server
142.250.64.68 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s30-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 22 Oct 2024 21:56:28 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
location
https://www.google.com/pagead/1p-conversion/982246529/?label=sT-ICP-w_JQZEIHJr9QD&guid=ON&script=0&ct_cookie_present=false&random=1719054063&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybEC&pscrd=IhMIgt_7uv2iiQMVtCdoCB3n_w4uMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOixodHRwczovL2luc3VyYW5jZS1jbGFpbXMtdXMtZW4tMzk4MzUwMS5saXZlLw&is_vtc=1&cid=CAQSGwDpaXnfNjZUCXjHATMBuQUWz1dPOAvtPSorcA&random=1408514772
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
42
date
Tue, 22 Oct 2024 21:56:28 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.com/pagead/1p-conversion/1058340534/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1058340534/?label=w8daCMaRmpQZELb90_gD&guid=ON&script=0
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1058340534/?label=w8daCMaRmpQZELb90_gD&guid=ON&script=0&ct_cookie_present=false&random=1430538114&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIis...
  • https://www.google.com/pagead/1p-conversion/1058340534/?label=w8daCMaRmpQZELb90_gD&guid=ON&script=0&ct_cookie_present=false&random=1430538114&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybEC&pscrd=IhMI...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-conversion/1058340534/?label=w8daCMaRmpQZELb90_gD&guid=ON&script=0&ct_cookie_present=false&random=1430538114&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybEC&pscrd=IhMIpNz7uv2iiQMVhg1oCB2bDAy-MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOixodHRwczovL2luc3VyYW5jZS1jbGFpbXMtdXMtZW4tMzk4MzUwMS5saXZlLw&is_vtc=1&cid=CAQSGwDpaXnfbxBYV9nDDwuwdQjqIolYwJnaz1PJOg&random=47533718
Requested by
Host: insurance-claims-us-en-3983501.live
URL: https://insurance-claims-us-en-3983501.live/
Protocol
H3
Server
142.250.64.68 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s30-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 22 Oct 2024 21:56:28 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
location
https://www.google.com/pagead/1p-conversion/1058340534/?label=w8daCMaRmpQZELb90_gD&guid=ON&script=0&ct_cookie_present=false&random=1430538114&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybEC&pscrd=IhMIpNz7uv2iiQMVhg1oCB2bDAy-MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOixodHRwczovL2luc3VyYW5jZS1jbGFpbXMtdXMtZW4tMzk4MzUwMS5saXZlLw&is_vtc=1&cid=CAQSGwDpaXnfbxBYV9nDDwuwdQjqIolYwJnaz1PJOg&random=47533718
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
42
date
Tue, 22 Oct 2024 21:56:28 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
tc_imp.gif
obs.system1onesource.com/tracker/ 		43 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obs.system1onesource.com/tracker/tc_imp.gif?e=37dfbd8ee84e001268e7c136ee46829a9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5c198e652517071a10acf9f29f674e80828105283c13fe2c72028332d865c2043201239653055764015a97b73d4877be26bb25cb43e2916af05665ff0b2d7e1bda55ed43f497d7df3cbb2807ff7ecaa8556d8e0e3143714493d60264f360b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c44ca4825b6a3e5aa22a76da50eda7cf54a6863c89777256e1d0cd71ed0d906f50732e690b73255015ab2fb523c9bdc05457f54065258fcd135700e5fe6a5142c93aaf7278ee04572032cbbc5f4c2c935e7c2db59ec489f5e2c7edfaacff4e43e828ee43f91330ed7fc9a2c1114f43368a1941d60e7d9aa70dd00fd4eb3d611914cd9d36d9a6d279c9a26d96c8cc0adb1d3fde90b72b26bf6f8f0364e6de29026d2e51ce0105b528b0c03d893ccdfd0b3823c877b8bc4e4df2abd30753f907f66d4dad1482090b020e541f7944e877aa33d1a1a059778ff0c9c9fee4889c776871ca7d78f9527995a0435ae105443794d79d7bc64a4058c8cc76ae59f6fbdc86cdb88eeed2b9da2e61f283e84ea4a4fdeb41f510ff8acba74fa2886f80bbe9372eb29fe75ec07c61ec5b52edb0871b6ddce3f6a61247a7e195605b7f3907e905ea54f25402af1a84cdd9e040dfeb8dfbaa06dc2ede4ff9af9aff14b4920fa4786b65e7282436518d77f5c716cf57ab37719c2efc77f897cca2683a830d0bb0a906712202300600e9ac0e5b6206901df411187d9cbbaaecb540797b6be7997c77465dcd4496914bbe8d10f23b35fd820c352f12389519e9147eab020e38589d59a4e64ece43a6b8568d9d2e8d4169411437677de0d1830e8c04d93fe508fc0cfda5edf86993209354eb83eaf04a252acf761dc6804420242040b9720edc77b23ab73d2e5b563cbc526e16861ed55253e95e9cd180ebf35a4f24f8956755915e25979d5f68836d95d3f869747f49dcff58341d341476248a3652f5380824c01ef7ef5f4c22e86cffe4e003eb060201416905403b78be4190d823d3280c2c553c3d7b9c64530e573e845785ccc5231268385164b8acaf187a1a019e533a36ad139d3d641bdad8a7768bcdd199cc9acb892a28a8e610f&cri=6tQtZ7LNjV&ts=463&cb=1729634187826
Requested by
Host: insurance-claims-us-en-3983501.live
URL: https://insurance-claims-us-en-3983501.live/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
date
Tue, 22 Oct 2024 21:56:27 GMT
pragma
no-cache
content-type
image/gif
6d71027c-dc9e-41dd-93cc-825f3c368b83
https://insurance-claims-us-en-3983501.live/ Frame 		0
0
en.json
cdn.cookielaw.org/consent/3c540673-bf8c-42bb-bcf5-5bd7df97351a/018eaf28-2ccb-7e13-b24b-dafa393885cc/ 		41 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/3c540673-bf8c-42bb-bcf5-5bd7df97351a/018eaf28-2ccb-7e13-b24b-dafa393885cc/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202408.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c22cc96ab0539834e38fd8b93576af65bc604b303e00c79aff6759a05403bae5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

content-md5
bkAZ09ndymUEGHxCFrBX/w==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
MISS
etag
0x8DCD80B7201028E
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
x-content-type-options
nosniff
expires
Wed, 23 Oct 2024 21:56:28 GMT
date
Tue, 22 Oct 2024 21:56:28 GMT
content-type
application/json
last-modified
Wed, 18 Sep 2024 17:58:04 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin, cross-origin
x-ms-request-id
b3fe01b3-501e-001f-51cd-24489a000000
cf-ray
8d6cbcca49df08c8-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
11585
x-ms-blob-type
BlockBlob
server
cloudflare
dpl-search.js
s.flocdn.com/@s1/dpl/4.18.10/ 		55 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.flocdn.com/@s1/dpl/4.18.10/dpl-search.js
Requested by
Host: s.flocdn.com
URL: https://s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/f965337ff/lib/UiSyndication.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-41.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c4f26dcadef4155163bcd7188541ca0be0c9292542dc25b822c8359b7e7c20ee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

cache-control
max-age=31536000
content-encoding
gzip
x-amz-version-id
Y2AOG7LCtdnKp9RIeYVMSl0FymcEJGqj
etag
"ba5caa0898a94da3c102e748f5c3110d"
age
445017
via
1.1 e42e8491a089e2183879e26e61dae708.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
16356
x-amz-cf-id
ThapZysnjTjOBRKW_cdNvICWZQCrI-SZaxo02QeXiR3ic2T_kIEJdw==
date
Thu, 17 Oct 2024 18:19:32 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 16 Oct 2024 19:31:29 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P2
caf.js
www.google.com/adsense/domains/ 		150 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/adsense/domains/caf.js?abp=1&s1abp=true
Requested by
Host: s.flocdn.com
URL: https://s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/f965337ff/lib/UiSyndication.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.68 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s30-in-f4.1e100.net
Software
sffe /
Resource Hash
cc7b172ac32a77dc867ffe1cb8c362faaa05ebc78d122d1bb960ccb7d41c0870
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

content-encoding
gzip
etag
"4068055184848506994"
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
x-content-type-options
nosniff
expires
Tue, 22 Oct 2024 21:56:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 21:56:28 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
link
<https://syndicatedsearch.goog>; rel="preconnect"
cache-control
private, max-age=3600
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
accept-ranges
bytes
x-xss-protection
0
server
sffe
texture.png
s.flocdn.com/layout/gd05/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.flocdn.com/layout/gd05/texture.png
Requested by
Host: insurance-claims-us-en-3983501.live
URL: https://insurance-claims-us-en-3983501.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-41.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ac584704539b6bdae9db66aebabb19c41cc858272b85581fedf1f7ab26f73e9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

etag
"57bbfe7c227619d47a41639eba996150"
x-amz-version-id
9nrwm6vbihUL1RldyKfYApKff2o.FEKN
age
78516
via
1.1 e42e8491a089e2183879e26e61dae708.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
84780
x-amz-cf-id
BfiUYPXByx3JoIKVmICSeXhha9UpLQvYmKHZwzzM9eih_la3CR7YJQ==
date
Tue, 22 Oct 2024 00:07:53 GMT
x-amz-meta-version-id
HC_iG.nfn0YuLDYFlnJj0jQC5XTNCe04
content-type
image/png
last-modified
Tue, 16 May 2017 22:02:26 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P2
vary
Accept-Encoding
arrows-rainbow_559.png
s.flocdn.com/layout/pship508/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.flocdn.com/layout/pship508/arrows-rainbow_559.png
Requested by
Host: insurance-claims-us-en-3983501.live
URL: https://insurance-claims-us-en-3983501.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-41.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
52711ce4a13307c1b467dd942b1c90baf41b6a0264d01d71280421c37e8b8bc0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

x-amz-cf-pop
JFK50-P2
x-amz-version-id
q0xUrgBtkt1zPXsMOtCQmqJsqJAEmQZm
etag
"9ca21edfdf15faf735dad1f024227fbc"
age
78516
via
1.1 e42e8491a089e2183879e26e61dae708.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
87916
x-amz-cf-id
qdNIxI2olS69KCSrJgJUTqQuuiCuk2UkDIaB_343qRf74npB3upVrg==
date
Tue, 22 Oct 2024 00:07:54 GMT
content-type
image/png
vary
Accept-Encoding
server
AmazonS3
last-modified
Wed, 04 Jan 2023 19:08:13 GMT
otGPP.js
cdn.cookielaw.org/scripttemplates/202408.1.0/ 		81 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202408.1.0/otGPP.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202408.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8126da8bb4af8f970a2acb8640a3c3d7a38bafc2dcbc41fde93fd55473a5de66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

content-md5
zMjDHhMNQgqbyypFtxjSzA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
83467
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 22 Oct 2024 21:56:28 GMT
content-type
application/javascript
last-modified
Tue, 10 Sep 2024 03:34:13 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
c04b1abd-001e-002e-781f-20134d000000
cf-ray
8d6cbccc099c1024-LAX
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
211047010.js
bat.bing.com/p/action/ 		371 B
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/211047010.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0e0c8cedb72a7e5a3080203509132486e267e5d1b0c5c6eae78ac16f7928ff01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2349B90083B84B92912604D435AB4F50 Ref B: LAX311000108045 Ref C: 2024-10-22T21:56:28Z
x-cache
CONFIG_NOCACHE
date
Tue, 22 Oct 2024 21:56:28 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
iframe.html
s.flocdn.com/%40s1/dpl/4.18.10/ Frame 593C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.flocdn.com/%40s1/dpl/4.18.10/iframe.html
Requested by
Host: s.flocdn.com
URL: https://s.flocdn.com/@s1/dpl/4.18.10/dpl-search.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-94.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://insurance-claims-us-en-3983501.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
444962
cache-control
max-age=31536000
content-encoding
gzip
content-length
201
content-type
text/html; charset=UTF-8
date
Thu, 17 Oct 2024 18:20:27 GMT
etag
"a5df5c0aa8fb89b080d3d640e0f7688b"
last-modified
Wed, 16 Oct 2024 19:31:29 GMT
server
AmazonS3
via
1.1 4a1ea8b67dc2325b2469ed51d3e186ac.cloudfront.net (CloudFront)
x-amz-cf-id
jpeEsCntxMIb77TYUE8nbfPQFXoMuqWKwmG-sB8_obyyZ1S5AvqzUg==
x-amz-cf-pop
JFK50-P2
x-amz-version-id
XZIUO8pHbqIhGTza0vyrBZgPWHsZ5lgj
x-cache
Hit from cloudfront
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202408.1.0/assets/ 		24 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202408.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202408.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

content-md5
HyPJ72TNHxdfOI82cqKVqA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
MISS
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 22 Oct 2024 21:56:28 GMT
content-type
text/css
last-modified
Tue, 10 Sep 2024 03:34:14 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
d8953741-e01e-00ac-06cd-24b21d000000
cf-ray
8d6cbcccbd8008c8-LAX
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
0
bat.bing.com/action/ 		0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=211047010&Ver=2&mid=0759c067-95c9-4527-a04e-2924429656ce&bo=1&sid=7d55a68090c011efb19e47a825f56682&vid=7d55ebb090c011ef8a69af879fc67eb0&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1600&sh=1200&sc=24&tl=insurance-claims-us-en-3983501.live&p=https%3A%2F%2Finsurance-claims-us-en-3983501.live%2F&r=&lt=1458&evt=pageLoad&sv=1&cdb=AQER&rn=61338
Requested by
Host: insurance-claims-us-en-3983501.live
URL: https://insurance-claims-us-en-3983501.live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2B823D20BF6A46C4AC397EB7427BB3B6 Ref B: LAX311000108045 Ref C: 2024-10-22T21:56:28Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Tue, 22 Oct 2024 21:56:28 GMT
0
bat.bing.com/action/ 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=211047010&Ver=2&mid=0759c067-95c9-4527-a04e-2924429656ce&bo=2&sid=7d55a68090c011efb19e47a825f56682&vid=7d55ebb090c011ef8a69af879fc67eb0&vids=0&msclkid=N&ec=CHEQ&el=Invalid_Users&ev=0&ea=Invalid_Users&en=Y&p=https%3A%2F%2Finsurance-claims-us-en-3983501.live%2F&sw=1600&sh=1200&sc=24&evt=custom&cdb=AQER&rn=950828
Requested by
Host: insurance-claims-us-en-3983501.live
URL: https://insurance-claims-us-en-3983501.live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C60168FD38144C4D9B7CFFA95780F73A Ref B: LAX311000108045 Ref C: 2024-10-22T21:56:28Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Tue, 22 Oct 2024 21:56:28 GMT
cookie.js
partner.googleadservices.com/gampad/ 		424 B
280 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=insurance-claims-us-en-3983501.live&client=dp-dotzup21_3ph_js&product=SAS&callback=__sasCookie&cookie_types=v1%2Cv2
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js?abp=1&s1abp=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
8dcca141f778d91431b27e75759144a2b2256b73b3326f6fc0e12f897168af86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

cache-control
private
timing-allow-origin
*
content-encoding
gzip
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
258
date
Tue, 22 Oct 2024 21:56:28 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
ads
syndicatedsearch.goog/afs/ Frame 4811 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://syndicatedsearch.goog/afs/ads?adtest=off&psid=1646507740&client=dp-dotzup21_3ph_js&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Finsurance-claims-us-en-3983501.live%2Fserp%3Fsc%3DqrwAStLlmyZd10%26ivt%3Dfalse&rpqp=query&max_radlink_len=40&type=3&uiopt=false&swp=as-drid-oo-1715430907199229&rs_tt=c&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301431%2C17301433%2C17301436%2C17301542%2C17301266%2C72717107&format=r5&nocache=4821729634188656&num=0&output=afd_ads&domain_name=insurance-claims-us-en-3983501.live&v=3&bsl=8&pac=0&u_his=2&u_tz=-600&dt=1729634188657&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1200&frm=0&uio=-&cont=ads&drt=0&jsid=caf&nfp=1&jsv=685701914&rurl=https%3A%2F%2Finsurance-claims-us-en-3983501.live%2F
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js?abp=1&s1abp=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-6CpCx1kHmIJ8K5A4Nlj7Qg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection 0

Request headers

Referer
https://insurance-claims-us-en-3983501.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-disposition
inline
content-encoding
br
content-length
2801
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-6CpCx1kHmIJ8K5A4Nlj7Qg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
date
Tue, 22 Oct 2024 21:56:29 GMT
expires
Tue, 22 Oct 2024 21:56:29 GMT
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server
gws
x-xss-protection
0
mon
obs.system1onesource.com/ 		0
16 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://obs.system1onesource.com/mon
Requested by
Host: ob.system1onesource.com
URL: https://ob.system1onesource.com/i/35289458b2de2bf5220f730bdbc66486.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

access-control-allow-origin
https://insurance-claims-us-en-3983501.live
content-length
0
date
Tue, 22 Oct 2024 21:56:28 GMT
content-type
application/json
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
mon
obs.system1onesource.com/ 		0
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://obs.system1onesource.com/mon
Requested by
Host: ob.system1onesource.com
URL: https://ob.system1onesource.com/i/35289458b2de2bf5220f730bdbc66486.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

access-control-allow-origin
https://insurance-claims-us-en-3983501.live
content-length
0
date
Tue, 22 Oct 2024 21:56:28 GMT
content-type
application/json
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
gtm.js
www.googletagmanager.com/ 		207 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T3SP83V
Requested by
Host: s.flocdn.com
URL: https://s.flocdn.com/@s1/dpl/4.18.10/dpl-search.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ef4434eca877b70578d8de6248a3c17ed0715bdf6801ca6388fea1188a34cfde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Tue, 22 Oct 2024 21:56:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 21:56:29 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 22 Oct 2024 21:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
74973
x-xss-protection
0
server
Google Tag Manager
dplpxs
soflopxl.com/ 		0
207 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://soflopxl.com/dplpxs
Requested by
Host: s.flocdn.com
URL: https://s.flocdn.com/@s1/dpl/4.18.10/dpl-search.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.223.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-223-227.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

expires
Tue, 22 Oct 2024 21:56:28 GMT
cache-control
no-cache
access-control-allow-origin
https://insurance-claims-us-en-3983501.live
date
Tue, 22 Oct 2024 21:56:29 GMT
server
nginx
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
js
www.googletagmanager.com/gtag/ 		313 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1QH44F1BG5&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3SP83V
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
416a38cc0c44b90cab1823e99d47461d39a363ff91db429878083452df7deeca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 22 Oct 2024 21:56:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 21:56:29 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
107473
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		238 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-932435890&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3SP83V
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
624eded0a43c880970a3fa6a534f669fb8033e6c50b504606da91f35aa627260
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 22 Oct 2024 21:56:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 21:56:30 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 22 Oct 2024 21:35:16 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
87451
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		249 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-982246529&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3SP83V
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6704353b34e404f295771363edc46c5b66211cc3786aa179e77811e7266850d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 22 Oct 2024 21:56:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 21:56:29 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 22 Oct 2024 21:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
90269
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		249 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1058340534&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3SP83V
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1813eac81e70d726c380b57010a920d5c6616fac059b7bafa413d6e9288b82a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 22 Oct 2024 21:56:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 21:56:30 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 22 Oct 2024 21:35:16 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
90401
x-xss-protection
0
server
Google Tag Manager
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/982246529/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/982246529/?random=1729634190377&cv=11&fst=1729634190377&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v868528064za200zb844758514&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823847~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Finsurance-claims-us-en-3983501.live%2F&hn=www.googleadservices.com&frm=0&tiba=insurance-claims-us-en-3983501.live&npa=0&pscdl=noapi&auid=416064595.1729634190&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-982246529&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f2.1e100.net
Software
cafe /
Resource Hash
b58960688328c0684d7f9b65c3d35094c010508eaf7425b4aa168a6b7bb1923f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2304
date
Tue, 22 Oct 2024 21:56:30 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
982246529
td.doubleclick.net/td/rul/ Frame 0477 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/982246529?random=1729634190377&cv=11&fst=1729634190377&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v868528064za200zb844758514&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823847~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Finsurance-claims-us-en-3983501.live%2F&hn=www.googleadservices.com&frm=0&tiba=insurance-claims-us-en-3983501.live&npa=0&pscdl=noapi&auid=416064595.1729634190&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-982246529&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://insurance-claims-us-en-3983501.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Oct 2024 21:56:30 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/conversion/982246529/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/982246529/?random=1729634190422&cv=11&fst=1729634190422&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v868528064za200zb844758514&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823847~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Finsurance-claims-us-en-3983501.live%2F&label=sT-ICP-w_JQZEIHJr9QD&hn=www.googleadservices.com&frm=0&tiba=insurance-claims-us-en-3983501.live&gtm_ee=1&npa=0&pscdl=noapi&auid=416064595.1729634190&fledge=1&capi=1&data=event%3Dconversion&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-982246529&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
aa382354dd56d939c7952866d42960c28ac72faacb8c866c520363a933905270
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
2583
date
Tue, 22 Oct 2024 21:56:30 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
982246529
td.doubleclick.net/td/rul/ Frame E226 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/982246529?random=1729634190422&cv=11&fst=1729634190422&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v868528064za200zb844758514&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823847~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Finsurance-claims-us-en-3983501.live%2F&label=sT-ICP-w_JQZEIHJr9QD&hn=www.googleadservices.com&frm=0&tiba=insurance-claims-us-en-3983501.live&gtm_ee=1&npa=0&pscdl=noapi&auid=416064595.1729634190&fledge=1&capi=1&data=event%3Dconversion&ct_cookie_present=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-982246529&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://insurance-claims-us-en-3983501.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Oct 2024 21:56:30 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/932435890/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/932435890/?random=1729634190453&cv=11&fst=1729634190453&bg=ffffff&guid=ON&async=1&gtm=45be4ah0za200zb844758514&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823848~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Finsurance-claims-us-en-3983501.live%2F&hn=www.googleadservices.com&frm=0&tiba=insurance-claims-us-en-3983501.live&npa=0&pscdl=noapi&auid=416064595.1729634190&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-932435890&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f2.1e100.net
Software
cafe /
Resource Hash
7dfe7237910c8c3ed39965d847994bf991c7b8ef8ef0b038c1bf93be71a9c256
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2326
date
Tue, 22 Oct 2024 21:56:30 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
932435890
td.doubleclick.net/td/rul/ Frame F47F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/932435890?random=1729634190453&cv=11&fst=1729634190453&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ah0za200zb844758514&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823848~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Finsurance-claims-us-en-3983501.live%2F&hn=www.googleadservices.com&frm=0&tiba=insurance-claims-us-en-3983501.live&npa=0&pscdl=noapi&auid=416064595.1729634190&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-932435890&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://insurance-claims-us-en-3983501.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
1361
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Oct 2024 21:56:30 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/conversion/932435890/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/932435890/?random=1729634190488&cv=11&fst=1729634190488&bg=ffffff&guid=ON&async=1&gtm=45be4ah0za200zb844758514&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823848~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Finsurance-claims-us-en-3983501.live%2F&label=HtPMCKDQp5QZELKvz7wD&hn=www.googleadservices.com&frm=0&tiba=insurance-claims-us-en-3983501.live&gtm_ee=1&npa=0&pscdl=noapi&auid=416064595.1729634190&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-932435890&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
f2ec9f07267d750b860dc367e92dfb4bcd08cb82bd588d4b4942ae6c95f7000b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
2604
date
Tue, 22 Oct 2024 21:56:30 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
932435890
td.doubleclick.net/td/rul/ Frame FDFB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/932435890?random=1729634190488&cv=11&fst=1729634190488&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ah0za200zb844758514&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823848~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Finsurance-claims-us-en-3983501.live%2F&label=HtPMCKDQp5QZELKvz7wD&hn=www.googleadservices.com&frm=0&tiba=insurance-claims-us-en-3983501.live&gtm_ee=1&npa=0&pscdl=noapi&auid=416064595.1729634190&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&ct_cookie_present=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-932435890&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://insurance-claims-us-en-3983501.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
1249
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Oct 2024 21:56:30 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1058340534/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1058340534/?random=1729634190510&cv=11&fst=1729634190510&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v9100102812za200zb844758514&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823847~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Finsurance-claims-us-en-3983501.live%2F&hn=www.googleadservices.com&frm=0&tiba=insurance-claims-us-en-3983501.live&npa=0&pscdl=noapi&auid=416064595.1729634190&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1058340534&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f2.1e100.net
Software
cafe /
Resource Hash
ed0cda4152ba3ffc27dc92de0fc88e63991bbeebce6a0a4925ce48be01e6605d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2333
date
Tue, 22 Oct 2024 21:56:30 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
1058340534
td.doubleclick.net/td/rul/ Frame D2BC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/1058340534?random=1729634190510&cv=11&fst=1729634190510&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v9100102812za200zb844758514&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823847~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Finsurance-claims-us-en-3983501.live%2F&hn=www.googleadservices.com&frm=0&tiba=insurance-claims-us-en-3983501.live&npa=0&pscdl=noapi&auid=416064595.1729634190&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1058340534&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://insurance-claims-us-en-3983501.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
1203
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Oct 2024 21:56:30 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/conversion/1058340534/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/1058340534/?random=1729634190548&cv=11&fst=1729634190548&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v9100102812za200zb844758514&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823847~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Finsurance-claims-us-en-3983501.live%2F&label=w8daCMaRmpQZELb90_gD&hn=www.googleadservices.com&frm=0&tiba=insurance-claims-us-en-3983501.live&gtm_ee=1&npa=0&pscdl=noapi&auid=416064595.1729634190&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1058340534&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
f4f1fc44801123fb431c93eb98efd81cf566b07b052bcf91db20d58277d67f26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
2614
date
Tue, 22 Oct 2024 21:56:30 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
1058340534
td.doubleclick.net/td/rul/ Frame 9454 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/1058340534?random=1729634190548&cv=11&fst=1729634190548&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v9100102812za200zb844758514&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823847~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Finsurance-claims-us-en-3983501.live%2F&label=w8daCMaRmpQZELb90_gD&hn=www.googleadservices.com&frm=0&tiba=insurance-claims-us-en-3983501.live&gtm_ee=1&npa=0&pscdl=noapi&auid=416064595.1729634190&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&ct_cookie_present=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1058340534&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://insurance-claims-us-en-3983501.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
1203
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Oct 2024 21:56:30 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-1QH44F1BG5&gtm=45je4ah0v888902321z8844758514za200zb844758514&_p=1729634189122&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101686685~101823848~101836706&cid=131178742.1729634191&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1729634190&sct=1&seg=0&dl=https%3A%2F%2Finsurance-claims-us-en-3983501.live%2F&dt=insurance-claims-us-en-3983501.live&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=4591
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1QH44F1BG5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://insurance-claims-us-en-3983501.live
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 21:56:30 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
559 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1QH44F1BG5&cid=131178742.1729634191&gtm=45je4ah0v888902321z8844758514za200zb844758514&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101686685~101823848~101836706
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1QH44F1BG5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://insurance-claims-us-en-3983501.live
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 21:56:30 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame A39E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-1QH44F1BG5&gacid=131178742.1729634191&gtm=45je4ah0v888902321z8844758514za200zb844758514&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101686685~101823848~101836706&z=2083677774
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1QH44F1BG5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://insurance-claims-us-en-3983501.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Oct 2024 21:56:30 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 2CD3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Finsurance-claims-us-en-3983501.live
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-932435890&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Oct 2024 21:56:31 GMT
expires
Wed, 22 Oct 2025 21:56:31 GMT
last-modified
Mon, 21 Oct 2024 16:58:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
www.google.com/pagead/1p-user-list/982246529/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/982246529/?random=1729634190377&cv=11&fst=1729630800000&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v868528064za200zb844758514&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823847~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Finsurance-claims-us-en-3983501.live%2F&hn=www.googleadservices.com&frm=0&tiba=insurance-claims-us-en-3983501.live&npa=0&pscdl=noapi&auid=416064595.1729634190&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnf10-oapUWkA8KQJSvb4rbUvonKNUZD6yVfBQFH8eqxshoHMH5&random=308288195&rmt_tld=0&ipr=y
Requested by
Host: insurance-claims-us-en-3983501.live
URL: https://insurance-claims-us-en-3983501.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.68 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s30-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 22 Oct 2024 21:56:30 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.com/pagead/1p-conversion/982246529/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/982246529/?random=1160482226&cv=11&fst=1729634190422&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v868528064za200zb844758514&gcd=13l3l3l3l1...
  • https://www.google.com/pagead/1p-conversion/982246529/?random=1160482226&cv=11&fst=1729634190422&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v868528064za200zb844758514&gcd=13l3l3l3l1l1&dma=0&tag_exp=1016...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-conversion/982246529/?random=1160482226&cv=11&fst=1729634190422&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v868528064za200zb844758514&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823847~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Finsurance-claims-us-en-3983501.live%2F&label=sT-ICP-w_JQZEIHJr9QD&hn=www.googleadservices.com&frm=0&tiba=insurance-claims-us-en-3983501.live&gtm_ee=1&npa=0&pscdl=noapi&auid=416064595.1729634190&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECShV0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMInOiQvP2iiQMV0QpoCB247zb2MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOixodHRwczovL2luc3VyYW5jZS1jbGFpbXMtdXMtZW4tMzk4MzUwMS5saXZlL0JXQ2hFSThKcmR1QVlRZ2FYdDhMZld0YkcxQVJJc0FGN0FQWWhIbDRLQ1QwazUxVWZfTC1nNDlqUHgzTktjRmc1TThNWUxqWTlXaG0wb3dsc09HUlhqWVB3&is_vtc=1&cid=CAQSKQDpaXnfeowSXw0M4edE3iTJIat-b3jCGDW5qJfH4Q1pYgf9AJ4bXU_q&random=514951476
Requested by
Host: insurance-claims-us-en-3983501.live
URL: https://insurance-claims-us-en-3983501.live/
Protocol
H3
Server
142.250.64.68 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s30-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 22 Oct 2024 21:56:30 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
location
https://www.google.com/pagead/1p-conversion/982246529/?random=1160482226&cv=11&fst=1729634190422&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v868528064za200zb844758514&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823847~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Finsurance-claims-us-en-3983501.live%2F&label=sT-ICP-w_JQZEIHJr9QD&hn=www.googleadservices.com&frm=0&tiba=insurance-claims-us-en-3983501.live&gtm_ee=1&npa=0&pscdl=noapi&auid=416064595.1729634190&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECShV0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMInOiQvP2iiQMV0QpoCB247zb2MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOixodHRwczovL2luc3VyYW5jZS1jbGFpbXMtdXMtZW4tMzk4MzUwMS5saXZlL0JXQ2hFSThKcmR1QVlRZ2FYdDhMZld0YkcxQVJJc0FGN0FQWWhIbDRLQ1QwazUxVWZfTC1nNDlqUHgzTktjRmc1TThNWUxqWTlXaG0wb3dsc09HUlhqWVB3&is_vtc=1&cid=CAQSKQDpaXnfeowSXw0M4edE3iTJIat-b3jCGDW5qJfH4Q1pYgf9AJ4bXU_q&random=514951476
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
42
date
Tue, 22 Oct 2024 21:56:30 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.com/pagead/1p-user-list/932435890/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/932435890/?random=1729634190453&cv=11&fst=1729630800000&bg=ffffff&guid=ON&async=1&gtm=45be4ah0za200zb844758514&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823848~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Finsurance-claims-us-en-3983501.live%2F&hn=www.googleadservices.com&frm=0&tiba=insurance-claims-us-en-3983501.live&npa=0&pscdl=noapi&auid=416064595.1729634190&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnf1w0ZhwMd8Ncu5NiCj-9Ve0buEuXqdlMwi7oBTaGTZtj9iFtm&random=2454591082&rmt_tld=0&ipr=y
Requested by
Host: insurance-claims-us-en-3983501.live
URL: https://insurance-claims-us-en-3983501.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.68 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s30-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 22 Oct 2024 21:56:30 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.com/pagead/1p-conversion/932435890/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/932435890/?random=111302747&cv=11&fst=1729634190488&bg=ffffff&guid=ON&async=1&gtm=45be4ah0za200zb844758514&gcd=13l3l3l3l1l1&dma=0&ta...
  • https://www.google.com/pagead/1p-conversion/932435890/?random=111302747&cv=11&fst=1729634190488&bg=ffffff&guid=ON&async=1&gtm=45be4ah0za200zb844758514&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~10182...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-conversion/932435890/?random=111302747&cv=11&fst=1729634190488&bg=ffffff&guid=ON&async=1&gtm=45be4ah0za200zb844758514&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823848~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Finsurance-claims-us-en-3983501.live%2F&label=HtPMCKDQp5QZELKvz7wD&hn=www.googleadservices.com&frm=0&tiba=insurance-claims-us-en-3983501.live&gtm_ee=1&npa=0&pscdl=noapi&auid=416064595.1729634190&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECShV0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIy9GUvP2iiQMVvAxoCB3BwSnAMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOixodHRwczovL2luc3VyYW5jZS1jbGFpbXMtdXMtZW4tMzk4MzUwMS5saXZlL0JXQ2hFSThKcmR1QVlRZ2FYdDhMZld0YkcxQVJJc0FGN0FQWWpMVkxzdEdCNFYySTBqQXVELU9SNlBHTkVOY0xHdTZqNHhmelBxZkltdFJXbDNOcVdLVVJn&is_vtc=1&cid=CAQSKQDpaXnfPyYFfvaWJpl-DStU8bI61ZWnDZPUhbpSUvvlJnugaGb2xnjy&random=1164273745
Requested by
Host: insurance-claims-us-en-3983501.live
URL: https://insurance-claims-us-en-3983501.live/
Protocol
H3
Server
142.250.64.68 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s30-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 22 Oct 2024 21:56:30 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
location
https://www.google.com/pagead/1p-conversion/932435890/?random=111302747&cv=11&fst=1729634190488&bg=ffffff&guid=ON&async=1&gtm=45be4ah0za200zb844758514&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823848~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Finsurance-claims-us-en-3983501.live%2F&label=HtPMCKDQp5QZELKvz7wD&hn=www.googleadservices.com&frm=0&tiba=insurance-claims-us-en-3983501.live&gtm_ee=1&npa=0&pscdl=noapi&auid=416064595.1729634190&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECShV0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIy9GUvP2iiQMVvAxoCB3BwSnAMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOixodHRwczovL2luc3VyYW5jZS1jbGFpbXMtdXMtZW4tMzk4MzUwMS5saXZlL0JXQ2hFSThKcmR1QVlRZ2FYdDhMZld0YkcxQVJJc0FGN0FQWWpMVkxzdEdCNFYySTBqQXVELU9SNlBHTkVOY0xHdTZqNHhmelBxZkltdFJXbDNOcVdLVVJn&is_vtc=1&cid=CAQSKQDpaXnfPyYFfvaWJpl-DStU8bI61ZWnDZPUhbpSUvvlJnugaGb2xnjy&random=1164273745
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
42
date
Tue, 22 Oct 2024 21:56:30 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.com/pagead/1p-user-list/1058340534/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1058340534/?random=1729634190510&cv=11&fst=1729630800000&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v9100102812za200zb844758514&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823847~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Finsurance-claims-us-en-3983501.live%2F&hn=www.googleadservices.com&frm=0&tiba=insurance-claims-us-en-3983501.live&npa=0&pscdl=noapi&auid=416064595.1729634190&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfczers5rg561RLTgM8GAZvl59WKgN0haqJVgW5902_OAyMGjc&random=219376606&rmt_tld=0&ipr=y
Requested by
Host: insurance-claims-us-en-3983501.live
URL: https://insurance-claims-us-en-3983501.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.68 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s30-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 22 Oct 2024 21:56:30 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.com/pagead/1p-conversion/1058340534/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1058340534/?random=963324839&cv=11&fst=1729634190548&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v9100102812za200zb844758514&gcd=13l3l3l3l...
  • https://www.google.com/pagead/1p-conversion/1058340534/?random=963324839&cv=11&fst=1729634190548&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v9100102812za200zb844758514&gcd=13l3l3l3l1l1&dma=0&tag_exp=101...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-conversion/1058340534/?random=963324839&cv=11&fst=1729634190548&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v9100102812za200zb844758514&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823847~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Finsurance-claims-us-en-3983501.live%2F&label=w8daCMaRmpQZELb90_gD&hn=www.googleadservices.com&frm=0&tiba=insurance-claims-us-en-3983501.live&gtm_ee=1&npa=0&pscdl=noapi&auid=416064595.1729634190&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECShV0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIhKSYvP2iiQMVxwloCB3nUy4AMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOixodHRwczovL2luc3VyYW5jZS1jbGFpbXMtdXMtZW4tMzk4MzUwMS5saXZlL0JXQ2hFSThKcmR1QVlRZ2FYdDhMZld0YkcxQVJJc0FGN0FQWWhCRk9PUUhIbFl0MDJ5aDZNS2g3M3hvSEdEQzRhUmVQTkpxZDBveHZWZ2ZjbXBqQzE4Wk0w&is_vtc=1&cid=CAQSKQDpaXnf8jRUyEn2RdvhwGtiQfhGdYPNX74u92fNv1RYFuLv43J2NdSH&random=1371482091
Requested by
Host: insurance-claims-us-en-3983501.live
URL: https://insurance-claims-us-en-3983501.live/
Protocol
H3
Server
142.250.64.68 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s30-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 22 Oct 2024 21:56:30 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
location
https://www.google.com/pagead/1p-conversion/1058340534/?random=963324839&cv=11&fst=1729634190548&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v9100102812za200zb844758514&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823847~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Finsurance-claims-us-en-3983501.live%2F&label=w8daCMaRmpQZELb90_gD&hn=www.googleadservices.com&frm=0&tiba=insurance-claims-us-en-3983501.live&gtm_ee=1&npa=0&pscdl=noapi&auid=416064595.1729634190&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECShV0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIhKSYvP2iiQMVxwloCB3nUy4AMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOixodHRwczovL2luc3VyYW5jZS1jbGFpbXMtdXMtZW4tMzk4MzUwMS5saXZlL0JXQ2hFSThKcmR1QVlRZ2FYdDhMZld0YkcxQVJJc0FGN0FQWWhCRk9PUUhIbFl0MDJ5aDZNS2g3M3hvSEdEQzRhUmVQTkpxZDBveHZWZ2ZjbXBqQzE4Wk0w&is_vtc=1&cid=CAQSKQDpaXnf8jRUyEn2RdvhwGtiQfhGdYPNX74u92fNv1RYFuLv43J2NdSH&random=1371482091
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
42
date
Tue, 22 Oct 2024 21:56:30 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
mon
obs.system1onesource.com/ 		0
39 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://obs.system1onesource.com/mon
Requested by
Host: ob.system1onesource.com
URL: https://ob.system1onesource.com/i/35289458b2de2bf5220f730bdbc66486.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

access-control-allow-origin
https://insurance-claims-us-en-3983501.live
content-length
0
date
Tue, 22 Oct 2024 21:56:30 GMT
content-type
application/json
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
dplpxs
soflopxl.com/ 		0
206 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://soflopxl.com/dplpxs
Requested by
Host: s.flocdn.com
URL: https://s.flocdn.com/@s1/dpl/4.18.10/dpl-search.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.223.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-223-227.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

expires
Tue, 22 Oct 2024 21:56:30 GMT
cache-control
no-cache
access-control-allow-origin
https://insurance-claims-us-en-3983501.live
date
Tue, 22 Oct 2024 21:56:31 GMT
server
nginx
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
favicon.ico
insurance-claims-us-en-3983501.live/ 		0
103 B 		Other
General
Check archive.org
Download Go to
Full URL
https://insurance-claims-us-en-3983501.live/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.158.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

cf-ray
8d6cbcdea85ce813-DFW
expires
Wed, 23 Oct 2024 01:56:31 GMT
cache-control
public, max-age=14400
cf-cache-status
MISS
date
Tue, 22 Oct 2024 21:56:31 GMT
vary
Accept-Encoding
server
cloudflare
gen_204
syndicatedsearch.goog/afs/ 		0
508 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndicatedsearch.goog/afs/gen_204?client=dp-dotzup21_3ph_js&output=uds_ads_only&zx=qliygu7r6m8v&aqid=jR8YZ8e0BK2KnboPocCz6QI&psid=1646507740&pbt=bs&adbx=550&adby=60&adbh=794&adbw=500&adbah=155%2C155%2C155%2C155%2C155&adbn=master-1&eawp=partner-dp-dotzup21_3ph_js&errv=685701914&csala=5%7C0%7C551%7C382%7C13&lle=0&ifv=1&hpt=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-5Vxqib-1vdiXt3LfokSvlA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-5Vxqib-1vdiXt3LfokSvlA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
permissions-policy
unload=()
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 22 Oct 2024 21:56:31 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
gws
x-frame-options
SAMEORIGIN
gen_204
syndicatedsearch.goog/afs/ 		0
211 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndicatedsearch.goog/afs/gen_204?client=dp-dotzup21_3ph_js&output=uds_ads_only&zx=d8angk7ahety&aqid=jR8YZ8e0BK2KnboPocCz6QI&psid=1646507740&pbt=bv&adbx=550&adby=60&adbh=794&adbw=500&adbah=155%2C155%2C155%2C155%2C155&adbn=master-1&eawp=partner-dp-dotzup21_3ph_js&errv=685701914&csala=5%7C0%7C551%7C382%7C13&lle=0&ifv=1&hpt=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-1EgW_W51rsY5OP8QpG716A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://insurance-claims-us-en-3983501.live/

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-1EgW_W51rsY5OP8QpG716A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
permissions-policy
unload=()
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 22 Oct 2024 21:56:31 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
gws
x-frame-options
SAMEORIGIN
mon
obs.system1onesource.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
insurance-claims-us-en-3983501.live
URL
blob:https://insurance-claims-us-en-3983501.live/ce0637e6-8fd2-45fd-b88a-86da36f84d83
Domain
insurance-claims-us-en-3983501.live
URL
blob:https://insurance-claims-us-en-3983501.live/6d71027c-dc9e-41dd-93cc-825f3c368b83
Domain
obs.system1onesource.com
URL
https://obs.system1onesource.com/mon

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 function| __ctcg_ct_28382_exec object| OtTrustedType object| webpackChunkfrontend object| React object| ReactDOM function| logHydrationScriptLoadError function| hydrateSSR object| componentScript function| __gpp object| otStubData object| _cq object| uetq object| dataLayer object| UISyndication string| onetrustTemplate function| OptanonWrapper function| UET function| UET_init function| UET_push object| ueto_b7a009c8af object| s1 object| dpls1s string| GoogleAnalyticsObject function| ga object| otIabModule object| Optanon object| OneTrust function| gtag string| OnetrustActiveGroups string| OptanonActiveGroups number| googleNDT_ number| googleAltLoader object| google function| __sasCookie object| google_tag_manager object| google_tag_data string| defaultGaId object| GooglebQhCsO object| googletag function| onYouTubeIframeAPIReady object| gaGlobal

19 Cookies

Domain/Path Name / Value
s.flocdn.com/%40s1/dpl/4.18.10 Name: c_cn
Value: c_cn1234
insurance-claims-us-en-3983501.live/ Name: s1_userid
Value: 8coNISs8JqXfNNddGkA7
.insurance-claims-us-en-3983501.live/ Name: __cf_bm
Value: Tv5txdaaiFAj8jTqQlaQXuzOvR1pKyjVKG989c9lIuo-1729634186-1.0.1.1-iK81RN4zSSS7oCyQiipom65zzBC4F4GeW4ulTK_fLShlAVwnbtzRsmQXolmzv59ziGNKIlgS.tFXClgLk1jyKQ
.insurance-claims-us-en-3983501.live/ Name: _cfuvid
Value: 6zq49tH7IFoFR69VqtzbzMmfv367XTDRC56Y0HjkS6w-1729634186569-0.0.1.1-604800000
.insurance-claims-us-en-3983501.live/ Name: _cq_duid
Value: 1.1729634187.46keMrI8i24HmOlx
.insurance-claims-us-en-3983501.live/ Name: _cq_suid
Value: 1.1729634187.OohO08MGPBzUkPiS
obs.system1onesource.com/ Name: cg_uuid
Value: 721824380d564977502405158a55a9f7
.insurance-claims-us-en-3983501.live/ Name: _uetsid
Value: 7d55a68090c011efb19e47a825f56682
.insurance-claims-us-en-3983501.live/ Name: _uetvid
Value: 7d55ebb090c011ef8a69af879fc67eb0
.bat.bing.com/ Name: MR
Value: 0
.bing.com/ Name: MUID
Value: 3578DB16D84569283912CE36D9AB68CF
.insurance-claims-us-en-3983501.live/ Name: __gsas
Value: ID=7aa28c125a21b4d4:T=1729634188:RT=1729634188:S=ALNI_MacljQmVoKUViHR3V9RuM28f2CYZw
.s.flocdn.com/ Name: _ga
Value: GA1.3.1919133421.1729634189
.s.flocdn.com/ Name: _gid
Value: GA1.3.89648986.1729634189
.s.flocdn.com/ Name: _gat
Value: 1
.insurance-claims-us-en-3983501.live/ Name: _gcl_au
Value: 1.1.416064595.1729634190
.insurance-claims-us-en-3983501.live/ Name: _ga
Value: GA1.1.131178742.1729634191
.insurance-claims-us-en-3983501.live/ Name: _ga_1QH44F1BG5
Value: GS1.1.1729634190.1.0.1729634190.60.0.0
.doubleclick.net/ Name: IDE
Value: AHWqTUmviQLCZe48GZkynmpaumKokBzkbbhZLyK6VjdAPqR3ZDQIPTT079Mx6Bpv

1 Console Messages

Source Level URL
Text
worker verbose URL: blob:https://insurance-claims-us-en-3983501.live/ce0637e6-8fd2-45fd-b88a-86da36f84d83(Line 1)
Message:
Error

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
bat.bing.com
cdn.cookielaw.org
geolocation.onetrust.com
googleads.g.doubleclick.net
insurance-claims-us-en-3983501.live
ob.system1onesource.com
obs.system1onesource.com
partner.googleadservices.com
s.flocdn.com
soflopxl.com
stats.g.doubleclick.net
syndicatedsearch.goog
td.doubleclick.net
www.google.com
www.googleadservices.com
www.googletagmanager.com
insurance-claims-us-en-3983501.live
obs.system1onesource.com
104.17.158.1
108.139.29.41
108.139.29.94
142.250.64.68
142.250.80.66
142.250.81.226
142.251.40.162
2600:1f18:e8a:cd06:e361:a2ce:b047:17c
2600:9000:2209:d600:e:52c5:2040:93a1
2606:4700:4400::ac40:9b77
2606:4700::6812:562a
2607:f8b0:4004:c1b::9d
2607:f8b0:4006:806::2002
2607:f8b0:4006:808::200e
2607:f8b0:4006:80c::2008
2607:f8b0:4006:824::200e
2620:1ec:33::10
44.197.223.227
0dbab83582959b097e984894cdd324d0bbc8593379e5e2f496ca90dc5e78476d
0e0c8cedb72a7e5a3080203509132486e267e5d1b0c5c6eae78ac16f7928ff01
15322febec2db7932313f71fa53eb904ea961b1978f2ca4c422f6af7d82eb125
1813eac81e70d726c380b57010a920d5c6616fac059b7bafa413d6e9288b82a4
18e4fd5688881ee0a72ed030ed88d532ce608b1c26dafbc1f36c3ae2b2a7cfe6
1ed80c2416cb9f1734b9d9371c12761f9a0102d00ca0b96af77e1cb319cad6fd
416a38cc0c44b90cab1823e99d47461d39a363ff91db429878083452df7deeca
4b18751f3a50a2525e37e8caeda2e00f3c683f1689d629dbb21f3d570a9343af
4da8a6638ad70698ad3d01aa0ef124aebe35c297685c0796b174822f597b1d09
52711ce4a13307c1b467dd942b1c90baf41b6a0264d01d71280421c37e8b8bc0
624eded0a43c880970a3fa6a534f669fb8033e6c50b504606da91f35aa627260
6704353b34e404f295771363edc46c5b66211cc3786aa179e77811e7266850d9
7358c5616f671017f307d161644d253f0f81083b0be68f3a3fefefa33b59de5d
7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3
7dfe7237910c8c3ed39965d847994bf991c7b8ef8ef0b038c1bf93be71a9c256
8126da8bb4af8f970a2acb8640a3c3d7a38bafc2dcbc41fde93fd55473a5de66
81c4380af83723f0e78f7cfa5dd04ab06ffcb82b7ab3f0ea1d8d5044ce4cb66a
8dcca141f778d91431b27e75759144a2b2256b73b3326f6fc0e12f897168af86
93fb36024acd3f6abe55dac0adda17eb62126c631623132c6b9b35602094a6cd
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9ac584704539b6bdae9db66aebabb19c41cc858272b85581fedf1f7ab26f73e9
aa382354dd56d939c7952866d42960c28ac72faacb8c866c520363a933905270
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
b58960688328c0684d7f9b65c3d35094c010508eaf7425b4aa168a6b7bb1923f
c22cc96ab0539834e38fd8b93576af65bc604b303e00c79aff6759a05403bae5
c4f26dcadef4155163bcd7188541ca0be0c9292542dc25b822c8359b7e7c20ee
cc7b172ac32a77dc867ffe1cb8c362faaa05ebc78d122d1bb960ccb7d41c0870
e2350d26ef77e2164f5869f85c6923d954ac90af8033b61af9948bb11f6f1091
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed0cda4152ba3ffc27dc92de0fc88e63991bbeebce6a0a4925ce48be01e6605d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4434eca877b70578d8de6248a3c17ed0715bdf6801ca6388fea1188a34cfde
f2ec9f07267d750b860dc367e92dfb4bcd08cb82bd588d4b4942ae6c95f7000b
f4f1fc44801123fb431c93eb98efd81cf566b07b052bcf91db20d58277d67f26