urlscan.io logo urlscan.io
SecurityTrails logo

carinsurance.net Open in urlscan Pro
13.224.193.6  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://myoffers.website/track/?oid=234&uid=240
Effective URL: https://carinsurance.net/auto?token=396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey
Submission: On September 25 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 41 IPs in 7 countries across 39 domains to perform 141 HTTP transactions. The main IP is 13.224.193.6, located in United States and belongs to AMAZON-02, US. The main domain is carinsurance.net.
TLS certificate: Issued by Amazon on August 16th 2021. Valid for: a year.
This is the only time carinsurance.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 63.250.38.58 22612 (NAMECHEAP...)
1 1 69.172.200.185 19324 (DOSARREST)
1 1 52.215.240.105 16509 (AMAZON-02)
1 3 13.224.193.6 16509 (AMAZON-02)
15 13.224.193.56 16509 (AMAZON-02)
4 104.16.19.94 13335 (CLOUDFLAR...)
9 142.250.186.36 15169 (GOOGLE)
2 13.225.78.62 16509 (AMAZON-02)
1 142.250.185.170 15169 (GOOGLE)
1 13.225.79.159 16509 (AMAZON-02)
3 13.225.78.91 16509 (AMAZON-02)
1 142.250.184.232 15169 (GOOGLE)
4 142.250.186.67 15169 (GOOGLE)
2 52.218.236.24 16509 (AMAZON-02)
1 172.67.41.229 13335 (CLOUDFLAR...)
1 4 34.200.112.176 14618 (AMAZON-AES)
2 13.224.193.115 16509 (AMAZON-02)
3 172.217.23.99 15169 (GOOGLE)
5 142.250.186.142 15169 (GOOGLE)
1 142.250.181.226 15169 (GOOGLE)
3 157.240.236.1 32934 (FACEBOOK)
4 13.107.21.200 8068 (MICROSOFT...)
12 151.101.130.133 54113 (FASTLY)
3 2.16.186.35 20940 (AKAMAI-ASN1)
16 2.16.186.242 20940 (AKAMAI-ASN1)
1 35.83.147.40 16509 (AMAZON-02)
3 151.101.65.44 54113 (FASTLY)
4 199.68.195.200 19626 (EVC-AS)
7 35.172.176.194 14618 (AMAZON-AES)
4 142.250.185.162 15169 (GOOGLE)
1 74.125.133.157 15169 (GOOGLE)
2 52.59.21.149 16509 (AMAZON-02)
1 13.225.84.206 16509 (AMAZON-02)
1 52.32.115.157 16509 (AMAZON-02)
1 157.240.236.35 32934 (FACEBOOK)
1 35.171.95.27 14618 (AMAZON-AES)
2 52.10.6.43 16509 (AMAZON-02)
1 35.244.174.68 15169 (GOOGLE)
1 1 104.111.215.191 16625 (AKAMAI-AS)
5 52.51.228.134 16509 (AMAZON-02)
1 2 13.225.78.101 16509 (AMAZON-02)
2 2 34.232.240.103 14618 (AMAZON-AES)
1 1 3.8.243.222 16509 (AMAZON-02)
1 2 209.54.176.128 16509 (AMAZON-02)
1 141.226.228.48 ()
141 41
3    63.250.38.58 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: business59-1.web-hosting.com
myoffers.website
1    69.172.200.185 (Canada)

ASN19324 (DOSARREST, US)
PTR: maxbounty.com
afflat3e1.com
1    52.215.240.105 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-240-105.eu-west-1.compute.amazonaws.com
tracking.nationalfamily.com
3    13.224.193.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-6.fra2.r.cloudfront.net
carinsurance.net
15    13.224.193.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-56.fra2.r.cloudfront.net
cdn.assurance.com
4    104.16.19.94 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
9    142.250.186.36 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f4.1e100.net
www.google.com
2    13.225.78.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-62.fra2.r.cloudfront.net
cdn.ywxi.net
1    142.250.185.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f10.1e100.net
fonts.googleapis.com
1    13.225.79.159 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-79-159.fra2.r.cloudfront.net
www.datadoghq-browser-agent.com
3    13.225.78.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-91.fra2.r.cloudfront.net
assets.assurance.com
1    142.250.184.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f8.1e100.net
www.googletagmanager.com
4    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
www.gstatic.com
2    52.218.236.24 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com
s3-us-west-2.amazonaws.com
1    172.67.41.229 (United States)

ASN13335 (CLOUDFLARENET, US)
create.lidstatic.com
4    34.200.112.176 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-112-176.compute-1.amazonaws.com
api.trustedform.com
2    13.224.193.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-115.fra2.r.cloudfront.net
cdn.trustedform.com
3    172.217.23.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f3.1e100.net
fonts.gstatic.com
5    142.250.186.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f14.1e100.net
www.google-analytics.com
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
www.googleadservices.com
3    157.240.236.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frx5.fbcdn.net
connect.facebook.net
4    13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
12    151.101.130.133 (United States)

ASN54113 (FASTLY, US)
cdn.krxd.net
consumer.krxd.net
3    2.16.186.35 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-35.deploy.static.akamaitechnologies.com
secure-ds.serving-sys.com
16    2.16.186.242 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-242.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    35.83.147.40 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-83-147-40.us-west-2.compute.amazonaws.com
ads.nextdoor.com
3    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
4    199.68.195.200 (Hamilton, Bermuda)

ASN19626 (EVC-AS, BM)
c1.ox-bio.com
7    35.172.176.194 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-176-194.compute-1.amazonaws.com
create.leadid.com
4    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
googleads.g.doubleclick.net
1    74.125.133.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f157.1e100.net
stats.g.doubleclick.net
2    52.59.21.149 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-21-149.eu-central-1.compute.amazonaws.com
bs.serving-sys.com
1    13.225.84.206 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-206.fra2.r.cloudfront.net
d2m2wsoho8qq12.cloudfront.net
1    52.32.115.157 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-32-115-157.us-west-2.compute.amazonaws.com
www.trustedsite.com
1    157.240.236.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frx5.facebook.com
www.facebook.com
1    35.171.95.27 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-95-27.compute-1.amazonaws.com
deviceid.trueleadid.com
2    52.10.6.43 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-10-6-43.us-west-2.compute.amazonaws.com
flask.nextdoor.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
stags.bluekai.com
5    52.51.228.134 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-228-134.eu-west-1.compute.amazonaws.com
beacon.krxd.net
2    13.225.78.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-101.fra2.r.cloudfront.net
sb.scorecardresearch.com
2    34.232.240.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-240-103.compute-1.amazonaws.com
usermatch.krxd.net
1    3.8.243.222 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-8-243-222.eu-west-2.compute.amazonaws.com
aa.agkn.com
2    209.54.176.128 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    141.226.228.48 (None, )

ASN- ()
trc-events.taboola.com
Apex Domain
Subdomains		 Transfer
19 krxd.net
cdn.krxd.net
consumer.krxd.net
beacon.krxd.net
usermatch.krxd.net
270 KB
18 assurance.com
cdn.assurance.com
assets.assurance.com
537 KB
16 tiktok.com
analytics.tiktok.com
91 KB
9 google.com
www.google.com
37 KB
7 leadid.com
create.leadid.com
2 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
396 KB
6 trustedform.com
api.trustedform.com
cdn.trustedform.com
36 KB
5 doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
6 KB
5 serving-sys.com
secure-ds.serving-sys.com
bs.serving-sys.com
21 KB
5 google-analytics.com
www.google-analytics.com
20 KB
4 ox-bio.com
c1.ox-bio.com
24 KB
4 taboola.com
cdn.taboola.com
trc.taboola.com
trc-events.taboola.com
27 KB
4 bing.com
bat.bing.com
10 KB
4 cloudflare.com
cdnjs.cloudflare.com
84 KB
3 nextdoor.com
ads.nextdoor.com
flask.nextdoor.com
3 KB
3 facebook.net
connect.facebook.net
114 KB
3 carinsurance.net
carinsurance.net
15 KB
3 myoffers.website
myoffers.website
1 KB
2 amazon-adsystem.com
s.amazon-adsystem.com
2 KB
2 scorecardresearch.com
sb.scorecardresearch.com
736 B
2 amazonaws.com
s3-us-west-2.amazonaws.com
2 KB
2 ywxi.net
cdn.ywxi.net
13 KB
1 agkn.com
aa.agkn.com
366 B
1 bluekai.com
stags.bluekai.com
716 B
1 rlcdn.com
idsync.rlcdn.com
417 B
1 trueleadid.com
deviceid.trueleadid.com
2 KB
1 facebook.com
www.facebook.com
313 B
1 trustedsite.com
www.trustedsite.com
946 B
1 cloudfront.net
d2m2wsoho8qq12.cloudfront.net
2 KB
1 googleadservices.com
www.googleadservices.com
14 KB
1 lidstatic.com
create.lidstatic.com
39 KB
1 googletagmanager.com
www.googletagmanager.com
63 KB
1 datadoghq-browser-agent.com
www.datadoghq-browser-agent.com
22 KB
1 googleapis.com
fonts.googleapis.com
1 KB
1 nationalfamily.com
tracking.nationalfamily.com
2 KB
1 afflat3e1.com
afflat3e1.com
894 B
0 ib-ibi.com Failed
global.ib-ibi.com Failed
0 ixiaa.com Failed
kr.ixiaa.com Failed
0 go2app.org Failed
media.go2app.org Failed
141 39
Domain Requested by
16 analytics.tiktok.com myoffers.website
analytics.tiktok.com
15 cdn.assurance.com carinsurance.net
cdn.trustedform.com
9 www.google.com carinsurance.net
www.gstatic.com
www.google.com
8 cdn.krxd.net myoffers.website
cdn.krxd.net
7 create.leadid.com www.datadoghq-browser-agent.com
deviceid.trueleadid.com
5 beacon.krxd.net carinsurance.net
cdn.krxd.net
5 www.google-analytics.com www.googletagmanager.com
carinsurance.net
4 consumer.krxd.net cdn.krxd.net
4 googleads.g.doubleclick.net www.googleadservices.com
4 c1.ox-bio.com www.googletagmanager.com
carinsurance.net
4 bat.bing.com myoffers.website
bat.bing.com
carinsurance.net
4 api.trustedform.com 1 redirects api.trustedform.com
cdn.trustedform.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 cdnjs.cloudflare.com carinsurance.net
cdnjs.cloudflare.com
3 secure-ds.serving-sys.com myoffers.website
www.datadoghq-browser-agent.com
3 connect.facebook.net myoffers.website
connect.facebook.net
3 fonts.gstatic.com fonts.googleapis.com
www.google.com
3 assets.assurance.com carinsurance.net
3 carinsurance.net 1 redirects www.datadoghq-browser-agent.com
3 myoffers.website
2 s.amazon-adsystem.com 1 redirects
2 usermatch.krxd.net 2 redirects
2 sb.scorecardresearch.com 1 redirects carinsurance.net
2 flask.nextdoor.com carinsurance.net
2 bs.serving-sys.com secure-ds.serving-sys.com
2 trc.taboola.com cdn.taboola.com
2 cdn.trustedform.com carinsurance.net
api.trustedform.com
2 s3-us-west-2.amazonaws.com cdn.ywxi.net
2 cdn.ywxi.net carinsurance.net
1 trc-events.taboola.com www.datadoghq-browser-agent.com
1 aa.agkn.com 1 redirects
1 stags.bluekai.com 1 redirects
1 idsync.rlcdn.com carinsurance.net
1 deviceid.trueleadid.com d2m2wsoho8qq12.cloudfront.net
1 www.facebook.com carinsurance.net
1 www.trustedsite.com cdn.ywxi.net
1 d2m2wsoho8qq12.cloudfront.net create.lidstatic.com
1 stats.g.doubleclick.net www.datadoghq-browser-agent.com
1 cdn.taboola.com myoffers.website
1 ads.nextdoor.com myoffers.website
1 www.googleadservices.com www.googletagmanager.com
1 create.lidstatic.com cdn.assurance.com
1 www.googletagmanager.com cdn.assurance.com
1 www.datadoghq-browser-agent.com carinsurance.net
1 fonts.googleapis.com carinsurance.net
1 tracking.nationalfamily.com 1 redirects
1 afflat3e1.com 1 redirects
0 global.ib-ibi.com Failed carinsurance.net
0 kr.ixiaa.com Failed carinsurance.net
0 media.go2app.org Failed www.googletagmanager.com
141 50

This site contains links to these domains. Also see Links.

Domain
www.prudential.com
assurance.com
policies.google.com
Subject Issuer Validity Valid
myoffers.website
Sectigo RSA Domain Validation Secure Server CA		 2020-12-19 -
2021-12-19		 a year crt.sh
carinsurance.net
Amazon		 2021-08-16 -
2022-09-14		 a year crt.sh
*.assurance.com
Amazon		 2020-11-13 -
2021-12-12		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.ywxi.net
Amazon		 2021-08-04 -
2022-09-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.datadoghq-browser-agent.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-17 -
2022-03-17		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.s3-us-west-2.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-06-23 -
2022-07-24		 a year crt.sh
lidstatic.com
Cloudflare Inc ECC CA-3		 2021-04-30 -
2022-04-29		 a year crt.sh
cdn.trustedform.com
Amazon		 2021-05-14 -
2022-06-12		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-05 -
2021-10-03		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-07-06 -
2022-01-06		 6 months crt.sh
cdn.krxd.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2021-02-08 -
2022-02-07		 a year crt.sh
secure-ds.serving-sys.com
DigiCert SHA2 Secure Server CA		 2021-04-28 -
2022-05-03		 a year crt.sh
*.tiktok.com
RapidSSL RSA CA 2018		 2019-11-14 -
2022-01-12		 2 years crt.sh
nextdoor.com
Amazon		 2021-05-17 -
2022-06-15		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
ox-bio.com
QuoVadis Global SSL ICA G2		 2020-07-14 -
2022-07-14		 2 years crt.sh
create.leadid.com
Amazon		 2021-04-24 -
2022-05-23		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
bs.serving-sys.com
Amazon		 2021-05-10 -
2022-06-08		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.trustedsite.com
Amazon		 2021-02-09 -
2022-03-10		 a year crt.sh
consumer.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-13 -
2022-07-12		 a year crt.sh
deviceid.trueleadid.com
Amazon		 2021-02-06 -
2022-03-07		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
*.trustedform.com
Amazon		 2020-11-11 -
2021-12-10		 a year crt.sh

This page contains 7 frames:

Primary Page: https://carinsurance.net/auto?token=396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey
Frame ID: 50679CCC87EFF5C0F28E6FCDD7360350
Requests: 116 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcQnacUAAAAAPLgJfUTwV3S6-izNvVWMwXVutm-&co=aHR0cHM6Ly9jYXJpbnN1cmFuY2UubmV0OjQ0Mw..&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=invisible&cb=3rejnd520u9g
Frame ID: 0C5E36F09C8862EEF667910051E005DF
Requests: 8 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 7C3B8CCD8525988761521D0D01ECA0BB
Requests: 11 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=80E3400E-7A99-BA76-B141-DD16625C4902&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.7&lck=CF934278-B099-EB50-BF86-105A165FCB4E&lac=8AA3F211-CA81-3833-51B1-095D2985DA90
Frame ID: 839C97E1D58E7DAFBF38DDAA88355F00
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=80E3400E-7A99-BA76-B141-DD16625C4902&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.7&lck=CF934278-B099-EB50-BF86-105A165FCB4E&lac=8AA3F211-CA81-3833-51B1-095D2985DA90
Frame ID: 86587EED7A4297253B938E9AE3FF635B
Requests: 2 HTTP requests in this frame

Frame: https://api.trustedform.com/certs
Frame ID: DDDCB36B9F89D288BB3F3F6DAF255180
Requests: 1 HTTP requests in this frame

Frame: https://api.trustedform.com/certs/1c5a5dc4a672112a69339563fe811bca674aa4df/snapshot
Frame ID: 42456B94C6C0B3BEA64A9BA53062F5E9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CarInsurance.net | Get a Quote

Page URL History Show full URLs

  1. https://myoffers.website/track/?oid=234&uid=240 Page URL
  2. https://myoffers.website/track/go?bounce Page URL
  3. https://myoffers.website/track/go?bounce=1 Page URL
  4. https://afflat3e1.com/lnk.asp?o=16946&c=918277&a=410098&k=AF8EB89ADC601731103895F9FE3D762A&l=18138... HTTP 302
    https://tracking.nationalfamily.com/aff_c?offer_id=175&aff_id=1014&aff_sub=410098&aff_sub2=791683280&source= HTTP 302
    https://carinsurance.net/auto?utm_source=maxbounty&utm_medium=&utm_campaign=410098&utm_content=791683... HTTP 302
    https://carinsurance.net/auto?token=396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3L... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • serving-sys\.com/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

141
Requests

97 %
HTTPS

0 %
IPv6

39
Domains

50
Subdomains

41
IPs

7
Countries

1853 kB
Transfer

4645 kB
Size

46
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://myoffers.website/track/?oid=234&uid=240 Page URL
  2. https://myoffers.website/track/go?bounce Page URL
  3. https://myoffers.website/track/go?bounce=1 Page URL
  4. https://afflat3e1.com/lnk.asp?o=16946&c=918277&a=410098&k=AF8EB89ADC601731103895F9FE3D762A&l=18138&s1=240 HTTP 302
    https://tracking.nationalfamily.com/aff_c?offer_id=175&aff_id=1014&aff_sub=410098&aff_sub2=791683280&source= HTTP 302
    https://carinsurance.net/auto?utm_source=maxbounty&utm_medium=&utm_campaign=410098&utm_content=791683280&utm_term=&offer_id=175&transaction_id=1022d542a17d0062bec210d3541196&aff_sub=410098&aff_sub5=&aff_sub3=&aff_sub2=791683280&aff_sub4=&utm_kxconfid=t4kwo0a21 HTTP 302
    https://carinsurance.net/auto?token=396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16325591844550.8317707853967318&invert_field_sensitivity=false HTTP 301
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16325591844550.8317707853967318&invert_field_sensitivity=false
Request Chain 99
  • https://stags.bluekai.com/site/26357?id=OYfqjbWm&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOYfqjbWm%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID HTTP 302
  • https://beacon.krxd.net/usermatch.gif?_kuid=OYfqjbWm&partner=bluekai&bk_uuid=$_BK_UUID
Request Chain 100
  • https://sb.scorecardresearch.com/p?c1=9&c2=8188709&cs_xi=OYfqjbWm&rn=1632559185 HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=9&c2=8188709&cs_xi=OYfqjbWm&rn=1632559185
Request Chain 101
  • https://usermatch.krxd.net/um/v2?partner=neustar HTTP 302
  • https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=OYfqjbWm HTTP 302
  • https://beacon.krxd.net/data.gif?_kdpid=OYfqjbWm&_kua_seg=000&_kua_zip=&_kua_age=&_kua_gender=&_k_adadvisor_key=
Request Chain 102
  • https://usermatch.krxd.net/um/v2?partner=amazon_na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=869e3c8a-4465-4072-ac08-1ae27f62c9d4&id=OYfqjbWm&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=869e3c8a-4465-4072-ac08-1ae27f62c9d4&id=OYfqjbWm&gdpr=0&dcc=t

141 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
myoffers.website/track/ 		84 B
462 B 		Document
General
Check archive.org
Download Go to
Full URL
https://myoffers.website/track/?oid=234&uid=240
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.58 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business59-1.web-hosting.com
Software
LiteSpeed / PHP/7.1.33
Resource Hash
df632a7d5e7c510d7ab78404f567030b9797ae2231a86a175233706faecc6aad

Request headers

:method
GET
:authority
myoffers.website
:scheme
https
:path
/track/?oid=234&uid=240
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

x-powered-by
PHP/7.1.33
set-cookie
ci_session=53898836e4043f915edb043bc5689099346bbff5; expires=Sat, 25-Sep-2021 10:39:41 GMT; Max-Age=7200; path=/; HttpOnly; secure
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
content-type
text/html; charset=UTF-8
content-length
68
content-encoding
br
vary
Accept-Encoding
date
Sat, 25 Sep 2021 08:39:42 GMT
server
LiteSpeed
x-turbo-charged-by
LiteSpeed
go
myoffers.website/track/ 		86 B
330 B 		Document
General
Check archive.org
Download Go to
Full URL
https://myoffers.website/track/go?bounce
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.58 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business59-1.web-hosting.com
Software
LiteSpeed / PHP/7.1.33
Resource Hash
73ccfc0ff07af54bf18b31d43477b096a52c4056aee052c5da0e01abe6b1f008

Request headers

:method
GET
:authority
myoffers.website
:scheme
https
:path
/track/go?bounce
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://myoffers.website/track/?oid=234&uid=240
accept-encoding
gzip, deflate, br
cookie
ci_session=53898836e4043f915edb043bc5689099346bbff5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://myoffers.website/track/?oid=234&uid=240

Response headers

x-powered-by
PHP/7.1.33
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
content-type
text/html; charset=UTF-8
content-length
69
content-encoding
br
vary
Accept-Encoding
date
Sat, 25 Sep 2021 08:39:42 GMT
server
LiteSpeed
x-turbo-charged-by
LiteSpeed
go
myoffers.website/track/ 		149 B
378 B 		Document
General
Check archive.org
Download Go to
Full URL
https://myoffers.website/track/go?bounce=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.58 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business59-1.web-hosting.com
Software
LiteSpeed / PHP/7.1.33
Resource Hash
77ec3c543cc7d5b2c2a11cd9bda831b626191eb1e328fa0991cd44c5deb1f41d

Request headers

:method
GET
:authority
myoffers.website
:scheme
https
:path
/track/go?bounce=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://myoffers.website/track/go?bounce
accept-encoding
gzip, deflate, br
cookie
ci_session=53898836e4043f915edb043bc5689099346bbff5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://myoffers.website/track/go?bounce

Response headers

x-powered-by
PHP/7.1.33
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
content-type
text/html; charset=UTF-8
content-length
116
content-encoding
br
vary
Accept-Encoding
date
Sat, 25 Sep 2021 08:39:42 GMT
server
LiteSpeed
x-turbo-charged-by
LiteSpeed
Primary Request auto
carinsurance.net/
Redirect Chain
  • https://afflat3e1.com/lnk.asp?o=16946&c=918277&a=410098&k=AF8EB89ADC601731103895F9FE3D762A&l=18138&s1=240
  • https://tracking.nationalfamily.com/aff_c?offer_id=175&aff_id=1014&aff_sub=410098&aff_sub2=791683280&source=
  • https://carinsurance.net/auto?utm_source=maxbounty&utm_medium=&utm_campaign=410098&utm_content=791683280&utm_term=&offer_id=175&transaction_id=1022d542a17d0062bec210d3541196&aff_sub=410098&aff_sub5...
  • https://carinsurance.net/auto?token=396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey
60 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://carinsurance.net/auto?token=396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-6.fra2.r.cloudfront.net
Software
/
Resource Hash
710ca36851ac8952e3b85a2bd97f956fff61ee1d75f9b405581111928daa56a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
carinsurance.net
:scheme
https
:path
/auto?token=396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
path_split_auto=auto_legacy; test_split_test_auto_interstitial_CRM1454=control; test_split_auto_click_leave_behind_CRM1266=control; test_split_home_quote_leave_behindCRM1497=control; test_split_auto_digital_desktop_SPO919=control; test_split_auto_payfone_call_api=control; test_split_auto_payfone_use_api_response=control; test_split_auto_payfone_prefill_pn=control; test_split_auto_control_wifi_no_mail_SPO857=control; test_split_auto_payfone_auth_flow_always_call_identity=control; test_split_auto_legacy_path_credit_pull_tcpa_pf_454=show; retreaver_id=NzQ3Zlp2RCtBQ1pDL0lvaWhpbDI2RzNWMFJOMnQrZGN1WDdpYmFSL3Zwdz0tLU1IK3JaTjR4N09nUTNpMkdCZzVISGc9PQ%3D%3D--c241eca44971a1322ca9d542e79a7c5c7d61d2f8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://myoffers.website/track/go?bounce=1

Response headers

content-type
text/html; charset=utf-8
date
Sat, 25 Sep 2021 08:39:44 GMT
x-frame-options
ALLOWALL
content-security-policy-report-only
default-src 'self' *; img-src 'self' data: *; style-src 'self' 'unsafe-inline' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; frame-ancestors 'self' *.assurance.com; worker-src blob: *.assurance.com;
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
1; mode=block
referrer-policy
same-origin
assur-appversion
1.0.601
etag
W/"710ca36851ac8952e3b85a2bd97f956f"
cache-control
max-age=0, private, must-revalidate
set-cookie
insurance=ff2bc79ebbe2e298fb5099e0d68ef1e4; path=/; expires=Sat, 25 Sep 2021 10:39:44 GMT; secure; HttpOnly
x-request-id
422e7d6b-2da3-426d-9954-7d80e3eb821f
x-runtime
0.105282
vary
Accept-Encoding, Origin
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
WAFrmXsd7u-KgaVPTJ4l4ITqv57APHQGsLTEuJZylPwxD-yR2_PZQw==

Redirect headers

content-type
text/html; charset=utf-8
location
https://carinsurance.net/auto?token=396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey
date
Sat, 25 Sep 2021 08:39:43 GMT
x-frame-options
ALLOWALL
content-security-policy-report-only
default-src 'self' *; img-src 'self' data: *; style-src 'self' 'unsafe-inline' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; frame-ancestors 'self' *.assurance.com; worker-src blob: *.assurance.com;
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
1; mode=block
referrer-policy
same-origin
assur-appversion
1.0.601
cache-control
no-cache
set-cookie
path_split_auto=auto_legacy; path=/; secure test_split_test_auto_interstitial_CRM1454=control; path=/; secure test_split_auto_click_leave_behind_CRM1266=control; path=/; secure test_split_home_quote_leave_behindCRM1497=control; path=/; secure test_split_auto_digital_desktop_SPO919=control; path=/; secure test_split_auto_payfone_call_api=control; path=/; secure test_split_auto_payfone_use_api_response=control; path=/; secure test_split_auto_payfone_prefill_pn=control; path=/; secure test_split_auto_control_wifi_no_mail_SPO857=control; path=/; secure test_split_auto_payfone_auth_flow_always_call_identity=control; path=/; secure test_split_auto_legacy_path_credit_pull_tcpa_pf_454=show; path=/; secure retreaver_id=NzQ3Zlp2RCtBQ1pDL0lvaWhpbDI2RzNWMFJOMnQrZGN1WDdpYmFSL3Zwdz0tLU1IK3JaTjR4N09nUTNpMkdCZzVISGc9PQ%3D%3D--c241eca44971a1322ca9d542e79a7c5c7d61d2f8; path=/; expires=Wed, 25 Sep 2041 08:39:43 GMT; secure
x-request-id
274887f9-b847-4e32-820f-7484c872ba46
x-runtime
0.228136
vary
Accept-Encoding, Origin
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
y-HBkwpgS3KVi6GtrmeCGbafyN2LYcjln_yQstjI_VLjIOHnAISbbQ==
customer-26bcca9a5f587aef6f7e6fa13978f73ab98b92443128bd555dba801d638b39be.css
cdn.assurance.com/insurance/public/assets/ 		249 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.assurance.com/insurance/public/assets/customer-26bcca9a5f587aef6f7e6fa13978f73ab98b92443128bd555dba801d638b39be.css
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-56.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c2c6b97b95feb4fee049d7b5ea74e3471974531b3e824937281c1343bb4f10ec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 08:39:44 GMT
content-encoding
gzip
last-modified
Fri, 24 Sep 2021 05:50:16 GMT
server
AmazonS3
x-edge-origin-shield-skipped
0
etag
W/"dbd3c13f4306004b07904d7928a7eb6b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
fKuXghyrxaSJzMHXTyQFyih5AWqQ5eaAHTGOmQsNdAzjRzyQnQP8Tw==
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 08:39:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2790401
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5631
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uh8%2F11aKe2q8Oh%2FFUmHoTi7LoVN58X8E%2FIz5L3%2BXfoFe0GjmEnyc7n79FnJ45m1HUDVzN3gXhHKCHdmPXqw3o0yuKzLdbnSqe2aM1AKOE70WHGeYPf1wVuPh26S7RRS31uW9vHzJ"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6942f195ece34ac3-FRA
expires
Thu, 15 Sep 2022 08:39:44 GMT
utility-20c397b44c914d6693df12eab766fb85bcd972d7fb9acd6aa127537778264be4.js
cdn.assurance.com/insurance/public/assets/customer/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.assurance.com/insurance/public/assets/customer/utility-20c397b44c914d6693df12eab766fb85bcd972d7fb9acd6aa127537778264be4.js
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-56.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5414093060cc9567ea47c9d3cedc5d98ef45d98b725bb99484636b472fea0cef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 03:38:45 GMT
content-encoding
gzip
last-modified
Wed, 22 Sep 2021 03:15:03 GMT
server
AmazonS3
age
18060
etag
W/"2245048c3bd62daf9031fd9320d8a16e"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
Sg8Olbg781N8h1jLvVfQO8BXEo82akFMpVjsGEWhZXj47JZ3G66RmA==
carinsurance-e04bfca82f46d1793c08c71fa3ccbeec3ae30b7e2de0bf4adba985bc658203b1.css
cdn.assurance.com/insurance/public/assets/customer/ 		2 KB
790 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.assurance.com/insurance/public/assets/customer/carinsurance-e04bfca82f46d1793c08c71fa3ccbeec3ae30b7e2de0bf4adba985bc658203b1.css
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-56.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8fb73dd6ca507503bf643848c39462bc542c3a42ea945a0d201e50225ea14b22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 02:07:42 GMT
content-encoding
gzip
last-modified
Mon, 20 Sep 2021 01:23:00 GMT
server
AmazonS3
age
23523
etag
W/"de6f3a204f0145eff5fdb1e4d4e463db"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
text/css
via
1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
TPC2wFprPTWzzlFtnHBetbHCt2Im2YxPlAMfz7BuzF_2_V3c4r751A==
big_text-79792668f5bc0c2ea969452f0cfa5a8935b14d76b4e6116cbb88b43dfb1571b9.css
cdn.assurance.com/insurance/public/assets/plates/ 		1 KB
697 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.assurance.com/insurance/public/assets/plates/big_text-79792668f5bc0c2ea969452f0cfa5a8935b14d76b4e6116cbb88b43dfb1571b9.css
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-56.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b56a85fc22d77d1f0b8af62ae52eecca77e120acea1d8cc69d3db859c3faef1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 08:39:44 GMT
content-encoding
gzip
last-modified
Wed, 22 Sep 2021 03:15:11 GMT
server
AmazonS3
x-edge-origin-shield-skipped
0
etag
W/"26a7873a01b0c92cccca0f66c682e296"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
LQgUFAAYp9VPGpsHD5fYxmVYskIB_FCBUn9IadOn871wF9aIE4ALSA==
recaptcha_v3-017e229e4e809625b2ba51f3ae90f12d0fc4d2e4d09c8db38f0aa27f34ffc678.js
cdn.assurance.com/insurance/public/assets/ 		424 B
772 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.assurance.com/insurance/public/assets/recaptcha_v3-017e229e4e809625b2ba51f3ae90f12d0fc4d2e4d09c8db38f0aa27f34ffc678.js
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-56.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
55577367a3c1ec34e2bc5d206aecd32a33df3699a273a036194db80b9810ad42

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 08:39:44 GMT
via
1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
last-modified
Wed, 22 Sep 2021 04:44:40 GMT
server
AmazonS3
x-edge-origin-shield-skipped
0
etag
"8e0cdc1e02df7ff1205ad6e4dc5ffb54"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
424
x-amz-cf-id
1Df2QTDw6a4qvF_4YzrRYD6Pe9YvLYbm71adJVh_Ei88JJn6NUTl3A==
api.js
www.google.com/recaptcha/ 		943 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=executeRecaptcha&render=6LcQnacUAAAAAPLgJfUTwV3S6-izNvVWMwXVutm-
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
GSE /
Resource Hash
db400a95bbc4b3e604eb7e3901db714cc93bb8ed2200f0032e97106d10971278
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 08:39:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
605
x-xss-protection
1; mode=block
expires
Sat, 25 Sep 2021 08:39:44 GMT
gtm-c9df9717b10aae90ab8fb4c6d21ead6e4325ba553724979220261d9a15fb3e20.js
cdn.assurance.com/insurance/public/assets/install/carinsurance/ 		333 B
681 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.assurance.com/insurance/public/assets/install/carinsurance/gtm-c9df9717b10aae90ab8fb4c6d21ead6e4325ba553724979220261d9a15fb3e20.js
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-56.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
286f5afc6d312e1dfe7966d39b7b8fda8a3cc4ca939df32ce5764b6392c9792c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 08:39:44 GMT
via
1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
last-modified
Tue, 21 Sep 2021 00:05:42 GMT
server
AmazonS3
x-edge-origin-shield-skipped
0
etag
"080f197c92de621f095686cd62ebda68"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
333
x-amz-cf-id
2MvLxe6ZUZO7a2VJqsp5WVL0ccJtAM5ggwtfv8jgX7m4hBhHNOOhhQ==
ella-flip-f04095fe7f04d0096fdb266e3ac4cc063a0aea747f5f5113e81355374b197194.png
cdn.assurance.com/insurance/public/assets/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.assurance.com/insurance/public/assets/ella-flip-f04095fe7f04d0096fdb266e3ac4cc063a0aea747f5f5113e81355374b197194.png
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-56.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
080b58bfb270a0738da291bfc8693cbf683d222ee761597e682e29e21f6f76fc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 08:39:44 GMT
via
1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
last-modified
Tue, 21 Sep 2021 00:05:38 GMT
server
AmazonS3
x-edge-origin-shield-skipped
0
etag
"db64300811ffdb901937748066c4718e"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
101895
x-amz-cf-id
k1HFMOn1hLid0xEGfD3J6lLD_C-LSdtMpgN08AMuFilPLJc5EouqrQ==
loading-fb3d3d8df818ea9ed9ae14cc8cf5c9f5f9a1e36c8602782a3ec27f3319c02613.gif
cdn.assurance.com/insurance/public/assets/icons/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.assurance.com/insurance/public/assets/icons/loading-fb3d3d8df818ea9ed9ae14cc8cf5c9f5f9a1e36c8602782a3ec27f3319c02613.gif
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-56.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ea1c3eaefeb1b4e7a6d3fa97f320b3397e4f5d112afcb758e62513852b573423

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 08:39:45 GMT
via
1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
last-modified
Tue, 21 Sep 2021 00:05:39 GMT
server
AmazonS3
x-edge-origin-shield-skipped
0
etag
"d6b028d0fe0d17991948c0b5c94e0a2e"
x-cache
RefreshHit from cloudfront
content-type
image/gif
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
34936
x-amz-cf-id
x38sCzDng6sPDwHmcFv6k1S8miQnr2WKDUaUiOn3uGYOKKL57qM44w==
bbb-logo-e05decb36ee725ba2f2a129928641baddbb4ef50efff58ccb0653e0c20d0fb33.svg
cdn.assurance.com/insurance/public/assets/icons/ 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.assurance.com/insurance/public/assets/icons/bbb-logo-e05decb36ee725ba2f2a129928641baddbb4ef50efff58ccb0653e0c20d0fb33.svg
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-56.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1f3af85e9de68646bce0f2cba2a662f960d00de0fa005bfdca95ab18ef5896c1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 04:33:26 GMT
content-encoding
gzip
last-modified
Mon, 20 Sep 2021 01:23:01 GMT
server
AmazonS3
age
14779
etag
W/"b96ec18537d2a85fa46cfaa1fb2ed5c4"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
image/svg+xml
via
1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
ZQC2btGiuZDA5wxlXk1cufNOwOciAHHaHDHmEjHKn_sdRpr6xE3FOg==
1.js
cdn.ywxi.net/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ywxi.net/js/1.js
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-62.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
876d4947bb8c26dcb8325870c3c605771c1dff3bbbf26201c8c2adbd35361134
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 07:50:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2981
content-security-policy-report-only
report-uri https://52723791ca12811bfedec52ea4c44290.report-uri.com/r/d/csp/reportOnly; default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self'
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
4510
via
1.1 2afacc6ad96dbba3f0b477cd95f16459.cloudfront.net (CloudFront)
referrer-policy
strict-origin-when-cross-origin
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
MYBLgVq38uzndAe2VgsDfeHbakW4UZjanOleK1ks4QKzUlFgRAsNKw==
expires
Sat, 25 Sep 2021 08:50:02 GMT
cssrelpreload.min.js
cdnjs.cloudflare.com/ajax/libs/loadCSS/2.1.0/ 		1 KB
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/loadCSS/2.1.0/cssrelpreload.min.js
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19cfca88e33cb1f56e957f1a653d3acad97f7cc927d0b2e329a80ead264578d3
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 08:39:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
14411107
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
414
cf-request-id
0962bd4619000006253e3cc000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:12:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ed2-4a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G0ikB3eMbR%2BAwrEzskwat6zOr5hpdKg3aqOgFllPC7U9N2jS5om9nznfWRBIeri%2Bcvcffhj8SV5qHe58t7%2Fh02Bt2JpC9g%2BphSK%2Bs9ITU7JLennSergzUpdqGtcVdQpRIirQ2HBP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6942f1962d704ac3-FRA
expires
Thu, 15 Sep 2022 08:39:44 GMT
onloadCSS.min.js
cdnjs.cloudflare.com/ajax/libs/loadCSS/2.1.0/ 		241 B
427 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/loadCSS/2.1.0/onloadCSS.min.js
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7973f6d4de8da495c0a4a870d6b50fff04cc246e1628364160f8486e7f3a1f3e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 08:39:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2788840
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
126
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:12:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ed2-f1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eja2ooj6jKoncpv3ypJol3FTsBlJKZf%2BPvQWaa8OcSRgfdvVpbBiNFzcxRMtv95%2B6K8ZSAfy4nOgJuhx36BApfHbpQE7p0zY5GDN3D8qn3iWTcGs0n0PSea0KOO%2BPFZL4HqKVk5r"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6942f1963d8b4ac3-FRA
expires
Thu, 15 Sep 2022 08:39:44 GMT
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
ESF /
Resource Hash
8c0e5c2f898c9c6ae0c1aff2eca3068d28c9545f8b8c4458d912b27f93d7280a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 25 Sep 2021 07:51:41 GMT
server
ESF
date
Sat, 25 Sep 2021 08:39:44 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 25 Sep 2021 08:39:44 GMT
customer-5ddbd9ca401aa6bf2420fbd2947b5b95f3bb9f4ae6fbf6d5a669c647c9dc6bf1.js
cdn.assurance.com/insurance/public/assets/ 		600 KB
175 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.assurance.com/insurance/public/assets/customer-5ddbd9ca401aa6bf2420fbd2947b5b95f3bb9f4ae6fbf6d5a669c647c9dc6bf1.js
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-56.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f31587f5fc513f915f5c6d2a5b178d0494902b575793b75f49148acdf63b174b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 01:16:25 GMT
content-encoding
gzip
last-modified
Fri, 17 Sep 2021 21:45:14 GMT
server
AmazonS3
age
26600
etag
W/"ccf651ccd7c8466b5ed875e20b91a008"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
EkTOv51JzlM8p0xI2CIlllc5VOxv-SAt4i1qTh6wBvv5jjwPQGlOeg==
leadid-e55ab467f7aaf8024beec14d48c5aa9b368fceb3046745bef3377a371717d1c1.js
cdn.assurance.com/insurance/public/assets/ 		327 B
685 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.assurance.com/insurance/public/assets/leadid-e55ab467f7aaf8024beec14d48c5aa9b368fceb3046745bef3377a371717d1c1.js
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-56.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6a0f16d06bf9ac41309a737c1a0dbf17f5b0d85457a9a3ac0f5e19ef9fc07e5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 05:16:11 GMT
via
1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
last-modified
Mon, 20 Sep 2021 01:23:05 GMT
server
AmazonS3
age
12214
etag
"73f14ec03bfcfe3c15aeb0572ac399d2"
x-edge-origin-shield-skipped
0
content-type
application/javascript
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
327
x-amz-cf-id
wFzjBVVcTVuZOu33yRsNZvQkGMghjK8Xb-G22Evz_iZFhDTYsSV0Sg==
trustedForm-4a1205758bed9df95ef0ff78d02f73edd84361c32de02c6addd014f63fde670a.js
cdn.assurance.com/insurance/public/assets/ 		507 B
855 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.assurance.com/insurance/public/assets/trustedForm-4a1205758bed9df95ef0ff78d02f73edd84361c32de02c6addd014f63fde670a.js
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-56.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87792716f5eabbf122dc3c4c9487684f8195a7560a129226a176c07590e62ea2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 08:39:44 GMT
via
1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
last-modified
Tue, 21 Sep 2021 00:05:47 GMT
server
AmazonS3
x-edge-origin-shield-skipped
0
etag
"7dfc839c10f98e973592e10bccc3db71"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
507
x-amz-cf-id
dfubsDR9eWkcASIlxJ3-F0xchEITsVrN5RP9PFfH8YI6FV14tA2vTg==
datadog-rum.js
www.datadoghq-browser-agent.com/ 		64 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.datadoghq-browser-agent.com/datadog-rum.js
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.79.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-79-159.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
54cc471e6d75456315e6685c7af0dcdee292fddb9c31d4b7b0c5f75eb668d35c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 08:39:18 GMT
content-encoding
gzip
last-modified
Mon, 19 Jul 2021 12:21:08 GMT
server
AmazonS3
age
26
etag
W/"6f16bc452a225d7da116aa4c430872f8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 1bf129b8787cf2e96d3bce725554e4d5.cloudfront.net (CloudFront)
cache-control
max-age=14400, s-maxage=60
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
vpKlgi2kk097ifUBZVxwANTn-FPozRdN29BpnLw32EYpwc9nsZkQeA==
carinsurance.png
assets.assurance.com/img/logos/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.assurance.com/img/logos/carinsurance.png
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-91.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c178845b1dce0d9c8ed05ef12de434e07facdf0a08cfd8b6dc0b51b25313ba2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://carinsurance.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 13:59:19 GMT
via
1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
last-modified
Thu, 28 May 2020 21:18:29 GMT
server
AmazonS3
age
13286425
etag
"067b5099df32f76ee580245193bda7ea"
x-cache
Hit from cloudfront
x-amz-version-id
null
cache-control
max-age=31536000, s-maxage=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/png
content-length
8404
x-amz-cf-id
3xv67Y88-HICjV9T97WBcux7_A5IhGLz2trI7HH_se5IiZlxXPVg2A==
hero-auto-2.jpg
assets.assurance.com/img/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.assurance.com/img/hero-auto-2.jpg
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-91.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4dfe071cfba8c01d4dda21471e0680c8227f4c9c1284d5e6083b81137f8cfbfd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://carinsurance.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 17 Feb 2021 07:24:07 GMT
via
1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
last-modified
Thu, 28 May 2020 21:18:14 GMT
server
AmazonS3
age
19012538
etag
"30864832e672371b280662b9c80e688a"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, s-maxage=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
32692
x-amz-cf-id
Fk1AdIFZulxn-T6TU728f-NVgzm8426uXpLcbF_cLpj8N8wsOtOcYg==
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://carinsurance.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 08:39:44 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1518536
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
77160
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xB%2BdbxLF7X85iRXzNa9NXjWeni9YYnSgw%2BdyQd0iKdrrXiK48qqpPGMDGjroLKMJzxIj9Z57nGH7ap3xCEnY85f1L4lh6pxtReRycUkqt1coWD9Cy4GSdEFv%2FiqYXvJk1ooCNngl"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6942f19649a15b8c-FRA
expires
Thu, 15 Sep 2022 08:39:44 GMT
gtm.js
www.googletagmanager.com/ 		250 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5SBH6BJ
Requested by
Host: cdn.assurance.com
URL: https://cdn.assurance.com/insurance/public/assets/install/carinsurance/gtm-c9df9717b10aae90ab8fb4c6d21ead6e4325ba553724979220261d9a15fb3e20.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
7faa7f00cc64680d410dbe61d322bce1a5ec8a2e581403936afc515ff02f4988
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 08:39:44 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63786
x-xss-protection
0
last-modified
Sat, 25 Sep 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 25 Sep 2021 08:39:44 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/ 		342 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=executeRecaptcha&render=6LcQnacUAAAAAPLgJfUTwV3S6-izNvVWMwXVutm-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
b8c490e04a2be43d25df6263307477469d6ef82a318809f800bedda65c4803b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://carinsurance.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 08:35:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
261
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136719
x-xss-protection
0
last-modified
Sun, 12 Sep 2021 18:01:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="recaptcha"
expires
Sun, 25 Sep 2022 08:35:23 GMT
client.json
s3-us-west-2.amazonaws.com/mfesecure-public/host/carinsurance.net/ 		190 B
975 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s3-us-west-2.amazonaws.com/mfesecure-public/host/carinsurance.net/client.json?source=jsmain
Requested by
Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.236.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
c94704f95e718fc3db47e7ab907819fb88559120101b4fa5ea409fd9532783ba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 08:39:46 GMT
Content-Encoding
gzip
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
JY6CHYA1NGKVABDZ
x-amz-replication-status
COMPLETED
Content-Length
163
x-amz-id-2
W2J4dFiUFpoynsM7nqtX/Y5lvBPt/dUBLVf+6D4pjXrRU7xCJv0APOakZ9kU7i6WD1Kb/NtElWQ=
Last-Modified
Tue, 21 Sep 2021 03:29:13 GMT
Server
AmazonS3
ETag
"2a2bf42d4b138c15a37c32cf423a242a"
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, HEAD
x-amz-version-id
XkAJKK8OFCI9tqS0xk2Ceo.rd8vYlTo0
Access-Control-Allow-Origin
https://carinsurance.net
Access-Control-Expose-Headers
Access-Control-Allow-Origin
Cache-Control
public, max-age=60
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Content-Type
application/json
client.json
s3-us-west-2.amazonaws.com/mfesecure-public/host/carinsurance.net/ 		190 B
975 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s3-us-west-2.amazonaws.com/mfesecure-public/host/carinsurance.net/client.json?source=jsinline
Requested by
Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.236.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
c94704f95e718fc3db47e7ab907819fb88559120101b4fa5ea409fd9532783ba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 08:39:46 GMT
Content-Encoding
gzip
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
JY6EMB06KYY04FJK
x-amz-replication-status
COMPLETED
Content-Length
163
x-amz-id-2
K9E6aDIs7Zvwt2T37/Q1AKtOP+dT9Q15l87tXWYOr1T8E1g8zJJH37zlak7pvGcB9DZW+8K6dns=
Last-Modified
Tue, 21 Sep 2021 03:29:13 GMT
Server
AmazonS3
ETag
"2a2bf42d4b138c15a37c32cf423a242a"
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, HEAD
x-amz-version-id
XkAJKK8OFCI9tqS0xk2Ceo.rd8vYlTo0
Access-Control-Allow-Origin
https://carinsurance.net
Access-Control-Expose-Headers
Access-Control-Allow-Origin
Cache-Control
public, max-age=60
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Content-Type
application/json
ic_close_black_24dp_2x.png
assets.assurance.com/img/icons/ 		235 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.assurance.com/img/icons/ic_close_black_24dp_2x.png
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-91.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1121422aa828fb8f2f421b88b5d2437c78e51cd43a338094ec62ada2012887b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 01:41:15 GMT
via
1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
last-modified
Thu, 28 May 2020 21:18:16 GMT
server
AmazonS3
age
7973910
etag
"637093407c90164fe23f9a0239638b56"
x-cache
Hit from cloudfront
x-amz-version-id
null
cache-control
max-age=31536000, s-maxage=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/png
content-length
235
x-amz-cf-id
8OUcITrOwa44QrKh4Wfp3igvADQ2JEclGl9W0HjlFNoHJHMqthpISQ==
cf934278-b099-eb50-bf86-105a165fcb4e.js
create.lidstatic.com/campaign/ 		123 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://create.lidstatic.com/campaign/cf934278-b099-eb50-bf86-105a165fcb4e.js?snippet_version=2
Requested by
Host: cdn.assurance.com
URL: https://cdn.assurance.com/insurance/public/assets/leadid-e55ab467f7aaf8024beec14d48c5aa9b368fceb3046745bef3377a371717d1c1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.41.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00402a72a1a660ef057413be1e424d1b37689da8cbd596f5cfefa74e4525ebff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 08:39:44 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1168
x-amz-replication-status
COMPLETED
x-amz-request-id
2B9WN2KG8D1F5875
x-amz-id-2
rhEg+BTinAd3dUkfF3aRzSh/IdC+PveNGd9eCH7JhTJa4vAP+FkaogCzRCotRR/TB94FlpQPRiI=
last-modified
Wed, 19 May 2021 13:47:42 GMT
server
cloudflare
etag
W/"8e301a3082df01f2f09ffba4b3704990"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=1800
x-amz-version-id
yQpirGYmYTY4sfISuBDzvmjQO9fgKfHR
cf-ray
6942f19719f7c272-FRA
bootstrap.js
cdn.trustedform.com/
Redirect Chain
  • https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16325591844550.8317707853967318&invert_field_sensitivity=false
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16325591844550.8317707853967318&invert_field_sensitivity=false
14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16325591844550.8317707853967318&invert_field_sensitivity=false
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-115.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9f74593149adc21c135cc88bba9dfb21d71504ae0f2f558e0f2fe227ff98b380

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 08:39:45 GMT
content-encoding
gzip
last-modified
Wed, 01 Sep 2021 19:54:35 GMT
server
AmazonS3
x-edge-origin-shield-skipped
0
etag
W/"676b14012df40978e4f1e696cb3be8f4"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-version-id
TWI9lv7C1jqnWDzOe6KyGpneY2VFzHrx
x-amz-cf-id
h-GRKUAZDm5kQLpf_pD6rXTmlt02YdjD2p_Jc-eOokslwaeq1HzHuQ==

Redirect headers

location
https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16325591844550.8317707853967318&invert_field_sensitivity=false
date
Sat, 25 Sep 2021 08:39:44 GMT
server
awselb/2.0
content-length
134
content-type
text/html
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f3.1e100.net
Software
sffe /
Resource Hash
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://carinsurance.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 17:04:31 GMT
x-content-type-options
nosniff
age
142513
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44760
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:50:17 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 23 Sep 2022 17:04:31 GMT
anchor
www.google.com/recaptcha/api2/ Frame 0C5E 		39 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcQnacUAAAAAPLgJfUTwV3S6-izNvVWMwXVutm-&co=aHR0cHM6Ly9jYXJpbnN1cmFuY2UubmV0OjQ0Mw..&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=invisible&cb=3rejnd520u9g
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
GSE /
Resource Hash
96f2256446f3649bcc6488c029dfae0a87f675e4d807a0d800e96c02b2f5ced2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4Y0FLZ9MpWl9YTdQaA4jzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LcQnacUAAAAAPLgJfUTwV3S6-izNvVWMwXVutm-&co=aHR0cHM6Ly9jYXJpbnN1cmFuY2UubmV0OjQ0Mw..&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=invisible&cb=3rejnd520u9g
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sat, 25 Sep 2021 08:39:44 GMT
content-security-policy
script-src 'report-sample' 'nonce-4Y0FLZ9MpWl9YTdQaA4jzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
20019
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SBH6BJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
6464
date
Sat, 25 Sep 2021 06:52:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sat, 25 Sep 2021 08:52:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SBH6BJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
936790ccabd26acddebd039c54120623734e2aa82310def49cc535912338fc0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 08:39:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14166
x-xss-protection
0
server
cafe
etag
5348393372526461885
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 25 Sep 2021 08:39:44 GMT
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: myoffers.website
URL: https://myoffers.website/track/?oid=234&uid=240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frx5.fbcdn.net
Software
/
Resource Hash
ab43cf929d649dba8ce38c92dec4849c8049b678fec9942ae08df5ca57757280
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25969
x-xss-protection
0
pragma
public
x-fb-debug
DeyFghMClCdTWck8NEhFb5gpYV6j2FFkJr2ix9oBq1LdleLCOj+zPcjLhFO2HMxr5dGDc9BsJKiVYeakWqVyTA==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sat, 25 Sep 2021 08:39:44 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
bat.js
bat.bing.com/ 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: myoffers.website
URL: https://myoffers.website/track/?oid=234&uid=240
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a2d08f8397635ad65674cf2941ce2e6de3ea8ebd78616e90bd1bedd5b57234b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 08:39:44 GMT
content-encoding
gzip
last-modified
Tue, 21 Sep 2021 21:28:32 GMT
x-msedge-ref
Ref A: 72741951B8174DAF95069E07D60C27FD Ref B: PRG01EDGE0707 Ref C: 2021-09-25T08:39:44Z
etag
"0c064a02fafd71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
9947
t2d2oqsjx.js
cdn.krxd.net/controltag/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/t2d2oqsjx.js
Requested by
Host: myoffers.website
URL: https://myoffers.website/track/?oid=234&uid=240
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fd48bad98bf3e2598dd0b7d13234bc487432ee069c36f225b52ae9e194a7066b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Sat, 25 Sep 2021 08:39:44 GMT
via
1.1 varnish, 1.1 varnish
age
776
x-cache
MISS, HIT, MISS
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
5406
x-served-by
config-service-a004-ash-prod.krxd.net, cache-bwi5174-BWI, cache-fra19136-FRA
x-response-time
1
x-do-esi
esi
x-timer
S1632559185.764147,VS0,VE91
etag
"93edd8ea5c4f2330348d85ace0db1a265583c0e7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 0
ebOneTag.js
secure-ds.serving-sys.com/SemiCachedScripts/ 		59 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073744595
Requested by
Host: myoffers.website
URL: https://myoffers.website/track/?oid=234&uid=240
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.35 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-35.deploy.static.akamaitechnologies.com
Software
/ ARR/2.5
Resource Hash
f6a9ed90057ad36a18b61529450500cf51a3a6878960eace920c4e10ccd99ca9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 08:39:44 GMT
content-encoding
gzip
last-modified
Thu, 23 Sep 2021 08:18:30 GMT
server
x-powered-by
ARR/2.5
etag
"f1ef929753b0d71:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=634
accept-ranges
bytes
content-length
18961
sdk.js
analytics.tiktok.com/i18n/pixel/ 		133 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BSOM7NBLCPBMENBDH330
Requested by
Host: myoffers.website
URL: https://myoffers.website/track/?oid=234&uid=240
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5767c2b3068992eeebc2c8617a3707ef0ffe35715975d8b2c3309099edc02cf2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-akamai-request-id
74d21f71.4ae66a0
date
Sat, 25 Sep 2021 08:39:44 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-200-218-108.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time
161,2.16.186.238
server-timing
cdn-cache; desc=MISS, edge; dur=158, origin; dur=3, inner; dur=2
pragma
no-cache
server
nginx
x-tt-logid
2021092508394401024524216220C336C6
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
3,23.200.218.108
x-tt-trace-host
019df6f4e1404244a4d50ca42aad7a100a0e6eea21fbc498129c7d6a3a684841fb1b9410399567f06b891a140ce8fbbe4221f34421ea94496c8e77600c2a4abcd44397ad669c4498995898696984f25933efb078cea29ae0ece2ee2132eeea1ddbe9dd9cb3d36f109c1287b7029683a1c7
expires
Sat, 25 Sep 2021 08:39:44 GMT
dl.js
media.go2app.org/assets/js/ 		0
0
ndp.js
ads.nextdoor.com/public/pixel/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.nextdoor.com/public/pixel/ndp.js
Requested by
Host: myoffers.website
URL: https://myoffers.website/track/?oid=234&uid=240
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.83.147.40 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-83-147-40.us-west-2.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
54e739d94e2c019350cffd867c30450beb4eb8e876f6ff6645bdf4f807cba063
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 08:39:45 GMT
content-encoding
gzip
last-modified
Fri, 24 Sep 2021 20:18:23 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"614e328f-197d"
vary
Accept-Encoding
content-type
application/javascript
strict-transport-security
max-age=0
tfa.js
cdn.taboola.com/libtrc/unip/1212162/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1212162/tfa.js
Requested by
Host: myoffers.website
URL: https://myoffers.website/track/?oid=234&uid=240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
025522bf9c38f61bde03fa7cbf291380b202d0a101b902d86f828bfdaec6326e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
giJe3EzGQqHG0vWDlauI7W4AXkLo8R7s
content-encoding
gzip
etag
"5a114a27b03e58d9f2273736b0e2d9a9"
age
0
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
24754
x-amz-id-2
sB31ULcgET00N6ZzZ+jw8e4GMkQbZuZ9HuQGWHlWQ4rdG3mgx60Z1tR7RmAfRUS9KOwDNPNR6/k=
x-served-by
cache-hhn4059-HHN
last-modified
Mon, 09 Aug 2021 10:25:21 GMT
server
AmazonS3
x-timer
S1632559185.764832,VS0,VE101
date
Sat, 25 Sep 2021 08:39:44 GMT
vary
Accept-Encoding
x-amz-request-id
4SRWQNE81A454EKZ
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
25
x-cache-hits
1
t0
c1.ox-bio.com/ 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.ox-bio.com/t0?oxtrk=141&oxhrt=fb47614a-b32a-ac49-f027-0b0a982cd7df&oxuid=ASS0001&cid1=maxbounty&cid2=410098&cid3=396935652
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SBH6BJ
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
199.68.195.200 Hamilton, Bermuda, ASN19626 (EVC-AS, BM),
Reverse DNS
Software
/
Resource Hash
e608e72019a20da7d4992a440a30411a9e92d5d539be3dca17b9cda035e95abb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 08:39:45 GMT
cache-control
no-cache, must-revalidate
expires
Tue, 25 Dec 2018 14:00:00 GMT
content-type
application/javascript
GenerateToken
create.leadid.com/2.11.7/ 		36 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.7/GenerateToken?msn=1&pid=74420b9d-8d76-43d9-a6f9-f0d70f877589&_=13637039
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.176.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-176-194.compute-1.amazonaws.com
Software
nginx/1.17.6 / PHP/7.1.33
Resource Hash
81b6e755d92aad12779036477a9bfa9f51bd8ba7141b8606729a44aa7377f523

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 25 Sep 2021 08:39:45 GMT
content-encoding
gzip
server
nginx/1.17.6
x-powered-by
PHP/7.1.33
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
identity.js
connect.facebook.net/signals/plugins/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.46
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frx5.fbcdn.net
Software
/
Resource Hash
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
20661
x-xss-protection
0
pragma
public
x-fb-debug
iTBOehh05ZdK2OUVRgQrKv6l0wAB87C3EgJAqN4r7J2sY6sXA8Tr6cxRz7gasVkkFezOQAKft4vLfhWddkdbdg==
x-frame-options
DENY
date
Sat, 25 Sep 2021 08:39:44 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
713459322354732
connect.facebook.net/signals/config/ 		224 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/713459322354732?v=2.9.46&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frx5.fbcdn.net
Software
/
Resource Hash
94aeff8f49cd23fcde77f99d270d3b130a747895af72d372809e770f96b56f4c
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
u9pxlrmhc8OgY9vHnUKEmiSNTp7vH/UZ1borCICDTcg8a1gLPg539Jpm31Xhm0ZX/3yNgIFv2txFXKueAvH1xQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sat, 25 Sep 2021 08:39:45 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/ Frame 0C5E 		52 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcQnacUAAAAAPLgJfUTwV3S6-izNvVWMwXVutm-&co=aHR0cHM6Ly9jYXJpbnN1cmFuY2UubmV0OjQ0Mw..&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=invisible&cb=3rejnd520u9g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 24 Sep 2021 13:00:46 GMT
x-content-type-options
nosniff
age
70738
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52867
x-xss-protection
0
last-modified
Sun, 12 Sep 2021 18:01:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="recaptcha"
expires
Sat, 24 Sep 2022 13:00:46 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/ Frame 0C5E 		342 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcQnacUAAAAAPLgJfUTwV3S6-izNvVWMwXVutm-&co=aHR0cHM6Ly9jYXJpbnN1cmFuY2UubmV0OjQ0Mw..&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=invisible&cb=3rejnd520u9g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
b8c490e04a2be43d25df6263307477469d6ef82a318809f800bedda65c4803b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 08:35:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
261
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136719
x-xss-protection
0
last-modified
Sun, 12 Sep 2021 18:01:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="recaptcha"
expires
Sun, 25 Sep 2022 08:35:23 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/773304124/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/773304124/?random=1632559184779&cv=9&fst=1632559184779&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9m0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcarinsurance.net%2Fauto%3Ftoken%3D396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey&tiba=CarInsurance.net%20%7C%20Get%20a%20Quote&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
63c6983b4909af91e81d0c10fa36702497abe7ffd462d6ddcf060bfd2f9b8ee8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 08:39:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1082
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/924896316/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/924896316/?random=1632559184782&cv=9&fst=1632559184782&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9m0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcarinsurance.net%2Fauto%3Ftoken%3D396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey&tiba=CarInsurance.net%20%7C%20Get%20a%20Quote&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
c3177f4a07cebf95edea565fa7192eb3fd7a74aba63a929aeb29b58458f3e5b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 08:39:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1091
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-73253617-8&cid=1433896558.1632559185&jid=240188444&gjid=230552564&_gid=1955951371.1632559185&_u=YGBAgEABAAAAAE~&z=1531237553
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 25 Sep 2021 08:39:44 GMT
content-type
text/plain
access-control-allow-origin
https://carinsurance.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=2045732271&t=pageview&_s=1&dl=https%3A%2F%2Fcarinsurance.net%2Fauto%3Ftoken%3D396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey&dp=%2Fauto%3Ftoken%3D396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey%23auto_legacy%2FHas_Car_Policy&ul=en-us&de=UTF-8&dt=CarInsurance.net%20%7C%20Get%20a%20Quote&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=240188444&gjid=230552564&cid=1433896558.1632559185&tid=UA-73253617-8&_gid=1955951371.1632559185&gtm=2wg9m05SBH6BJ&z=149218220
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Sep 2021 23:20:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
33532
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
5223060.js
bat.bing.com/p/action/ 		0
111 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5223060.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 25 Sep 2021 08:39:44 GMT
cache-control
private,max-age=86400
x-msedge-ref
Ref A: DC29EDFAB1BA4D6FA3FA0F6AA70A7E3C Ref B: PRG01EDGE0707 Ref C: 2021-09-25T08:39:44Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5223060&Ver=2&mid=b03ef1c3-e775-45c8-8201-c7fefaefacc2&sid=225fd9501ddc11ec816f2b72b98bec89&vid=22600df01ddc11ec886d15b948aa74e0&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=CarInsurance.net%20%7C%20Get%20a%20Quote&p=https%3A%2F%2Fcarinsurance.net%2Fauto%3Ftoken%3D396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey%23auto_legacy%2FHas_Car_Policy&r=&lt=1783&evt=pageLoad&msclkid=N&sv=1&rn=263803
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 25 Sep 2021 08:39:44 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 2C83EC9414CD45299FB354A2411D43FE Ref B: PRG01EDGE0707 Ref C: 2021-09-25T08:39:44Z
x-cache
CONFIG_NOCACHE
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/924896316/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/924896316/?random=1632559184782&cv=9&fst=1632556800000&num=1&guid=ON&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9m0&sendb=1&frm=0&url=https%3A%2F%2Fcarinsurance.net%2Fauto%3Ftoken%3D396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey&tiba=CarInsurance.net%20%7C%20Get%20a%20Quote&async=1&fmt=3&is_vtc=1&random=1838585568&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 08:39:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/773304124/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/773304124/?random=1632559184779&cv=9&fst=1632556800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9m0&sendb=1&frm=0&url=https%3A%2F%2Fcarinsurance.net%2Fauto%3Ftoken%3D396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey&tiba=CarInsurance.net%20%7C%20Get%20a%20Quote&async=1&fmt=3&is_vtc=1&random=1709171658&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 08:39:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1073744595
secure-ds.serving-sys.com/adServingData/PROD/TMClient/5/ 		122 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/5/1073744595
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.35 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-35.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
38b497b910a2245a74451044e066c971ed6ea5b4010a42af0ead8770f33e618a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
bt7qLJT1iCVWSAHKhmXRN.Td6szfW662
last-modified
Mon, 04 May 2020 21:59:20 GMT
server
ATS/7.1.0
x-amz-request-id
HJD4GKFYVQZG5V7E
etag
"6cca99c84759289ef8e4ae63e8b2e2b9"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=433
date
Sat, 25 Sep 2021 08:39:45 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
122
x-amz-id-2
Ik5BMWs9kAyaohQsjD3UEbkX8PxTKpJ0tx5VpVz4RanSA0kUCDDwtcCzslPmKol8VBgjtoKUeKk=
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 0C5E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:54:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
423939
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
expires
Mon, 27 Sep 2021 10:54:05 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0C5E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcQnacUAAAAAPLgJfUTwV3S6-izNvVWMwXVutm-&co=aHR0cHM6Ly9jYXJpbnN1cmFuY2UubmV0OjQ0Mw..&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=invisible&cb=3rejnd520u9g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 09:07:47 GMT
x-content-type-options
nosniff
age
343917
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 Sep 2022 09:07:47 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0C5E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcQnacUAAAAAPLgJfUTwV3S6-izNvVWMwXVutm-&co=aHR0cHM6Ly9jYXJpbnN1cmFuY2UubmV0OjQ0Mw..&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=invisible&cb=3rejnd520u9g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f3.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 24 Sep 2021 12:19:54 GMT
x-content-type-options
nosniff
age
73190
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 24 Sep 2022 12:19:54 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 0C5E 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcQnacUAAAAAPLgJfUTwV3S6-izNvVWMwXVutm-&co=aHR0cHM6Ly9jYXJpbnN1cmFuY2UubmV0OjQ0Mw..&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=invisible&cb=3rejnd520u9g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
GSE /
Resource Hash
392ed442867566d8cbd08f7e0d9a379c49177a9c96186ad0d1eba1a316721267
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcQnacUAAAAAPLgJfUTwV3S6-izNvVWMwXVutm-&co=aHR0cHM6Ly9jYXJpbnN1cmFuY2UubmV0OjQ0Mw..&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=invisible&cb=3rejnd520u9g
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 08:39:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Sat, 25 Sep 2021 08:39:44 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-73253617-8&cid=1433896558.1632559185&jid=240188444&_u=YGBAgEABAAAAAE~&z=2115524177
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 08:39:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
controltag.js.a1705c5ac5f06cf0c202ff70908fc042
cdn.krxd.net/ctjs/ 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/t2d2oqsjx.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Sat, 25 Sep 2021 08:39:44 GMT
content-encoding
gzip
age
4652530
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
1280867
content-length
84509
x-served-by
cache-fra19136-FRA
last-modified
Mon, 02 Aug 2021 12:06:17 GMT
x-timer
S1632559185.974160,VS0,VE0
etag
"a1705c5ac5f06cf0c202ff70908fc042"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Thu, 31 Jul 2031 12:06:16 GMT
json
trc.taboola.com/1212162/trc/3/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1212162/trc/3/json?tim=1632559184977&data=%7B%22id%22%3A107%2C%22ii%22%3A%22%2Fauto%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1632559184972%2C%22cv%22%3A%2220210809-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fcarinsurance.net%2Fauto%3Ftoken%3D396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Ftoken%3D396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dassurance-carinsurance-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1632559184976%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fcarinsurance.net%2Fauto%3Ftoken%3D396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey%23auto_legacy%2FHas_Car_Policy%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1212162/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
74ffb65858bfbc41bc12cc32c6a5e28c58491707ae8a18743c5b2d9cb569cf53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms
18
date
Sat, 25 Sep 2021 08:39:45 GMT
content-encoding
gzip
server
nginx
x-timer
S1632559185.996529,VS0,VE18
x-served-by
cache-hhn4059-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
Serving
bs.serving-sys.com/ 		390 B
879 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving?cn=ot&onetagid=1073744595&dispType=js&sync=0&sessionid=8697562439475914908&pageurl=$$https%3A%2F%2Fcarinsurance.net%2Fauto%3Ftoken%3D396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey%23auto_legacy%2FHas_Car_Policy$$&activityValues=$$Session%3D8802732666667558893$$&ns=0&rnd=16645188813578637
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073744595
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.21.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-21-149.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
730424a8ee7d1e0c9b0e438a59a9cbce7d7bff83e9bb31cf9f73e842825e2259

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 08:39:45 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
p3p
CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin
*
cache-control
no-cache, no-store
content-type
text/html; charset=UTF-8
content-length
294
expires
Sun, 05-Jun-2005 22:00:00 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BSOM7NBLCPBMENBDH330
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
identify.js
analytics.tiktok.com/i18n/pixel/ 		114 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BSOM7NBLCPBMENBDH330
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
da556df4dc2e8a01fc001ae2a2446328a6615e19a40e9113a8718f0ac018d2c4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-akamai-request-id
1adf09e9.4ae67e4
date
Sat, 25 Sep 2021 08:39:45 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-44-4-125.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time
156,2.16.186.238
server-timing
cdn-cache; desc=MISS, edge; dur=153, origin; dur=3, inner; dur=1
pragma
no-cache
server
nginx
x-tt-logid
2021092508394501024524414424C3D61E
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
3,23.44.4.125
x-tt-trace-host
019df6f4e1404244a4d50ca42aad7a100a0e6eea21fbc498129c7d6a3a684841fb8f36e8fe5dc02f7d3670769d437a09e99b8ba6777335b72e3fd95df8078e6735e12a74ad2b83988b2ab2ccf67d79dba03e5ca3dd0da55b8746b38cf3a637f18b108ea188e29939d197c9711094140245
expires
Sat, 25 Sep 2021 08:39:45 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BSOM7NBLCPBMENBDH330
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
monitor
analytics.tiktok.com/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BSOM7NBLCPBMENBDH330
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
monitor
analytics.tiktok.com/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BSOM7NBLCPBMENBDH330
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
monitor
analytics.tiktok.com/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BSOM7NBLCPBMENBDH330
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
monitor
analytics.tiktok.com/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BSOM7NBLCPBMENBDH330
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
monitor
analytics.tiktok.com/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BSOM7NBLCPBMENBDH330
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
config.js
analytics.tiktok.com/i18n/pixel/ 		58 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=BSOM7NBLCPBMENBDH330&hostname=carinsurance.net
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BSOM7NBLCPBMENBDH330
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7c5a975637235ba4502e7d6413ca35564cf6f90a8447bcade09c5d02e7e37739

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-akamai-request-id
4b579e8c.4ae6816
date
Sat, 25 Sep 2021 08:39:45 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-44-4-78.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time
164,2.16.186.238
server-timing
cdn-cache; desc=MISS, edge; dur=156, origin; dur=9, inner; dur=4
content-length
19791
pragma
no-cache
server
nginx
x-tt-logid
2021092508394501024524804312C3F1AF
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
9,23.44.4.78
x-tt-trace-host
019df6f4e1404244a4d50ca42aad7a100a0e6eea21fbc498129c7d6a3a684841fb7296d51fa8477ed11cf7c3a783fb2fd632e7702e03b8a03c32375e7506cc27cf5f5421a1b5c0e7c6d02bca6e5315d23c2e48d2602bb58e5f7f3e12102fc1ea030566fefd7f0f4daf9d1081873459da2e
expires
Sat, 25 Sep 2021 08:39:45 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BSOM7NBLCPBMENBDH330
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
monitor
analytics.tiktok.com/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BSOM7NBLCPBMENBDH330
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
monitor
analytics.tiktok.com/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BSOM7NBLCPBMENBDH330
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
reload
www.google.com/recaptcha/api2/ Frame 0C5E 		29 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LcQnacUAAAAAPLgJfUTwV3S6-izNvVWMwXVutm-
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
GSE /
Resource Hash
a467ca67d9634b27d43c3a3c2a8e6b5ff89ada6b6bb52e2a8b4a7705196e4d6f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcQnacUAAAAAPLgJfUTwV3S6-izNvVWMwXVutm-&co=aHR0cHM6Ly9jYXJpbnN1cmFuY2UubmV0OjQ0Mw..&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=invisible&cb=3rejnd520u9g
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Sat, 25 Sep 2021 08:39:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16401
x-xss-protection
1; mode=block
expires
Sat, 25 Sep 2021 08:39:45 GMT
proxy.3d2100fd7107262ecb55ce6847f01fa5.html
cdn.krxd.net/partnerjs/xdi/ Frame 7C3B 		805 B
849 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

:method
GET
:authority
cdn.krxd.net
:scheme
https
:path
/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

last-modified
Tue, 21 Feb 2017 17:50:54 GMT
etag
"3d2100fd7107262ecb55ce6847f01fa5"
cache-control
public, max-age=315360000
expires
Fri, 19 Feb 2027 17:50:50 GMT
content-type
text/html
x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
content-encoding
gzip
accept-ranges
bytes
date
Sat, 25 Sep 2021 08:39:45 GMT
via
1.1 varnish
age
9278241
x-served-by
cache-fra19136-FRA
x-cache
HIT
x-cache-hits
344881
x-timer
S1632559185.101179,VS0,VE0
vary
Accept-Encoding
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length
525
iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 839C 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=80E3400E-7A99-BA76-B141-DD16625C4902&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.7&lck=CF934278-B099-EB50-BF86-105A165FCB4E&lac=8AA3F211-CA81-3833-51B1-095D2985DA90
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cf934278-b099-eb50-bf86-105a165fcb4e.js?snippet_version=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.206 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-206.fra2.r.cloudfront.net
Software
nginx/1.17.6 /
Resource Hash
4e2d95df10e65f48daac2dcbad2cc0ef091610b5d5f77e4be8ad56a2e5aed241

Request headers

Host
d2m2wsoho8qq12.cloudfront.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Date
Fri, 24 Sep 2021 14:10:07 GMT
Server
nginx/1.17.6
Last-Modified
Thu, 23 Sep 2021 15:49:02 GMT
ETag
W/"614ca1ee-da5"
P3P
CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
Content-Encoding
gzip
X-Edge-Origin-Shield-Skipped
0
X-Cache
Hit from cloudfront
Via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C2
X-Amz-Cf-Id
GeTo3KeYSlz7RHC0BafPI230J0B8pPA40wsR9sYT9IX_a8oZ0FGNEw==
Age
66578
SaveDom
create.leadid.com/2.11.7/ 		0
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.7/SaveDom?msn=2&pid=74420b9d-8d76-43d9-a6f9-f0d70f877589&token=80E3400E-7A99-BA76-B141-DD16625C4902&_=13637040
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.176.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-176-194.compute-1.amazonaws.com
Software
nginx/1.17.6 / PHP/7.1.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 25 Sep 2021 08:39:45 GMT
content-encoding
gzip
server
nginx/1.17.6
x-powered-by
PHP/7.1.33
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
InitFormData
create.leadid.com/2.11.7/ 		0
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.7/InitFormData?msn=3&pid=74420b9d-8d76-43d9-a6f9-f0d70f877589&token=80E3400E-7A99-BA76-B141-DD16625C4902&_=13637041
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.176.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-176-194.compute-1.amazonaws.com
Software
nginx/1.17.6 / PHP/7.1.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 25 Sep 2021 08:39:45 GMT
content-encoding
gzip
server
nginx/1.17.6
x-powered-by
PHP/7.1.33
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
ajax
www.trustedsite.com/rpc/ 		6 B
946 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.trustedsite.com/rpc/ajax?do=tmjs-visit&host=carinsurance.net&rand=1632559185124
Requested by
Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.32.115.157 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-32-115-157.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
a4aa9f775af34f63386d8b4d8a14fce2225c317c3f93cbafdeb5a8524eb542a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 08:39:45 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-security-policy-report-only
report-uri https://52723791ca12811bfedec52ea4c44290.report-uri.com/r/d/csp/reportOnly; default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self'
content-length
26
x-content-type-options
nosniff
/
www.facebook.com/tr/ 		44 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=713459322354732&ev=PageView&dl=https%3A%2F%2Fcarinsurance.net%2Fauto%3Ftoken%3D396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey%23auto_legacy%2FHas_Car_Policy&rl=&if=false&ts=1632559185143&sw=1600&sh=1200&ud[fn]=eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&ud[ln]=eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&ud[ph]=eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&ud[ct]=eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&ud[st]=68bca10eea2ba33f6f15a6ab0c7df2a49051a6541f9118d468b0585d5d60398b&ud[zp]=eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&v=2.9.46&r=stable&ec=0&o=60&fbp=fb.1.1632559185142.1415954224&it=1632559184752&coo=false&rqm=GET
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frx5.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 08:39:45 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 25 Sep 2021 08:39:45 GMT
202.svg
cdn.ywxi.net/meter/carinsurance.net/ 		19 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ywxi.net/meter/carinsurance.net/202.svg?ts=1632194952667&l=en-US
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-62.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
74e617923cae53c9ea93b192ab7f817ddfdcf6418bb946dcd4c2b2b616549794
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://carinsurance.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 08:20:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1169
content-security-policy-report-only
report-uri https://52723791ca12811bfedec52ea4c44290.report-uri.com/r/d/csp/reportOnly; default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self'
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
7295
referrer-policy
strict-origin-when-cross-origin
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/svg+xml
via
1.1 2afacc6ad96dbba3f0b477cd95f16459.cloudfront.net (CloudFront)
cache-control
public
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
RmvgjxV01w2OCVZ2sMIJYeWKdDJU-sm4mKCORZpuULONCoB0q1Tv9A==
expires
Sat, 25 Sep 2021 09:20:16 GMT
ca0023cf-396a-4831-8c8e-b18b28057cb6
consumer.krxd.net/consent/get/ 		239 B
429 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/ca0023cf-396a-4831-8c8e-b18b28057cb6?idt=device&dt=kxcookie&callback=Krux.ns.assuranceiq.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
061e0a9cd479f98068c3ea96d6159a1f9f1459ecf8f3a1b234470dd130ab1860

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 08:39:45 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a012-dub-prod.krxd.net, cache-hhn4022-HHN
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1632559185.181693,VS0,VE25
content-length
190
x-cache-hits
0, 0
t2d2oqsjx.js
cdn.krxd.net/controltag/ Frame 7C3B 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/t2d2oqsjx.js
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fd48bad98bf3e2598dd0b7d13234bc487432ee069c36f225b52ae9e194a7066b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Sat, 25 Sep 2021 08:39:45 GMT
via
1.1 varnish, 1.1 varnish
age
776
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
5406
x-served-by
config-service-a004-ash-prod.krxd.net, cache-bwi5174-BWI, cache-fra19136-FRA
x-response-time
1
x-do-esi
esi
x-timer
S1632559185.152874,VS0,VE0
etag
"93edd8ea5c4f2330348d85ace0db1a265583c0e7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 1
ca0023cf-396a-4831-8c8e-b18b28057cb6
consumer.krxd.net/consent/set/ 		304 B
359 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/set/ca0023cf-396a-4831-8c8e-b18b28057cb6?idt=device&dt=kxcookie&dc=1&al=1&tg=1&cd=1&sh=1&re=1&callback=Krux.ns.assuranceiq.kxjsonp_consent_set_1
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
194b96d09b060010783bec24a570deead6500e5f6c69dc8f4e6abf03864ce808

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 08:39:45 GMT
via
1.1 varnish
x-timer
S1632559185.181776,VS0,VE30
x-served-by
consumer-a014-dub-prod.krxd.net, cache-hhn4022-HHN
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=10
x-age
0
accept-ranges
bytes
content-encoding
gzip
content-length
245
x-cache-hits
0, 0
controltag.js.a1705c5ac5f06cf0c202ff70908fc042
cdn.krxd.net/ctjs/ Frame 7C3B 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/t2d2oqsjx.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Sat, 25 Sep 2021 08:39:45 GMT
content-encoding
gzip
age
4652530
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
1280868
content-length
84509
x-served-by
cache-fra19136-FRA
last-modified
Mon, 02 Aug 2021 12:06:17 GMT
x-timer
S1632559185.196683,VS0,VE0
etag
"a1705c5ac5f06cf0c202ff70908fc042"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Thu, 31 Jul 2031 12:06:16 GMT
verify_token
carinsurance.net/ 		14 B
1001 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://carinsurance.net/verify_token
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-6.fra2.r.cloudfront.net
Software
/
Resource Hash
7cd85494eb375cc958155aca095fd0bae01e24f777c4ce4059e2edb82324618c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://carinsurance.net
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
path_split_auto=auto_legacy; test_split_test_auto_interstitial_CRM1454=control; test_split_auto_click_leave_behind_CRM1266=control; test_split_home_quote_leave_behindCRM1497=control; test_split_auto_digital_desktop_SPO919=control; test_split_auto_payfone_call_api=control; test_split_auto_payfone_use_api_response=control; test_split_auto_payfone_prefill_pn=control; test_split_auto_control_wifi_no_mail_SPO857=control; test_split_auto_payfone_auth_flow_always_call_identity=control; test_split_auto_legacy_path_credit_pull_tcpa_pf_454=show; retreaver_id=NzQ3Zlp2RCtBQ1pDL0lvaWhpbDI2RzNWMFJOMnQrZGN1WDdpYmFSL3Zwdz0tLU1IK3JaTjR4N09nUTNpMkdCZzVISGc9PQ%3D%3D--c241eca44971a1322ca9d542e79a7c5c7d61d2f8; insurance=ff2bc79ebbe2e298fb5099e0d68ef1e4; _dd_s=rum=0&expire=1632560084458; _ga=GA1.2.1433896558.1632559185; _gid=GA1.2.1955951371.1632559185; _dc_gtm_UA-73253617-8=1; _uetsid=225fd9501ddc11ec816f2b72b98bec89; _uetvid=22600df01ddc11ec886d15b948aa74e0; leadid_token-8AA3F211-CA81-3833-51B1-095D2985DA90-CF934278-B099-EB50-BF86-105A165FCB4E=80E3400E-7A99-BA76-B141-DD16625C4902; trustedsite_visit=1; _fbp=fb.1.1632559185142.1415954224
x-datadog-parent-id
3921101069722014198
content-length
635
x-datadog-sampled
1
:path
/verify_token
pragma
no-cache
sec-fetch-site
same-origin
x-datadog-origin
rum
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
x-datadog-sampling-priority
1
content-type
application/x-www-form-urlencoded; charset=UTF-8
accept
*/*
cache-control
no-cache
:authority
carinsurance.net
referer
https://carinsurance.net/auto?token=396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey
:scheme
https
x-datadog-trace-id
4944955066648022488
:method
POST
Accept-Language
de-DE,de;q=0.9
x-datadog-origin
rum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
x-datadog-sampling-priority
1
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Referer
https://carinsurance.net/auto?token=396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey
X-Requested-With
XMLHttpRequest
x-datadog-trace-id
4944955066648022488
x-datadog-parent-id
3921101069722014198
x-datadog-sampled
1

Response headers

date
Sat, 25 Sep 2021 08:39:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA2-C1
content-security-policy-report-only
default-src 'self' *; img-src 'self' data: *; style-src 'self' 'unsafe-inline' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; frame-ancestors 'self' *.assurance.com; worker-src blob: *.assurance.com;
x-cache
Miss from cloudfront
assur-appversion
1.0.601
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding, Origin
x-xss-protection
1; mode=block
x-request-id
63f40b5e-6b22-481e-8332-00a6626eb758
x-runtime
0.052752
access-control-allow-origin
*
referrer-policy
same-origin
x-frame-options
ALLOWALL
etag
W/"7cd85494eb375cc958155aca095fd0ba"
access-control-max-age
7200
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type
application/json; charset=utf-8
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
set-cookie
insurance=ff2bc79ebbe2e298fb5099e0d68ef1e4; path=/; expires=Sat, 25 Sep 2021 10:39:45 GMT; secure; HttpOnly
x-amz-cf-id
JKysaj6PSxmcVqDLI70XH-14-HSVrkvneFPVB0FMUwSh1YNmGDRBmA==
iframe.html
deviceid.trueleadid.com/ Frame 8658 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://deviceid.trueleadid.com/iframe.html?token=80E3400E-7A99-BA76-B141-DD16625C4902&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.7&lck=CF934278-B099-EB50-BF86-105A165FCB4E&lac=8AA3F211-CA81-3833-51B1-095D2985DA90
Requested by
Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=80E3400E-7A99-BA76-B141-DD16625C4902&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.7&lck=CF934278-B099-EB50-BF86-105A165FCB4E&lac=8AA3F211-CA81-3833-51B1-095D2985DA90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.95.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-95-27.compute-1.amazonaws.com
Software
nginx /
Resource Hash
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

:method
GET
:authority
deviceid.trueleadid.com
:scheme
https
:path
/iframe.html?token=80E3400E-7A99-BA76-B141-DD16625C4902&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.7&lck=CF934278-B099-EB50-BF86-105A165FCB4E&lac=8AA3F211-CA81-3833-51B1-095D2985DA90
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://d2m2wsoho8qq12.cloudfront.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://d2m2wsoho8qq12.cloudfront.net/

Response headers

date
Sat, 25 Sep 2021 08:39:45 GMT
content-type
text/html
server
nginx
last-modified
Thu, 16 Sep 2021 02:33:38 GMT
etag
W/"6142ad02-1049"
expires
Sun, 26 Sep 2021 08:39:45 GMT
cache-control
max-age=86400 public
p3p
CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
content-encoding
gzip
monitor
analytics.tiktok.com/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BSOM7NBLCPBMENBDH330
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
ca0023cf-396a-4831-8c8e-b18b28057cb6
consumer.krxd.net/consent/get/ Frame 7C3B 		224 B
283 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/ca0023cf-396a-4831-8c8e-b18b28057cb6?idt=device&dt=kxcookie&callback=Krux.ns.assuranceiq.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
771bbd9c8902622b2e47b2057da9a85d4ea9a8a3354379110f8a04254982e9ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 08:39:45 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a001-dub-prod.krxd.net, cache-hhn4022-HHN
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1632559185.246979,VS0,VE34
content-length
183
x-cache-hits
0, 0
monitor
analytics.tiktok.com/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BSOM7NBLCPBMENBDH330
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
pixel
analytics.tiktok.com/api/v2/ 		0
706 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BSOM7NBLCPBMENBDH330
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-242.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
4dd8b581.4ae6931
date
Sat, 25 Sep 2021 08:39:45 GMT
x-cache-remote
TCP_MISS from a23-44-4-44.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time
167,2.16.186.238
server-timing
cdn-cache; desc=MISS, edge; dur=155, origin; dur=12, inner; dur=10
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20210925083945010245248058249CE042
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
12,23.44.4.44
x-tt-trace-host
019df6f4e1404244a4d50ca42aad7a100a0e6eea21fbc498129c7d6a3a684841fba1eb6212b0b7231667cd5b6dd6c6de332b615c1080c4b4a613890ba47d624ee8e5d5fd27b9754c295359ef0294c92ec89b88af5194f35d3182037c00764797b32df0938ae7b540c88dfc415a11d1c894
expires
Sat, 25 Sep 2021 08:39:45 GMT
pixel
flask.nextdoor.com/ 		0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flask.nextdoor.com/pixel?pid=2dbfff6b-6ba6-4f53-954c-9ed6c4963450&ev=PAGE_VIEW&pl=https%3A%2F%2Fcarinsurance.net%2Fauto%3Ftoken%3D396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey%23auto_legacy%2FHas_Car_Policy&ndclid=&rf=&sem=&tm=0
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.6.43 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-6-43.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 08:39:45 GMT
x-envoy-upstream-service-time
2
server
istio-envoy
context-id
6a4f1d3f-5ba7-40d1-9614-b2e6a02d2d75
379708.gif
idsync.rlcdn.com/ Frame 7C3B 		42 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/379708.gif?partner_uid=OYfqjbWm
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 25 Sep 2021 08:39:45 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42
usermatch.gif
beacon.krxd.net/ Frame 7C3B
Redirect Chain
  • https://stags.bluekai.com/site/26357?id=OYfqjbWm&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOYfqjbWm%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID
  • https://beacon.krxd.net/usermatch.gif?_kuid=OYfqjbWm&partner=bluekai&bk_uuid=$_BK_UUID
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?_kuid=OYfqjbWm&partner=bluekai&bk_uuid=$_BK_UUID
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.228.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-228-134.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 08:39:45 GMT
cache-control
private, no-cache, no-store
x-request-time
D=34 t=1632559185
x-served-by
beacon-n012-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://beacon.krxd.net/usermatch.gif?_kuid=OYfqjbWm&partner=bluekai&bk_uuid=$_BK_UUID
Date
Sat, 25 Sep 2021 08:39:45 GMT
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
p2
sb.scorecardresearch.com/ Frame 7C3B
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=9&c2=8188709&cs_xi=OYfqjbWm&rn=1632559185
  • https://sb.scorecardresearch.com/p2?c1=9&c2=8188709&cs_xi=OYfqjbWm&rn=1632559185
64 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?c1=9&c2=8188709&cs_xi=OYfqjbWm&rn=1632559185
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-101.fra2.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 08:39:45 GMT
via
1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
aqu-JqdxfMY9QnXn-1KxB5qLX09Fq3r6a7mxryq785xXhIZXDv4qNQ==

Redirect headers

date
Sat, 25 Sep 2021 08:39:45 GMT
via
1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/p2?c1=9&c2=8188709&cs_xi=OYfqjbWm&rn=1632559185
content-length
102
x-amz-cf-id
mpT94KYy_Qte-tFFX3Z6U2kECKYrWB46jyvVGSNCxZAxHx5j7ILiGw==
data.gif
beacon.krxd.net/ Frame 7C3B
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=neustar
  • https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=OYfqjbWm
  • https://beacon.krxd.net/data.gif?_kdpid=OYfqjbWm&_kua_seg=000&_kua_zip=&_kua_age=&_kua_gender=&_k_adadvisor_key=
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/data.gif?_kdpid=OYfqjbWm&_kua_seg=000&_kua_zip=&_kua_age=&_kua_gender=&_k_adadvisor_key=
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.228.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-228-134.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 08:39:45 GMT
cache-control
private, no-cache, no-store
x-request-time
D=33 t=1632559185
x-served-by
beacon-n022-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 25 Sep 2021 08:39:45 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://beacon.krxd.net/data.gif?_kdpid=OYfqjbWm&_kua_seg=000&_kua_zip=&_kua_age=&_kua_gender=&_k_adadvisor_key=
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
dcm
s.amazon-adsystem.com/ Frame 7C3B
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=amazon_na&gdpr=0
  • https://s.amazon-adsystem.com/dcm?pid=869e3c8a-4465-4072-ac08-1ae27f62c9d4&id=OYfqjbWm&gdpr=0
  • https://s.amazon-adsystem.com/dcm?pid=869e3c8a-4465-4072-ac08-1ae27f62c9d4&id=OYfqjbWm&gdpr=0&dcc=t
43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=869e3c8a-4465-4072-ac08-1ae27f62c9d4&id=OYfqjbWm&gdpr=0&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 08:39:46 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
QCAZZ6DQ5F9EPX0B38C3
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 08:39:45 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
C81KHCBSS2JF4NA3MW9K
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=869e3c8a-4465-4072-ac08-1ae27f62c9d4&id=OYfqjbWm&gdpr=0&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
a.gif
kr.ixiaa.com/C726AB29-0470-440B-B8D2-D552CED3A3DC/ Frame 7C3B 		0
0
image.sbxx
global.ib-ibi.com/ Frame 7C3B 		0
0
/
c1.ox-bio.com/t04/ 		43 B
76 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.ox-bio.com/t04/?v=275952670578559500&oxtrk=141&zk=229ee724-1ddc-11ec-abb2-005056ac1aca&zl=977&ts0=1632559185433&zm=0
Requested by
Host: carinsurance.net
URL: https://carinsurance.net/auto?token=396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
199.68.195.200 Hamilton, Bermuda, ASN19626 (EVC-AS, BM),
Reverse DNS
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 08:39:45 GMT
content-length
43
content-type
image/gif
SaveDeviceId.js
create.leadid.com/2.11.7/ Frame 8658 		0
302 B 		Script
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.7/SaveDeviceId.js?lac=8AA3F211-CA81-3833-51B1-095D2985DA90&lck=CF934278-B099-EB50-BF86-105A165FCB4E&methods=48&token=80E3400E-7A99-BA76-B141-DD16625C4902&uuid=d72cb6d82f8f45cabe494efc93e7614a
Requested by
Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=80E3400E-7A99-BA76-B141-DD16625C4902&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.7&lck=CF934278-B099-EB50-BF86-105A165FCB4E&lac=8AA3F211-CA81-3833-51B1-095D2985DA90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.176.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-176-194.compute-1.amazonaws.com
Software
nginx/1.17.6 / PHP/7.1.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://deviceid.trueleadid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 08:39:45 GMT
content-encoding
gzip
server
nginx/1.17.6
x-powered-by
PHP/7.1.33
access-control-max-age
1728000
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
Snap
create.leadid.com/2.11.7/ 		0
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.7/Snap?msn=4&pid=74420b9d-8d76-43d9-a6f9-f0d70f877589&token=80E3400E-7A99-BA76-B141-DD16625C4902&_=13637042
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.176.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-176-194.compute-1.amazonaws.com
Software
nginx/1.17.6 / PHP/7.1.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 25 Sep 2021 08:39:45 GMT
content-encoding
gzip
server
nginx/1.17.6
x-powered-by
PHP/7.1.33
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
optout_check
beacon.krxd.net/ 		84 B
243 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/optout_check?callback=Krux.ns.assuranceiq.kxjsonp_optOutCheck
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.228.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-228-134.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7db7653d04abf0a0ded4757333e8408bed75c34b02f3fc66998a5fe2b62c6a8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 08:39:45 GMT
cache-control
private, max-age=0, s-max-age=0
x-request-time
D=28 t=1632559185
x-served-by
beacon-n008-dub-prod.krxd.net
content-type
text/javascript
get
cdn.krxd.net/userdata/ 		379 B
515 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/userdata/get?pub=ca0023cf-396a-4831-8c8e-b18b28057cb6&technographics=1&callback=Krux.ns.assuranceiq.kxjsonp_userdata
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
18298b35c2c73f88892a8c2b3ce4d6503e2fd295a278a4dac7da6bebf2a4d0ca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date
Sat, 25 Sep 2021 08:39:45 GMT
content-encoding
gzip
age
0
x-served-by
userdata-a002-ash-prod.krxd.net, cache-fra19136-FRA
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript
via
1.1 varnish
cache-control
private, max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1632559186.871496,VS0,VE94
content-length
287
x-cache-hits
0, 0
certs
api.trustedform.com/ Frame DDDC 		475 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16325591844550.8317707853967318&invert_field_sensitivity=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.112.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-112-176.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
548b015b87b9926db9dd048cfa7f9789661829614afb6e2496c2089fc721df4d

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 25 Sep 2021 08:39:46 GMT
server
Cowboy
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
475
/
c1.ox-bio.com/k2/ 		43 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.ox-bio.com/k2/?oxtrk=141&oxuid=ASS0001&zk=229ee724-1ddc-11ec-abb2-005056ac1aca&zl=977&zm=0
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
199.68.195.200 Hamilton, Bermuda, ASN19626 (EVC-AS, BM),
Reverse DNS
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 08:39:46 GMT
content-length
43
content-type
image/gif
t2d2oqsjx.js
cdn.krxd.net/controltag/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/t2d2oqsjx.js
Requested by
Host: myoffers.website
URL: https://myoffers.website/track/?oid=234&uid=240
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fd48bad98bf3e2598dd0b7d13234bc487432ee069c36f225b52ae9e194a7066b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Sat, 25 Sep 2021 08:39:46 GMT
via
1.1 varnish, 1.1 varnish
age
777
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
5406
x-served-by
config-service-a004-ash-prod.krxd.net, cache-bwi5174-BWI, cache-fra19136-FRA
x-response-time
1
x-do-esi
esi
x-timer
S1632559186.067757,VS0,VE0
etag
"93edd8ea5c4f2330348d85ace0db1a265583c0e7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 2
json
trc.taboola.com/1212162/trc/3/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1212162/trc/3/json?tim=1632559186065&data=%7B%22id%22%3A43%2C%22ii%22%3A%22%2Fauto%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1632559184972%2C%22cv%22%3A%2220210809-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fcarinsurance.net%2Fauto%3Ftoken%3D396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%3Ftoken%3D396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dassurance-carinsurance-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1632559186065%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fcarinsurance.net%2Fauto%3Ftoken%3D396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey%23auto_legacy%2FHas_Car_Policy%22%2C%22tos%22%3A1090%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1212162/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f6359cbaa3866b37a4391ac6427eaaf44ca8456d90b2dd06215061dbe0ef4f8b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms
14
date
Sat, 25 Sep 2021 08:39:46 GMT
content-encoding
gzip
server
nginx
x-timer
S1632559186.069766,VS0,VE14
x-served-by
cache-hhn4059-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=2045732271&t=pageview&_s=1&dl=https%3A%2F%2Fcarinsurance.net%2Fauto%3Ftoken%3D396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey&dp=%2Fauto%3Ftoken%3D396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey%23auto_legacy%2FHas_Car_Policy&ul=en-us&de=UTF-8&dt=CarInsurance.net%20%7C%20Get%20a%20Quote&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEABAAAAAE~&jid=&gjid=&cid=1433896558.1632559185&tid=UA-73253617-8&_gid=1955951371.1632559185&gtm=2wg9m05SBH6BJ&z=469917158
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Sep 2021 23:20:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
33534
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel
flask.nextdoor.com/ 		0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flask.nextdoor.com/pixel?pid=2dbfff6b-6ba6-4f53-954c-9ed6c4963450&ev=PAGE_VIEW&pl=https%3A%2F%2Fcarinsurance.net%2Fauto%3Ftoken%3D396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey%23auto_legacy%2FHas_Car_Policy&ndclid=&rf=&sem=&tm=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.6.43 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-6-43.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 08:39:46 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
context-id
f745bd78-3c39-4a0f-b9f6-dafe2d53c71e
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/773304124/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/773304124/?random=1632559186072&cv=9&fst=1632559186072&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9m0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcarinsurance.net%2Fauto%3Ftoken%3D396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey&tiba=CarInsurance.net%20%7C%20Get%20a%20Quote&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
cb8a8d4ca426023f84bac549539acc3655646986bd804e470a9659fc064e5477
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 08:39:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1082
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/924896316/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/924896316/?random=1632559186073&cv=9&fst=1632559186073&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9m0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcarinsurance.net%2Fauto%3Ftoken%3D396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey&tiba=CarInsurance.net%20%7C%20Get%20a%20Quote&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
17d91d1c915376da4b35938ffd2de539048f58fdbdd374acc214f8ddd3b81fec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 08:39:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1081
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1073744595
secure-ds.serving-sys.com/adServingData/PROD/TMClient/5/ 		122 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/5/1073744595
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.35 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-35.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
38b497b910a2245a74451044e066c971ed6ea5b4010a42af0ead8770f33e618a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
bt7qLJT1iCVWSAHKhmXRN.Td6szfW662
last-modified
Mon, 04 May 2020 21:59:20 GMT
server
ATS/7.1.0
x-amz-request-id
HJD4GKFYVQZG5V7E
etag
"6cca99c84759289ef8e4ae63e8b2e2b9"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=432
date
Sat, 25 Sep 2021 08:39:46 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
122
x-amz-id-2
Ik5BMWs9kAyaohQsjD3UEbkX8PxTKpJ0tx5VpVz4RanSA0kUCDDwtcCzslPmKol8VBgjtoKUeKk=
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=2045732271&t=timing&_s=2&dl=https%3A%2F%2Fcarinsurance.net%2Fauto%3Ftoken%3D396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey&dp=%2Fauto%3Ftoken%3D396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey%23auto_legacy%2FHas_Car_Policy&ul=en-us&de=UTF-8&dt=CarInsurance.net%20%7C%20Get%20a%20Quote&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=3183&pdt=13&dns=0&rrt=1109&srt=484&tcp=0&dit=1782&clt=1782&_gst=2032&_gbt=2137&_cst=1711&_cbt=1982&_u=aGDAgEABAAAAAE~&jid=&gjid=&cid=1433896558.1632559185&tid=UA-73253617-8&_gid=1955951371.1632559185&gtm=2wg9m05SBH6BJ&z=502000243
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Sep 2021 23:20:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
33534
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=2045732271&t=timing&_s=2&dl=https%3A%2F%2Fcarinsurance.net%2Fauto%3Ftoken%3D396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey&dp=%2Fauto%3Ftoken%3D396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey%23auto_legacy%2FHas_Car_Policy&ul=en-us&de=UTF-8&dt=CarInsurance.net%20%7C%20Get%20a%20Quote&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=3183&pdt=13&dns=0&rrt=1109&srt=484&tcp=0&dit=1782&clt=1782&_gst=2032&_gbt=2137&_cst=1711&_cbt=1982&_u=aGDAgEABAAAAAE~&jid=&gjid=&cid=1433896558.1632559185&tid=UA-73253617-8&_gid=1955951371.1632559185&gtm=2wg9m05SBH6BJ&z=1070964755
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Sep 2021 23:20:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
33534
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
controltag.js.a1705c5ac5f06cf0c202ff70908fc042
cdn.krxd.net/ctjs/ 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/t2d2oqsjx.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Sat, 25 Sep 2021 08:39:46 GMT
content-encoding
gzip
age
4652531
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
1280871
content-length
84509
x-served-by
cache-fra19136-FRA
last-modified
Mon, 02 Aug 2021 12:06:17 GMT
x-timer
S1632559186.087697,VS0,VE0
etag
"a1705c5ac5f06cf0c202ff70908fc042"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Thu, 31 Jul 2031 12:06:16 GMT
Serving
bs.serving-sys.com/ 		390 B
879 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving?cn=ot&onetagid=1073744595&dispType=js&sync=0&sessionid=3139675470960890782&pageurl=$$https%3A%2F%2Fcarinsurance.net%2Fauto%3Ftoken%3D396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey%23auto_legacy%2FHas_Car_Policy$$&activityValues=$$Session%3D8802732666667558893$$&ns=0&rnd=3754894205377908
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073744595
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.21.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-21-149.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7cd7cf89b5c0bea59112818ccd69a09db2261f233260899d9519ccad5781ca1f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 08:39:46 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
p3p
CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin
*
cache-control
no-cache, no-store
content-type
text/html; charset=UTF-8
content-length
295
expires
Sun, 05-Jun-2005 22:00:00 GMT
optout_check
beacon.krxd.net/ 		84 B
243 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/optout_check?callback=Krux.ns.assuranceiq.kxjsonp_optOutCheck
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.228.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-228-134.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7db7653d04abf0a0ded4757333e8408bed75c34b02f3fc66998a5fe2b62c6a8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 08:39:46 GMT
cache-control
private, max-age=0, s-max-age=0
x-request-time
D=36 t=1632559186
x-served-by
beacon-n016-dub-prod.krxd.net
content-type
text/javascript
pixel.gif
beacon.krxd.net/ 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/pixel.gif?source=smarttag&fired=report&confid=t2d2oqsjx&_kpid=ca0023cf-396a-4831-8c8e-b18b28057cb6&_kcp_s=carinsurance.net&_kcp_d=carinsurance.net&_knifr=9&_kua_kx_tz=0&geo_country=de&geo_region=he&geo_dma=276003&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_id=396935652&_kua_kx_tech_browser=Chrome%209&_kua_kx_tech_manufacturer=Microsoft%20Corporation&_kua_kx_tech_device=Computer&_kua_kx_tech_os=Windows%2010&_kua_kx_geo_country=de&_kua_kx_geo_region=he&_kua_kx_geo_dma=276003&_kua_kx_whistle=0&_kpa_carinsurance.net_url_path_1=auto&t_navigation_type=0&t_dns=0&t_tcp=0&t_http_request=-1&t_http_response=13&t_content_ready=1782&t_window_load=3183&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=true&store_user_after=wphniyd50&userdata_user=OYfqjbWm%2Cwphniyd50&sview=1&kplt0=40484&kplt1=40660&kplt2=41153&kplt3=43301&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2Fca0023cf-396a-4831-8c8e-b18b28057cb6%2C73%2Chttps%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fset%2Fca0023cf-396a-4831-8c8e-b18b28057cb6%2C77%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C215%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C232
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.228.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-228-134.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 08:39:46 GMT
cache-control
private, no-cache, no-store
x-request-time
D=95 t=1632559186
x-served-by
beacon-n012-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
www.google.com/pagead/1p-user-list/924896316/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/924896316/?random=1632559186073&cv=9&fst=1632556800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9m0&sendb=1&frm=0&url=https%3A%2F%2Fcarinsurance.net%2Fauto%3Ftoken%3D396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey&tiba=CarInsurance.net%20%7C%20Get%20a%20Quote&async=1&fmt=3&is_vtc=1&random=3412712733&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 08:39:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
trustedform-1.5.8.js
cdn.trustedform.com/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustedform.com/trustedform-1.5.8.js
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16325591844550.8317707853967318&invert_field_sensitivity=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-115.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2325fcd937bca9732281e9f4f8960d8fb5aed726265ceb609a77f50cd7039148

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
srRHaEKZoYw77hmUBlWTeIw_odvirpEk
content-encoding
gzip
last-modified
Wed, 01 Sep 2021 19:52:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
W/"0ea185cf3ab4939007594db03e431e63"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
date
Sat, 25 Sep 2021 08:39:46 GMT
x-amz-cf-id
UyEHM5ezsPDBWwaTy-ib9BNRZGbSnNO6zCnp6pxY5ZFpDJO8rdfyhQ==
ca0023cf-396a-4831-8c8e-b18b28057cb6
consumer.krxd.net/consent/get/ 		224 B
283 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/ca0023cf-396a-4831-8c8e-b18b28057cb6?idt=device&dt=kxcookie&callback=Krux.ns.assuranceiq.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
771bbd9c8902622b2e47b2057da9a85d4ea9a8a3354379110f8a04254982e9ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 08:39:46 GMT
via
1.1 varnish
age
1
x-served-by
consumer-a001-dub-prod.krxd.net, cache-hhn4022-HHN
vary
Accept-Encoding
x-cache
MISS, HIT
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1632559186.189559,VS0,VE0
content-length
183
x-cache-hits
0, 1
snapshot
api.trustedform.com/certs/1c5a5dc4a672112a69339563fe811bca674aa4df/ Frame 4245 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/1c5a5dc4a672112a69339563fe811bca674aa4df/snapshot
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.5.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.112.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-112-176.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Sat, 25 Sep 2021 08:39:46 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
Cowboy
access-control-expose-headers
ella-flip-f04095fe7f04d0096fdb266e3ac4cc063a0aea747f5f5113e81355374b197194.png
cdn.assurance.com/insurance/public/assets/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.assurance.com/insurance/public/assets/ella-flip-f04095fe7f04d0096fdb266e3ac4cc063a0aea747f5f5113e81355374b197194.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.5.8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-56.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
080b58bfb270a0738da291bfc8693cbf683d222ee761597e682e29e21f6f76fc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 08:39:44 GMT
via
1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
last-modified
Tue, 21 Sep 2021 00:05:38 GMT
server
AmazonS3
age
9083
etag
"db64300811ffdb901937748066c4718e"
x-edge-origin-shield-skipped
0
content-type
image/png
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
101895
x-amz-cf-id
pzKmbfGj6l5kX_-GG8sNdQu3Iw5vKZf6ge6vpCseLYO0pHAHCZX7WQ==
loading-fb3d3d8df818ea9ed9ae14cc8cf5c9f5f9a1e36c8602782a3ec27f3319c02613.gif
cdn.assurance.com/insurance/public/assets/icons/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.assurance.com/insurance/public/assets/icons/loading-fb3d3d8df818ea9ed9ae14cc8cf5c9f5f9a1e36c8602782a3ec27f3319c02613.gif
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.5.8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-56.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ea1c3eaefeb1b4e7a6d3fa97f320b3397e4f5d112afcb758e62513852b573423

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 08:39:45 GMT
via
1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
last-modified
Tue, 21 Sep 2021 00:05:39 GMT
server
AmazonS3
age
2
etag
"d6b028d0fe0d17991948c0b5c94e0a2e"
x-edge-origin-shield-skipped
0
content-type
image/gif
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
34936
x-amz-cf-id
0KVLjmHMsoS0H3HIccLc2eZnIA3ZkyHlg6Wa7_4OC480soBWaBUXiQ==
bbb-logo-e05decb36ee725ba2f2a129928641baddbb4ef50efff58ccb0653e0c20d0fb33.svg
cdn.assurance.com/insurance/public/assets/icons/ 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.assurance.com/insurance/public/assets/icons/bbb-logo-e05decb36ee725ba2f2a129928641baddbb4ef50efff58ccb0653e0c20d0fb33.svg
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.5.8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-56.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1f3af85e9de68646bce0f2cba2a662f960d00de0fa005bfdca95ab18ef5896c1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 04:33:26 GMT
content-encoding
gzip
last-modified
Mon, 20 Sep 2021 01:23:01 GMT
server
AmazonS3
age
14781
etag
W/"b96ec18537d2a85fa46cfaa1fb2ed5c4"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
image/svg+xml
via
1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
h2sjwFe4aAAEtVx5m3VwOK1H4xXrLZlwBwgbd7fdCPH_RCYvsgc4Ww==
fingerprints
api.trustedform.com/certs/1c5a5dc4a672112a69339563fe811bca674aa4df/ Frame 4245 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/1c5a5dc4a672112a69339563fe811bca674aa4df/fingerprints
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.5.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.112.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-112-176.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Sat, 25 Sep 2021 08:39:46 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
Cowboy
access-control-expose-headers
0
bat.bing.com/action/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5223060&Ver=2&mid=b03ef1c3-e775-45c8-8201-c7fefaefacc2&sid=225fd9501ddc11ec816f2b72b98bec89&vid=22600df01ddc11ec886d15b948aa74e0&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=CarInsurance.net%20%7C%20Get%20a%20Quote&p=https%3A%2F%2Fcarinsurance.net%2Fauto%3Ftoken%3D396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey%23auto_legacy%2FHas_Car_Policy&r=&lt=1783&evt=pageLoad&msclkid=N&sv=1&rn=263803
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 25 Sep 2021 08:39:45 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: BE845E08A65A4935B5027B15DEAFB90F Ref B: PRG01EDGE0707 Ref C: 2021-09-25T08:39:46Z
x-cache
CONFIG_NOCACHE
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/773304124/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/773304124/?random=1632559186072&cv=9&fst=1632556800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9m0&sendb=1&frm=0&url=https%3A%2F%2Fcarinsurance.net%2Fauto%3Ftoken%3D396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey&tiba=CarInsurance.net%20%7C%20Get%20a%20Quote&async=1&fmt=3&is_vtc=1&random=3702996225&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 08:39:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Snap
create.leadid.com/2.11.7/ 		0
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.7/Snap?msn=5&pid=74420b9d-8d76-43d9-a6f9-f0d70f877589&token=80E3400E-7A99-BA76-B141-DD16625C4902&_=13637043
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.176.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-176-194.compute-1.amazonaws.com
Software
nginx/1.17.6 / PHP/7.1.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 25 Sep 2021 08:39:46 GMT
content-encoding
gzip
server
nginx/1.17.6
x-powered-by
PHP/7.1.33
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
/
c1.ox-bio.com/t01/ 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.ox-bio.com/t01/?d=6g+3jnI8ksjJFforbwsYqDZtS1Y9udgU7KU9w6sqLLAbGGH6lY9dcwOHk+cIi0WmplJdJYKFQJZRTE0f7Ha3XbGpLNda/WIpxdU4wgfQccbj6OM460H4OtTxOwYSg/bxPhKu6reVZRE+P/Nfi0orIzMYY4V4zkXi0ucDqPg/iZPcW2IEG8MB39vtCvE4Mhj+oQCGWkU1Ka38WMlMWv94exGr5o56cxXryGKG7C1Q5JnE56MMnVn6hx1/w53b+vuIfGNxoWcjWnAxPEhxcM+SEFJtF9rk34/g6w8JPf9mpq/xNpMJxvVgBhFnYyQmFcSCxT+MVWPezmn17S6Hi23AHE61bvIaKDnnfy9oOzdASjh3Hj7l9krlbH2ixrHKVlM7EjSfSY8CJWXxtg3poFhSRZ+8k2RuxMiRQYxr/xVmwbsopaN1LghkMgf7sH+dXVflCtKxjbj3UdiV/oeuz76ra71jLgJkl/bBsz/DIaGrhiCG/1x4MV2E4/UTiNmqtNsS/rwdKI+7ky2dEQVyOxa3mcC7j3qPC/JIrsb3EsxzduL7D5ysmrP+yqqsf2d4WnLsnu+mqMK4c+WMeQTnq6dOFNRy/XjVULv8+v/FT1FOg5jQP8Ip+x+bOwJbbKYzHDEMlpwiS2abdzrJMozinxpKLc9kPRx0D/9i8M1cT5CyUJbkQ4kZe0ocLdBJZOpHwLx13lVh6AWKJxn7O/r5wn44dolFSfIvBGMuDafyImqwYdBsUnla4F4u2Zy1rCrfUGchpy1Ixu194kN4O88ocKQf/XwjPZh1G6ZIEgAJiTC/SnmP4+S0GOs8d7ceoOCuCIHTpgXWaCW2RpDN6/QwJG/Pz7swwtuXdLXKjbJGzUvzVxtwTcGmTiQIv7laKf3x0T9KeR+f64maglnDnR8bznrSXpU1OH/19CIU8p73kGCkKLoCaBUI6o9TVnM5rggYE2A1h8/SSLnGUcF19LeoD2ZoqceiegLHP35XZZdUL5eILBtjOk5tNyX63sOLwvC+hV62S2m3CFeQf432vU0TN9r0Z3ewyErBSZgwW9Hi+PvCbIJ+sI66fgzhRigxSBb/A0ikXVUG6LYRO0Sf5503OFzfyPW0FdxnLgrtwx/FtYqB7AG36JTmcN7WTJnPlUdli1YRH16wct5ZYgU6CSEsVNmxVV7cu3SsTShmC9eAi6IBETJmtshBZzhqbW++ZY/QIeRf38Qc606kDKpGuWXTjXf6IV9kN0quPl+wUqyxc1hyoaeEl2BsEtmUFCrT1sWtQeN9Kb4zTPcGQcH6Zbx3+yYswiAuwiyjXdf0LZudnsJziMTRQUPvY4BRgY8VSWjSCQswiLxpGdbo8VKSAU+TPXAogZe1jUTJcRYfz0HzC3TSDiRXenjlGJCOahpg2zOrj/61YhOXSEGwo7brFRm8VLMs+9Q9UZi8MwwbIH/+g9k03JU6Qdf1R8/9ck8hVFcsZW1UZKU1aJTrex17sJA0UadZfOqAqlN9xx8bpUPleTMkcxcmmdN3vVT/6wTFSwpNaQfewYQ0TqzLNEzu25lVuUGNFX2yk63PuU4bcYB013hVVFR+LjFyhqRlhtmd8f14XobnB+Hmz+tgJ7TBgMg+NMdGCA8JoyCIoimH1Sf3TbOy6OSw+aGcGUUGMTNzMx5CGBL6dI7UlblPZZGGQ25AYtW5cVkVgue71H5r/55vCtPI1TF1gcuFkDtm5jQzV4Q/ZGE9FA9GNzjIM6YGPaaagmdFGAmIdVNSccA2FfvELXYLdXeA/aIQP1B/b4r5+93w4FkIaABp76ikWhRy7VUwSuIdoaNohGauxyX5cQfzeglRs8TMZPmXyb8vJG8jtRj05Eshp9Z+PSLB38SyPF9LJndS35foiE05xVifkvC+ny30IL02mmYLQaS+K5UMRXNIJPxYnz8ahUk7RER3lsHD/W7vBY/7AZjyvXhUGYXoDLexCXYgT2tcXawumckNzCCdQ/GyCWmSYLigygIqnW52708gHYpjeLZeIjUWZZY7BLd9QJB6Z54DYXy2P/PP9Jp8iSP1GqfDLbcYbVS4of9+QzTLPwHs7OXu2/XTMLhW+CywQ8c3iQVLqCxNXmUBsY/nOUp2foLvFacyidX3FcZ4NK9Dq7LNqTFoudY3oGhIqx3+krvYWm0yytKLxPFDnmFA1A3Cb0Bda9QzlXyj+DtB/zVTvwsnFYmZR9o640AsryAFgHk8wTAb5T10IbvwBqbOSp/jbU9o+zjSJN6atXMEVsXf/fLjzG+ihLv0GDYdPoLlSVhr73KfURNJ6mfZKonJRRiFVGNnqEnqdYMXJEJkBGT5b5iMWdZ4ITvv1byB4nIKTn3VEvLHbK8PbYzFDXt4uTVQSLYn1oKsZD4svLj+3Kfan+lGN4OT4Kn4v8VoEQDJYXxaQjRoJq441Z/gUVHxJxLB2VBwH9/zfsbWL/T5af+HK5ByigIDPXfwCHEv6bnbeKWm4lGjBWg6XRZt/S8ZlnbTyZ7wZGsCQ76QLnMqsh/5ogZhU9NWNWnkJyJtJSQ5Z1T2DUvYr4XvjH9ifBhPZubruTxusRtjfN+RRJO7CatojW1QxRSVK+wT6T79eWvN7SS1nYwxtvdWwADSx/SdMGKBMUgipRi0ykj3tZswO0oFNh+YvFzk+9PxYtgZMgM2HsDcR2ScAIe4E/BdGcJzOUFhkG/kDcapI6tEjTYsz5SRju4GpabgubZwyDaX4aq8mUFA4yiVGOPVIuE+5u2fSNwIGRPAH5H8gV3IiU9lg/eTJSV9tK8zlCpKFnY5mg+dP9gxUVlG2UMjfC7iiK0Moc+zEaPpPOzA74mxpU7of0sAeIWdHJ7GNqC5HEFbHlhcw4j481BLkX0h8I17J7j6pz2x8WuwF906cWN3Qe00RLKEIoJ+M5zUWYyWcb9oCJ70JIKcMibKEn3pKXjbrrQKAsYrhCejtjk1todkgjNyAaQLKGPT+MIENl4LUKk24SXHTUZnIU6ajDkxldqZpnNaW1FxjUx0MCeCKneEZ3XEG2KIbBg2HlTZyZdqmRo8Qik1YQQ1s6gxtBo2EME+u3k453sIjpvkZGegTHtUX3BRMBj121du+K02ZeRlg1c8eWQXw6Mlbyi+NBo++nhNnxslsoPRJ1EoCCLS/Mk22jE/Fme4oQ3zgqPXoYS7PewQpboF1QfGrxmWly84Ife5cqjioRkwjw60FQtSR9ZQrEKjOkNw1m7Fgh9eR5+cKvnCLBMKrYGuFi1N+oqImL5+UXxwqFZSQPk2Ns6nN1wJ/4B/G6aJhrDWhROngByFMAIUvlFDUU4QXI5mNROQL7WGH2IPZL4zSLWDMWawvS2LjgeZSlmtDhm9dj5UF5I4PRV2ueXcjHVHteKRh+y+Nm/uf4kb0KuR1yHKELb9QJi6ZOFSoguuHzAy1JE9kQi8uXpwbLbQ51bC3AumMsBETR9zxAEWl6rPRtSeKJB6zhW94cIhdaA73Ybhna5CPute0rH1pKRnqknRPiC9u0+CKqp0POMwKbn2HIC7Pj/cIcDLYWG5ZQMq4TeVHiS2In13LLQ1EnU+Nzl1/feYizGiJosdMcRCZh90MxKKj7olZoaIbDitho90YwgQ9M3TMTN1KzWA9gaiazLOSi2v9jA5LzgXZYCotszfK44gNJM/UCZIpkD1REI35GrL&c=2822026449&oxtrk=141&oxuid=ASS0001&zk=229ee724-1ddc-11ec-abb2-005056ac1aca&zl=977&oxltc=314&zm=0
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
199.68.195.200 Hamilton, Bermuda, ASN19626 (EVC-AS, BM),
Reverse DNS
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 08:39:46 GMT
content-length
43
content-type
image/gif
unip
trc-events.taboola.com/1212162/log/3/ 		0
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1212162/log/3/unip?en=pre_d_eng_tb&tos=1607&scd=100&ssd=1&est=1632559184975&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1632559186581&vi=1632559184972&ri=6aabbcc9c72d560f9d0df1a80ff37cb9&ref=null&cv=20210809-3-RELEASE&item-url=https%3A%2F%2Fcarinsurance.net%2Fauto%3Ftoken%3D396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey%23auto_legacy%2FHas_Car_Policy
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
https://carinsurance.net
pragma
no-cache
date
Sat, 25 Sep 2021 08:39:46 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
InitFormData
create.leadid.com/2.11.7/ 		0
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.7/InitFormData?msn=6&pid=74420b9d-8d76-43d9-a6f9-f0d70f877589&token=80E3400E-7A99-BA76-B141-DD16625C4902&_=13637044
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.176.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-176-194.compute-1.amazonaws.com
Software
nginx/1.17.6 / PHP/7.1.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 25 Sep 2021 08:39:46 GMT
content-encoding
gzip
server
nginx/1.17.6
x-powered-by
PHP/7.1.33
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
Snap
create.leadid.com/2.11.7/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
media.go2app.org
URL
http://media.go2app.org/assets/js/dl.js
Domain
kr.ixiaa.com
URL
https://kr.ixiaa.com/C726AB29-0470-440B-B8D2-D552CED3A3DC/a.gif
Domain
global.ib-ibi.com
URL
https://global.ib-ibi.com/image.sbxx?go=247532&pid=314&xid=OYfqjbWm
Domain
create.leadid.com
URL
https://create.leadid.com/2.11.7/Snap?msn=7&pid=74420b9d-8d76-43d9-a6f9-f0d70f877589&token=80E3400E-7A99-BA76-B141-DD16625C4902&_=13637045

Verdicts & Comments Add Verdict or Comment

304 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| onbeforexrselect boolean| originAgentCluster function| setIsGoogleMapsLoaded function| setSelectionRange function| setCaretToPos function| getParameterByName function| getParameters function| getParametersJSON function| isValidEmail function| isValidPhone function| isValidLeadPassword function| isValidDate function| isValidMedicareEffectDate function| isValidMonth function| isValidDay function| isValidYear function| sendGAEvent function| sendGAPageview function| getGAClientId function| sendCriteoPageview function| sendCriteoBasket function| sendCriteoConversion function| getSubdomain function| appBaseUrl function| getAgeFromDOB function| setCookie function| getCookie function| deleteCookie function| inIframe function| defer function| googWcmCallback function| formattedNumber function| initLuckyOrangeSite function| setMaxInterval function| alphaOnly function| autoFocusContinueOnMobile function| trackVisitorClick function| isValidAddress string| DEFAULT_ZIP object| App object| gon function| executeRecaptcha object| dataLayer object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| TrustedSite number| TrustedSite_done object| TrustedSiteInline function| loadCSS function| onloadCSS function| clickMaskedFieldEvent function| triggerNextClick function| updatePlateContent function| plateSwipeTransitionComplete function| tryPlateSubmit function| buildPlateSubmitData function| getBrowserData function| getPlateButtonLoadingHTMl function| updatePlateButtonContent function| restoreAllPlateButtonContent function| restorePlateButtonContent function| disableAllPlateButtons function| enableAllPlateButtons function| updatePlateProgress function| revertPlateButtonContent function| scrollTop function| scrollToTop function| notifyGenericLoader function| updatePluralCopy function| redirectToURL function| focusFirstPlateInput function| focusNextPlateInput function| atLeastOnePlateCheckboxSelected function| addObjectBlock function| removeObjectBlock function| fixObjectBlockIndexes function| validateObjectBlocks function| validateNonEmptyObjectBlocks function| isObjectBlockVisibleAndEmpty function| encodeObjectBlockJSON function| parentDepthFilter function| getStructuredObjectBlocks function| validateVisibleObjectBlocks function| encodeStructuredBlockJSON function| validateInput function| inputsValidatedForAttention function| validateRequired function| validateMultiple function| validateDropdown function| validateEmail function| exists function| validateEmailIfExists function| validateMedicareClaimNumber function| validateMedicaIdNumber function| validateNameField function| validatePhone function| validateNoOp function| validateDOB function| validateLumicoChildDOB function| validateHealthDOB function| maxChildAgeForState function| validateHealthChildDOB function| validateAnyDate function| validatePlanDate function| validateYear function| validateCardExpirationYear function| validateMonth function| validateDay function| validatePositive function| validateNonNegative function| validateLeadPassword function| notifyAndScroll function| notifyBelowElementWithoutScrollForPbp function| notifyBelowElementWithoutScroll function| isValidPlanDate function| onblurTextEventHandler function| onblurEmailEventHandler function| onblurPhoneEventHandler function| onblurDateEventHandler function| onblurAnyDateEventHandler function| onblurMedicareEffectiveDateEventHandler function| onblurPastDateEventHandler function| onblurHealthChildBirthdateEventHandler function| onblurCardExpirationYearEventHandler function| onblurCCEventHandler function| onblurYearEventHandler function| onblurMonthEventHandler function| onblurDayEventHandler function| onblurSelectEventHandler function| onblurLeadPasswordEventHandler function| onblurAddressEventHandler function| onblurSimpleEventHandler function| onblurRequiredCheckboxEventHandler function| onblurAbstractEventHandler function| onchangeRadioEventHandler function| onchangePlanDateHandler function| validateResidentialAddress function| validateSsn function| isValidSsn function| validateRoutingNumber function| isValidRoutingNumber function| validateBeneficiaryPercentage function| validateRequiredVisible function| refreshOnChange function| validatePersonalLoanAmount function| validateDrivingLicense function| validateStreetAddress function| checkAddressValidity function| checkEnteredDateIsFutureDate function| initForms function| loadScriptAndExecute function| scrollPlateToTop function| scrollWindowToTop function| initPopovers function| initTooltips function| initPlaceholders function| initTCPACheckbox function| initMaskFields function| initEditableFields function| initMaskElement function| initNewMaskFields function| initValidateFields function| initWindowUnloadEventExceptions function| initWindowUnloadEvent function| initDatePicker function| initRetreaver function| initKeyAssist function| initAutocomplete function| initLiveChat function| formatElementId function| addTestIdInElement function| checkIfTestIdIsRepeated function| initTestID function| initPlateButtons function| initStateLoaderAnimation function| initTactileRadioButtonSet function| initRadioButtonSet function| initJSONPlateButtons function| initStructuredJSONPlateButtons function| initPlateProgress function| initFingerprint function| initResultModal function| initSliders function| initAccordions function| initAccordionsOnRadioToggle function| invokeAccordion function| showVehicleButton function| resetCheckedValuesForHiddenAccordion function| initMainFormElements function| initAttentions function| revalidateAllAttentionsAndChain function| initPlateHashes function| verifyRecaptchaToken function| tcpaCheckbox function| initBackButton function| initNavigateBackHistorySession function| initComplianceBox function| initToggleSelectors function| initHealthComplianceBox function| initPolicyBasedOpenPlatButton function| initCustomRangeSlider function| initPrubrandedPlate function| submitPatchRequest function| submitPlateRequest function| getClickListings function| getPlateServicesQuotes function| getPlateServicesAds function| trackResultsPageVisit function| requestLumicoQuote function| updateReqBodyWithQuoteId function| updateRumContext function| CreateGuid object| Validator object| Formatter function| _typeof boolean| windowIsDefined number| triggerNextClickMutex string| PLATE_BUTTON_LOADING_HTML function| $ function| jQuery function| Inputmask object| bowser function| Slider function| Fingerprint2 function| Cleave object| FraudDetector object| SmartTouch object| DD_RUM function| addDataDogRumContext object| google_tag_manager function| postscribe object| google_tag_manager_external object| recaptcha object| closure_lm_660705 object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| uetq function| Krux object| versaTagObj string| hasoffers_domain function| ndp object| _tfa object| LeadiDconfig object| LeadiD function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| gaplugins object| gaGlobal object| gaData function| UET function| UET_init function| UET_push object| $jscomp function| $jscomp$lookupPolyfilledValue object| EBG object| EBGVT object| EBGUIP string| EBservingMode object| gEBMainWindow object| providersData object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError string| ptclString string| TiktokAnalyticsObject object| ttq object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge object| trustedForm function| trustedFormStartRecording function| trustedFormStopRecording string| label string| id boolean| sensitiveData undefined| oneTagObj function| ebDecode object| bsResponseObj object| regeneratorRuntime object| JSON3 object| defaultStyleFrame function| TiktokJelly object| _jelly_sdks object| O

46 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AHsz4RYQBkzf6blT1-Lng0l_DTl_P68jmgeJAvaU-TCQS4wkzzC3Rb-gp0OSBz9VOafyXQq9LDQqAQvQ0zf8xhE
myoffers.website/ Name: ci_session
Value: 53898836e4043f915edb043bc5689099346bbff5
afflat3e1.com/ Name: mb_16946_SS
Value: AF=410098&AC=791683280&CS=792093378
afflat3e1.com/ Name: I_SS
Value: 791683280
afflat3e1.com/ Name: I
Value: 791683280
afflat3e1.com/ Name: mb%5F16946
Value: AC=791683280&CS=792093378&AF=410098
afflat3e1.com/ Name: ASPSESSIONIDCWQTRDAC
Value: GGKNPPGDLHGJGDGFECICJLIK
tracking.nationalfamily.com/ Name: enc_aff_session_175
Value: ENC03a17e8cb4b56315a3b7074ef7cfb8c16484eaf2328f2da7cbf7ac482200a53736828ea25270eb79213b5a1b763ee5bf1e98cf2b630c84241407d1a44a6be785bbc80ae3f346ded613edafcbcdce0c36d877a884a29f3096d56def1904a2b9347c76037b204cb89a706f05bab604602623d30e7df4b17b357f4abc5975dbac3be127ed8b4b6d4d2163395659eabaf2a687b2455f0b9f6ea6ba1df23d405422f15f1497b6bf
tracking.nationalfamily.com/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI5My4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyBYNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS85My4wLjQ1NzcuNjMgU2FmYXJpLzUzNy4zNiIsImFjY2VwdF9sYW5ndWFnZSI6ImRlLURFLGRlO3E9MC45IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9
carinsurance.net/ Name: path_split_auto
Value: auto_legacy
carinsurance.net/ Name: test_split_test_auto_interstitial_CRM1454
Value: control
carinsurance.net/ Name: test_split_auto_click_leave_behind_CRM1266
Value: control
carinsurance.net/ Name: test_split_home_quote_leave_behindCRM1497
Value: control
carinsurance.net/ Name: test_split_auto_digital_desktop_SPO919
Value: control
carinsurance.net/ Name: test_split_auto_payfone_call_api
Value: control
carinsurance.net/ Name: test_split_auto_payfone_use_api_response
Value: control
carinsurance.net/ Name: test_split_auto_payfone_prefill_pn
Value: control
carinsurance.net/ Name: test_split_auto_control_wifi_no_mail_SPO857
Value: control
carinsurance.net/ Name: test_split_auto_payfone_auth_flow_always_call_identity
Value: control
carinsurance.net/ Name: test_split_auto_legacy_path_credit_pull_tcpa_pf_454
Value: show
carinsurance.net/ Name: retreaver_id
Value: NzQ3Zlp2RCtBQ1pDL0lvaWhpbDI2RzNWMFJOMnQrZGN1WDdpYmFSL3Zwdz0tLU1IK3JaTjR4N09nUTNpMkdCZzVISGc9PQ%3D%3D--c241eca44971a1322ca9d542e79a7c5c7d61d2f8
carinsurance.net/ Name: insurance
Value: ff2bc79ebbe2e298fb5099e0d68ef1e4
carinsurance.net/ Name: _dd_s
Value: rum=0&expire=1632560084458
.bing.com/ Name: MUID
Value: 0F251F77752161D219FF0FCA74646045
.carinsurance.net/ Name: _ga
Value: GA1.2.1433896558.1632559185
.carinsurance.net/ Name: _gid
Value: GA1.2.1955951371.1632559185
.carinsurance.net/ Name: _dc_gtm_UA-73253617-8
Value: 1
.carinsurance.net/ Name: _uetsid
Value: 225fd9501ddc11ec816f2b72b98bec89
.carinsurance.net/ Name: _uetvid
Value: 22600df01ddc11ec886d15b948aa74e0
carinsurance.net/ Name: leadid_token-8AA3F211-CA81-3833-51B1-095D2985DA90-CF934278-B099-EB50-BF86-105A165FCB4E
Value: 80E3400E-7A99-BA76-B141-DD16625C4902
carinsurance.net/ Name: trustedsite_visit
Value: 1
.carinsurance.net/ Name: _fbp
Value: fb.1.1632559185142.1415954224
.krxd.net/ Name: _kuid_
Value: OYfqjbWm
.rlcdn.com/ Name: rlas3
Value: cGxSKFqCwhrdqdueSdv9MgFnSWnNFa9pZximQuZ9Ay0=
.rlcdn.com/ Name: pxrc
Value: CAA=
.scorecardresearch.com/ Name: UID
Value: 1MPT94KYYQTETFFX3Z6U2Kg1632559185
carinsurance.net/ Name: zk
Value: 229ee724-1ddc-11ec-abb2-005056ac1aca
.deviceid.trueleadid.com/ Name: uuid
Value: d72cb6d82f8f45cabe494efc93e7614a
www.trustedsite.com/ Name: AWSALBCORS
Value: 9TAKyMU4I3yOGWriFU53ix+hJ9EtJP87Zu0x02WEqwVNOBG/XxnGE/HdOmywuKpJJydcstTEfKxEb4ZWWJO2M5tvmm70poQsuTxMvpoVDotnueKj034Hu1iIUnBZ
.agkn.com/ Name: ab
Value: 0001%3ARDwM7pIoMtVqBOHCevGdwUx5xEstc8BG
bs.serving-sys.com/ Name: OT_1073744595
Value: 2
.serving-sys.com/ Name: OT2
Value: 1000Hj2p6Y
.serving-sys.com/ Name: u2
Value: 8810cd4a-27ea-4906-98c8-94d94393c5694Df06g
.amazon-adsystem.com/ Name: ad-id
Value: AwkU37Bnt0OfoICyDEjwwlk
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.doubleclick.net/ Name: IDE
Value: AHWqTUlxAk19cHXu2ce-N1sWaHJXOrJ6S64zLAFrjnga4BuJwUpvSHKfk7i7sIqs

5 Console Messages

Source Level URL
Text
security error URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SBH6BJ(Line 323)
Message:
Mixed Content: The page at 'https://carinsurance.net/auto?token=396935652-vWU5zZneUmd-tiGDd1PV8Mu_CD_mXLsF5nuhQxhLcbAv17ZxZsLHw3LUPTBN82Ey#auto_legacy/Has_Car_Policy' was loaded over HTTPS, but requested an insecure script 'http://media.go2app.org/assets/js/dl.js'. This request has been blocked; the content must be served over HTTPS.
network error URL: https://kr.ixiaa.com/C726AB29-0470-440B-B8D2-D552CED3A3DC/a.gif
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
deprecation warning
Message:
'window.webkitStorageInfo' is deprecated. Please use 'navigator.webkitTemporaryStorage' or 'navigator.webkitPersistentStorage' instead.
other warning
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
network error URL: https://global.ib-ibi.com/image.sbxx?go=247532&pid=314&xid=OYfqjbWm
Message:
Failed to load resource: net::ERR_CONNECTION_RESET

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
ads.nextdoor.com
afflat3e1.com
analytics.tiktok.com
api.trustedform.com
assets.assurance.com
bat.bing.com
beacon.krxd.net
bs.serving-sys.com
c1.ox-bio.com
carinsurance.net
cdn.assurance.com
cdn.krxd.net
cdn.taboola.com
cdn.trustedform.com
cdn.ywxi.net
cdnjs.cloudflare.com
connect.facebook.net
consumer.krxd.net
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
flask.nextdoor.com
fonts.googleapis.com
fonts.gstatic.com
global.ib-ibi.com
googleads.g.doubleclick.net
idsync.rlcdn.com
kr.ixiaa.com
media.go2app.org
myoffers.website
s.amazon-adsystem.com
s3-us-west-2.amazonaws.com
sb.scorecardresearch.com
secure-ds.serving-sys.com
stags.bluekai.com
stats.g.doubleclick.net
tracking.nationalfamily.com
trc-events.taboola.com
trc.taboola.com
usermatch.krxd.net
www.datadoghq-browser-agent.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.trustedsite.com
create.leadid.com
global.ib-ibi.com
kr.ixiaa.com
media.go2app.org
104.111.215.191
104.16.19.94
13.107.21.200
13.224.193.115
13.224.193.56
13.224.193.6
13.225.78.101
13.225.78.62
13.225.78.91
13.225.79.159
13.225.84.206
141.226.228.48
142.250.181.226
142.250.184.232
142.250.185.162
142.250.185.170
142.250.186.142
142.250.186.36
142.250.186.67
151.101.130.133
151.101.65.44
157.240.236.1
157.240.236.35
172.217.23.99
172.67.41.229
199.68.195.200
2.16.186.242
2.16.186.35
209.54.176.128
3.8.243.222
34.200.112.176
34.232.240.103
35.171.95.27
35.172.176.194
35.244.174.68
35.83.147.40
52.10.6.43
52.215.240.105
52.218.236.24
52.32.115.157
52.51.228.134
52.59.21.149
63.250.38.58
69.172.200.185
74.125.133.157
00402a72a1a660ef057413be1e424d1b37689da8cbd596f5cfefa74e4525ebff
025522bf9c38f61bde03fa7cbf291380b202d0a101b902d86f828bfdaec6326e
061e0a9cd479f98068c3ea96d6159a1f9f1459ecf8f3a1b234470dd130ab1860
080b58bfb270a0738da291bfc8693cbf683d222ee761597e682e29e21f6f76fc
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1121422aa828fb8f2f421b88b5d2437c78e51cd43a338094ec62ada2012887b1
17d91d1c915376da4b35938ffd2de539048f58fdbdd374acc214f8ddd3b81fec
18298b35c2c73f88892a8c2b3ce4d6503e2fd295a278a4dac7da6bebf2a4d0ca
194b96d09b060010783bec24a570deead6500e5f6c69dc8f4e6abf03864ce808
19cfca88e33cb1f56e957f1a653d3acad97f7cc927d0b2e329a80ead264578d3
1b56a85fc22d77d1f0b8af62ae52eecca77e120acea1d8cc69d3db859c3faef1
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1f3af85e9de68646bce0f2cba2a662f960d00de0fa005bfdca95ab18ef5896c1
2325fcd937bca9732281e9f4f8960d8fb5aed726265ceb609a77f50cd7039148
286f5afc6d312e1dfe7966d39b7b8fda8a3cc4ca939df32ce5764b6392c9792c
2c178845b1dce0d9c8ed05ef12de434e07facdf0a08cfd8b6dc0b51b25313ba2
38b497b910a2245a74451044e066c971ed6ea5b4010a42af0ead8770f33e618a
392ed442867566d8cbd08f7e0d9a379c49177a9c96186ad0d1eba1a316721267
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4dfe071cfba8c01d4dda21471e0680c8227f4c9c1284d5e6083b81137f8cfbfd
4e2d95df10e65f48daac2dcbad2cc0ef091610b5d5f77e4be8ad56a2e5aed241
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
5414093060cc9567ea47c9d3cedc5d98ef45d98b725bb99484636b472fea0cef
548b015b87b9926db9dd048cfa7f9789661829614afb6e2496c2089fc721df4d
54cc471e6d75456315e6685c7af0dcdee292fddb9c31d4b7b0c5f75eb668d35c
54e739d94e2c019350cffd867c30450beb4eb8e876f6ff6645bdf4f807cba063
55577367a3c1ec34e2bc5d206aecd32a33df3699a273a036194db80b9810ad42
5767c2b3068992eeebc2c8617a3707ef0ffe35715975d8b2c3309099edc02cf2
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
63c6983b4909af91e81d0c10fa36702497abe7ffd462d6ddcf060bfd2f9b8ee8
6a0f16d06bf9ac41309a737c1a0dbf17f5b0d85457a9a3ac0f5e19ef9fc07e5f
710ca36851ac8952e3b85a2bd97f956fff61ee1d75f9b405581111928daa56a2
730424a8ee7d1e0c9b0e438a59a9cbce7d7bff83e9bb31cf9f73e842825e2259
73ccfc0ff07af54bf18b31d43477b096a52c4056aee052c5da0e01abe6b1f008
74e617923cae53c9ea93b192ab7f817ddfdcf6418bb946dcd4c2b2b616549794
74ffb65858bfbc41bc12cc32c6a5e28c58491707ae8a18743c5b2d9cb569cf53
771bbd9c8902622b2e47b2057da9a85d4ea9a8a3354379110f8a04254982e9ac
77ec3c543cc7d5b2c2a11cd9bda831b626191eb1e328fa0991cd44c5deb1f41d
7973f6d4de8da495c0a4a870d6b50fff04cc246e1628364160f8486e7f3a1f3e
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c5a975637235ba4502e7d6413ca35564cf6f90a8447bcade09c5d02e7e37739
7cd7cf89b5c0bea59112818ccd69a09db2261f233260899d9519ccad5781ca1f
7cd85494eb375cc958155aca095fd0bae01e24f777c4ce4059e2edb82324618c
7db7653d04abf0a0ded4757333e8408bed75c34b02f3fc66998a5fe2b62c6a8a
7faa7f00cc64680d410dbe61d322bce1a5ec8a2e581403936afc515ff02f4988
81b6e755d92aad12779036477a9bfa9f51bd8ba7141b8606729a44aa7377f523
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
876d4947bb8c26dcb8325870c3c605771c1dff3bbbf26201c8c2adbd35361134
87792716f5eabbf122dc3c4c9487684f8195a7560a129226a176c07590e62ea2
8c0e5c2f898c9c6ae0c1aff2eca3068d28c9545f8b8c4458d912b27f93d7280a
8fb73dd6ca507503bf643848c39462bc542c3a42ea945a0d201e50225ea14b22
936790ccabd26acddebd039c54120623734e2aa82310def49cc535912338fc0c
94aeff8f49cd23fcde77f99d270d3b130a747895af72d372809e770f96b56f4c
96f2256446f3649bcc6488c029dfae0a87f675e4d807a0d800e96c02b2f5ced2
9f74593149adc21c135cc88bba9dfb21d71504ae0f2f558e0f2fe227ff98b380
a2d08f8397635ad65674cf2941ce2e6de3ea8ebd78616e90bd1bedd5b57234b1
a467ca67d9634b27d43c3a3c2a8e6b5ff89ada6b6bb52e2a8b4a7705196e4d6f
a4aa9f775af34f63386d8b4d8a14fce2225c317c3f93cbafdeb5a8524eb542a1
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab43cf929d649dba8ce38c92dec4849c8049b678fec9942ae08df5ca57757280
b8c490e04a2be43d25df6263307477469d6ef82a318809f800bedda65c4803b0
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2c6b97b95feb4fee049d7b5ea74e3471974531b3e824937281c1343bb4f10ec
c3177f4a07cebf95edea565fa7192eb3fd7a74aba63a929aeb29b58458f3e5b9
c94704f95e718fc3db47e7ab907819fb88559120101b4fa5ea409fd9532783ba
cb8a8d4ca426023f84bac549539acc3655646986bd804e470a9659fc064e5477
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
da556df4dc2e8a01fc001ae2a2446328a6615e19a40e9113a8718f0ac018d2c4
db400a95bbc4b3e604eb7e3901db714cc93bb8ed2200f0032e97106d10971278
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
df632a7d5e7c510d7ab78404f567030b9797ae2231a86a175233706faecc6aad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e608e72019a20da7d4992a440a30411a9e92d5d539be3dca17b9cda035e95abb
ea1c3eaefeb1b4e7a6d3fa97f320b3397e4f5d112afcb758e62513852b573423
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f31587f5fc513f915f5c6d2a5b178d0494902b575793b75f49148acdf63b174b
f6359cbaa3866b37a4391ac6427eaaf44ca8456d90b2dd06215061dbe0ef4f8b
f6a9ed90057ad36a18b61529450500cf51a3a6878960eace920c4e10ccd99ca9
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd48bad98bf3e2598dd0b7d13234bc487432ee069c36f225b52ae9e194a7066b