my.xcentricmold.com Open in urlscan Pro
2606:4700:10::6816:20b5 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://my.xcentricmold.com/quote#/
Effective URL:
https://my.xcentricmold.com/quote
Submission: On September 25 via api (September 25th 2020, 9:51:01 pm UTC) from US

Summary HTTP 111 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 52 IPs in 8 countries across 40 domains to perform 111 HTTP transactions. The main IP is 2606:4700:10::6816:20b5, located in United States and belongs to CLOUDFLARENET, US. The main domain is my.xcentricmold.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 5th 2020. Valid for: a year.

This is the only time my.xcentricmold.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	2606:4700:10:... 2606:4700:10::6816:20b5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:6c0... 2a02:26f0:6c00:299::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2606:4700::68... 2606:4700::6811:4f6b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	209.197.3.24 209.197.3.24	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
3	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
1	69.16.192.79 69.16.192.79	32244 (LIQUIDWEB) (LIQUIDWEB)
1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	147.75.102.203 147.75.102.203	54825 (PACKET) (PACKET)
1	2606:4700::68... 2606:4700::6811:4e6b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81a::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
1	147.75.32.125 147.75.32.125	54825 (PACKET) (PACKET)
2	2a02:26f0:6c0... 2a02:26f0:6c00:296::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	151.101.113.44 151.101.113.44	54113 (FASTLY) (FASTLY)
1	169.50.137.176 169.50.137.176	36351 (SOFTLAYER) (SOFTLAYER)
2	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
1 2	2a05:f500:10:... 2a05:f500:10:101::b93f:9105	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:819::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	169.50.137.179 169.50.137.179	36351 (SOFTLAYER) (SOFTLAYER)
4	99.86.243.116 99.86.243.116	16509 (AMAZON-02) (AMAZON-02)
5 6	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	209.128.119.223 209.128.119.223	7151 (BAYAREA-AS) (BAYAREA-AS)
1	147.75.102.197 147.75.102.197	54825 (PACKET) (PACKET)
14 20	159.253.128.188 159.253.128.188	36351 (SOFTLAYER) (SOFTLAYER)
1 1	18.132.239.61 18.132.239.61	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:4001:824::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE)
1	34.246.206.139 34.246.206.139	16509 (AMAZON-02) (AMAZON-02)
1	99.86.243.5 99.86.243.5	16509 (AMAZON-02) (AMAZON-02)
2 3	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
1 1	216.58.208.34 216.58.208.34	15169 (GOOGLE) (GOOGLE)
1 2	147.75.102.200 147.75.102.200	54825 (PACKET) (PACKET)
5	199.185.0.231 199.185.0.231	21592 (MULTIVIEW) (MULTIVIEW)
1 2	216.58.208.38 216.58.208.38	15169 (GOOGLE) (GOOGLE)
1	54.208.200.8 54.208.200.8	14618 (AMAZON-AES) (AMAZON-AES)
1	104.108.41.56 104.108.41.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	34.253.109.165 34.253.109.165	16509 (AMAZON-02) (AMAZON-02)
1 2	216.52.2.19 216.52.2.19	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	34.120.207.148 34.120.207.148	15169 (GOOGLE) (GOOGLE)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1 3	185.33.221.91 185.33.221.91	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
4	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 6	2.18.233.40 2.18.233.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	52.30.34.11 52.30.34.11	16509 (AMAZON-02) (AMAZON-02)
6 10	3.248.28.111 3.248.28.111	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 1	2a00:1288:f03... 2a00:1288:f03d:1fa::4000	10310 (YAHOO-1) (YAHOO-1)
1 2	35.157.221.90 35.157.221.90	16509 (AMAZON-02) (AMAZON-02)
111	52

25 2606:4700:10::6816:20b5 (United States)

ASN13335 (CLOUDFLARENET, US)

my.xcentricmold.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:299::1e80 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4f6b (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.197.3.24 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: vip0x018.map2.ssl.hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.192.79 (Lansing, United States)

ASN32244 (LIQUIDWEB, US)
PTR: host.varchannelmarketing.com

www.xcentricmold.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.102.203 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress15

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4e6b (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.32.125 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress4

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:296::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.113.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.176 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b0.89.32a9.ip4.static.sl-reverse.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:10:101::b93f:9105 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.179 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b3.89.32a9.ip4.static.sl-reverse.com

i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.86.243.116 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-243-116.vie50.r.cloudfront.net

yjriln3iwl.execute-api.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany) 5 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.128.119.223 (United States)

ASN7151 (BAYAREA-AS, US)
PTR: 209-128-119-223.bayarea.net

twin-iq.kickfire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.102.197 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress11

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 159.253.128.188 (Amsterdam, Netherlands) 14 redirects

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.132.239.61 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-132-239-61.eu-west-2.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.246.206.139 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-206-139.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.243.5 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-243-5.vie50.r.cloudfront.net

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:8eee:: (United States) 2 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbid.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.208.34 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s12-in-f34.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.102.200 (Central, Hong Kong) 1 redirects

ASN54825 (PACKET, US)

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 199.185.0.231 (United States)

ASN21592 (MULTIVIEW, US)

www.rumiview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.208.38 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s12-in-f38.1e100.net

10117150.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.208.200.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-200-8.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.41.56 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-41-56.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.253.109.165 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-109-165.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.19 (United States) 1 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.207.148 (United States)

ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, NL)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.91 (Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.18.233.40 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-40.deploy.static.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.34.11 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-34-11.eu-west-1.compute.amazonaws.com

d.adroll.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 3.248.28.111 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-28-111.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:f03d:1fa::4000 (United Kingdom) 1 redirects

ASN10310 (YAHOO-1, US)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.221.90 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-221-90.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	xcentricmold.com my.xcentricmold.com www.xcentricmold.com	1 MB
22	simpli.fi 14 redirects tag.simpli.fi i.simpli.fi um.simpli.fi	14 KB
16	adroll.com 7 redirects s.adroll.com d.adroll.com	24 KB
9	doubleclick.net 6 redirects stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net 10117150.fls.doubleclick.net	5 KB
6	taboola.com cdn.taboola.com trc.taboola.com trc-events.taboola.com	23 KB
5	rumiview.com www.rumiview.com	80 KB
4	amazonaws.com yjriln3iwl.execute-api.us-east-1.amazonaws.com	17 KB
4	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com	73 KB
3	openx.net 1 redirects us-u.openx.net	586 B
3	adnxs.com 1 redirects ib.adnxs.com	3 KB
3	pro-market.net 2 redirects fei.pro-market.net pbid.pro-market.net	1 KB
3	google.de www.google.de	732 B
3	google.com 1 redirects www.google.com	940 B
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	google-analytics.com www.google-analytics.com	50 KB
3	fontawesome.com use.fontawesome.com	13 KB
3	googletagmanager.com www.googletagmanager.com	121 KB
2	bidswitch.net 1 redirects x.bidswitch.net	1003 B
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	lijit.com 1 redirects ce.lijit.com	968 B
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net	975 B
2	exelator.com 1 redirects loadm.exelator.com	2 KB
2	kickfire.com twin-iq.kickfire.com	998 B
2	bing.com bat.bing.com	8 KB
2	licdn.com snap.licdn.com	3 KB
2	googleadservices.com 1 redirects www.googleadservices.com	13 KB
2	jquery.com code.jquery.com	130 KB
2	cloudflare.com cdnjs.cloudflare.com	82 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com	39 KB
1	yahoo.com 1 redirects ads.yahoo.com	734 B
1	facebook.net connect.facebook.net	34 KB
1	consensu.org 1 redirects d.adroll.mgr.consensu.org	137 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	rlcdn.com idsync.rlcdn.com	66 B
1	bluekai.com stags.bluekai.com	329 B
1	bfmio.com sync.bfmio.com	421 B
1	intentiq.com sync.intentiq.com
1	agkn.com 1 redirects aa.agkn.com	318 B
1	jsdelivr.net cdn.jsdelivr.net	2 KB
1	adobedtm.com assets.adobedtm.com	18 KB
111	40

	Domain	Requested by
25	my.xcentricmold.com	my.xcentricmold.com
20	um.simpli.fi	14 redirects my.xcentricmold.com
10	d.adroll.com	6 redirects
6	s.adroll.com	1 redirects my.xcentricmold.com s.adroll.com d.adroll.com
5	www.rumiview.com	my.xcentricmold.com
4	trc-events.taboola.com	cdn.taboola.com
4	cm.g.doubleclick.net	4 redirects
4	yjriln3iwl.execute-api.us-east-1.amazonaws.com	my.xcentricmold.com
3	us-u.openx.net	1 redirects my.xcentricmold.com
3	ib.adnxs.com	1 redirects my.xcentricmold.com
3	www.google.de	my.xcentricmold.com
3	www.google.com	1 redirects my.xcentricmold.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	use.fontawesome.com	my.xcentricmold.com use.fontawesome.com
3	www.googletagmanager.com	my.xcentricmold.com assets.adobedtm.com
2	x.bidswitch.net	1 redirects
2	sync.search.spotxchange.com	1 redirects my.xcentricmold.com
2	ce.lijit.com	1 redirects my.xcentricmold.com
2	bcp.crwdcntrl.net	1 redirects my.xcentricmold.com
2	10117150.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	loadm.exelator.com	1 redirects my.xcentricmold.com
2	fei.pro-market.net	2 redirects
2	twin-iq.kickfire.com	assets.adobedtm.com my.xcentricmold.com
2	bat.bing.com	my.xcentricmold.com
2	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
2	px.ads.linkedin.com	1 redirects my.xcentricmold.com
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	www.googleadservices.com	1 redirects my.xcentricmold.com
2	code.jquery.com	my.xcentricmold.com
2	cdnjs.cloudflare.com	my.xcentricmold.com cdnjs.cloudflare.com
2	stackpath.bootstrapcdn.com	my.xcentricmold.com
1	ads.yahoo.com	1 redirects
1	connect.facebook.net	d.adroll.com
1	d.adroll.mgr.consensu.org	1 redirects
1	pixel.rubiconproject.com	my.xcentricmold.com
1	idsync.rlcdn.com	my.xcentricmold.com
1	stags.bluekai.com	my.xcentricmold.com
1	sync.bfmio.com	my.xcentricmold.com
1	pbid.pro-market.net	my.xcentricmold.com
1	sync.intentiq.com	my.xcentricmold.com
1	in.hotjar.com	script.hotjar.com
1	trc.taboola.com	cdn.taboola.com
1	aa.agkn.com	1 redirects
1	vars.hotjar.com	static.hotjar.com
1	i.simpli.fi	tag.simpli.fi
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.linkedin.com	1 redirects
1	tag.simpli.fi	www.googletagmanager.com
1	cdn.taboola.com	my.xcentricmold.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	my.xcentricmold.com
1	www.xcentricmold.com	my.xcentricmold.com
1	cdn.jsdelivr.net	my.xcentricmold.com
1	assets.adobedtm.com	my.xcentricmold.com
111	54

This site contains links to these domains. Also see Links.

Domain
www.xcentricmold.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-05` - `2021-08-05`	a year	crt.sh
assets.adobedtm.com DigiCert SHA2 High Assurance Server CA	`2019-10-22` - `2021-10-01`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
cdnjs.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-12` - `2022-08-17`	2 years	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-09-21` - `2021-04-17`	7 months	crt.sh
*.fontawesome.com DigiCert SHA2 Secure Server CA	`2019-10-28` - `2020-12-23`	a year	crt.sh
www.xcentricmold.com Let's Encrypt Authority X3	`2020-07-30` - `2020-10-28`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2020-08-16` - `2020-11-14`	3 months	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2020-08-17` - `2020-11-15`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.taboola.com DigiCert SHA2 Secure Server CA	`2020-08-10` - `2021-12-31`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-08-05` - `2021-02-05`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.execute-api.us-east-1.amazonaws.com Amazon	`2019-11-28` - `2020-12-28`	a year	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
twin-iq.kickfire.com Sectigo RSA Domain Validation Secure Server CA	`2019-03-11` - `2021-03-10`	2 years	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2020-08-15` - `2020-11-13`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.hotjar.com Amazon	`2020-08-29` - `2021-09-28`	a year	crt.sh
*.intentiq.com Amazon	`2020-04-10` - `2021-05-10`	a year	crt.sh
*.pro-market.net Gandi Standard SSL CA 2	`2020-07-22` - `2022-08-20`	2 years	crt.sh
*.exelator.com Go Daddy Secure Certificate Authority - G2	`2019-05-17` - `2021-06-25`	2 years	crt.sh
www.rumiview.com Go Daddy Secure Certificate Authority - G2	`2019-04-10` - `2021-04-10`	2 years	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.bfmio.com Amazon	`2020-06-14` - `2021-07-14`	a year	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-04-14` - `2021-04-10`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2019-06-13` - `2021-06-28`	2 years	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-14` - `2021-04-23`	a year	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2019-03-20` - `2021-04-21`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.adroll.com DigiCert SHA2 Secure Server CA	`2020-01-29` - `2021-04-29`	a year	crt.sh
adroll.mgr.consensu.org Amazon	`2019-11-06` - `2020-12-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-09-11` - `2020-12-10`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh

This page contains 3 frames:

Primary Page: https://my.xcentricmold.com/quote
Frame ID: D22EDF4A2E982A829E5B6EE18F6E077D
Requests: 108 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: EF2DE36643E9BD1E3B6B759CBF8CAC20
Requests: 1 HTTP requests in this frame

Frame: https://10117150.fls.doubleclick.net/activityi;dc_pre=CPSa0OukhewCFY3FuwgdXKgMVw;src=10117150;type=siter0;cat=siter0;ord=9314506666321;gtm=2od9g1;auiddc=1129983163.1601070617;~oref=https%3A%2F%2Fmy.xcentricmold.com%2Fquote
Frame ID: D040FF1C3727D500EF8EE6224AB98A76
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://my.xcentricmold.com/quote HTTP 307
https://my.xcentricmold.com/quote Page URL

Page Statistics

111
Requests

100 %
HTTPS

40 %
IPv6

40
Domains

54
Subdomains

52
IPs

8
Countries

1900 kB
Transfer

6516 kB
Size

20
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.xcentricmold.com/
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://my.xcentricmold.com/quote HTTP 307
https://my.xcentricmold.com/quote Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1230514&time=1601070617103&url=https%3A%2F%2Fmy.xcentricmold.com%2Fquote%23%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1230514%26time%3D1601070617103%26url%3Dhttps%253A%252F%252Fmy.xcentricmold.com%252Fquote%2523%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1230514&time=1601070617103&url=https%3A%2F%2Fmy.xcentricmold.com%2Fquote%23%2F&liSync=true

Request Chain 60

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=B0C7B3B546A3471182D6E8DE0623241E HTTP 302
https://um.simpli.fi/aa_px?sk=164890303555001781391

Request Chain 67

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=B0C7B3B546A3471182D6E8DE0623241E

Request Chain 70

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=B0C7B3B546A3471182D6E8DE0623241E;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=B0C7B3B546A3471182D6E8DE0623241E;mimetype=img;sr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datonics&google_cm&google_sc HTTP 302
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEFFDycNE40cYZRshJif0TDU&google_cver=1

Request Chain 71

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=B0C7B3B546A3471182D6E8DE0623241E&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=B0C7B3B546A3471182D6E8DE0623241E&j=0&xl8blockcheck=1

Request Chain 74

https://10117150.fls.doubleclick.net/activityi;src=10117150;type=siter0;cat=siter0;ord=9314506666321;gtm=2od9g1;auiddc=1129983163.1601070617;~oref=https%3A%2F%2Fmy.xcentricmold.com%2Fquote HTTP 302
https://10117150.fls.doubleclick.net/activityi;dc_pre=CPSa0OukhewCFY3FuwgdXKgMVw;src=10117150;type=siter0;cat=siter0;ord=9314506666321;gtm=2od9g1;auiddc=1129983163.1601070617;~oref=https%3A%2F%2Fmy.xcentricmold.com%2Fquote

Request Chain 78

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=B0C7B3B546A3471182D6E8DE0623241E

Request Chain 79

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=B0C7B3B546A3471182D6E8DE0623241E

Request Chain 80

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=B0C7B3B546A3471182D6E8DE0623241E HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=B0C7B3B546A3471182D6E8DE0623241E

Request Chain 81

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=B0C7B3B546A3471182D6E8DE0623241E HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=B0C7B3B546A3471182D6E8DE0623241E&dnr=1

Request Chain 82

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=B0C7B3B546A3471182D6E8DE0623241E

Request Chain 83

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1601070617208&cv=7&fst=1601070617208&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1096724973&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=GmZuX5CMLcSwlQfLr6XYCw&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=1096724973&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=GmZuX5CMLcSwlQfLr6XYCw&cid=CAQSKQCNIrLMKifFMZ7eD7YfTxldLpjWkdZaQ6KTWQEoHZV6cYkpbmHnmjfl&random=2882873480 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=1096724973&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=GmZuX5CMLcSwlQfLr6XYCw&cid=CAQSKQCNIrLMKifFMZ7eD7YfTxldLpjWkdZaQ6KTWQEoHZV6cYkpbmHnmjfl&random=2882873480&ipr=y

Request Chain 84

https://um.simpli.fi/spotx_match HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=B0C7B3B546A3471182D6E8DE0623241E HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=B0C7B3B546A3471182D6E8DE0623241E&__user_check__=1&sync_id=1a76bb02-ff79-11ea-9040-1bbe6fc51c06

Request Chain 85

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=B0C7B3B546A3471182D6E8DE0623241E HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DB0C7B3B546A3471182D6E8DE0623241E

Request Chain 86

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=B0C7B3B546A3471182D6E8DE0623241E&expires=365

Request Chain 87

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=B0C7B3B546A3471182D6E8DE0623241E HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=B0C7B3B546A3471182D6E8DE0623241E

Request Chain 88

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEJ3T504BcqbN_3OgL4AWuug&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B0C7B3B546A3471182D6E8DE0623241E HTTP 302
https://um.simpli.fi/g_match?id=

Request Chain 93

https://s.adroll.com/j/exp/HVGJFLP3UFFGVOCJHA63RP/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 95

https://d.adroll.mgr.consensu.org/consent/iabcheck/HVGJFLP3UFFGVOCJHA63RP?_s=131f40bcf75b20fd1302ee60a6cdc40a&_b=2 HTTP 302
https://d.adroll.com/consent/check/HVGJFLP3UFFGVOCJHA63RP/?_s=131f40bcf75b20fd1302ee60a6cdc40a&_b=2

Request Chain 96

https://d.adroll.com/pixel/HVGJFLP3UFFGVOCJHA63RP/SETETOF5DRFLHBDVXCRJPC?adroll_fpc=d9fcbbf718461e0816e151962aeeb621-1601070621466&arrfrr=https%3A%2F%2Fmy.xcentricmold.com%2Fquote&xid_ch=f&pv=16462139902.521854&cookie=&adroll_s_ref=&keyw= HTTP 302
https://s.adroll.com/pixel/HVGJFLP3UFFGVOCJHA63RP/SETETOF5DRFLHBDVXCRJPC/UMRHNEJ4K5BGJHIYYMDOFH.js

Request Chain 99

https://d.adroll.com/cm/r/out?adroll_fpc=d9fcbbf718461e0816e151962aeeb621-1601070621466&arrfrr=https%3A%2F%2Fmy.xcentricmold.com%2Fquote&xid_ch=f&advertisable=HVGJFLP3UFFGVOCJHA63RP HTTP 302
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 100

https://d.adroll.com/cm/b/out?adroll_fpc=d9fcbbf718461e0816e151962aeeb621-1601070621466&arrfrr=https%3A%2F%2Fmy.xcentricmold.com%2Fquote&xid_ch=f&advertisable=HVGJFLP3UFFGVOCJHA63RP HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=MTYzMWVlMzE5NDgzOGVjMTY2YTNlYmJkYTY2NDZmNDM HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MTYzMWVlMzE5NDgzOGVjMTY2YTNlYmJkYTY2NDZmNDM

Request Chain 101

https://d.adroll.com/cm/x/out?adroll_fpc=d9fcbbf718461e0816e151962aeeb621-1601070621466&arrfrr=https%3A%2F%2Fmy.xcentricmold.com%2Fquote&xid_ch=f&advertisable=HVGJFLP3UFFGVOCJHA63RP HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=MTYzMWVlMzE5NDgzOGVjMTY2YTNlYmJkYTY2NDZmNDM

Request Chain 103

https://d.adroll.com/cm/o/out?adroll_fpc=d9fcbbf718461e0816e151962aeeb621-1601070621466&arrfrr=https%3A%2F%2Fmy.xcentricmold.com%2Fquote&xid_ch=f&advertisable=HVGJFLP3UFFGVOCJHA63RP HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=1631ee3194838ec166a3ebbda6646f43

Request Chain 104

https://d.adroll.com/cm/g/out?adroll_fpc=d9fcbbf718461e0816e151962aeeb621-1601070621466&arrfrr=https%3A%2F%2Fmy.xcentricmold.com%2Fquote&xid_ch=f&advertisable=HVGJFLP3UFFGVOCJHA63RP&google_nid=adroll5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=FjHuMZSDjsFmo-u9pmRvQw HTTP 302
https://d.adroll.com/cm/g/in

111 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request quote Show response
my.xcentricmold.com/
Redirect Chain

http://my.xcentricmold.com/quote
https://my.xcentricmold.com/quote

10 KB
4 KB

527ms
500ms

Document
text/html

2606:4700:10::6816:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xcentricmold.com/quote

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/5.5.9-1ubuntu4.29

Resource Hash

b8b566c79905fe25fa900ace7920bdafd068faef5779bd4e90d064627fa59738

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:method: GET
:authority: my.xcentricmold.com
:scheme: https
:path: /quote
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 25 Sep 2020 21:50:16 GMT
content-type: text/html
set-cookie: __cfduid=d112eba516ac2efef29a2e61789613d281601070615; expires=Sun, 25-Oct-20 21:50:15 GMT; path=/; domain=.xcentricmold.com; HttpOnly; SameSite=Lax PHPSESSID=pv2ucu089tvtamgs2floji12v0; path=/
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-powered-by: PHP/5.5.9-1ubuntu4.29
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
cf-request-id: 0568d7e55a0000646d6f37a200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5d87f5b55fa2646d-FRA
content-encoding: gzip

Redirect headers

Location: https://my.xcentricmold.com/quote#/
Non-Authoritative-Reason: HSTS

GET
H2 200 app.f5001c8e.css
my.xcentricmold.com/css/ 10 KB
3 KB 505ms
498ms Stylesheet
text/css 2606:4700:10::6816:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xcentricmold.com/css/app.f5001c8e.css?v=1.5

Requested by

Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06b3b513c3819d1d61cbbf0447fbd231a8d87ac8a037b921711581da6303b0a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:16 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: MISS
status: 200
content-length: 2446
cf-request-id: 0568d7e75f0000646d6f383200000001
last-modified: Thu, 10 Sep 2020 17:06:55 GMT
server: cloudflare
etag: "2614-5aef8985f177a-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 5d87f5b8988b646d-FRA
expires: Sun, 25 Oct 2020 21:50:16 GMT

GET
H2 200 chunk-vendors.7708776e.css
my.xcentricmold.com/css/ 251 KB
34 KB 32ms
25ms Stylesheet
text/css 2606:4700:10::6816:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xcentricmold.com/css/chunk-vendors.7708776e.css

Requested by

Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f64ce2c4ca5c9f7db4cad68b9716f781ee971ac6a4af56ab542f2dafa29bb9b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:16 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 1874
status: 200
content-length: 34686
cf-request-id: 0568d7e75f0000646d6f384200000001
last-modified: Thu, 10 Sep 2020 17:06:55 GMT
server: cloudflare
etag: "3ec00-5aef89864e3a3-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 5d87f5b8988d646d-FRA
expires: Sun, 25 Oct 2020 21:19:02 GMT

GET
H2 200 app.9f753486.js Show response
my.xcentricmold.com/js/ 448 KB
88 KB 510ms
503ms Script
application/javascript 2606:4700:10::6816:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xcentricmold.com/js/app.9f753486.js?v=1.5

Requested by

Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af543a923c6d604fc231d939cb216145d75342589652b74c755ed3936fad3c7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:16 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 10 Sep 2020 17:06:32 GMT
server: cloudflare
etag: "701f2-5aef89702c0b9-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
cache-control: public, max-age=2592000
strict-transport-security: max-age=31536000; includeSubdomains; preload
cf-ray: 5d87f5b89890646d-FRA
cf-request-id: 0568d7e75f0000646d6f387200000001
expires: Thu, 24 Dec 2020 21:50:16 GMT

GET
H2 200 chunk-vendors.a6c2e7fb.js Show response
my.xcentricmold.com/js/ 2 MB
538 KB 23ms
16ms Script
application/javascript 2606:4700:10::6816:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xcentricmold.com/js/chunk-vendors.a6c2e7fb.js

Requested by

Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11f56780a72a1976246b4858bc5df226e0d5fd245355d79c8b761cdec5643a1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:16 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 1874
status: 200
cf-request-id: 0568d7e75f0000646d6f388200000001
last-modified: Thu, 10 Sep 2020 17:06:36 GMT
server: cloudflare
etag: "1c5973-5aef89748336e-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 5d87f5b89893646d-FRA
expires: Thu, 24 Dec 2020 21:19:02 GMT

GET
H2 200 launch-513a6858baea.min.js Show response
assets.adobedtm.com/175f7caa2b90/9c890159ef9e/ 58 KB
18 KB 26ms
8ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/175f7caa2b90/9c890159ef9e/launch-513a6858baea.min.js
Requested by: Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 98d90eb629ba95d919f158bdcff101b6f4825039002c0000bde3653b44077812

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:16 GMT
content-encoding: gzip
last-modified: Fri, 11 Sep 2020 17:46:03 GMT
server: AkamaiNetStorage
status: 200
etag: "dc0f014177668bfee291f081d895e9fc:1599846363.094728"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://my.xcentricmold.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 17982
expires: Fri, 25 Sep 2020 22:50:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 38ms
35ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-2746449-2

Requested by

Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

82f2fc653228d156bf124fb892ba26b90465d3b623423df0ee1b3a4b593f15ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:16 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36412
x-xss-protection: 0
last-modified: Fri, 25 Sep 2020 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 25 Sep 2020 21:50:16 GMT

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/ 156 KB
23 KB 278ms
8ms Stylesheet
text/css 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css

Requested by

Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 28 Nov 2019 17:52:46 GMT
status: 200
etag: "1574963566"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 23681

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 21ms
15ms Stylesheet
text/css 2606:4700::6811:4f6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:16 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 772629
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
cf-request-id: 0568d7e75f00006371bf973200000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
etag: "5eb03e5f-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5d87f5b89c946371-FRA
expires: Wed, 15 Sep 2021 21:50:16 GMT

GET
H2 200 jquery-ui.css
code.jquery.com/ui/1.12.1/themes/base/ 35 KB
8 KB 376ms
25ms Stylesheet
text/css 209.197.3.24
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css
Requested by: Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 209.197.3.24 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: vip0x018.map2.ssl.hwcdn.net
Software: nginx /
Resource Hash: 44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:16 GMT
content-encoding: gzip
last-modified: Wed, 14 Sep 2016 16:34:16 GMT
server: nginx
status: 200
etag: W/"57d97c08-8c85"
vary: Accept-Encoding
x-hw: 1601070616.dop007.lo4.t,1601070616.cds207.lo4.hn,1601070616.cds049.lo4.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 8323

GET
H2 200 select2.min.css
cdn.jsdelivr.net/npm/select2@4.0.13/dist/css/ 15 KB
2 KB 27ms
7ms Stylesheet
text/css 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/select2@4.0.13/dist/css/select2.min.css

Requested by

Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

15d6ad4dfdb43d0affad683e70029f97a8f8fc8637a28845009ee0542dccdf81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 5035710
x-cache: HIT, HIT
status: 200
content-length: 1994
etag: W/"3a76-rlc1Vi+qvRotmAO7179MUCteT1E"
x-served-by: cache-fra19170-FRA, cache-hhn4026-HHN
date: Fri, 25 Sep 2020 21:50:16 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 style.css
my.xcentricmold.com/xcentric-css/ 35 KB
6 KB 31ms
26ms Stylesheet
text/css 2606:4700:10::6816:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xcentricmold.com/xcentric-css/style.css

Requested by

Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2839b46c20c66edda55dd2a9afdaba6116e89e82ff3ba4f063eff1718bd251c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:16 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 1874
status: 200
content-length: 6064
cf-request-id: 0568d7e75f0000646d6f385200000001
last-modified: Thu, 30 Jul 2020 15:18:43 GMT
server: cloudflare
etag: "8ac3-5abaa3017c754-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 5d87f5b8988e646d-FRA
expires: Sun, 25 Oct 2020 21:19:02 GMT

GET
H2 200 dropzone.css
my.xcentricmold.com/xcentric-css/ 12 KB
2 KB 30ms
25ms Stylesheet
text/css 2606:4700:10::6816:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xcentricmold.com/xcentric-css/dropzone.css

Requested by

Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd213e433d91bc86b980e1d2352e743144d3cd100e611100e7e0ce98c3453d89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:16 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 1874
status: 200
content-length: 1795
cf-request-id: 0568d7e75f0000646d6f386200000001
last-modified: Thu, 30 Jul 2020 15:18:37 GMT
server: cloudflare
etag: "31ec-5abaa2fc6cbe9-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 5d87f5b8988f646d-FRA
expires: Sun, 25 Oct 2020 21:19:02 GMT

GET
H2 200 jquery-3.4.1.min.js Show response
my.xcentricmold.com/xcentric-js/ 86 KB
30 KB 30ms
26ms Script
application/javascript 2606:4700:10::6816:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xcentricmold.com/xcentric-js/jquery-3.4.1.min.js

Requested by

Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:16 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 1874
status: 200
content-length: 30597
cf-request-id: 0568d7e75f0000646d6f389200000001
last-modified: Thu, 30 Jul 2020 15:18:48 GMT
server: cloudflare
etag: "15850-5abaa306a2a12-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 5d87f5b89895646d-FRA
expires: Thu, 24 Dec 2020 21:19:02 GMT

GET
H2 200 jquery-ui.js Show response
code.jquery.com/ui/1.12.1/ 509 KB
122 KB 375ms
25ms Script
application/javascript 209.197.3.24
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/jquery-ui.js
Requested by: Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 209.197.3.24 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: vip0x018.map2.ssl.hwcdn.net
Software: nginx /
Resource Hash: 4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:16 GMT
content-encoding: gzip
last-modified: Wed, 14 Sep 2016 16:34:16 GMT
server: nginx
status: 200
etag: W/"57d97c08-7f20a"
vary: Accept-Encoding
x-hw: 1601070616.dop007.lo4.t,1601070616.cds207.lo4.hn,1601070616.cds059.lo4.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 124434

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/ 59 KB
16 KB 281ms
14ms Script
text/javascript 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js

Requested by

Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 28 Nov 2019 17:52:52 GMT
status: 200
etag: "1574963572"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 15919

GET
H2 200 custom.js Show response
my.xcentricmold.com/xcentric-js/ 1 KB
730 B 17ms
13ms Script
application/javascript 2606:4700:10::6816:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xcentricmold.com/xcentric-js/custom.js

Requested by

Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd36a140799c0addac5cb2b2787a416d0af8769790b0be7d303898c4416fd800

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:16 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 1874
status: 200
content-length: 524
cf-request-id: 0568d7e75f0000646d6f38a200000001
last-modified: Thu, 30 Jul 2020 15:18:47 GMT
server: cloudflare
etag: "473-5abaa306008b1-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 5d87f5b89896646d-FRA
expires: Thu, 24 Dec 2020 21:19:02 GMT

GET
H2 200 dropzone.min.js Show response
my.xcentricmold.com/xcentric-js/ 47 KB
13 KB 31ms
27ms Script
application/javascript 2606:4700:10::6816:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xcentricmold.com/xcentric-js/dropzone.min.js

Requested by

Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

386ff5d37c1787a5c8355d3a2533eca7336028d6bf8e73f52e33cfe58dd74036

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:16 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 1874
status: 200
content-length: 13569
cf-request-id: 0568d7e7610000646d6f38b200000001
last-modified: Thu, 30 Jul 2020 15:18:48 GMT
server: cloudflare
etag: "bc15-5abaa306586bd-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 5d87f5b89899646d-FRA
expires: Thu, 24 Dec 2020 21:19:02 GMT

GET
H2 200 cc1f455218.js Show response
use.fontawesome.com/ 9 KB
4 KB 49ms
14ms Script
text/javascript 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/cc1f455218.js
Requested by: Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: a14de730c9ef0042af2d62f509232c21d50c26f3f15b37c13245775c8b66fddf

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:16 GMT
content-encoding: gzip
last-modified: Thu, 15 Aug 2019 20:18:54 GMT
server: NetDNA-cache/2.2
x-amz-request-id: 74006DB3A98FB61F
etag: W/"72d2b4f5f035440c8607c755c84661eb"
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=0, private, must-revalidate
x-amz-id-2: 9Rl5+ZTHBjrbjX1KKXcKKoRMClNPmZc4xVfbhwDr+3P6yRNkDOeqpEbQaGKoWPjzSu+5/WQSVPM=

GET
H2 200 logo.png
www.xcentricmold.com/wp-content/uploads/2020/02/ 7 KB
7 KB 366ms
118ms Image
image/png 69.16.192.79
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xcentricmold.com/wp-content/uploads/2020/02/logo.png
Requested by: Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.192.79 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.varchannelmarketing.com
Software: Apache/2.4.46 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash: c0ad438be933312363a10b5de50018c8f1a398b833857c217b00eeac9f562cd2

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:17 GMT
last-modified: Wed, 05 Feb 2020 11:58:48 GMT
server: Apache/2.4.46 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4 mod_fcgid/2.3.9
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 6976
expires: Sat, 23 Jan 2021 21:50:17 GMT

GET
H2 200 xeogl.js Show response
my.xcentricmold.com/js/ 1 MB
189 KB 19ms
18ms Script
application/javascript 2606:4700:10::6816:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xcentricmold.com/js/xeogl.js

Requested by

Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13d40fd2c71c7a45298b0dbb1afdb0c0143de83f6619625eb22950f500627764

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:16 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 1872
status: 200
cf-request-id: 0568d7e9530000646d6f395200000001
last-modified: Thu, 10 Sep 2020 17:06:39 GMT
server: cloudflare
etag: "1295b0-5aef8976fedda-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 5d87f5bbb9ae646d-FRA
expires: Thu, 24 Dec 2020 21:19:04 GMT

GET
H2 200 glTFModel.js Show response
my.xcentricmold.com/js/ 63 KB
12 KB 16ms
12ms Script
application/javascript 2606:4700:10::6816:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xcentricmold.com/js/glTFModel.js

Requested by

Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4236ee2bb45d537519d85737b4ae332cf8182a36686144e110ef6d18b702659

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:16 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 1872
status: 200
content-length: 11747
cf-request-id: 0568d7e9750000646d6f399200000001
last-modified: Thu, 10 Sep 2020 17:06:38 GMT
server: cloudflare
etag: "fb4f-5aef897605e0c-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 5d87f5bbe9b8646d-FRA
expires: Thu, 24 Dec 2020 21:19:04 GMT

GET
H2 200 axisHelper.js Show response
my.xcentricmold.com/js/ 10 KB
2 KB 22ms
18ms Script
application/javascript 2606:4700:10::6816:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xcentricmold.com/js/axisHelper.js

Requested by

Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d630bbe7973e178d37c77da1a8252d1599867b390fc2b9d4dab35ea93e48c61e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:16 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 1872
status: 200
content-length: 2011
cf-request-id: 0568d7e9750000646d6f39a200000001
last-modified: Thu, 10 Sep 2020 17:06:32 GMT
server: cloudflare
etag: "27f4-5aef8970e496d-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 5d87f5bbe9b9646d-FRA
expires: Thu, 24 Dec 2020 21:19:04 GMT

GET
H2 200 aabbHelper.js Show response
my.xcentricmold.com/js/ 2 KB
1007 B 15ms
12ms Script
application/javascript 2606:4700:10::6816:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xcentricmold.com/js/aabbHelper.js

Requested by

Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5aa5664e8f4b3930099bde87b1dfa0a122f12cc98ca2b541b315f03e48f90c21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:16 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 1872
status: 200
content-length: 828
cf-request-id: 0568d7e9750000646d6f39b200000001
last-modified: Thu, 10 Sep 2020 17:06:32 GMT
server: cloudflare
etag: "8fa-5aef8970be823-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 5d87f5bbe9ba646d-FRA
expires: Thu, 24 Dec 2020 21:19:03 GMT

GET
H2 200 vectorTextGeometry.js Show response
my.xcentricmold.com/js/ 47 KB
5 KB 14ms
11ms Script
application/javascript 2606:4700:10::6816:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xcentricmold.com/js/vectorTextGeometry.js

Requested by

Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2eb0576b8242d1af9c686479e912f199022b4eb97440bb7e557725d864fb437f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:16 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 1871
status: 200
content-length: 4409
cf-request-id: 0568d7e9750000646d6f39c200000001
last-modified: Thu, 10 Sep 2020 17:06:38 GMT
server: cloudflare
etag: "bc65-5aef8976975d7-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 5d87f5bbe9bb646d-FRA
expires: Thu, 24 Dec 2020 21:19:05 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 29 KB
12 KB 84ms
30ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

fd63d6a5ec44215e50612d8bea8eff0a12f5d4981ab6745db8d8479f7c102845

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11416
x-xss-protection: 0
server: cafe
etag: 7270336119834106254
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 25 Sep 2020 21:50:17 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 160 KB
49 KB 48ms
46ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NT2P3DN

Requested by

Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aebcb27af74242c98c3d20a5ce442bb161534d5e5a3c6792bff486138164fac4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:16 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50583
x-xss-protection: 0
last-modified: Fri, 25 Sep 2020 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 25 Sep 2020 21:50:16 GMT

GET
H2 200 hotjar-891230.js Show response
static.hotjar.com/c/ 4 KB
2 KB 75ms
39ms Script
application/javascript 147.75.102.203
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-891230.js?sv=6

Requested by

Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.102.203 Central, Hong Kong, ASN54825 (PACKET, US),

Reverse DNS

pkt-ams-k2-shared-ingress15

Software

Resource Hash

ff5bdcddce02986cd37f25c5c2a9d0eab7dbfb92186d8ced8b770b6261a0715c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:17 GMT
content-encoding: br
x-content-type-options: nosniff
section-io-tag: hotjarjs
age: 0
status: 200
section-io-cache: Miss
vary: Accept-Encoding
content-length: 1848
cache-control: max-age=60
etag: W/212709bc01d5d92c623d0389adafadbb
access-control-max-age: 600
section-io-origin-status: 200
access-control-allow-origin: *
x-cache-hit: 1
section-io-origin-time-seconds: 0.018
section-io-id: 4a3b2a924ebe92b7ec57852bf157e150
accept-ranges: bytes
content-type: application/javascript
section-origin-responded: true

GET
H2 200 chunk-52aadb39.2be1aec3.css
my.xcentricmold.com/css/ 0
265 B 19ms
16ms Other
text/css 2606:4700:10::6816:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xcentricmold.com/css/chunk-52aadb39.2be1aec3.css

Requested by

Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:16 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 1872
status: 200
content-length: 102
cf-request-id: 0568d7e9760000646d6f39d200000001
last-modified: Thu, 10 Sep 2020 17:06:55 GMT
server: cloudflare
etag: "61-5aef898616924-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 5d87f5bbf9bc646d-FRA
expires: Sun, 25 Oct 2020 21:19:04 GMT

GET
H2 200 chunk-52aadb39.5f2ab829.js
my.xcentricmold.com/js/ 0
143 KB 23ms
20ms Other
application/javascript 2606:4700:10::6816:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xcentricmold.com/js/chunk-52aadb39.5f2ab829.js

Requested by

Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:16 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 1871
status: 200
cf-request-id: 0568d7e9760000646d6f39e200000001
last-modified: Thu, 10 Sep 2020 17:06:34 GMT
server: cloudflare
etag: "90575-5aef8972b07c0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 5d87f5bbf9bd646d-FRA
expires: Thu, 24 Dec 2020 21:19:05 GMT

GET
H2 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 32ms
12ms Font
application/octet-stream 2606:4700::6811:4e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Origin: https://my.xcentricmold.com
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:16 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1380411
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
cf-request-id: 0568d7e9840000d6f1ae886200000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
etag: "5eb03e5f-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5d87f5bc0be4d6f1-FRA
expires: Wed, 15 Sep 2021 21:50:16 GMT

GET
H2 200 cc1f455218.css
use.fontawesome.com/ 1 KB
685 B 18ms
14ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/cc1f455218.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/cc1f455218.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 0dfaf3831bf0dc1d82ceb28545afb555ee1fcc71ce40ca70e54aa3d960cbd4d6

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:16 GMT
content-encoding: gzip
last-modified: Thu, 15 Aug 2019 20:18:54 GMT
server: NetDNA-cache/2.2
x-amz-request-id: 7F0DB34EC5B3D4BC
etag: W/"359d7543d04fd976e44c28ac02e1f5a7"
x-cache: HIT
content-type: text/css
status: 200
cache-control: max-age=0, private, must-revalidate
x-amz-id-2: qkPk/mBxcNx3FUzH3BLgfQjoVT6vqt3WV6XiV3SPhNa6gB0owcBLzczkw3nY5ZR3jW5sTua6/WU=

GET
H2 200 font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 30 KB
8 KB 16ms
15ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/cc1f455218.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

Referer: https://use.fontawesome.com/cc1f455218.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:16 GMT
content-encoding: gzip
last-modified: Tue, 25 Oct 2016 17:21:58 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"36082410df2ef7f83932219089dc1443"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 40ms
26ms Script
application/javascript 2a00:1450:4001:81a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10117150

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/175f7caa2b90/9c890159ef9e/launch-513a6858baea.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5522f99f1b1c57cab7fd63819c18da418500037b4b02e018f8d0d692caee2be3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:17 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36421
x-xss-protection: 0
last-modified: Fri, 25 Sep 2020 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 25 Sep 2020 21:50:17 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-2746449-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 4596
date: Fri, 25 Sep 2020 20:33:41 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Fri, 25 Sep 2020 22:33:41 GMT

GET
H2 200 modules.94fbf54e63238ed34ad8.js Show response
script.hotjar.com/ 360 KB
70 KB 51ms
16ms Script
application/javascript 147.75.32.125
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.94fbf54e63238ed34ad8.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-891230.js?sv=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.32.125 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress4
Software: /
Resource Hash: a5e260f8d1d46595c71cf35eb09243ef8ee32453ff9fe49ea9c5ac6d3919f721

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:17 GMT
content-encoding: br
age: 28849
status: 200
section-io-cache: Hit
content-length: 71526
last-modified: Fri, 25 Sep 2020 13:45:49 GMT
etag: "80af45ee8f7a76b874d609a70491a556"
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.094
section-io-id: 467b5d169b36a5d44ed4387f99df697f
accept-ranges: bytes
content-type: application/javascript
section-origin-responded: true

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 965 B
761 B 22ms
7ms Script
application/x-javascript 2a02:26f0:6c00:296::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NT2P3DN
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:296::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 25 Sep 2020 21:50:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=61537
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 448

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1185545/ 61 KB
21 KB 166ms
120ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1185545/tfa.js
Requested by: Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 90ffed775d22cfc56f01bbd07887e5b34a4488f2930aa7f62cbfb41721eefe61

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: pSXmCaR7XJnC2x5OxJwrZsru8A1jXq9J
content-encoding: gzip
etag: "264fe7b757c87e87b5a216c347959118"
age: 0
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 21103
x-amz-id-2: belvVkaNMktFWdY7Avy5axBzmkuE2YcaLS5ILWcWuG3CWvyDUwJvW9sStLzFEZq8N/vjF5JjdyQ=
x-served-by: cache-hhn4035-HHN
last-modified: Tue, 18 Aug 2020 07:20:18 GMT
server: AmazonS3
x-timer: S1601070617.123521,VS0,VE99
date: Fri, 25 Sep 2020 21:50:17 GMT
vary: Accept-Encoding
x-amz-request-id: B844672E51D10851
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 39
x-cache-hits: 1

GET
H2 200 3f2d61e0-c13e-0137-5c6b-06659b33d47c Show response
tag.simpli.fi/sifitag/ 4 KB
5 KB 72ms
24ms Script
application/javascript 169.50.137.176
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.simpli.fi/sifitag/3f2d61e0-c13e-0137-5c6b-06659b33d47c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NT2P3DN

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b0.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

de3e62eea3d8ce417cd7d88eff0f1c0864dd0865df26f2fc8fae4d43adb80e0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Fri, 25 Sep 2020 21:50:17 GMT
x-content-type-options: nosniff
status: 200
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3929
x-request-id: FjglPlIAN9n2DWQYxL2B
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
399 B 38ms
12ms XHR
text/plain 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1424945371&t=pageview&_s=1&dl=https%3A%2F%2Fmy.xcentricmold.com%2Fquote&ul=en-us&de=UTF-8&dt=Get%20a%20Quote%20%7C%20Xcentric%20Mold%20%26%20Engineering&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUADQAAAAC~&jid=886469983&gjid=2113599803&cid=1964382870.1601070617&tid=UA-2746449-2&_gid=1341187179.1601070617&_r=1&gtm=2ou9g1&z=1597649694

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 21:50:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://my.xcentricmold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 js Show response
www.google-analytics.com/gtm/ 79 KB
31 KB 45ms
38ms Script
application/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-TFR3JRM&t=gtm6&cid=1964382870.1601070617

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

00d9fd78cf9e3ae20f1af6216dd58d2e4a8f41a364aa56d90c9bf81b34b06354

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:17 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31993
x-xss-protection: 0
last-modified: Fri, 25 Sep 2020 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 25 Sep 2020 21:50:17 GMT

GET
H/1.1 200
OK insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 8ms
8ms Script
application/x-javascript 2a02:26f0:6c00:296::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:296::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 25 Sep 2020 21:50:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=69836
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1799

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1230514&time=1601070617103&url=https%3A%2F%2Fmy.xcentricmold.com%2Fquote%23%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1230514%26time%3D1601070617103%26url%3Dhttps%253A%252F%252Fmy.xcentricmold.com%25...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1230514&time=1601070617103&url=https%3A%2F%2Fmy.xcentricmold.com%2Fquote%23%2F&liSync=true

0
60 B

129ms
129ms

Image
application/javascript

2a05:f500:10:101::b93f:9105
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1230514&time=1601070617103&url=https%3A%2F%2Fmy.xcentricmold.com%2Fquote%23%2F&liSync=true
Requested by: Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:17 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server: Play
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
status: 200
x-li-proto: http/2
x-li-pop: prod-efr5
content-type: application/javascript
content-length: 0
x-li-uuid: u+Nkbj4lOBbQfV+p9ioAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-content-type-options: nosniff
linkedin-action: 1
status: 302
content-length: 0
x-li-uuid: jHpuaj4lOBYwX0Ov/CoAAA==
pragma: no-cache
x-li-pop: afd-prod-lva1
x-msedge-ref: Ref A: 680EABFDB9E44B3B9E98635E51E40EA2 Ref B: FRAEDGE1111 Ref C: 2020-09-25T21:50:17Z
x-frame-options: sameorigin
date: Fri, 25 Sep 2020 21:50:17 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=2592000
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1230514&time=1601070617103&url=https%3A%2F%2Fmy.xcentricmold.com%2Fquote%23%2F&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
90 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-2746449-2&cid=1964382870.1601070617&jid=886469983&gjid=2113599803&_gid=1341187179.1601070617&_u=IEBAAUACQAAAAC~&z=545347027

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 25 Sep 2020 21:50:17 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://my.xcentricmold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
106 B 16ms
15ms Image
image/gif 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-2746449-2&cid=1964382870.1601070617&jid=886469983&_u=IEBAAUACQAAAAC~&z=1117064767

Requested by

Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 21:50:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
106 B 17ms
17ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-2746449-2&cid=1964382870.1601070617&jid=886469983&_u=IEBAAUACQAAAAC~&z=1117064767

Requested by

Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 21:50:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p Show response
i.simpli.fi/ 694 B
1 KB 72ms
24ms Script
application/javascript 169.50.137.179
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/p?cid=&cb=sifi_att_826._hp

Requested by

Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/3f2d61e0-c13e-0137-5c6b-06659b33d47c

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.179 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b3.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

5486d234ff607f28da29f8830a014b077cca970cdc2ffd0b3e587f41fa633886

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Fri, 25 Sep 2020 21:50:17 GMT
x-content-type-options: nosniff
status: 200
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="http://www.simplifi.com/w3c/Policies.xml", CP="ADMa DEVa PSAa PSDa OUR IND DSP NON COR"
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: application/javascript; charset=UTF-8
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

OPTIONS
H2 200 getToken
yjriln3iwl.execute-api.us-east-1.amazonaws.com/dev/ Frame 0
0 225ms
146ms Other
application/json 99.86.243.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yjriln3iwl.execute-api.us-east-1.amazonaws.com/dev/getToken
Protocol: H2
Server: 99.86.243.116 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-116.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://my.xcentricmold.com
Sec-Fetch-Mode: cors

Response headers

status: 200
content-type: application/json
content-length: 0
date: Fri, 25 Sep 2020 21:50:17 GMT
x-amzn-requestid: e1a608b6-90db-4cc1-abc0-5200179fe50e
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: TcTkAFkyoAMFgqA=
access-control-allow-methods: OPTIONS,POST
x-cache: Miss from cloudfront
via: 1.1 6c9f184c491eed5c51abd110e89bd97b.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: iRCNGnxHU3dUh7zixoiANXiDtml7YTvJccFvadKUZyeEnx8PumexbQ==

GET
H2 200 bag.svg
my.xcentricmold.com/xcentric-images/ 785 B
627 B 14ms
12ms Image
image/svg+xml 2606:4700:10::6816:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.xcentricmold.com/xcentric-images/bag.svg

Requested by

Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e38c2d91533cb54ef364d4e2b5b34369f2fc8243fb143a79fb2b744171c58a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:17 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 1871
status: 200
content-length: 472
cf-request-id: 0568d7eb200000646d6f3c1200000001
last-modified: Thu, 30 Jul 2020 15:18:43 GMT
server: cloudflare
etag: "311-5abaa30217b59-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5d87f5be9a81646d-FRA
expires: Sun, 25 Oct 2020 21:19:06 GMT

GET
H2 200 Icons_Settings.svg
my.xcentricmold.com/xcentric-images/ 2 KB
1 KB 12ms
10ms Image
image/svg+xml 2606:4700:10::6816:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.xcentricmold.com/xcentric-images/Icons_Settings.svg

Requested by

Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d56578760cd77e5a75b0b96fa67d3ff7fae09959c2e44adf892f0d6eaf23ce95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:17 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 1872
status: 200
content-length: 894
cf-request-id: 0568d7eb210000646d6f3c2200000001
last-modified: Thu, 30 Jul 2020 15:18:46 GMT
server: cloudflare
etag: "71c-5abaa3047035b-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5d87f5be9a82646d-FRA
expires: Sun, 25 Oct 2020 21:19:05 GMT

GET
H2 200 logo_confirm.png
my.xcentricmold.com/xcentric-images/ 20 KB
20 KB 16ms
14ms Image
image/png 2606:4700:10::6816:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.xcentricmold.com/xcentric-images/logo_confirm.png

Requested by

Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b632b5f4d8ed2f2cc98c3b520e3de4fd34c3077dd7299192c573267ec319acfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:17 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 1871
status: 200
content-length: 20210
cf-request-id: 0568d7eb210000646d6f3c3200000001
last-modified: Thu, 30 Jul 2020 15:18:47 GMT
server: cloudflare
etag: "4ef2-5abaa3052f96b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 5d87f5be9a83646d-FRA
expires: Sat, 25 Sep 2021 21:19:06 GMT

GET
H2 200 injection_mold.png
my.xcentricmold.com/imgs/ 9 KB
10 KB 15ms
13ms Image
image/png 2606:4700:10::6816:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.xcentricmold.com/imgs/injection_mold.png

Requested by

Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5da64f1d0c705b7da038b311e984e6c81b35a48836e7034d97a15d3a48ef6a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:17 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 1871
status: 200
content-length: 9630
cf-request-id: 0568d7eb210000646d6f3c4200000001
last-modified: Thu, 30 Jul 2020 14:43:12 GMT
server: cloudflare
etag: "259e-5aba9b11d0f1d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 5d87f5be9a84646d-FRA
expires: Sat, 25 Sep 2021 21:19:05 GMT

GET
H2 200 overmolding.png
my.xcentricmold.com/imgs/ 9 KB
9 KB 15ms
13ms Image
image/png 2606:4700:10::6816:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.xcentricmold.com/imgs/overmolding.png

Requested by

Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81bdae18fbd87f036bf0eb41b79eb8c29ed940b557f2bc27a8923ca3bcf7a850

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:17 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 1871
status: 200
content-length: 9553
cf-request-id: 0568d7eb210000646d6f3c5200000001
last-modified: Thu, 30 Jul 2020 14:43:13 GMT
server: cloudflare
etag: "2551-5aba9b11f7067"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 5d87f5be9a85646d-FRA
expires: Sat, 25 Sep 2021 21:19:06 GMT

GET
H2 200 cncmachining.png
my.xcentricmold.com/imgs/ 13 KB
13 KB 14ms
12ms Image
image/png 2606:4700:10::6816:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.xcentricmold.com/imgs/cncmachining.png

Requested by

Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb69546ce0ce193c0ace2243e3527d1cecab8bd81932f194f66625ffb9c951bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:17 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 1871
status: 200
content-length: 13306
cf-request-id: 0568d7eb210000646d6f3c6200000001
last-modified: Thu, 30 Jul 2020 14:43:12 GMT
server: cloudflare
etag: "33fa-5aba9b115fadf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 5d87f5be9a86646d-FRA
expires: Sat, 25 Sep 2021 21:19:06 GMT

GET
H2 200 3Dprinting.png
my.xcentricmold.com/imgs/ 12 KB
12 KB 16ms
15ms Image
image/png 2606:4700:10::6816:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.xcentricmold.com/imgs/3Dprinting.png

Requested by

Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b9a7539ab9fb15ff60587736783a44002eba0ac372129f8190582ec2182d1f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:17 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 1871
status: 200
content-length: 12602
cf-request-id: 0568d7eb210000646d6f3c7200000001
last-modified: Thu, 30 Jul 2020 14:43:11 GMT
server: cloudflare
etag: "313a-5aba9b10a52ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 5d87f5be9a87646d-FRA
expires: Sat, 25 Sep 2021 21:19:06 GMT

GET
H2 200 casturetahne.png
my.xcentricmold.com/imgs/ 11 KB
11 KB 16ms
15ms Image
image/png 2606:4700:10::6816:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.xcentricmold.com/imgs/casturetahne.png

Requested by

Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11ba9ed4c5e901324ceeca0ebc8d4cd4f074159c97c1055eeb5c8213dbaad7c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:17 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 1872
status: 200
content-length: 10916
cf-request-id: 0568d7eb210000646d6f3c8200000001
last-modified: Thu, 30 Jul 2020 14:43:12 GMT
server: cloudflare
etag: "2aa4-5aba9b11147eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 5d87f5be9a88646d-FRA
expires: Sat, 25 Sep 2021 21:19:05 GMT

POST
H2 200 getToken Show response
yjriln3iwl.execute-api.us-east-1.amazonaws.com/dev/ 202 B
1017 B 443ms
443ms XHR
application/json 99.86.243.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yjriln3iwl.execute-api.us-east-1.amazonaws.com/dev/getToken
Requested by: Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/js/chunk-vendors.a6c2e7fb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.116 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-116.vie50.r.cloudfront.net
Software: / Express
Resource Hash: db56384d9b4384fbd8e62c9d4ea55131b0e7ec10d71dcdac77be48420358e1aa

Request headers

Accept: application/json, text/plain, */*
Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 25 Sep 2020 21:50:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-amz-cf-pop: VIE50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
status: 200
x-amz-apigw-id: TcTkDGm-oAMFngg=
content-length: 156
cf-request-id: 0568d7ed490000cd02f916b200000001
access-control-allow-origin: *
x-amzn-requestid: 09c59d2a-254f-457f-b838-508d4fdc7e9c
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json
via: 1.1 6c9f184c491eed5c51abd110e89bd97b.cloudfront.net (CloudFront)
x-amzn-remapped-connection: keep-alive
x-amzn-remapped-server: cloudflare
access-control-allow-credentials: true
cf-ray: 5d87f5c20a2bcd02-EWR
access-control-allow-headers: X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept
x-amzn-remapped-date: Fri, 25 Sep 2020 21:50:17 GMT
x-amz-cf-id: 7CI1tgyot5Z-vfdxEYKvYM1f_EgP9GNZdzjJwonm6nS7p_xPMVY88Q==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1052707430/ 2 KB
2 KB 38ms
17ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1052707430/?random=1601070617392&cv=9&fst=1601070617392&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fmy.xcentricmold.com%2Fquote&tiba=Get%20a%20Quote%20%7C%20Xcentric%20Mold%20%26%20Engineering&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

889b7e55a02c1d402d4393e07acc0d76efff9fd9d60d1d38b3b65395b79efb79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 21:50:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1006
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 26 KB
8 KB 47ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5c622f5433cbb6ea1df5c0dd8671e55ef7d1464366074730473c453de50a579b

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:16 GMT
content-encoding: gzip
last-modified: Thu, 16 Jul 2020 20:00:00 GMT
x-msedge-ref: Ref A: CAAE62CB66DE40B8BC737BD056CF56CB Ref B: FRAEDGE1411 Ref C: 2020-09-25T21:50:17Z
status: 200
etag: "0e0bdafab5bd61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8022

GET
H/1.1 200
OK twin.js Show response
twin-iq.kickfire.com/ 423 B
595 B 620ms
154ms Script
text/javascript 209.128.119.223
BAYAREA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://twin-iq.kickfire.com/twin.js?14192
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/175f7caa2b90/9c890159ef9e/launch-513a6858baea.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.128.119.223 , United States, ASN7151 (BAYAREA-AS, US),
Reverse DNS: 209-128-119-223.bayarea.net
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 0c105bd80cead6e558f7767a26457c0a031384fa4348787c7611e6004cab7fd0

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 25 Sep 2020 21:50:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Oct 2019 17:22:01 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "280029-1a7-593dc97244982"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 287

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame EF2D 0
0 55ms
17ms Document
text/html 147.75.102.197
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-891230.js?sv=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.102.197 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress11
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://my.xcentricmold.com/quote
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://my.xcentricmold.com/quote

Response headers

status: 200
date: Fri, 25 Sep 2020 21:50:17 GMT
content-type: text/html
content-length: 851
last-modified: Mon, 17 Aug 2020 18:24:17 GMT
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control: max-age=31536000
content-encoding: br
section-io-origin-status: 200
section-io-origin-time-seconds: 0.045
section-origin-responded: true
age: 3355761
vary: Accept-Encoding
section-io-cache: Hit
accept-ranges: bytes
section-io-id: 39e23e8bf9ca9a0853cbfa564d9446f5

GET
H2

200

aa_px
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=B0C7B3B546A3471182D6E8DE0623241E
https://um.simpli.fi/aa_px?sk=164890303555001781391

43 B
409 B

22ms
21ms

Image
image/gif

159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/aa_px?sk=164890303555001781391

Requested by

Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:17 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
status: 200
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 24 Sep 2020 21:50:17 GMT

Redirect headers

pragma: no-cache
date: Fri, 25 Sep 2020 21:50:17 GMT
server: AAWebServer
status: 302
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://um.simpli.fi/aa_px?sk=164890303555001781391
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 json Show response
trc.taboola.com/1185545/trc/3/ 798 B
777 B 37ms
36ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1185545/trc/3/json?tim=1601070617483&data=%7B%22id%22%3A466%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1601070617478%2C%22cv%22%3A%2220200818-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fmy.xcentricmold.com%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-marketinmediagcom%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22supv%22%3Atrue%2C%22mpv%22%3Atrue%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1185545/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0df70a6b4dd2587838ab9f45fc8b829bd462f2bfe27aadf1e82eeec060e0f1e6

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 15
date: Fri, 25 Sep 2020 21:50:17 GMT
content-encoding: gzip
access-control-allow-origin: *
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
x-served-by: cache-hhn4035-HHN
server: nginx
x-timer: S1601070618.502674,VS0,VE15
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1052707430/ 42 B
538 B 41ms
27ms Image
image/gif 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1052707430/?random=1601070617392&cv=9&fst=1601067600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fmy.xcentricmold.com%2Fquote&tiba=Get%20a%20Quote%20%7C%20Xcentric%20Mold%20%26%20Engineering&fmt=3&is_vtc=1&random=1795284005&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 21:50:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/1052707430/ 42 B
538 B 40ms
25ms Image
image/gif 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1052707430/?random=1601070617392&cv=9&fst=1601067600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fmy.xcentricmold.com%2Fquote&tiba=Get%20a%20Quote%20%7C%20Xcentric%20Mold%20%26%20Engineering&fmt=3&is_vtc=1&random=1795284005&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 21:50:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
148 B 29ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=4021665&Ver=2&mid=29c3015a-c7da-46e4-da5b-6e62a7e9d095&sid=d952e071e6cdbe981b0f5eb9e95b1bb2&vid=9006186ce3841c1dc78080ef877e99ac&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Get%20a%20Quote%20%7C%20Xcentric%20Mold%20%26%20Engineering&kw=injection%20molding,injection%20mold,%20plastic%20injection%20mold,%20plastic%20injection%20molding,%20injection%20molds,%20injection%20molded,%20injection%20molding%20parts,%20injection%20molded%20parts,%20injection%20molding%20companies,%20injection%20molding%20company,%20plastic%20manufacturing%20companies,%20plastic%20manufacturing%20company,%20plastic%20injection%20molds&p=https%3A%2F%2Fmy.xcentricmold.com%2Fquote%23%2F&r=&lt=1549&evt=pageLoad&msclkid=N&sv=1&rn=937533
Requested by: Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Fri, 25 Sep 2020 21:50:16 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: BEA29AB30C144FC98849623A146164EB Ref B: FRAEDGE1411 Ref C: 2020-09-25T21:50:17Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/891230/ 178 B
321 B 106ms
40ms XHR
application/json 34.246.206.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/891230/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.94fbf54e63238ed34ad8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.206.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-206-139.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 25 Sep 2020 21:50:17 GMT
content-encoding: br
status: 200
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true

GET
H2 200 nexage
um.simpli.fi/ 43 B
409 B 22ms
20ms Image
image/gif 159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/nexage

Requested by

Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:17 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
status: 200
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 24 Sep 2020 21:50:17 GMT

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=B0C7B3B546A3471182D6E8DE0623241E

0
0

106ms
32ms

Image
text/html

99.86.243.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=B0C7B3B546A3471182D6E8DE0623241E
Requested by: Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.5 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-5.vie50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Fri, 25 Sep 2020 21:50:17 GMT
x-content-type-options: nosniff
server: nginx
status: 302
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=B0C7B3B546A3471182D6E8DE0623241E
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Thu, 24 Sep 2020 21:50:17 GMT

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
409 B 21ms
20ms Image
image/gif 159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Requested by

Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:17 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
status: 200
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 24 Sep 2020 21:50:17 GMT

GET
H2 200 freewheel
um.simpli.fi/ 43 B
409 B 21ms
20ms Image
image/gif 159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Requested by

Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:17 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
status: 200
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 24 Sep 2020 21:50:17 GMT

GET
H2

200

engine
pbid.pro-market.net/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=B0C7B3B546A3471182D6E8DE0623241E;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=B0C7B3B546A3471182D6E8DE0623241E;mimetype=img;sr
https://cm.g.doubleclick.net/pixel?google_nid=datonics&google_cm&google_sc
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEFFDycNE40cYZRshJif0TDU&google_cver=1

43 B
390 B

16ms
14ms

Image
image/gif

2600:1901:0:8eee::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEFFDycNE40cYZRshJif0TDU&google_cver=1
Requested by: Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:8eee:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 21:50:17 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp-eu-4.c.datonics-gcp-01.internal
status: 200
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 1 Jan 1990 0:0:0 GMT

Redirect headers

pragma: no-cache
date: Fri, 25 Sep 2020 21:50:17 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEFFDycNE40cYZRshJif0TDU&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 315
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=B0C7B3B546A3471182D6E8DE0623241E&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=B0C7B3B546A3471182D6E8DE0623241E&j=0&xl8blockcheck=1

0
755 B

22ms
22ms

Image
text/plain

147.75.102.200
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=B0C7B3B546A3471182D6E8DE0623241E&j=0&xl8blockcheck=1
Requested by: Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.102.200 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS
Software: nginx / Undertow/1
Resource Hash

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Fri, 25 Sep 2020 21:50:18 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Fri, 25 Sep 2020 21:50:18 GMT
server: nginx
x-powered-by: Undertow/1
status: 302
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=B0C7B3B546A3471182D6E8DE0623241E&j=0&xl8blockcheck=1
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H/1.1 200
OK twin.php
twin-iq.kickfire.com/ 95 B
403 B 469ms
161ms Image
image/png 209.128.119.223
BAYAREA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twin-iq.kickfire.com/twin.php?TWIQ=14192&kftwiqpg=https%3A%2F%2Fmy.xcentricmold.com%2Fquote%23%2F&Hst=my.xcentricmold.com&r=0.5971016914117417
Requested by: Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.128.119.223 , United States, ASN7151 (BAYAREA-AS, US),
Reverse DNS: 209-128-119-223.bayarea.net
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 25 Sep 2020 21:50:18 GMT
Content-Encoding: gzip
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: close
Content-Type: IMAGE/PNG
Content-Length: 102

GET
H/1.1 200
OK aef324fb-06b8-4fe5-90da-80e93280efa3.js Show response
www.rumiview.com/containers/ 206 KB
57 KB 674ms
267ms Script
application/javascript 199.185.0.231
MULTIVIEW

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rumiview.com/containers/aef324fb-06b8-4fe5-90da-80e93280efa3.js
Requested by: Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.185.0.231 , United States, ASN21592 (MULTIVIEW, US),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 2405f1fae4c685d3f48cd6888405affd79185ed15ec35f0f3c5293a66eda1cc6

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 25 Sep 2020 21:50:18 GMT
Content-Encoding: gzip
Server: nginx/1.14.2
Vary: Accept-Encoding, Accept-Encoding, Cookie
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, must-revalidate, max-age=360
Transfer-Encoding: chunked
X-Robots-Tag: none

GET
H3-Q050

200

activityi;dc_pre=CPSa0OukhewCFY3FuwgdXKgMVw;src=10117150;type=siter0;cat=siter0;ord=9314506666321;gtm=2od9g1;auiddc=1129983163.1601070617;~oref=https%3A%2F%2Fmy.xcentricmold.com%2Fquote
10117150.fls.doubleclick.net/ Frame D040
Redirect Chain

https://10117150.fls.doubleclick.net/activityi;src=10117150;type=siter0;cat=siter0;ord=9314506666321;gtm=2od9g1;auiddc=1129983163.1601070617;~oref=https%3A%2F%2Fmy.xcentricmold.com%2Fquote?
https://10117150.fls.doubleclick.net/activityi;dc_pre=CPSa0OukhewCFY3FuwgdXKgMVw;src=10117150;type=siter0;cat=siter0;ord=9314506666321;gtm=2od9g1;auiddc=1129983163.1601070617;~oref=https%3A%2F%2Fmy...

0
0

76ms
47ms

Document
text/html

216.58.208.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10117150.fls.doubleclick.net/activityi;dc_pre=CPSa0OukhewCFY3FuwgdXKgMVw;src=10117150;type=siter0;cat=siter0;ord=9314506666321;gtm=2od9g1;auiddc=1129983163.1601070617;~oref=https%3A%2F%2Fmy.xcentricmold.com%2Fquote?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10117150

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.38 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f38.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 10117150.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CPSa0OukhewCFY3FuwgdXKgMVw;src=10117150;type=siter0;cat=siter0;ord=9314506666321;gtm=2od9g1;auiddc=1129983163.1601070617;~oref=https%3A%2F%2Fmy.xcentricmold.com%2Fquote?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://my.xcentricmold.com/quote
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUk7FaCc8Bh7NaIyYd1moy6KlJcxtsNdNQMx-3kB6-iFTiT3tNVgwzm4k1uB
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: about:blank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Fri, 25 Sep 2020 21:50:18 GMT
expires: Fri, 25 Sep 2020 21:50:18 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 330
x-xss-protection: 0
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Fri, 25 Sep 2020 21:50:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10117150.fls.doubleclick.net/activityi;dc_pre=CPSa0OukhewCFY3FuwgdXKgMVw;src=10117150;type=siter0;cat=siter0;ord=9314506666321;gtm=2od9g1;auiddc=1129983163.1601070617;~oref=https%3A%2F%2Fmy.xcentricmold.com%2Fquote?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 grades Show response
yjriln3iwl.execute-api.us-east-1.amazonaws.com/dev/materials/ 15 KB
16 KB 542ms
541ms XHR
application/json 99.86.243.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yjriln3iwl.execute-api.us-east-1.amazonaws.com/dev/materials/grades?token=ea8ad4c440dc4d08c60edde61e644c4146bd620418bf3370e4d3dff1385c709a&query=materialprocessid&against=1
Requested by: Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/js/chunk-vendors.a6c2e7fb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.116 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-116.vie50.r.cloudfront.net
Software: /
Resource Hash: 9d271330d5211ccc08eaa45a14eecf7639b11adef90127e3807c3357ba764467

Request headers

Accept: application/json, text/plain, */*
Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:18 GMT
via: 1.1 6c9f184c491eed5c51abd110e89bd97b.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amzn-requestid: a883bbe8-3a27-433f-945a-a6e6781e251e
status: 200
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-5f6e661a-8e90d159da78c66e6c6b704c
x-amz-apigw-id: TcTkIGlIoAMFocQ=
content-length: 15864
x-amz-cf-id: Xojn-eMNzUFLtWQLUJLQQra9nOiLqlyH2pLkuN5soUMStUceSOxvwA==

GET
H2 200 gethelperids Show response
yjriln3iwl.execute-api.us-east-1.amazonaws.com/dev/ 293 B
654 B 265ms
264ms XHR
application/json 99.86.243.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yjriln3iwl.execute-api.us-east-1.amazonaws.com/dev/gethelperids?token=ea8ad4c440dc4d08c60edde61e644c4146bd620418bf3370e4d3dff1385c709a
Requested by: Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/js/chunk-vendors.a6c2e7fb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.116 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-116.vie50.r.cloudfront.net
Software: /
Resource Hash: 4fbf1bfa27a5eb1421fd91b08d3c7e7fa1854582d3fdb1b9ca57bd0290f79e18

Request headers

Accept: application/json, text/plain, */*
Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:18 GMT
via: 1.1 6c9f184c491eed5c51abd110e89bd97b.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amzn-requestid: 94d2b352-8c0c-49a1-9129-dff8f12b83f4
status: 200
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-5f6e661a-fc9eb045b0b9f6d9182fd94f
x-amz-apigw-id: TcTkGFOnIAMFXSQ=
content-length: 293
x-amz-cf-id: ODuc8RixSs81MJQGlaLVF69klUhrENEu2hqKOOJzrnDoOgrLz7AbcA==

GET
H2 200 yahoo
um.simpli.fi/ 43 B
409 B 21ms
20ms Image
image/gif 159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Requested by

Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:18 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
status: 200
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 24 Sep 2020 21:50:18 GMT

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=B0C7B3B546A3471182D6E8DE0623241E

0
421 B

403ms
101ms

Image
text/plain

54.208.200.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=B0C7B3B546A3471182D6E8DE0623241E
Requested by: Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.200.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-200-8.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection: keep-alive
Date: Fri, 25 Sep 2020 21:55:11 GMT

Redirect headers

date: Fri, 25 Sep 2020 21:50:18 GMT
x-content-type-options: nosniff
server: nginx
status: 302
location: https://sync.bfmio.com/sync?pid=141&uid=B0C7B3B546A3471182D6E8DE0623241E
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Thu, 24 Sep 2020 21:50:18 GMT

GET
H/1.1

200
OK

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=B0C7B3B546A3471182D6E8DE0623241E

62 B
329 B

208ms
163ms

Image
image/gif

104.108.41.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=B0C7B3B546A3471182D6E8DE0623241E
Requested by: Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.41.56 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-41-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 25 Sep 2020 21:50:18 GMT
X-N: S
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: 2a3d
Content-Type: image/gif

Redirect headers

date: Fri, 25 Sep 2020 21:50:18 GMT
x-content-type-options: nosniff
server: nginx
status: 302
location: https://stags.bluekai.com/site/29931?id=B0C7B3B546A3471182D6E8DE0623241E
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Thu, 24 Sep 2020 21:50:18 GMT

GET
H2

200

tpid=B0C7B3B546A3471182D6E8DE0623241E
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=B0C7B3B546A3471182D6E8DE0623241E
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=B0C7B3B546A3471182D6E8DE0623241E

49 B
711 B

98ms
97ms

Image
image/gif

34.253.109.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=B0C7B3B546A3471182D6E8DE0623241E
Requested by: Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.109.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-109-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 21:50:18 GMT
status: 200
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.25.123
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 25 Sep 2020 21:50:18 GMT
status: 302
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=B0C7B3B546A3471182D6E8DE0623241E
cache-control: no-cache
x-server: 10.45.17.82
content-length: 0
expires: 0

GET
H/1.1

204
No Content

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=B0C7B3B546A3471182D6E8DE0623241E
https://ce.lijit.com/merge?pid=2&3pid=B0C7B3B546A3471182D6E8DE0623241E&dnr=1

0
433 B

16ms
16ms

Image
text/plain

216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=B0C7B3B546A3471182D6E8DE0623241E&dnr=1
Requested by: Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Sep 2020 21:50:18 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 25 Sep 2020 21:50:18 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=2&3pid=B0C7B3B546A3471182D6E8DE0623241E&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=B0C7B3B546A3471182D6E8DE0623241E

0
66 B

76ms
30ms

Image
text/plain

34.120.207.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=B0C7B3B546A3471182D6E8DE0623241E
Requested by: Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.207.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 148.207.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 451
date: Fri, 25 Sep 2020 21:50:18 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

date: Fri, 25 Sep 2020 21:50:18 GMT
x-content-type-options: nosniff
server: nginx
status: 302
location: https://idsync.rlcdn.com/419566.gif?partner_uid=B0C7B3B546A3471182D6E8DE0623241E
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Thu, 24 Sep 2020 21:50:18 GMT

GET
H3-Q050

200

/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1601070617208&cv=7&fst=1601070617208&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1096724973&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=f...
https://www.google.com/pagead/1p-conversion/1026675585/?random=1096724973&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_...
https://www.google.de/pagead/1p-conversion/1026675585/?random=1096724973&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_v...

42 B
88 B

21ms
20ms

Image
image/gif

2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=1096724973&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=GmZuX5CMLcSwlQfLr6XYCw&cid=CAQSKQCNIrLMKifFMZ7eD7YfTxldLpjWkdZaQ6KTWQEoHZV6cYkpbmHnmjfl&random=2882873480&ipr=y

Requested by

Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 21:50:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 25 Sep 2020 21:50:18 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=1096724973&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=GmZuX5CMLcSwlQfLr6XYCw&cid=CAQSKQCNIrLMKifFMZ7eD7YfTxldLpjWkdZaQ6KTWQEoHZV6cYkpbmHnmjfl&random=2882873480&ipr=y
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/
Redirect Chain

https://um.simpli.fi/spotx_match
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=B0C7B3B546A3471182D6E8DE0623241E
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=B0C7B3B546A3471182D6E8DE0623241E&__user_check__=1&sync_id=1a76bb02-ff79-11ea-9040-1bbe6fc51c06

43 B
549 B

24ms
22ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7797&uid=B0C7B3B546A3471182D6E8DE0623241E&__user_check__=1&sync_id=1a76bb02-ff79-11ea-9040-1bbe6fc51c06
Requested by: Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.125 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 25 Sep 2020 21:50:18 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 142
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Fri, 25 Sep 2020 21:50:18 GMT
Server: nginx
Location: /partner?adv_id=7797&uid=B0C7B3B546A3471182D6E8DE0623241E&__user_check__=1&sync_id=1a76bb02-ff79-11ea-9040-1bbe6fc51c06
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 71
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=B0C7B3B546A3471182D6E8DE0623241E
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DB0C7B3B546A3471182D6E8DE0623241E

43 B
1 KB

15ms
15ms

Image
image/gif

185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DB0C7B3B546A3471182D6E8DE0623241E

Requested by

Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Sep 2020 21:50:18 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.182:80
AN-X-Request-Uuid: 0e7ac1c4-0254-4b8e-ad91-ef6f50a10464
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 25 Sep 2020 21:50:18 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.54:80
AN-X-Request-Uuid: 574f11fc-2a15-4fc0-b320-e024d1f13743
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DB0C7B3B546A3471182D6E8DE0623241E
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=B0C7B3B546A3471182D6E8DE0623241E&expires=365

0
239 B

94ms
21ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=B0C7B3B546A3471182D6E8DE0623241E&expires=365
Requested by: Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

Redirect headers

date: Fri, 25 Sep 2020 21:50:18 GMT
x-content-type-options: nosniff
server: nginx
status: 302
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=B0C7B3B546A3471182D6E8DE0623241E&expires=365
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Thu, 24 Sep 2020 21:50:18 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=B0C7B3B546A3471182D6E8DE0623241E
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=B0C7B3B546A3471182D6E8DE0623241E

43 B
180 B

2019ms
2019ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=B0C7B3B546A3471182D6E8DE0623241E
Requested by: Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.193.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 21:50:18 GMT
via: 1.1 google
server: OXGW/16.193.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Fri, 25 Sep 2020 21:50:18 GMT
via: 1.1 google
server: OXGW/16.193.0
status: 302
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=B0C7B3B546A3471182D6E8DE0623241E
alt-svc: clear
content-length: 0

GET
H2

204

g_match
um.simpli.fi/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://um.simpli.fi/g_match?id=&google_gid=CAESEJ3T504BcqbN_3OgL4AWuug&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B0C7B3B546A3471182D6E8DE0623241E
https://um.simpli.fi/g_match?id=

0
320 B

21ms
20ms

Image
text/plain

159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Requested by

Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:50:18 GMT
x-content-type-options: nosniff
status: 204
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 24 Sep 2020 21:50:18 GMT

Redirect headers

pragma: no-cache
date: Fri, 25 Sep 2020 21:50:18 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://um.simpli.fi/g_match?id=
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ppms.js Show response
www.rumiview.com/ 63 KB
22 KB 2053ms
2053ms Script
application/javascript 199.185.0.231
MULTIVIEW

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rumiview.com/ppms.js
Requested by: Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.185.0.231 , United States, ASN21592 (MULTIVIEW, US),
Reverse DNS
Software: nginx /
Resource Hash: 2207051fcadbdef48e583c10043184c92282222e3852468ad2fc691c5753068f

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 25 Sep 2020 21:50:18 GMT
Content-Encoding: gzip
Last-Modified: Wed, 22 Jan 2020 17:47:58 GMT
Server: nginx
ETag: W/"5e288ace-fdca"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Expires: Sun, 25 Oct 2020 21:50:18 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1185545/log/3/ 0
295 B 1986ms
15ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1185545/log/3/unip?en=pre_d_eng_tb&tos=1501&scd=100&ssd=1&est=1601070617481&ver=27&isls=true&src=i&invt=1500&tim=1601070618982&vi=1601070617478&ri=793f70ed01d1fbd3e32cda3e115bf0f4&sd=v2_3bc7180bb2103a7904bb1a2017e03e94_517323aa-f448-47ff-9b01-72eb64d6e506-tuct667eb99_1601070617_1601070617_CNawjgYQia5IGIan-7nMLiABKAEwoQE4l-oLQJ2XEEjZ2tgDUP___________wFYAWAAaOKmqpGyrZficA&ui=517323aa-f448-47ff-9b01-72eb64d6e506-tuct667eb99&ref=null&cv=20200818-2-RELEASE
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1185545/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 21:50:20 GMT
server: nginx
x-fastly-to-nlb-rtt: 1886
status: 204
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://my.xcentricmold.com
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.41.30.18:10213

GET
H/1.1 200
OK ppms.php
www.rumiview.com/ 43 B
183 B 166ms
166ms Image
image/gif 199.185.0.231
MULTIVIEW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rumiview.com/ppms.php?action_name=Get%20a%20Quote%20%7C%20Xcentric%20Mold%20%26%20Engineering&idsite=aef324fb-06b8-4fe5-90da-80e93280efa3&rec=1&r=526821&h=23&m=50&s=20&url=https%3A%2F%2Fmy.xcentricmold.com%2Fquote%23%2F&_id=ddc6c406c8da4485&_idts=1601070621&_idvc=1&_idn=0&_viewts=1601070621&send_image=1&cookie=1&res=1600x1200&gt_ms=504&pv_id=pl8Q5E
Requested by: Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.185.0.231 , United States, ASN21592 (MULTIVIEW, US),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 25 Sep 2020 21:50:21 GMT
Content-Encoding: none
Server: nginx
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 38 KB
13 KB 68ms
22ms Script
text/javascript 2.18.233.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: my.xcentricmold.com
URL: https://my.xcentricmold.com/quote
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e986347fae4cd3e188d0285b8c175fbda863568def399a7cc63663dc65eda556

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: d1pKkVEOnjXkhSna2LdckzCPNFxdQVqw
Content-Encoding: gzip
ETag: "e48ec93e4813a7969adbe0de01c4a49c"
x-amz-request-id: 8EB28073509C7335
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 12201
x-amz-id-2: sI/NR0k1GE753WXWS6GJiwma/FFWZEPSGmDoBDTMXYrYEd0e1NacCh69FANqx3U9uLFHX5HecL8=
Last-Modified: Thu, 24 Sep 2020 20:19:10 GMT
Server: AmazonS3
Date: Fri, 25 Sep 2020 21:50:21 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/HVGJFLP3UFFGVOCJHA63RP/index.js
https://s.adroll.com/j/exp/index.js

28 B
747 B

22ms
21ms

Script
application/javascript

2.18.233.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 2U8XMvdFINXJNFsilaXONuSvqmREKV3.
Content-Encoding: gzip
ETag: "5816cced8568d223aa09d889f300692b"
x-amz-request-id: 0A9DFB41B15EF3A2
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 48
x-amz-id-2: 9wtYzl8isf76a+KTcCc0hWCh/ZKrxXSL0KsmsoDDvS1VGgWl/GxdSe7DtPnOmbh4BH+84jF1nEY=
Last-Modified: Fri, 31 Jul 2020 16:11:15 GMT
Server: AmazonS3
Date: Fri, 25 Sep 2020 21:50:21 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Fri, 25 Sep 2020 21:50:21 GMT
Server: AkamaiGHost
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/HVGJFLP3UFFGVOCJHA63RP/SETETOF5DRFLHBDVXCRJPC/ 0
773 B 72ms
29ms Script
text/javascript 2.18.233.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/HVGJFLP3UFFGVOCJHA63RP/SETETOF5DRFLHBDVXCRJPC/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: nUq6wL_5RXslRjDNGoVCAWx1XFh3Nqob
Content-Encoding: gzip
ETag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-request-id: B7EA827B9F3349A3
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
x-amz-id-2: gtGLLvTYHDpY2aPVfXrw8cPYvHrsqhdHDv8+lej2jVgGsWdvTsXg+iwvIf9F3cIj/D4PY97kSA0=
Last-Modified: Thu, 24 Sep 2020 20:16:51 GMT
Server: AmazonS3
Date: Fri, 25 Sep 2020 21:50:21 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

200

/ Show response
d.adroll.com/consent/check/HVGJFLP3UFFGVOCJHA63RP/
Redirect Chain

https://d.adroll.mgr.consensu.org/consent/iabcheck/HVGJFLP3UFFGVOCJHA63RP?_s=131f40bcf75b20fd1302ee60a6cdc40a&_b=2
https://d.adroll.com/consent/check/HVGJFLP3UFFGVOCJHA63RP/?_s=131f40bcf75b20fd1302ee60a6cdc40a&_b=2

392 B
859 B

103ms
34ms

Script
application/javascript

3.248.28.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/HVGJFLP3UFFGVOCJHA63RP/?_s=131f40bcf75b20fd1302ee60a6cdc40a&_b=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.28.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-28-111.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: fbb101bcb5d570755b76d6b6a632d775bba711324f3d16a88c5bfd19f7ba42ec

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 21:50:21 GMT
server: nginx/1.18.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 200
cache-control: no-store, no-cache, must-revalidate
content-type: application/javascript
content-length: 392

Redirect headers

status: 302
date: Fri, 25 Sep 2020 21:50:21 GMT
server: nginx/1.18.0
content-length: 105
location: https://d.adroll.com/consent/check/HVGJFLP3UFFGVOCJHA63RP/?_s=131f40bcf75b20fd1302ee60a6cdc40a&_b=2

GET
H/1.1

200
OK

UMRHNEJ4K5BGJHIYYMDOFH.js Show response
s.adroll.com/pixel/HVGJFLP3UFFGVOCJHA63RP/SETETOF5DRFLHBDVXCRJPC/
Redirect Chain

https://d.adroll.com/pixel/HVGJFLP3UFFGVOCJHA63RP/SETETOF5DRFLHBDVXCRJPC?adroll_fpc=d9fcbbf718461e0816e151962aeeb621-1601070621466&arrfrr=https%3A%2F%2Fmy.xcentricmold.com%2Fquote&xid_ch=f&pv=16462...
https://s.adroll.com/pixel/HVGJFLP3UFFGVOCJHA63RP/SETETOF5DRFLHBDVXCRJPC/UMRHNEJ4K5BGJHIYYMDOFH.js

3 KB
2 KB

30ms
29ms

Script
text/javascript

2.18.233.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/HVGJFLP3UFFGVOCJHA63RP/SETETOF5DRFLHBDVXCRJPC/UMRHNEJ4K5BGJHIYYMDOFH.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1513ebaac611a79e9cfd4fba2d187011598cafcaa8ca6a197798ff326df884d3

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: TJ_tetakgJ44EuVKZkLwdLDi7yw1FbZz
Content-Encoding: gzip
ETag: "98e1edc80424e29223f6a6a8680289d8"
x-amz-request-id: 5C98AEEC3A565B49
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 1188
x-amz-id-2: bb0KBmMQgwxgQ87xiLw6eX49dESchpES6DOHyLBFbZT3NPXkbgPrmeU6btCdIls3Qbn7xc1zric=
Last-Modified: Fri, 28 Feb 2020 01:37:05 GMT
Server: AmazonS3
Date: Fri, 25 Sep 2020 21:50:21 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

date: Fri, 25 Sep 2020 21:50:21 GMT
x-segment-display-name: Visitors to Unsegmented Pages
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 302
content-length: 0
pragma: no-cache
x-conversion-value: 0.00
server: nginx/1.18.0
x-rule: *
x-segment-eid: UMRHNEJ4K5BGJHIYYMDOFH
location: https://s.adroll.com/pixel/HVGJFLP3UFFGVOCJHA63RP/SETETOF5DRFLHBDVXCRJPC/UMRHNEJ4K5BGJHIYYMDOFH.js
cache-control: no-store, no-cache, must-revalidate
x-pixel-eid: SETETOF5DRFLHBDVXCRJPC
x-segment-name: *
x-advertisable-eid: HVGJFLP3UFFGVOCJHA63RP
x-conversion-currency

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 135 KB
34 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: d.adroll.com
URL: https://d.adroll.com/pixel/HVGJFLP3UFFGVOCJHA63RP/SETETOF5DRFLHBDVXCRJPC?adroll_fpc=d9fcbbf718461e0816e151962aeeb621-1601070621466&arrfrr=https%3A%2F%2Fmy.xcentricmold.com%2Fquote&xid_ch=f&pv=16462139902.521854&cookie=&adroll_s_ref=&keyw=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 34302
x-xss-protection: 0
pragma: public
x-fb-debug: j49wVO9dGWTHOoaGwkdvg0NdFECGJbe0r1woxeZh6/5VhJjfJLNo7ptDePif1NafZZSpSXe/5Ozb5StOlJcGrQ==
x-fb-trip-id: 2087493949
x-frame-options: DENY
date: Fri, 25 Sep 2020 21:50:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK sendrolling.js Show response
s.adroll.com/j/ 9 KB
3 KB 24ms
24ms Script
text/javascript 2.18.233.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/sendrolling.js
Requested by: Host: d.adroll.com
URL: https://d.adroll.com/pixel/HVGJFLP3UFFGVOCJHA63RP/SETETOF5DRFLHBDVXCRJPC?adroll_fpc=d9fcbbf718461e0816e151962aeeb621-1601070621466&arrfrr=https%3A%2F%2Fmy.xcentricmold.com%2Fquote&xid_ch=f&pv=16462139902.521854&cookie=&adroll_s_ref=&keyw=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1bdbcee5cd776cb671f72362db4be8dde833057b8e8f816c86fd301896652c8d

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: NM.EHVfGEDu2TYFqb1osrv1zRII373EC
Content-Encoding: gzip
ETag: "15441b08d0c4f93b1dd5f533cd361cd8"
x-amz-request-id: 75B93B99450D9821
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 2039
x-amz-id-2: LLXPK6WOd/JkL78v3IWpxVYE6WLY0eyso2S9SGWA5fuDVP/IFReKscAk0ef5FiAsTnpUaCbbaQA=
Last-Modified: Mon, 03 Feb 2020 20:32:06 GMT
Server: AmazonS3
Date: Fri, 25 Sep 2020 21:50:21 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

200

in
d.adroll.com/cm/r/
Redirect Chain

https://d.adroll.com/cm/r/out?adroll_fpc=d9fcbbf718461e0816e151962aeeb621-1601070621466&arrfrr=https%3A%2F%2Fmy.xcentricmold.com%2Fquote&xid_ch=f&advertisable=HVGJFLP3UFFGVOCJHA63RP
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

42 B
517 B

34ms
33ms

Image
image/gif

3.248.28.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.28.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-28-111.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 21:50:21 GMT
server: nginx/1.18.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 200
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 42

Redirect headers

date: Fri, 25 Sep 2020 21:50:21 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
age: 0
status: 302
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
location: https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2

200

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://d.adroll.com/cm/b/out?adroll_fpc=d9fcbbf718461e0816e151962aeeb621-1601070621466&arrfrr=https%3A%2F%2Fmy.xcentricmold.com%2Fquote&xid_ch=f&advertisable=HVGJFLP3UFFGVOCJHA63RP
https://x.bidswitch.net/sync?dsp_id=44&user_id=MTYzMWVlMzE5NDgzOGVjMTY2YTNlYmJkYTY2NDZmNDM
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MTYzMWVlMzE5NDgzOGVjMTY2YTNlYmJkYTY2NDZmNDM

43 B
410 B

23ms
23ms

Image
image/gif

35.157.221.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MTYzMWVlMzE5NDgzOGVjMTY2YTNlYmJkYTY2NDZmNDM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.221.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-221-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 25 Sep 2020 21:50:21 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

status: 302
date: Fri, 25 Sep 2020 21:50:21 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MTYzMWVlMzE5NDgzOGVjMTY2YTNlYmJkYTY2NDZmNDM
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

setuid
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?adroll_fpc=d9fcbbf718461e0816e151962aeeb621-1601070621466&arrfrr=https%3A%2F%2Fmy.xcentricmold.com%2Fquote&xid_ch=f&advertisable=HVGJFLP3UFFGVOCJHA63RP
https://ib.adnxs.com/setuid?entity=172&code=MTYzMWVlMzE5NDgzOGVjMTY2YTNlYmJkYTY2NDZmNDM

43 B
1 KB

16ms
16ms

Image
image/gif

185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=172&code=MTYzMWVlMzE5NDgzOGVjMTY2YTNlYmJkYTY2NDZmNDM

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Sep 2020 21:50:21 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.140:80
AN-X-Request-Uuid: eadf7989-75c7-49a7-9919-1d5f1fdf879a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 25 Sep 2020 21:50:21 GMT
server: nginx/1.18.0
status: 302
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://ib.adnxs.com/setuid?entity=172&code=MTYzMWVlMzE5NDgzOGVjMTY2YTNlYmJkYTY2NDZmNDM
cache-control: no-store, no-cache, must-revalidate
content-length: 93

GET
H2 200 out
d.adroll.com/cm/l/ 42 B
180 B 36ms
34ms Image
image/gif 3.248.28.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/l/out?adroll_fpc=d9fcbbf718461e0816e151962aeeb621-1601070621466&arrfrr=https%3A%2F%2Fmy.xcentricmold.com%2Fquote&xid_ch=f&advertisable=HVGJFLP3UFFGVOCJHA63RP
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.28.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-28-111.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 25 Sep 2020 21:50:21 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.18.0
content-length: 42
vary: Cookie
content-type: image/gif

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?adroll_fpc=d9fcbbf718461e0816e151962aeeb621-1601070621466&arrfrr=https%3A%2F%2Fmy.xcentricmold.com%2Fquote&xid_ch=f&advertisable=HVGJFLP3UFFGVOCJHA63RP
https://us-u.openx.net/w/1.0/sd?id=537103138&val=1631ee3194838ec166a3ebbda6646f43

43 B
106 B

32ms
31ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537103138&val=1631ee3194838ec166a3ebbda6646f43
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.193.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 21:50:21 GMT
via: 1.1 google
server: OXGW/16.193.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 25 Sep 2020 21:50:21 GMT
server: nginx/1.18.0
status: 302
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://us-u.openx.net/w/1.0/sd?id=537103138&val=1631ee3194838ec166a3ebbda6646f43
cache-control: no-store, no-cache, must-revalidate
content-length: 87

GET
H2

200

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?adroll_fpc=d9fcbbf718461e0816e151962aeeb621-1601070621466&arrfrr=https%3A%2F%2Fmy.xcentricmold.com%2Fquote&xid_ch=f&advertisable=HVGJFLP3UFFGVOCJHA63RP&google_nid=adroll5
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=FjHuMZSDjsFmo-u9pmRvQw
https://d.adroll.com/cm/g/in

42 B
534 B

34ms
33ms

Image
image/gif

3.248.28.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.28.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-28-111.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 21:50:21 GMT
server: nginx/1.18.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 200
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 42
x-result: g.-1.-1.-1

Redirect headers

pragma: no-cache
date: Fri, 25 Sep 2020 21:50:21 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://d.adroll.com/cm/g/in
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ppms.php
www.rumiview.com/ 43 B
183 B 181ms
181ms Image
image/gif 199.185.0.231
MULTIVIEW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rumiview.com/ppms.php?ping=1&idsite=aef324fb-06b8-4fe5-90da-80e93280efa3&rec=1&r=055509&h=23&m=50&s=20&url=https%3A%2F%2Fmy.xcentricmold.com%2Fquote%23%2F&_id=ddc6c406c8da4485&_idts=1601070621&_idvc=1&_idn=0&_viewts=1601070621&send_image=1&cookie=1&res=1600x1200&gt_ms=504&pv_id=pl8Q5E
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.185.0.231 , United States, ASN21592 (MULTIVIEW, US),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 25 Sep 2020 21:50:21 GMT
Content-Encoding: none
Server: nginx
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK ppms.php
www.rumiview.com/ 43 B
183 B 292ms
159ms Image
image/gif 199.185.0.231
MULTIVIEW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rumiview.com/ppms.php?ping=1&idsite=aef324fb-06b8-4fe5-90da-80e93280efa3&rec=1&r=048965&h=23&m=50&s=21&url=https%3A%2F%2Fmy.xcentricmold.com%2Fquote%23%2F&_id=ddc6c406c8da4485&_idts=1601070621&_idvc=1&_idn=0&_viewts=1601070621&send_image=1&cookie=1&res=1600x1200&gt_ms=504&t_ss=17&t_fs=1&t_ds=2&t_cs=12&t_ce=28&t_qs=28&t_as=528&t_ae=532&t_dl=535&t_di=1545&t_ls=1545&t_le=1549&t_dc=5246&t_ee=5254&pv_id=pl8Q5E
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.185.0.231 , United States, ASN21592 (MULTIVIEW, US),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 25 Sep 2020 21:50:22 GMT
Content-Encoding: none
Server: nginx
Content-Length: 43
Content-Type: image/gif

GET
H2 204 unip Show response
trc-events.taboola.com/1185545/log/3/ 0
294 B 16ms
15ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1185545/log/3/unip?en=pre_d_eng_tb&tos=4502&scd=100&ssd=1&est=1601070617481&ver=27&isls=true&src=i&invt=3000&tim=1601070621983&vi=1601070617478&ri=793f70ed01d1fbd3e32cda3e115bf0f4&sd=v2_3bc7180bb2103a7904bb1a2017e03e94_517323aa-f448-47ff-9b01-72eb64d6e506-tuct667eb99_1601070617_1601070617_CNawjgYQia5IGIan-7nMLiABKAEwoQE4l-oLQJ2XEEjZ2tgDUP___________wFYAWAAaOKmqpGyrZficA&ui=517323aa-f448-47ff-9b01-72eb64d6e506-tuct667eb99&ref=null&cv=20200818-2-RELEASE
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1185545/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 21:50:21 GMT
server: nginx
x-fastly-to-nlb-rtt: 2005
status: 204
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://my.xcentricmold.com
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.41.30.18:10213

GET
H2 204 unip
trc-events.taboola.com/1185545/log/3/ 0
294 B 16ms
15ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1185545/log/3/unip?en=pre_d_eng_tb&tos=10503&scd=100&ssd=1&est=1601070617481&ver=27&isls=true&src=i&invt=6000&tim=1601070627985&vi=1601070617478&ri=793f70ed01d1fbd3e32cda3e115bf0f4&sd=v2_3bc7180bb2103a7904bb1a2017e03e94_517323aa-f448-47ff-9b01-72eb64d6e506-tuct667eb99_1601070617_1601070617_CNawjgYQia5IGIan-7nMLiABKAEwoQE4l-oLQJ2XEEjZ2tgDUP___________wFYAWAAaOKmqpGyrZficA&ui=517323aa-f448-47ff-9b01-72eb64d6e506-tuct667eb99&ref=null&cv=20200818-2-RELEASE
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1185545/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 21:50:27 GMT
server: nginx
x-fastly-to-nlb-rtt: 7950
status: 204
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://my.xcentricmold.com
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.41.24.10:10213

GET
H2 204 unip
trc-events.taboola.com/1185545/log/3/ 0
294 B 1903ms
1903ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1185545/log/3/unip?en=pre_d_eng_tb&tos=22504&scd=100&ssd=1&est=1601070617481&ver=27&isls=true&src=i&invt=12000&tim=1601070639986&vi=1601070617478&ri=793f70ed01d1fbd3e32cda3e115bf0f4&sd=v2_3bc7180bb2103a7904bb1a2017e03e94_517323aa-f448-47ff-9b01-72eb64d6e506-tuct667eb99_1601070617_1601070617_CNawjgYQia5IGIan-7nMLiABKAEwoQE4l-oLQJ2XEEjZ2tgDUP___________wFYAWAAaOKmqpGyrZficA&ui=517323aa-f448-47ff-9b01-72eb64d6e506-tuct667eb99&ref=null&cv=20200818-2-RELEASE
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1185545/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://my.xcentricmold.com/quote
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 21:50:41 GMT
server: nginx
x-fastly-to-nlb-rtt: 7192
status: 204
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://my.xcentricmold.com
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.41.24.10:10213

Verdicts & Comments Add Verdict or Comment

160 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.my.xcentricmold.com/	1970-01-19 21:30:06	Name: __ar_v4 Value: %7CHVGJFLP3UFFGVOCJHA63RP%3A20200925%3A1%7CSETETOF5DRFLHBDVXCRJPC%3A20200925%3A1%7CUMRHNEJ4K5BGJHIYYMDOFH%3A20200925%3A1
.my.xcentricmold.com/	1970-01-19 21:30:28	Name: __adroll_fpc Value: d9fcbbf718461e0816e151962aeeb621-1601070621466
my.xcentricmold.com/	1970-01-19 21:30:06	Name: stg_returning_visitor Value: Fri%2C%2025%20Sep%202020%2021:50:21%20GMT
my.xcentricmold.com/	1970-01-19 12:44:32	Name: _pk_ses.aef324fb-06b8-4fe5-90da-80e93280efa3.ecc2 Value: *
.doubleclick.net/	1970-01-19 22:06:06	Name: IDE Value: AHWqTUk7FaCc8Bh7NaIyYd1moy6KlJcxtsNdNQMx-3kB6-iFTiT3tNVgwzm4k1uB
my.xcentricmold.com/	1970-01-19 21:30:06	Name: stg_last_interaction Value: Fri%2C%2025%20Sep%202020%2021:50:21%20GMT
my.xcentricmold.com/	1970-01-19 22:10:25	Name: _pk_id.aef324fb-06b8-4fe5-90da-80e93280efa3.ecc2 Value: ddc6c406c8da4485.1601070621.1.1601070621.1601070621.
my.xcentricmold.com/	1970-01-19 12:44:30	Name: _hjIncludedInPageviewSample Value: 1
.xcentricmold.com/	1970-01-19 13:07:54	Name: _uetvid Value: 9006186ce3841c1dc78080ef877e99ac
.xcentricmold.com/	1970-01-19 12:44:32	Name: _hjAbsoluteSessionInProgress Value: 0
.xcentricmold.com/	1970-01-19 21:30:06	Name: _hjid Value: 3362d048-e414-4b9b-ae45-19393dbd26a5
.xcentricmold.com/	1969-12-31 23:59:59	Name: _hjTLDTest Value: 1
.xcentricmold.com/	1970-01-19 12:45:57	Name: _uetsid Value: d952e071e6cdbe981b0f5eb9e95b1bb2
.xcentricmold.com/	1970-01-19 12:45:57	Name: _gid Value: GA1.2.1341187179.1601070617
.xcentricmold.com/	1970-01-20 06:15:42	Name: _ga Value: GA1.2.1964382870.1601070617
my.xcentricmold.com/	1970-01-19 12:44:32	Name: stg_traffic_source_priority Value: 1
.xcentricmold.com/	1970-01-19 14:54:06	Name: _gcl_au Value: 1.1.1129983163.1601070617
my.xcentricmold.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: pv2ucu089tvtamgs2floji12v0
.xcentricmold.com/	1970-01-19 12:44:30	Name: _gat_gtag_UA_2746449_2 Value: 1
.xcentricmold.com/	1970-01-19 13:27:42	Name: __cfduid Value: d112eba516ac2efef29a2e61789613d281601070615

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10117150.fls.doubleclick.net
aa.agkn.com
ads.yahoo.com
assets.adobedtm.com
bat.bing.com
bcp.crwdcntrl.net
cdn.jsdelivr.net
cdn.taboola.com
cdnjs.cloudflare.com
ce.lijit.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
d.adroll.com
d.adroll.mgr.consensu.org
fei.pro-market.net
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
in.hotjar.com
loadm.exelator.com
my.xcentricmold.com
pbid.pro-market.net
pixel.rubiconproject.com
px.ads.linkedin.com
s.adroll.com
script.hotjar.com
snap.licdn.com
stackpath.bootstrapcdn.com
stags.bluekai.com
static.hotjar.com
stats.g.doubleclick.net
sync.bfmio.com
sync.intentiq.com
sync.search.spotxchange.com
tag.simpli.fi
trc-events.taboola.com
trc.taboola.com
twin-iq.kickfire.com
um.simpli.fi
us-u.openx.net
use.fontawesome.com
vars.hotjar.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.rumiview.com
www.xcentricmold.com
x.bidswitch.net
yjriln3iwl.execute-api.us-east-1.amazonaws.com
104.108.41.56
141.226.228.48
147.75.102.197
147.75.102.200
147.75.102.203
147.75.32.125
151.101.113.44
159.253.128.188
169.50.137.176
169.50.137.179
18.132.239.61
185.33.221.91
185.94.180.125
199.185.0.231
2.18.233.40
2001:4de0:ac19::1:b:2b
209.128.119.223
209.197.3.24
216.52.2.19
216.58.208.34
216.58.208.38
216.58.212.162
23.111.9.35
2600:1901:0:8eee::
2606:4700:10::6816:20b5
2606:4700::6811:4e6b
2606:4700::6811:4f6b
2620:1ec:21::14
2620:1ec:c11::200
2a00:1288:f03d:1fa::4000
2a00:1450:4001:802::2002
2a00:1450:4001:809::2003
2a00:1450:4001:809::2008
2a00:1450:4001:818::2003
2a00:1450:4001:819::2004
2a00:1450:4001:81a::2008
2a00:1450:4001:820::200e
2a00:1450:4001:821::200e
2a00:1450:4001:824::2004
2a00:1450:400c:c0c::9c
2a02:26f0:6c00:296::25ea
2a02:26f0:6c00:299::1e80
2a03:2880:f02d:12:face:b00c:0:3
2a04:4e42:1b::621
2a05:f500:10:101::b93f:9105
3.248.28.111
34.120.207.148
34.246.206.139
34.253.109.165
35.157.221.90
35.244.159.8
52.30.34.11
54.208.200.8
69.16.192.79
69.173.144.165
99.86.243.116
99.86.243.5
00d9fd78cf9e3ae20f1af6216dd58d2e4a8f41a364aa56d90c9bf81b34b06354
06b3b513c3819d1d61cbbf0447fbd231a8d87ac8a037b921711581da6303b0a6
097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0c105bd80cead6e558f7767a26457c0a031384fa4348787c7611e6004cab7fd0
0df70a6b4dd2587838ab9f45fc8b829bd462f2bfe27aadf1e82eeec060e0f1e6
0dfaf3831bf0dc1d82ceb28545afb555ee1fcc71ce40ca70e54aa3d960cbd4d6
11ba9ed4c5e901324ceeca0ebc8d4cd4f074159c97c1055eeb5c8213dbaad7c4
11f56780a72a1976246b4858bc5df226e0d5fd245355d79c8b761cdec5643a1a
13d40fd2c71c7a45298b0dbb1afdb0c0143de83f6619625eb22950f500627764
1513ebaac611a79e9cfd4fba2d187011598cafcaa8ca6a197798ff326df884d3
15d6ad4dfdb43d0affad683e70029f97a8f8fc8637a28845009ee0542dccdf81
1bdbcee5cd776cb671f72362db4be8dde833057b8e8f816c86fd301896652c8d
2207051fcadbdef48e583c10043184c92282222e3852468ad2fc691c5753068f
2405f1fae4c685d3f48cd6888405affd79185ed15ec35f0f3c5293a66eda1cc6
2eb0576b8242d1af9c686479e912f199022b4eb97440bb7e557725d864fb437f
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
386ff5d37c1787a5c8355d3a2533eca7336028d6bf8e73f52e33cfe58dd74036
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d
4fbf1bfa27a5eb1421fd91b08d3c7e7fa1854582d3fdb1b9ca57bd0290f79e18
5486d234ff607f28da29f8830a014b077cca970cdc2ffd0b3e587f41fa633886
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5522f99f1b1c57cab7fd63819c18da418500037b4b02e018f8d0d692caee2be3
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
5aa5664e8f4b3930099bde87b1dfa0a122f12cc98ca2b541b315f03e48f90c21
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
5b9a7539ab9fb15ff60587736783a44002eba0ac372129f8190582ec2182d1f1
5c622f5433cbb6ea1df5c0dd8671e55ef7d1464366074730473c453de50a579b
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
81bdae18fbd87f036bf0eb41b79eb8c29ed940b557f2bc27a8923ca3bcf7a850
82f2fc653228d156bf124fb892ba26b90465d3b623423df0ee1b3a4b593f15ea
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
889b7e55a02c1d402d4393e07acc0d76efff9fd9d60d1d38b3b65395b79efb79
90ffed775d22cfc56f01bbd07887e5b34a4488f2930aa7f62cbfb41721eefe61
98d90eb629ba95d919f158bdcff101b6f4825039002c0000bde3653b44077812
9d271330d5211ccc08eaa45a14eecf7639b11adef90127e3807c3357ba764467
a14de730c9ef0042af2d62f509232c21d50c26f3f15b37c13245775c8b66fddf
a2839b46c20c66edda55dd2a9afdaba6116e89e82ff3ba4f063eff1718bd251c
a5e260f8d1d46595c71cf35eb09243ef8ee32453ff9fe49ea9c5ac6d3919f721
a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f
aebcb27af74242c98c3d20a5ce442bb161534d5e5a3c6792bff486138164fac4
af543a923c6d604fc231d939cb216145d75342589652b74c755ed3936fad3c7b
b4236ee2bb45d537519d85737b4ae332cf8182a36686144e110ef6d18b702659
b632b5f4d8ed2f2cc98c3b520e3de4fd34c3077dd7299192c573267ec319acfa
b8b566c79905fe25fa900ace7920bdafd068faef5779bd4e90d064627fa59738
bb69546ce0ce193c0ace2243e3527d1cecab8bd81932f194f66625ffb9c951bb
c0ad438be933312363a10b5de50018c8f1a398b833857c217b00eeac9f562cd2
c5da64f1d0c705b7da038b311e984e6c81b35a48836e7034d97a15d3a48ef6a3
cd36a140799c0addac5cb2b2787a416d0af8769790b0be7d303898c4416fd800
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d56578760cd77e5a75b0b96fa67d3ff7fae09959c2e44adf892f0d6eaf23ce95
d630bbe7973e178d37c77da1a8252d1599867b390fc2b9d4dab35ea93e48c61e
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
db56384d9b4384fbd8e62c9d4ea55131b0e7ec10d71dcdac77be48420358e1aa
dd213e433d91bc86b980e1d2352e743144d3cd100e611100e7e0ce98c3453d89
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de3e62eea3d8ce417cd7d88eff0f1c0864dd0865df26f2fc8fae4d43adb80e0c
e38c2d91533cb54ef364d4e2b5b34369f2fc8243fb143a79fb2b744171c58a43
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e986347fae4cd3e188d0285b8c175fbda863568def399a7cc63663dc65eda556
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f64ce2c4ca5c9f7db4cad68b9716f781ee971ac6a4af56ab542f2dafa29bb9b9
fbb101bcb5d570755b76d6b6a632d775bba711324f3d16a88c5bfd19f7ba42ec
fd63d6a5ec44215e50612d8bea8eff0a12f5d4981ab6745db8d8479f7c102845
ff5bdcddce02986cd37f25c5c2a9d0eab7dbfb92186d8ced8b770b6261a0715c

my.xcentricmold.com Open in urlscan Pro 2606:4700:10::6816:20b5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

111 Requests

100 %HTTPS

40 %IPv6

40 Domains

54 Subdomains

52 IPs

8 Countries

1900 kBTransfer

6516 kBSize

20 Cookies

1 Outgoing links

Page URL History

Redirected requests

111 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

my.xcentricmold.com Open in urlscan Pro
2606:4700:10::6816:20b5 Public Scan

Screenshot
Live screenshot

Full Image

111
Requests

100 %
HTTPS

40 %
IPv6

40
Domains

54
Subdomains

52
IPs

8
Countries

1900 kB
Transfer

6516 kB
Size

20
Cookies

111 HTTP transactions
0 data transactions