boosts.insurancedrip.com Open in urlscan Pro
104.40.53.157 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://u1882354.ct.sendgrid.net/ls/click?upn=VCeF-2FcAHrT8pfQAlwlkVjXTzNASSKlpB9LytJk8NxkbCc5KM-2BdnSdkI8dM6JIZ8uhaRAlyCsuuqlKYM...
Effective URL:
https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D
Submission: On July 26 via manual (July 26th 2020, 10:03:43 pm UTC) from US

Summary HTTP 20 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 11 IPs in 5 countries across 13 domains to perform 20 HTTP transactions. The main IP is 104.40.53.157, located in San Jose, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is boosts.insurancedrip.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on November 22nd 2018. Valid for: 2 years.

This is the only time boosts.insurancedrip.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.123.16 167.89.123.16	11377 (SENDGRID) (SENDGRID)
7	104.40.53.157 104.40.53.157	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2606:4700::68... 2606:4700::6810:85e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:816::2008	15169 (GOOGLE) (GOOGLE)
1	40.78.112.64 40.78.112.64	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:819::200e	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c0a::9c	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:817::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:821::2003	15169 (GOOGLE) (GOOGLE)
20	11

1 167.89.123.16 (United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789123x16.outbound-mail.sendgrid.net

u1882354.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.40.53.157 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

boosts.insurancedrip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:85e5 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.78.112.64 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

lifedripdata.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	insurancedrip.com boosts.insurancedrip.com	45 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	jsdelivr.net cdn.jsdelivr.net	13 KB
2	cloudflare.com cdnjs.cloudflare.com	18 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	32 KB
2	googleapis.com fonts.googleapis.com	1 KB
1	google.de www.google.de	106 B
1	google.com 1 redirects www.google.com	177 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net	156 B
1	youtube.com www.youtube.com
1	windows.net lifedripdata.blob.core.windows.net	15 KB
1	googletagmanager.com www.googletagmanager.com	34 KB
1	sendgrid.net 1 redirects u1882354.ct.sendgrid.net	261 B
20	13

	Domain	Requested by
7	boosts.insurancedrip.com	boosts.insurancedrip.com
2	www.google-analytics.com	1 redirects www.googletagmanager.com
2	cdn.jsdelivr.net	boosts.insurancedrip.com
2	cdnjs.cloudflare.com	boosts.insurancedrip.com
2	maxcdn.bootstrapcdn.com	boosts.insurancedrip.com
2	fonts.googleapis.com	boosts.insurancedrip.com
1	www.google.de	boosts.insurancedrip.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	www.youtube.com	boosts.insurancedrip.com
1	lifedripdata.blob.core.windows.net	boosts.insurancedrip.com
1	www.googletagmanager.com	boosts.insurancedrip.com
1	u1882354.ct.sendgrid.net	1 redirects
20	13

This site contains links to these domains. Also see Links.

Domain
www.insurancedrip.com
xeddi.com

Subject Issuer	Validity	Valid
*.insurancedrip.com Go Daddy Secure Certificate Authority - G2	`2018-11-22` - `2021-01-20`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
cloudflare.com Cloudflare Inc ECC CA-3	`2020-07-04` - `2021-07-04`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-07-08` - `2021-04-17`	9 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.blob.core.windows.net Microsoft IT TLS CA 2	`2020-04-27` - `2022-04-27`	2 years	crt.sh
*.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D
Frame ID: 99BB44ED801DC6CA0F01B1748625AAF8
Requests: 20 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Z-0Ii-WWp1M
Frame ID: A845E151EDB3F88CABA5B8C54EFF6507
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://u1882354.ct.sendgrid.net/ls/click?upn=VCeF-2FcAHrT8pfQAlwlkVjXTzNASSKlpB9LytJk8NxkbCc5KM-2BdnSdkI8dM6... HTTP 302
https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

html /<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com\/(?:v|embed)/i

Fingerprintjs (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /fingerprint(\d)?(?:\.min)?\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

20
Requests

100 %
HTTPS

77 %
IPv6

13
Domains

13
Subdomains

11
IPs

5
Countries

174 kB
Transfer

555 kB
Size

7
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.insurancedrip.com/
Title:

Search URL Search Domain Scan URL

URL: http://xeddi.com/
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://u1882354.ct.sendgrid.net/ls/click?upn=VCeF-2FcAHrT8pfQAlwlkVjXTzNASSKlpB9LytJk8NxkbCc5KM-2BdnSdkI8dM6JIZ8uhaRAlyCsuuqlKYMp-2BNxZJH-2BSDvAdbyJZdKKCWQNlcJ0-3DJNDt_KUDPwU8Pno-2B0Qh6wy0YX0pOLzwGKGTuKu8-2BvQwtktRfVgQaGEeA1ABupVll6uT1TyTVUL640pSIEb7G9pWRz3QzUmv1ibODXRdm0eRbcWYd00PJLUD2e7f3zPY-2F61xmrrYQgH7GfGgj0q-2FvOGVy6vPoyfnr9UXxvyaPT7u2fkzwc0qjuZ8evzd6LQBUxneAXuzoWDXEqhiFGTuBikzTLwEbdkOOHBrDGuYoFbFImwHT-2Fi19D3uYa-2BZwG6WsjBFvMlJcyDOXuw1c7ZcYwiab8HJsuFxPnxugBEX8wyinhS-2B3sHb7XDTF4WbWCJ3ldMrHN HTTP 302
https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1621814699&t=pageview&_s=1&dl=https%3A%2F%2Fboosts.insurancedrip.com%2F292408%2F0%2FLG4hbKFHnQ8wRy5D&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=687975737&gjid=1972349559&cid=1849383984.1595801007&tid=UA-111029755-1&_gid=1532899862.1595801007&_r=1&gtm=2ou7f0&z=637910813 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-111029755-1&cid=1849383984.1595801007&jid=687975737&_gid=1532899862.1595801007&gjid=1972349559&_v=j83&z=637910813 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-111029755-1&cid=1849383984.1595801007&jid=687975737&_v=j83&z=637910813 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-111029755-1&cid=1849383984.1595801007&jid=687975737&_v=j83&z=637910813&slf_rd=1&random=1316953921

20 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set LG4hbKFHnQ8wRy5D Show response
boosts.insurancedrip.com/292408/0/
Redirect Chain

http://u1882354.ct.sendgrid.net/ls/click?upn=VCeF-2FcAHrT8pfQAlwlkVjXTzNASSKlpB9LytJk8NxkbCc5KM-2BdnSdkI8dM6JIZ8uhaRAlyCsuuqlKYMp-2BNxZJH-2BSDvAdbyJZdKKCWQNlcJ0-3DJNDt_KUDPwU8Pno-2B0Qh6wy0YX0pOLzwG...
https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D

14 KB
5 KB

5840ms
5407ms

Document
text/html

104.40.53.157
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.40.53.157 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: c27629926ffd172254ab3804b575c83b749720d1600828c2b9ef19918bac50b3

Request headers

Host: boosts.insurancedrip.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx/1.12.2
Date: Sun, 26 Jul 2020 22:03:26 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: session=eyJhcnRpY2xlX2lkIjoyOTI0MDgsImNzcmZfdG9rZW4iOiJiNzFlZDU4ZDVmYWNjYjJkMDI5MGNjNWJjMTgwNjkxNmYxM2E5NjUyIiwidGFnIjoiUEFZUFJPIn0.Ef-PLg.CSuQppp-pPq70qxTTqQIHp6NGsM; HttpOnly; Path=/
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Sun, 26 Jul 2020 22:03:20 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 81
Connection: keep-alive
Location: https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK main.css
boosts.insurancedrip.com/static/css/ 4 KB
2 KB 159ms
157ms Stylesheet
text/css 104.40.53.157
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://boosts.insurancedrip.com/static/css/main.css
Requested by: Host: boosts.insurancedrip.com
URL: https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.40.53.157 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 66b8bd38888bca9a99d0a563df392b419cbbe9760690d182ae9c00a85622057e

Request headers

Referer: https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 26 Jul 2020 22:03:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Nov 2018 05:15:17 GMT
Server: nginx/1.12.2
ETag: W/"5bff75e5-1129"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 css
fonts.googleapis.com/ 7 KB
824 B 18ms
15ms Stylesheet
text/css 2a00:1450:4001:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500

Requested by

Host: boosts.insurancedrip.com
URL: https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3838febe02ee1538a1336ac01f452a6fe7682106cd21b46cda9c40092c8e3aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 26 Jul 2020 21:08:54 GMT
server: ESF
date: Sun, 26 Jul 2020 22:03:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 26 Jul 2020 22:03:26 GMT

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.6/css/ 147 KB
20 KB 25ms
8ms Stylesheet
text/css 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.6/css/bootstrap.min.css

Requested by

Host: boosts.insurancedrip.com
URL: https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

aebf611c1438dc7ec748e9a6364c734066b34bf2a1c7e2fc6511ed784635b50e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D
Origin: https://boosts.insurancedrip.com

Response headers

date: Sun, 26 Jul 2020 22:03:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:34:09 GMT
status: 200
etag: "1544639649"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 20027

GET
H2 200 icon
fonts.googleapis.com/ 574 B
442 B 18ms
15ms Stylesheet
text/css 2a00:1450:4001:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: boosts.insurancedrip.com
URL: https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c641585cda99a8eb716625c70422a47d1ed8ce72b87370678175515bb2c465b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 26 Jul 2020 22:03:26 GMT
server: ESF
date: Sun, 26 Jul 2020 22:03:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 26 Jul 2020 22:03:26 GMT

GET
H/1.1 200
OK jquery-3.2.1.min.js Show response
boosts.insurancedrip.com/static/js/ 85 KB
30 KB 466ms
306ms Script
application/javascript 104.40.53.157
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://boosts.insurancedrip.com/static/js/jquery-3.2.1.min.js
Requested by: Host: boosts.insurancedrip.com
URL: https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.40.53.157 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer: https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 26 Jul 2020 22:03:26 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Jan 2018 16:28:09 GMT
Server: nginx/1.12.2
ETag: W/"5a621c99-15283"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 fingerprint2.min.js Show response
cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/1.5.1/ 34 KB
10 KB 31ms
16ms Script
application/javascript 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/1.5.1/fingerprint2.min.js

Requested by

Host: boosts.insurancedrip.com
URL: https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

973c41770723e02cb80d35336660171f74e31602a63f52fc22165190e94b0a7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 26 Jul 2020 22:03:26 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 23466932
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 042ec0083a00001f15a29a7200000001
served-in-seconds: 0.001
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:19:10 GMT
server: cloudflare
etag: W/"5afd490e-8648"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 5b9169205adc1f15-FRA
expires: Fri, 16 Jul 2021 22:03:26 GMT

GET
H2 200 jquery.validate.min.js Show response
cdn.jsdelivr.net/npm/jquery-validation@1.17.0/dist/ 23 KB
7 KB 8ms
6ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery-validation@1.17.0/dist/jquery.validate.min.js

Requested by

Host: boosts.insurancedrip.com
URL: https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 9758657
x-cache: HIT, HIT
status: 200
content-length: 7502
etag: W/"5add-anbkx9tHkFM1BYBGmqAQ/r/crNA"
x-served-by: cache-fra19124-FRA, cache-hhn4072-HHN
date: Sun, 26 Jul 2020 22:03:26 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 additional-methods.min.js Show response
cdn.jsdelivr.net/jquery.validation/1.16.0/ 17 KB
5 KB 9ms
7ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/jquery.validation/1.16.0/additional-methods.min.js

Requested by

Host: boosts.insurancedrip.com
URL: https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8b1554032d2cfbf0e858518df6460b2b4336be2cfb1f188dfd1108a3ae50b2e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 5292437
x-cache: HIT, HIT
status: 200
content-length: 5297
etag: W/"4587-uIBUYLV1S+ixaiI99zfZV32kwYI"
x-served-by: cache-fra19162-FRA, cache-hhn4072-HHN
date: Sun, 26 Jul 2020 22:03:26 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK jquery.maskedinput.min.js Show response
boosts.insurancedrip.com/static/js/ 4 KB
2 KB 472ms
157ms Script
application/javascript 104.40.53.157
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://boosts.insurancedrip.com/static/js/jquery.maskedinput.min.js
Requested by: Host: boosts.insurancedrip.com
URL: https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.40.53.157 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: fb82877818fa23c8c028053cc5744c5d7947faca82bd50a82b918016499bfb62

Request headers

Referer: https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 26 Jul 2020 22:03:26 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Jan 2018 16:28:09 GMT
Server: nginx/1.12.2
ETag: W/"5a621c99-10e4"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 tether.min.js Show response
cdnjs.cloudflare.com/ajax/libs/tether/1.4.0/js/ 24 KB
8 KB 32ms
13ms Script
application/javascript 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/tether/1.4.0/js/tether.min.js

Requested by

Host: boosts.insurancedrip.com
URL: https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80bd626eb6d57112072a508ee4e5ce3c2fe5673fe0a5d029810033b24aaa5e9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D
Origin: https://boosts.insurancedrip.com

Response headers

date: Sun, 26 Jul 2020 22:03:26 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 14737528
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 042ec0083d00001f15a29a8200000001
served-in-seconds: 0.001
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:26:59 GMT
server: cloudflare
etag: W/"5afd4ae3-619d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 5b9169206ae21f15-FRA
expires: Fri, 16 Jul 2021 22:03:26 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.6/js/ 46 KB
12 KB 29ms
14ms Script
text/javascript 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.6/js/bootstrap.min.js

Requested by

Host: boosts.insurancedrip.com
URL: https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

fa421b6ebbd2fb474d3a3866409ce6c1efd120b47ff256fffb8f8f50d556d3d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D
Origin: https://boosts.insurancedrip.com

Response headers

date: Sun, 26 Jul 2020 22:03:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:33:52 GMT
status: 200
etag: "1544639632"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 12031

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 85 KB
34 KB 32ms
31ms Script
application/javascript 2a00:1450:4001:816::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-111029755-1

Requested by

Host: boosts.insurancedrip.com
URL: https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

08492f5ddf5e85706588fa97fc4de15b1b0528dc91afc01c6795bece3c03df72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 26 Jul 2020 22:03:26 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34212
x-xss-protection: 0
last-modified: Sun, 26 Jul 2020 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 26 Jul 2020 22:03:26 GMT

GET
H/1.1 200
OK 43513d60-98e1-44f4-817f-4468104a7c6c.jpg
lifedripdata.blob.core.windows.net/uploads/ 14 KB
15 KB 793ms
170ms Image
application/octet-stream 40.78.112.64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lifedripdata.blob.core.windows.net/uploads/43513d60-98e1-44f4-817f-4468104a7c6c.jpg
Requested by: Host: boosts.insurancedrip.com
URL: https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.78.112.64 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a6be6dd14a5e19ac1ea195848f15cf1c49672045cd649b5e53b89ae9dea567d3

Request headers

Referer: https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 26 Jul 2020 22:03:27 GMT
Last-Modified: Thu, 16 Nov 2017 21:17:52 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: z4PsSnCNgHniUv5y9j31Sg==
ETag: 0x8D52D377F35F77B
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
x-ms-request-id: cac89c4e-701e-002d-3798-63e545000000
Access-Control-Expose-Headers: Accept-Ranges,Content-Encoding,Content-Length,Content-Type
x-ms-version: 2009-09-19
Content-Length: 14488

GET
H/1.1 200
OK id-logo.png
boosts.insurancedrip.com/static/img/ 2 KB
2 KB 157ms
157ms Image
image/png 104.40.53.157
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://boosts.insurancedrip.com/static/img/id-logo.png
Requested by: Host: boosts.insurancedrip.com
URL: https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.40.53.157 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 743c52d97bce95754a67a2e89e3c49c4487a73128aed70f29e8da98f15d170d3

Request headers

Referer: https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 26 Jul 2020 22:03:26 GMT
Last-Modified: Fri, 19 Jan 2018 16:28:09 GMT
Server: nginx/1.12.2
ETag: "5a621c99-6c8"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1736

GET
H/1.1 200
OK xeddi-logo.png
boosts.insurancedrip.com/static/img/ 4 KB
4 KB 158ms
158ms Image
image/png 104.40.53.157
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://boosts.insurancedrip.com/static/img/xeddi-logo.png
Requested by: Host: boosts.insurancedrip.com
URL: https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.40.53.157 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 3b63519e591a5c5140fd37d904a091e4d2fdcf2d1d2999fd5b54371133aaa6e8

Request headers

Referer: https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 26 Jul 2020 22:03:26 GMT
Last-Modified: Fri, 19 Jan 2018 16:28:09 GMT
Server: nginx/1.12.2
ETag: "5a621c99-f33"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3891

GET
H2 200 Z-0Ii-WWp1M
www.youtube.com/embed/ Frame A845 0
0 151ms
139ms Document
text/html 2a00:1450:4001:819::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Z-0Ii-WWp1M

Requested by

Host: boosts.insurancedrip.com
URL: https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/Z-0Ii-WWp1M
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D

Response headers

status: 200
strict-transport-security: max-age=31536000
content-type: text/html; charset=utf-8
cache-control: no-cache
content-encoding: br
expires: Tue, 27 Apr 1971 19:44:06 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-length: 10682
x-content-type-options: nosniff
date: Sun, 26 Jul 2020 22:03:26 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=A_sx_EycXfM; path=/; domain=.youtube.com; secure; expires=Fri, 22-Jan-2021 22:03:26 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=A_sx_EycXfM; path=/; domain=.youtube.com; secure; expires=Fri, 22-Jan-2021 22:03:26 GMT; httponly; samesite=None YSC=MyHkxPGwbpk; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Sun, 26-Jul-2020 22:33:26 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ 110 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 513e96a7e548aa6d0939b0e7348ef5b3f6e8691037756f73d1d2c55384f6b079

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

POST
H/1.1 200
OK fingerprint Show response
boosts.insurancedrip.com/ 41 B
416 B 407ms
407ms XHR
application/json 104.40.53.157
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://boosts.insurancedrip.com/fingerprint
Requested by: Host: boosts.insurancedrip.com
URL: https://boosts.insurancedrip.com/static/js/jquery-3.2.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.40.53.157 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: b35a812c08a51af3f1e9e6c82809a1b9e0faf99bd430628322f31644ac34504d

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Sun, 26 Jul 2020 22:03:27 GMT
Server: nginx/1.12.2
Connection: keep-alive
Content-Length: 41
Content-Type: application/json

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-111029755-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 5384
date: Sun, 26 Jul 2020 20:33:42 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Sun, 26 Jul 2020 22:33:42 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1621814699&t=pageview&_s=1&dl=https%3A%2F%2Fboosts.insurancedrip.com%2F292408%2F0%2FLG4hbKFHnQ8wRy5D&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-111029755-1&cid=1849383984.1595801007&jid=687975737&_gid=1532899862.1595801007&gjid=1972349559&_v=j83&z=637910813
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-111029755-1&cid=1849383984.1595801007&jid=687975737&_v=j83&z=637910813
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-111029755-1&cid=1849383984.1595801007&jid=687975737&_v=j83&z=637910813&slf_rd=1&random=1316953921

42 B
106 B

17ms
17ms

Image
image/gif

2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-111029755-1&cid=1849383984.1595801007&jid=687975737&_v=j83&z=637910813&slf_rd=1&random=1316953921

Requested by

Host: boosts.insurancedrip.com
URL: https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Jul 2020 22:03:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 26 Jul 2020 22:03:27 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-111029755-1&cid=1849383984.1595801007&jid=687975737&_v=j83&z=637910813&slf_rd=1&random=1316953921
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1970-01-19 11:16:42	Name: GPS Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: MyHkxPGwbpk
.youtube.com/	1970-01-19 15:35:53	Name: VISITOR_INFO1_LIVE Value: A_sx_EycXfM
boosts.insurancedrip.com/	1969-12-31 23:59:59	Name: session Value: eyJhcnRpY2xlX2lkIjoyOTI0MDgsImNzcmZfdG9rZW4iOiJiNzFlZDU4ZDVmYWNjYjJkMDI5MGNjNWJjMTgwNjkxNmYxM2E5NjUyIiwicGFnZV9pZCI6NDA4NDA2LCJ0YWciOiJQQVlQUk8ifQ.Ef-PLw.OIRuPdBjbD5pf7im2aRUl5Xuy7U
.insurancedrip.com/	1970-01-19 11:18:07	Name: _gid Value: GA1.2.1532899862.1595801007
.insurancedrip.com/	1970-01-19 11:16:41	Name: _gat_gtag_UA_111029755_1 Value: 1
.insurancedrip.com/	1970-01-20 04:47:53	Name: _ga Value: GA1.2.1849383984.1595801007

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D(Line 291) Message: https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D
console-api	log	URL: https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D(Line 301) Message: [object Object]
console-api	log	URL: https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D(Line 313) Message: [object Object]
console-api	log	URL: https://boosts.insurancedrip.com/292408/0/LG4hbKFHnQ8wRy5D(Line 310) Message: [object Object],200

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

boosts.insurancedrip.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
fonts.googleapis.com
lifedripdata.blob.core.windows.net
maxcdn.bootstrapcdn.com
stats.g.doubleclick.net
u1882354.ct.sendgrid.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.youtube.com
104.40.53.157
167.89.123.16
2001:4de0:ac19::1:b:1a
2606:4700::6810:85e5
2a00:1450:4001:808::200e
2a00:1450:4001:816::2008
2a00:1450:4001:817::2004
2a00:1450:4001:819::200e
2a00:1450:4001:81f::200a
2a00:1450:4001:821::2003
2a00:1450:400c:c0a::9c
2a04:4e42:1b::621
40.78.112.64
08492f5ddf5e85706588fa97fc4de15b1b0528dc91afc01c6795bece3c03df72
17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50
3b63519e591a5c5140fd37d904a091e4d2fdcf2d1d2999fd5b54371133aaa6e8
513e96a7e548aa6d0939b0e7348ef5b3f6e8691037756f73d1d2c55384f6b079
66b8bd38888bca9a99d0a563df392b419cbbe9760690d182ae9c00a85622057e
743c52d97bce95754a67a2e89e3c49c4487a73128aed70f29e8da98f15d170d3
80bd626eb6d57112072a508ee4e5ce3c2fe5673fe0a5d029810033b24aaa5e9f
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8b1554032d2cfbf0e858518df6460b2b4336be2cfb1f188dfd1108a3ae50b2e8
973c41770723e02cb80d35336660171f74e31602a63f52fc22165190e94b0a7c
a6be6dd14a5e19ac1ea195848f15cf1c49672045cd649b5e53b89ae9dea567d3
aebf611c1438dc7ec748e9a6364c734066b34bf2a1c7e2fc6511ed784635b50e
b35a812c08a51af3f1e9e6c82809a1b9e0faf99bd430628322f31644ac34504d
c27629926ffd172254ab3804b575c83b749720d1600828c2b9ef19918bac50b3
c641585cda99a8eb716625c70422a47d1ed8ce72b87370678175515bb2c465b3
d3838febe02ee1538a1336ac01f452a6fe7682106cd21b46cda9c40092c8e3aa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa421b6ebbd2fb474d3a3866409ce6c1efd120b47ff256fffb8f8f50d556d3d9
fb82877818fa23c8c028053cc5744c5d7947faca82bd50a82b918016499bfb62
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

boosts.insurancedrip.com Open in urlscan Pro 104.40.53.157 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

100 %HTTPS

77 %IPv6

13 Domains

13 Subdomains

11 IPs

5 Countries

174 kBTransfer

555 kBSize

7 Cookies

2 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

7 Cookies

4 Console Messages

Indicators

boosts.insurancedrip.com Open in urlscan Pro
104.40.53.157 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

77 %
IPv6

13
Domains

13
Subdomains

11
IPs

5
Countries

174 kB
Transfer

555 kB
Size

7
Cookies

20 HTTP transactions
1 data transactions