Submitted URL: https://sturpose-muncial.com/ae9a76db-c0ce-4307-a4c1-e789146c536e/2?offer=lifeinsurance&lp=1
Effective URL: https://lowratefix.com/quizd2/?campid=life-MoneyNt-peak&aff_sub=wr0kghns3dlguluoiaso4pa4
Submission: On May 24 via manual from US — Scanned from DE

Summary

This website contacted 10 IPs in 2 countries across 10 domains to perform 24 HTTP transactions. The main IP is 2606:4700:3035::ac43:a96c, located in United States and belongs to CLOUDFLARENET, US. The main domain is lowratefix.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 30th 2023. Valid for: a year.
This is the only time lowratefix.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
15 lowratefix.com
lowratefix.com
262 KB
2 sturpose-muncial.com
sturpose-muncial.com — Cisco Umbrella Rank: 609095
2 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6080
455 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
455 B
1 gstatic.com
fonts.gstatic.com
48 KB
1 mediaalpha.com
insurance.mediaalpha.com — Cisco Umbrella Rank: 24474
6 KB
1 improvetool.com
ip2geo.improvetool.com — Cisco Umbrella Rank: 231017
587 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
2 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
67 KB
24 10
Domain Requested by
15 lowratefix.com 1 redirects lowratefix.com
2 sturpose-muncial.com
1 www.google.de lowratefix.com
1 www.google.com lowratefix.com
1 fonts.gstatic.com fonts.googleapis.com
1 insurance.mediaalpha.com lowratefix.com
1 ip2geo.improvetool.com lowratefix.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 fonts.googleapis.com lowratefix.com
1 www.googletagmanager.com lowratefix.com
24 10

This site contains no links.

Subject Issuer Validity Valid
sturpose-muncial.com
R3
2023-05-16 -
2023-08-14
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-01-30 -
2024-01-29
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-05-08 -
2023-07-31
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-05-08 -
2023-07-31
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-05-08 -
2023-07-31
3 months crt.sh
*.improvetool.com
E1
2023-04-11 -
2023-07-10
3 months crt.sh
mediaalpha.com
Amazon RSA 2048 M02
2023-04-06 -
2023-08-09
4 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-05-08 -
2023-07-31
3 months crt.sh
www.google.com
GTS CA 1C3
2023-05-08 -
2023-07-31
3 months crt.sh
www.google.de
GTS CA 1C3
2023-05-08 -
2023-07-31
3 months crt.sh

This page contains 1 frames:

Primary Page: https://lowratefix.com/quizd2/?campid=life-MoneyNt-peak&aff_sub=wr0kghns3dlguluoiaso4pa4
Frame ID: 81C31441B890889BD7BEA4AB8BFC39AF
Requests: 24 HTTP requests in this frame

Screenshot

Page Title

LowRateFix

Page URL History Show full URLs

  1. https://sturpose-muncial.com/ae9a76db-c0ce-4307-a4c1-e789146c536e/2?offer=lifeinsurance&lp=1 Page URL
  2. https://sturpose-muncial.com/redirect?target=BASE64aHR0cHM6Ly9sb3dyYXRlZml4LmNvbS9xdWl6ZDI_Y2FtcGlkPWxpZm... Page URL
  3. https://lowratefix.com/quizd2?campid=life-MoneyNt-peak&aff_sub=wr0kghns3dlguluoiaso4pa4 HTTP 301
    https://lowratefix.com/quizd2/?campid=life-MoneyNt-peak&aff_sub=wr0kghns3dlguluoiaso4pa4 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

24
Requests

100 %
HTTPS

80 %
IPv6

10
Domains

10
Subdomains

10
IPs

2
Countries

388 kB
Transfer

1024 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sturpose-muncial.com/ae9a76db-c0ce-4307-a4c1-e789146c536e/2?offer=lifeinsurance&lp=1 Page URL
  2. https://sturpose-muncial.com/redirect?target=BASE64aHR0cHM6Ly9sb3dyYXRlZml4LmNvbS9xdWl6ZDI_Y2FtcGlkPWxpZmUtTW9uZXlOdC1wZWFrJmFmZl9zdWI9d3Iwa2dobnMzZGxndWx1b2lhc280cGE0&ts=1684936644835&hash=rpUZAQez5Hd4cVMAUAKzADLlHo2OClgCBp09qQOK-WY&rm=D Page URL
  3. https://lowratefix.com/quizd2?campid=life-MoneyNt-peak&aff_sub=wr0kghns3dlguluoiaso4pa4 HTTP 301
    https://lowratefix.com/quizd2/?campid=life-MoneyNt-peak&aff_sub=wr0kghns3dlguluoiaso4pa4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
2
sturpose-muncial.com/ae9a76db-c0ce-4307-a4c1-e789146c536e/
500 B
1 KB
Document
General
Full URL
https://sturpose-muncial.com/ae9a76db-c0ce-4307-a4c1-e789146c536e/2?offer=lifeinsurance&lp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.156.16.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-16-63.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c274064122ce07c049bbded8db4d3e73ff6d0abf8503f6dae3dc6ae11ce934a2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-type
text/html;charset=UTF-8
date
Wed, 24 May 2023 13:57:24 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
redirect
sturpose-muncial.com/
345 B
501 B
Document
General
Full URL
https://sturpose-muncial.com/redirect?target=BASE64aHR0cHM6Ly9sb3dyYXRlZml4LmNvbS9xdWl6ZDI_Y2FtcGlkPWxpZmUtTW9uZXlOdC1wZWFrJmFmZl9zdWI9d3Iwa2dobnMzZGxndWx1b2lhc280cGE0&ts=1684936644835&hash=rpUZAQez5Hd4cVMAUAKzADLlHo2OClgCBp09qQOK-WY&rm=D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.156.16.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-16-63.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-type
text/html;charset=UTF-8
date
Wed, 24 May 2023 13:57:24 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
Primary Request /
lowratefix.com/quizd2/
Redirect Chain
  • https://lowratefix.com/quizd2?campid=life-MoneyNt-peak&aff_sub=wr0kghns3dlguluoiaso4pa4
  • https://lowratefix.com/quizd2/?campid=life-MoneyNt-peak&aff_sub=wr0kghns3dlguluoiaso4pa4
989 B
822 B
Document
General
Full URL
https://lowratefix.com/quizd2/?campid=life-MoneyNt-peak&aff_sub=wr0kghns3dlguluoiaso4pa4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:a96c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31dbc7e512a9ac62ea82911b12af91c2bf487c3f12ca0cac92d6ac329dc093ea

Request headers

Referer
https://sturpose-muncial.com/redirect?target=BASE64aHR0cHM6Ly9sb3dyYXRlZml4LmNvbS9xdWl6ZDI_Y2FtcGlkPWxpZmUtTW9uZXlOdC1wZWFrJmFmZl9zdWI9d3Iwa2dobnMzZGxndWx1b2lhc280cGE0&ts=1684936644835&hash=rpUZAQez5Hd4cVMAUAKzADLlHo2OClgCBp09qQOK-WY&rm=D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7cc60c30ae3518cb-FRA
content-encoding
br
content-type
text/html
date
Wed, 24 May 2023 13:57:25 GMT
last-modified
Wed, 04 Jan 2023 10:00:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n1ovQI%2FGloSfTuJnoNfpKYIoR54PFOlsloryxC7Ya9cWq4thAwMwatkGxuY%2B7AfDdxD066AW90YI2%2BwAk9rckjOP8Ay7Qebm4F8zy%2FAaaxRzdBS9ZPkJl1dG9p5QMbjvGjXuQImL7Mx4PmprNA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7cc60c2fbd1618cb-FRA
content-type
text/html
date
Wed, 24 May 2023 13:57:25 GMT
location
https://lowratefix.com/quizd2/?campid=life-MoneyNt-peak&aff_sub=wr0kghns3dlguluoiaso4pa4
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wKQ5iRb4CBBWYGinWRaqPSHKQyDbmYQXFW4jmyhMHA09AAoOWnLjKuKp%2FjdFyRGPVAtLUWTE7apYHKU6%2FSMu%2B%2B6PBtSHYE0D%2F3uhiPTiz1%2Bo%2Fy6HG95tsmnggzM%2Bv2j5cCfkaXYCN8HgRtd%2Fig%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
js
www.googletagmanager.com/gtag/
185 KB
67 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-385267757
Requested by
Host: lowratefix.com
URL: https://lowratefix.com/quizd2/?campid=life-MoneyNt-peak&aff_sub=wr0kghns3dlguluoiaso4pa4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a1e3fc28ecb54785e5f2500c7f6dd0cefe275c20da9b85b4fd91fb739bb8effc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lowratefix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 13:57:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68671
x-xss-protection
0
last-modified
Wed, 24 May 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 24 May 2023 13:57:25 GMT
chunk-vendors.066f42f125202593b856.css
lowratefix.com/quiz/css/
4 KB
2 KB
Stylesheet
General
Full URL
https://lowratefix.com/quiz/css/chunk-vendors.066f42f125202593b856.css
Requested by
Host: lowratefix.com
URL: https://lowratefix.com/quizd2/?campid=life-MoneyNt-peak&aff_sub=wr0kghns3dlguluoiaso4pa4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a96c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ac0b3cab210097de1aebaeb7039b71b7b76bbcb3090feedbea4a4807d7db062

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lowratefix.com/quizd2/?campid=life-MoneyNt-peak&aff_sub=wr0kghns3dlguluoiaso4pa4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 13:57:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Jan 2023 10:00:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63b54e35-113d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eZ1jhZkhnSB0ccMReoayvWGAcyuvT3cbn1Zsf13sK40TgkgVkgBRZrYAl4RSCJ3k%2FDS8jmAYuOrl0b%2FJjK91pPODnj%2BvOvyvoGrlM4aM113TC1elARzgOnKrLmpUw%2BR5zIAd0CzemaRhjqlLCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7cc60c31a8233633-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
app.c7956f1e9fb7a534d999.css
lowratefix.com/quiz/css/
36 KB
9 KB
Stylesheet
General
Full URL
https://lowratefix.com/quiz/css/app.c7956f1e9fb7a534d999.css
Requested by
Host: lowratefix.com
URL: https://lowratefix.com/quizd2/?campid=life-MoneyNt-peak&aff_sub=wr0kghns3dlguluoiaso4pa4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a96c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
969dcf2ca29bdacc14267f03c0f5b3cd898c1eae29f449921416659a81d2ec9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lowratefix.com/quizd2/?campid=life-MoneyNt-peak&aff_sub=wr0kghns3dlguluoiaso4pa4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 13:57:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Jan 2023 10:00:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63b54e35-8e51"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OCx85TyX7wl6%2FzSUOnPbk65WbHOrXpJOcvkF85zGHLeIWJY6Ajo8rdNKhCdEnpF5nz9KFjK4kEkrk66Wf59g2ZspQoh8PYTci4UZ0DWaNVHbV0DC9xQoh80FxEjpLR%2FYTNC6RGeh2LnC1T9Vfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7cc60c31a8293633-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
chunk-vendors.6749c8291e41346d41e9.bundle.js
lowratefix.com/quiz/js/
535 KB
157 KB
Script
General
Full URL
https://lowratefix.com/quiz/js/chunk-vendors.6749c8291e41346d41e9.bundle.js
Requested by
Host: lowratefix.com
URL: https://lowratefix.com/quizd2/?campid=life-MoneyNt-peak&aff_sub=wr0kghns3dlguluoiaso4pa4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a96c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c17ad772f2f3562358df0b1eaab2afc99008b37323cef5af87bd9130b5041b2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lowratefix.com/quizd2/?campid=life-MoneyNt-peak&aff_sub=wr0kghns3dlguluoiaso4pa4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 13:57:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Jan 2023 10:00:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63b54e35-85dc9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P6OBiemSTvv%2BYh%2B2FhWj79BOvTaVWE9zSHwX0o81dtvX3kNCxgRcnPat%2BfJgNDe9ldyEILGS9e25Abb2EaG7iJG%2F9EcbT24W8Ce%2BPdEOg7hURtzsis91B2SGVDyyEiQeGxR%2BOx%2B2B0whYp7z4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7cc60c31a82d3633-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
app.6749c8291e41346d41e9.js
lowratefix.com/quiz/js/
136 KB
60 KB
Script
General
Full URL
https://lowratefix.com/quiz/js/app.6749c8291e41346d41e9.js
Requested by
Host: lowratefix.com
URL: https://lowratefix.com/quizd2/?campid=life-MoneyNt-peak&aff_sub=wr0kghns3dlguluoiaso4pa4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a96c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eba5450af61a1a1c6ae7f3e481db04d9b19f0200b9c821dc0713efa387afff77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lowratefix.com/quizd2/?campid=life-MoneyNt-peak&aff_sub=wr0kghns3dlguluoiaso4pa4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 13:57:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Jan 2023 10:00:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63b54e35-220a9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T9MiwhNy2jCpuI8I3bW%2FiUsnY0Fw6CKLyhdM8rpTmKANQfYEnizR9C4zldBGKNHGFAHI%2BhGg02gjjtQk0bVXvwRb83CEf3EED%2Feu3EUKwZ8qZW7mBu5RfcJBy8JBPBnOy7JFWFUZsgNUoYKRlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7cc60c31a82f3633-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css2
fonts.googleapis.com/
11 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700;800&display=swap
Requested by
Host: lowratefix.com
URL: https://lowratefix.com/quiz/css/app.c7956f1e9fb7a534d999.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0daa95e10cbe117c2aae215e36592b06233b617a90be8a4ba2dd1c8cef766a80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lowratefix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 24 May 2023 13:57:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 24 May 2023 13:37:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 24 May 2023 13:57:25 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/385267757/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/385267757/?random=1684936645600&cv=11&fst=1684936645600&bg=ffffff&guid=ON&async=1&gtm=45be35m0&u_w=1600&u_h=1200&url=https%3A%2F%2Flowratefix.com%2Fquizd2%2F%3Fcampid%3Dlife-MoneyNt-peak%26aff_sub%3Dwr0kghns3dlguluoiaso4pa4&hn=www.googleadservices.com&frm=0&tiba=LowRateFix&auid=1875201470.1684936646&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-385267757
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0318f0e9a6d33bfde782246f0aa95abd3b4586a8006fd59668e0d442999ada35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lowratefix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 13:57:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ip2geo.improvetool.com/
169 B
587 B
Fetch
General
Full URL
https://ip2geo.improvetool.com/
Requested by
Host: lowratefix.com
URL: https://lowratefix.com/quiz/js/app.6749c8291e41346d41e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9dc830966bf50891298b3e7322eb202a492ba5f4bd8584cac28856623306758

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lowratefix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 13:57:25 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kizONigsSI9lMgU32q80pPd7utdxIixbdSHDXKby6fnksRJZTv0reNIIvRGXwrV6E%2FZkj5v9YtKTaZvH2sZZ4VBi26WmfkqP7g56B8Zjib2LIPV616p12MvGYwXlXLZ5wQJDMRHz4TSgHQp0ewNq2UQe0n0T"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cf-ray
7cc60c348f1a368a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
serve.js
insurance.mediaalpha.com/js/
18 KB
6 KB
Script
General
Full URL
https://insurance.mediaalpha.com/js/serve.js
Requested by
Host: lowratefix.com
URL: https://lowratefix.com/quiz/js/app.6749c8291e41346d41e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.11.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-11-147.compute-1.amazonaws.com
Software
Apache /
Resource Hash
141a922b83cc6707d19885ed7aec59ed8331771664e38e57277ed5eb5636650f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lowratefix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 13:57:26 GMT
content-encoding
gzip
server
Apache
content-length
5516
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
lowratefix_logo.svg
lowratefix.com/quiz/img/
7 KB
3 KB
Image
General
Full URL
https://lowratefix.com/quiz/img/lowratefix_logo.svg
Requested by
Host: lowratefix.com
URL: https://lowratefix.com/quizd2/?campid=life-MoneyNt-peak&aff_sub=wr0kghns3dlguluoiaso4pa4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a96c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d636038341e0c56a693e10eafe16f5df1835fae9491c7c5b649c241be36fe01a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lowratefix.com/quizd2/?campid=life-MoneyNt-peak&aff_sub=wr0kghns3dlguluoiaso4pa4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 13:57:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Jan 2023 10:00:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63b54e35-1c22"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K07%2FZsOOa3BHwsuuOoSPth3xCFqW5CpT40I3FHG7ptBpStSWxRoum777A8yvXE3mKukvvgg5fk1K4sA33XHQuBsT8cM6lgVWix%2F%2BxQ%2FTj9U9gftERbk%2BTVrGCY4qcMH2UxD%2BOLKDeIvWqeiluQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
7cc60c33dace3633-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
lowratefix_logo_white.svg
lowratefix.com/quiz/img/
7 KB
3 KB
Image
General
Full URL
https://lowratefix.com/quiz/img/lowratefix_logo_white.svg
Requested by
Host: lowratefix.com
URL: https://lowratefix.com/quizd2/?campid=life-MoneyNt-peak&aff_sub=wr0kghns3dlguluoiaso4pa4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a96c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e668208cd86f7ce63f37d5a60435205de8e963b1f12fcecc73f4385639a8a687

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lowratefix.com/quizd2/?campid=life-MoneyNt-peak&aff_sub=wr0kghns3dlguluoiaso4pa4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 13:57:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Jan 2023 10:00:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63b54e35-1bef"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b28N%2Be8R3iV%2F7BBb2Xh3AcNMn8U6YVxLXSxi%2BXoRErJFA5idsAyAaqMGeXIjOrxNWfTuTcGNsgu%2FN9L11en7BoiAMfMfZTZa58KunJnu0hkjTjzfv4mnZTDYIaHws0q0ZA2EP3l%2FuDHFZmVbvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
7cc60c33dad03633-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
marker.svg
lowratefix.com/quiz/img/
1 KB
1 KB
Image
General
Full URL
https://lowratefix.com/quiz/img/marker.svg
Requested by
Host: lowratefix.com
URL: https://lowratefix.com/quizd2/?campid=life-MoneyNt-peak&aff_sub=wr0kghns3dlguluoiaso4pa4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a96c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2409e26dd044d8a4f2c1aa4f8b66400989ef71d0af959529086e16e93ad35ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lowratefix.com/quizd2/?campid=life-MoneyNt-peak&aff_sub=wr0kghns3dlguluoiaso4pa4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 13:57:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Jan 2023 10:00:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63b54e35-439"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nXH4CAdEFHyWBkppItMm87gMf5ojCrKXOqa6GN2JaxA%2Fg054FUSNXrSWKMMz6Kcp6YQ0zoDMpXPttrb9jX1Yxjvr7DJS3%2BRuA6YTdoJDgPL%2B7DooOnz6%2BT%2Fa%2B4GEjdv6oXNvagh3DRrdeFj13A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
7cc60c33dad23633-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
arrows.svg
lowratefix.com/quiz/img/
378 B
708 B
Image
General
Full URL
https://lowratefix.com/quiz/img/arrows.svg
Requested by
Host: lowratefix.com
URL: https://lowratefix.com/quizd2/?campid=life-MoneyNt-peak&aff_sub=wr0kghns3dlguluoiaso4pa4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a96c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c57081786ec00061d99c38aa548846012f27dfcbfb3f97e45e879d381c4d5ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lowratefix.com/quizd2/?campid=life-MoneyNt-peak&aff_sub=wr0kghns3dlguluoiaso4pa4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 13:57:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Jan 2023 10:00:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63b54e35-17a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XY8Yb089Q4mXV56tqnlfS7QQl2QtYoRtEk3bML48QiAJNdZMvghAF7pzXE5XIrCnXa8GFOS%2FP2ESi4XHiQuQDNGDTdtdf%2B5%2FuNG%2BvCL0xDmiCta%2FF9aVlm%2FgRKQvvrDhmaauBvzVcCROc2jFDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
7cc60c33dad43633-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
arrow-yellow.svg
lowratefix.com/quiz/img/
11 KB
9 KB
Image
General
Full URL
https://lowratefix.com/quiz/img/arrow-yellow.svg
Requested by
Host: lowratefix.com
URL: https://lowratefix.com/quizd2/?campid=life-MoneyNt-peak&aff_sub=wr0kghns3dlguluoiaso4pa4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a96c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6bc88d7f5f414502558aa5673e4da7853ad9549e6136ea14defda1550f7e4c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lowratefix.com/quizd2/?campid=life-MoneyNt-peak&aff_sub=wr0kghns3dlguluoiaso4pa4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 13:57:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Jan 2023 10:00:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63b54e35-2b8a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LABnzqhVAYnNAuSiL2lOD5K3e0Vbv9AELZxTRIrYkwYvI7YT8VOHUBVK9QBIX3WVGcVF3kyC2oVahxQT5d3l%2BJXXHU3yKEczvXEq9C8zg23Lp3Uy31AvPD0lBX0C40LSC0rOXvxQToYlbi6Wyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
7cc60c33dad63633-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
arrow-yellow-mobile.svg
lowratefix.com/quiz/img/
11 KB
9 KB
Image
General
Full URL
https://lowratefix.com/quiz/img/arrow-yellow-mobile.svg
Requested by
Host: lowratefix.com
URL: https://lowratefix.com/quizd2/?campid=life-MoneyNt-peak&aff_sub=wr0kghns3dlguluoiaso4pa4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a96c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb461f7882efd6b3ca7bb69c67579ac337934ee90676f40528c07b70f531d775

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lowratefix.com/quizd2/?campid=life-MoneyNt-peak&aff_sub=wr0kghns3dlguluoiaso4pa4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 13:57:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Jan 2023 10:00:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63b54e35-2d8d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lr8Y1d3sdeEt4UHBVFR7Dbjg%2BdeM%2F5E%2FHZEBiwozUaQ2I1tNfBUCDdL5kosQ5YPiPV0R2ov10zceH0%2BiEw%2BOrFAaFT%2BUj0JLM4JSTd0uFOBYBldI8kIfe3CTDXCD8ito2wnSIqDLfISLT3%2FuqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
7cc60c33dad83633-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
checkmark-gray.svg
lowratefix.com/quiz/img/
239 B
674 B
Image
General
Full URL
https://lowratefix.com/quiz/img/checkmark-gray.svg
Requested by
Host: lowratefix.com
URL: https://lowratefix.com/quizd2/?campid=life-MoneyNt-peak&aff_sub=wr0kghns3dlguluoiaso4pa4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a96c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f84adeec2f5928be14e10be46c37e49e0ba767b9341a5cad414ebdd53882e80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lowratefix.com/quizd2/?campid=life-MoneyNt-peak&aff_sub=wr0kghns3dlguluoiaso4pa4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 13:57:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Jan 2023 10:00:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63b54e35-ef"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wS%2B36119JHe3p0%2F7u7FVpvoUNwcY7tR5k7qtfEu13HhdwXOYw4MJ%2F6ccq77yq23rjzyk0mcDo1uk5wzmA5P5PvAOcv9GEF1%2BXQZEcGkaHc9I0MaeGOIu1S7NYVGUlb5%2FsDEV7oCLCzTwB%2FgLbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
7cc60c33dad93633-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
darker_stars.svg
lowratefix.com/quiz/img/
1 KB
807 B
Image
General
Full URL
https://lowratefix.com/quiz/img/darker_stars.svg
Requested by
Host: lowratefix.com
URL: https://lowratefix.com/quizd2/?campid=life-MoneyNt-peak&aff_sub=wr0kghns3dlguluoiaso4pa4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a96c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e69df9d85f8eed5995a34111c857aca2521dbda553665971b5bc2dabc50822ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lowratefix.com/quizd2/?campid=life-MoneyNt-peak&aff_sub=wr0kghns3dlguluoiaso4pa4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 13:57:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Jan 2023 10:00:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63b54e35-41c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8xDN5DbLuCV%2FHtNNooPUrGjZB86L0rSpVMOjHftb4rsKAOvxSqq1wShWHmfYUN5W4OqNSyZPwQiSOalEK7uxjQKC5AyKH%2FnFKl2hJZIbi48FfzPDTSZWhxGDOSaI4SxI4dO7HuDryXf5rKpQvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
7cc60c33dada3633-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
quote_bg_image-2.png
lowratefix.com/quiz/img/
6 KB
7 KB
Image
General
Full URL
https://lowratefix.com/quiz/img/quote_bg_image-2.png
Requested by
Host: lowratefix.com
URL: https://lowratefix.com/quiz/css/app.c7956f1e9fb7a534d999.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a96c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79dc86c6e284b46d5d34831091210568a954eb01f93cf79f20dd0258bee3b251

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lowratefix.com/quiz/css/app.c7956f1e9fb7a534d999.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 13:57:25 GMT
cf-cache-status
HIT
last-modified
Wed, 04 Jan 2023 10:00:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63b54e35-191d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pm%2FURevBINfDTXIHL95HWN60keAoewOq2VaaPQ0FSLQGfEoDjiGkITXcZc3l%2BrodzP0q0Jhjy8CHRHQPrqbwTwOZ8pJ%2FSZ86yT1Ba1re81KPHEzsb%2FlN%2BWUl%2BpM2AvvkEQCyj2RliNykxJgIaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7cc60c33dadb3633-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6429
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/
47 KB
48 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lowratefix.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 05:45:28 GMT
x-content-type-options
nosniff
age
375117
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 May 2024 05:45:28 GMT
/
www.google.com/pagead/1p-user-list/385267757/
42 B
455 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/385267757/?random=1684936645600&cv=11&fst=1684933200000&bg=ffffff&guid=ON&async=1&gtm=45be35m0&u_w=1600&u_h=1200&url=https%3A%2F%2Flowratefix.com%2Fquizd2%2F%3Fcampid%3Dlife-MoneyNt-peak%26aff_sub%3Dwr0kghns3dlguluoiaso4pa4&frm=0&tiba=LowRateFix&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3452018951&rmt_tld=0&ipr=y
Requested by
Host: lowratefix.com
URL: https://lowratefix.com/quizd2/?campid=life-MoneyNt-peak&aff_sub=wr0kghns3dlguluoiaso4pa4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lowratefix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 13:57:25 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/385267757/
42 B
455 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/385267757/?random=1684936645600&cv=11&fst=1684933200000&bg=ffffff&guid=ON&async=1&gtm=45be35m0&u_w=1600&u_h=1200&url=https%3A%2F%2Flowratefix.com%2Fquizd2%2F%3Fcampid%3Dlife-MoneyNt-peak%26aff_sub%3Dwr0kghns3dlguluoiaso4pa4&frm=0&tiba=LowRateFix&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3452018951&rmt_tld=1&ipr=y
Requested by
Host: lowratefix.com
URL: https://lowratefix.com/quizd2/?campid=life-MoneyNt-peak&aff_sub=wr0kghns3dlguluoiaso4pa4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lowratefix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 13:57:25 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| gtag object| dataLayer object| google_tag_manager object| google_tag_data object| GooglebQhCsO object| webpackJsonp object| core object| regeneratorRuntime undefined| MediaAlphaExchange object| __maxch__thunk function| MediaAlphaExchange__fetchUserID function| MediaAlphaExchange__success function| MediaAlphaExchange__error function| MediaAlphaExchange__click function| MediaAlphaExchange__enableDirectLinks function| MediaAlphaExchange__disableDirectLinks function| MediaAlphaExchange__loadDirectLink function| MediaAlphaExchange__lead function| MediaAlphaExchange__loadIVRPool function| MediaAlphaExchange__loadNumPool function| MediaAlphaExchange__load undefined| targetID undefined| targetElt

4 Cookies

Domain/Path Name / Value
.sturpose-muncial.com/ Name: ae9a76db-c0ce-4307-a4c1-e789146c536e-v4
Value: N5I57NiGR94ARY-bAHl8slKZc_qMP96kIX4_k4emyTU
.sturpose-muncial.com/ Name: cc-v4
Value: BonjqQBJx%2FGJF2XvTtcwV5MxygyU5bCt7Oy3u2nRIQzmFG39ZAkuhcNHKP4kOG98IvV7FVp4x0nPNOwQlIWtasRW%2BPwYTP25fYJwBXUwudFqROB8qSI9%2FBSW7pP2fzC%2Fepkw0ycaEPHO%2FY%2B1HFkGkQ%3D%3D
.lowratefix.com/ Name: _gcl_au
Value: 1.1.1875201470.1684936646
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
insurance.mediaalpha.com
ip2geo.improvetool.com
lowratefix.com
sturpose-muncial.com
www.google.com
www.google.de
www.googletagmanager.com
18.156.16.63
2606:4700:3035::ac43:a96c
2a00:1450:4001:801::2003
2a00:1450:4001:806::2004
2a00:1450:4001:810::2002
2a00:1450:4001:828::200a
2a00:1450:4001:829::2003
2a00:1450:4001:831::2008
2a06:98c1:3120::3
54.91.11.147
0318f0e9a6d33bfde782246f0aa95abd3b4586a8006fd59668e0d442999ada35
0daa95e10cbe117c2aae215e36592b06233b617a90be8a4ba2dd1c8cef766a80
141a922b83cc6707d19885ed7aec59ed8331771664e38e57277ed5eb5636650f
2ac0b3cab210097de1aebaeb7039b71b7b76bbcb3090feedbea4a4807d7db062
31dbc7e512a9ac62ea82911b12af91c2bf487c3f12ca0cac92d6ac329dc093ea
5c57081786ec00061d99c38aa548846012f27dfcbfb3f97e45e879d381c4d5ca
5f84adeec2f5928be14e10be46c37e49e0ba767b9341a5cad414ebdd53882e80
79dc86c6e284b46d5d34831091210568a954eb01f93cf79f20dd0258bee3b251
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
969dcf2ca29bdacc14267f03c0f5b3cd898c1eae29f449921416659a81d2ec9f
a1e3fc28ecb54785e5f2500c7f6dd0cefe275c20da9b85b4fd91fb739bb8effc
a6bc88d7f5f414502558aa5673e4da7853ad9549e6136ea14defda1550f7e4c0
a9dc830966bf50891298b3e7322eb202a492ba5f4bd8584cac28856623306758
c17ad772f2f3562358df0b1eaab2afc99008b37323cef5af87bd9130b5041b2d
c2409e26dd044d8a4f2c1aa4f8b66400989ef71d0af959529086e16e93ad35ef
c274064122ce07c049bbded8db4d3e73ff6d0abf8503f6dae3dc6ae11ce934a2
cb461f7882efd6b3ca7bb69c67579ac337934ee90676f40528c07b70f531d775
d636038341e0c56a693e10eafe16f5df1835fae9491c7c5b649c241be36fe01a
e668208cd86f7ce63f37d5a60435205de8e963b1f12fcecc73f4385639a8a687
e69df9d85f8eed5995a34111c857aca2521dbda553665971b5bc2dabc50822ec
eba5450af61a1a1c6ae7f3e481db04d9b19f0200b9c821dc0713efa387afff77
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629