ga-insurance-quotes-now.com Open in urlscan Pro
34.69.219.172 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ga-insurance-quotes-now.com/
Submission: On December 12 via api (December 12th 2024, 8:32:58 am UTC) from BE — Scanned from CA

Summary HTTP 103 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 28 IPs in 2 countries across 21 domains to perform 103 HTTP transactions. The main IP is 34.69.219.172, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is ga-insurance-quotes-now.com.
TLS certificate: Issued by R11 on November 12th 2024. Valid for: 3 months.

This is the only time ga-insurance-quotes-now.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: State Farm (Insurance)

Domain & IP information

	IP Address	AS Autonomous System
1	34.69.219.172 34.69.219.172	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	3.221.220.136 3.221.220.136	14618 (AMAZON-AES) (AMAZON-AES)
2	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
35	117.18.238.236 117.18.238.236	15133 (EDGECAST) (EDGECAST)
3	172.64.144.102 172.64.144.102	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	173.194.205.95 173.194.205.95	15169 (GOOGLE) (GOOGLE)
7	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.198.70.133 104.198.70.133	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	172.253.122.95 172.253.122.95	15169 (GOOGLE) (GOOGLE)
4	172.217.222.97 172.217.222.97	15169 (GOOGLE) (GOOGLE)
5	108.138.85.96 108.138.85.96	16509 (AMAZON-02) (AMAZON-02)
1	172.64.148.72 172.64.148.72	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.49.241.189 34.49.241.189	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.18.43.154 104.18.43.154	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.217.222.95 172.217.222.95	15169 (GOOGLE) (GOOGLE)
1 3	34.236.201.56 34.236.201.56	14618 (AMAZON-AES) (AMAZON-AES)
1	52.207.43.21 52.207.43.21	14618 (AMAZON-AES) (AMAZON-AES)
2	63.140.38.217 63.140.38.217	14618 (AMAZON-AES) (AMAZON-AES)
1 1	3.81.197.94 3.81.197.94	14618 (AMAZON-AES) (AMAZON-AES)
1	74.125.192.105 74.125.192.105	15169 (GOOGLE) (GOOGLE)
4	31.13.66.19 31.13.66.19	32934 (FACEBOOK) (FACEBOOK)
1	3.167.72.96 3.167.72.96	16509 (AMAZON-02) (AMAZON-02)
1	3.163.245.4 3.163.245.4	16509 (AMAZON-02) (AMAZON-02)
1	34.128.179.202 34.128.179.202	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	216.239.36.181 216.239.36.181	15169 (GOOGLE) (GOOGLE)
1	173.194.205.94 173.194.205.94	15169 (GOOGLE) (GOOGLE)
1	142.251.16.157 142.251.16.157	15169 (GOOGLE) (GOOGLE)
7	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
103	28

1 34.69.219.172 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 172.219.69.34.bc.googleusercontent.com

ga-insurance-quotes-now.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.221.220.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-220-136.compute-1.amazonaws.com

invocation.deel.c1.statefarm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 117.18.238.236 (Phoenix, United States)

ASN15133 (EDGECAST, US)

static2.st8fm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ac1.st8fm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.statefarm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
online.statefarm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static1.st8fm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
apps.statefarm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.144.102 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

cdn-pci.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.205.95 (United States)

ASN15169 (GOOGLE, US)
PTR: qm-in-f95.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.198.70.133 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 133.70.198.104.bc.googleusercontent.com

mx-api.prod.mirus.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
peachy.prod.mirus.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.122.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.222.97 (United States)

ASN15169 (GOOGLE, US)
PTR: qi-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 108.138.85.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-85-96.iad12.r.cloudfront.net

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.148.72 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

tapi.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.49.241.189 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 189.241.49.34.bc.googleusercontent.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.43.154 (None, )

ASN13335 (CLOUDFLARENET, US)

a8367280580.cdn-pci.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.222.95 (United States)

ASN15169 (GOOGLE, US)
PTR: qi-in-f95.1e100.net

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.236.201.56 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-201-56.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.207.43.21 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-43-21.compute-1.amazonaws.com

statefarmmutualautomobileinsurancecompany.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.38.217 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-217.data.adobedc.net

smetrics.statefarm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.81.197.94 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-81-197-94.compute-1.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.192.105 (United States)

ASN15169 (GOOGLE, US)
PTR: qn-in-f105.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.167.72.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-72-96.iad61.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.163.245.4 (United States)

ASN16509 (AMAZON-02, US)

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.128.179.202 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 202.179.128.34.bc.googleusercontent.com

sst.statefarm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.36.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.205.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qm-in-f94.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.16.157 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	st8fm.com static2.st8fm.com — Cisco Umbrella Rank: 268238 ac1.st8fm.com — Cisco Umbrella Rank: 98688 static1.st8fm.com — Cisco Umbrella Rank: 18026	638 KB
8	statefarm.com www.statefarm.com — Cisco Umbrella Rank: 26433 online.statefarm.com — Cisco Umbrella Rank: 81907 apps.statefarm.com — Cisco Umbrella Rank: 76160 smetrics.statefarm.com — Cisco Umbrella Rank: 52632 sst.statefarm.com	8 KB
7	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 903 tr6.snapchat.com — Cisco Umbrella Rank: 1333	1 KB
7	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	36 KB
6	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 415 maps.googleapis.com — Cisco Umbrella Rank: 466 fonts.googleapis.com — Cisco Umbrella Rank: 29	265 KB
6	optimizely.com cdn-pci.optimizely.com — Cisco Umbrella Rank: 12218 tapi.optimizely.com — Cisco Umbrella Rank: 18401 logx.optimizely.com — Cisco Umbrella Rank: 1766 a8367280580.cdn-pci.optimizely.com — Cisco Umbrella Rank: 62289	133 KB
5	ensighten.com nexus.ensighten.com — Cisco Umbrella Rank: 4813	76 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	105 KB
4	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 262 statefarmmutualautomobileinsurancecompany.demdex.net — Cisco Umbrella Rank: 67059	3 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	355 KB
3	mirus.io mx-api.prod.mirus.io — Cisco Umbrella Rank: 800890 peachy.prod.mirus.io	20 KB
2	google.com www.google.com — Cisco Umbrella Rank: 3 analytics.google.com — Cisco Umbrella Rank: 142	510 B
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1255	35 KB
2	c1.statefarm invocation.deel.c1.statefarm — Cisco Umbrella Rank: 96891 deel-id-persistence.deel.c1.statefarm Failed	11 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 135	510 B
1	google.ca www.google.ca — Cisco Umbrella Rank: 11557	63 B
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1109	24 KB
1	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1531	6 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1608	503 B
1	ga-insurance-quotes-now.com ga-insurance-quotes-now.com	16 KB
0	facebook.com Failed www.facebook.com Failed
103	21

	Domain	Requested by
18	static2.st8fm.com	ga-insurance-quotes-now.com static2.st8fm.com
11	static1.st8fm.com	invocation.deel.c1.statefarm static2.st8fm.com ajax.googleapis.com static1.st8fm.com ga-insurance-quotes-now.com
7	cdnjs.cloudflare.com	ga-insurance-quotes-now.com
6	tr.snapchat.com	static1.st8fm.com sc-static.net
5	nexus.ensighten.com	invocation.deel.c1.statefarm nexus.ensighten.com
4	connect.facebook.net	ga-insurance-quotes-now.com connect.facebook.net
4	www.googletagmanager.com	invocation.deel.c1.statefarm www.googletagmanager.com
4	maps.googleapis.com	ga-insurance-quotes-now.com static1.st8fm.com maps.googleapis.com
3	dpm.demdex.net	1 redirects ga-insurance-quotes-now.com
3	cdn-pci.optimizely.com	ga-insurance-quotes-now.com cdn-pci.optimizely.com static2.st8fm.com
2	peachy.prod.mirus.io	static1.st8fm.com
2	smetrics.statefarm.com	static1.st8fm.com ga-insurance-quotes-now.com
2	apps.statefarm.com	static1.st8fm.com
2	online.statefarm.com	invocation.deel.c1.statefarm static1.st8fm.com
2	maxcdn.bootstrapcdn.com	ga-insurance-quotes-now.com
2	invocation.deel.c1.statefarm	ga-insurance-quotes-now.com
1	tr6.snapchat.com	sc-static.net
1	stats.g.doubleclick.net	ga-insurance-quotes-now.com
1	www.google.ca	ga-insurance-quotes-now.com
1	analytics.google.com	ga-insurance-quotes-now.com
1	sst.statefarm.com	static1.st8fm.com
1	sc-static.net	ga-insurance-quotes-now.com
1	js.adsrvr.org	www.googletagmanager.com
1	www.google.com	www.googletagmanager.com
1	cm.everesttech.net	1 redirects
1	statefarmmutualautomobileinsurancecompany.demdex.net	nexus.ensighten.com
1	a8367280580.cdn-pci.optimizely.com	cdn-pci.optimizely.com
1	logx.optimizely.com	cdn-pci.optimizely.com
1	tapi.optimizely.com	cdn-pci.optimizely.com
1	fonts.googleapis.com	static2.st8fm.com
1	mx-api.prod.mirus.io	ga-insurance-quotes-now.com
1	www.statefarm.com	ga-insurance-quotes-now.com
1	ac1.st8fm.com	ga-insurance-quotes-now.com
1	ajax.googleapis.com	ga-insurance-quotes-now.com
1	ga-insurance-quotes-now.com
0	www.facebook.com Failed	ga-insurance-quotes-now.com
0	deel-id-persistence.deel.c1.statefarm Failed	invocation.deel.c1.statefarm nexus.ensighten.com
103	37

This site contains links to these domains. Also see Links.

Domain
www.statefarm.com
auth.proofing.statefarm.com
financials.statefarm.com
get-id-card.delitess.c1.statefarm
www.protectgwinnett.com
brokercheck.finra.org
static1.st8fm.com

Subject Issuer	Validity	Valid
ga-insurance-quotes-now.com R11	`2024-11-12` - `2025-02-10`	3 months	crt.sh
invocation.deel.c1.statefarm Amazon RSA 2048 M03	`2024-03-20` - `2025-04-18`	a year	crt.sh
bootstrapcdn.com WE1	`2024-11-18` - `2025-02-16`	3 months	crt.sh
statefarm.com Entrust Certification Authority - L1K	`2024-04-22` - `2025-04-22`	a year	crt.sh
cdn-pci.optimizely.com WE1	`2024-10-24` - `2025-01-22`	3 months	crt.sh
upload.video.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-11-26` - `2025-02-24`	3 months	crt.sh
mx-api.prod.mirus.io R10	`2024-10-16` - `2025-01-14`	3 months	crt.sh
*.google-analytics.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
nexus.ensighten.com Amazon RSA 2048 M03	`2024-08-29` - `2025-09-28`	a year	crt.sh
tapi.optimizely.com WE1	`2024-10-17` - `2025-01-15`	3 months	crt.sh
logx.optimizely.com WR3	`2024-11-13` - `2025-02-11`	3 months	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-25` - `2025-10-26`	a year	crt.sh
smetrics.statefarm.com Entrust Certification Authority - L1K	`2024-02-07` - `2025-02-07`	a year	crt.sh
*.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-20` - `2024-12-19`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
sc-static.net Amazon RSA 2048 M03	`2024-11-20` - `2025-12-20`	a year	crt.sh
sst.statefarm.com WR3	`2024-10-16` - `2025-01-14`	3 months	crt.sh
*.google.ca WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-23` - `2025-07-22`	a year	crt.sh
peachy.prod.mirus.io R11	`2024-12-04` - `2025-03-04`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://ga-insurance-quotes-now.com/
Frame ID: 7C7C3E4306D3B9EB0A49737080F4B3AB
Requests: 96 HTTP requests in this frame

Frame: https://a8367280580.cdn-pci.optimizely.com/client_storage/a8367280580.html
Frame ID: 57D08958B9ECC42DCF1ABAAEEE15862D
Requests: 1 HTTP requests in this frame

Frame: https://statefarmmutualautomobileinsurancecompany.demdex.net/dest5.html?d_nsid=0
Frame ID: 3084C6EC5DCC50C100548A06BBAC1C70
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4c30/sw_iframe.html?origin=https%3A%2F%2Fga-insurance-quotes-now.com
Frame ID: B97EFE048D474D736FE5BCC36663CC6F
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=3343c101-8725-4e3e-a691-2052c85e1bce&u_scsid=6b60126b-ac56-44b5-b7f2-1788fdeda465&u_sclid=bb6427b7-efbd-4b92-8133-0c8730dd0de6
Frame ID: B0A92519BDAD33B588F0E209DE9D35D8
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=2f0ca4be-e310-4347-a688-421e70cfc0e5&u_scsid=6b60126b-ac56-44b5-b7f2-1788fdeda465&u_sclid=bb6427b7-efbd-4b92-8133-0c8730dd0de6
Frame ID: A7F69E2BFE730D61387C1EBDCF1C6B35
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ethan Collins - State Farm Insurance Agent in Berkeley Lake, GA

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Handlebars (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

handlebars(?:\.runtime)?(?:-v([\d.]+?))?(?:\.min)?\.js

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

//nexus\.ensighten\.com/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

103
Requests

89 %
HTTPS

0 %
IPv6

21
Domains

37
Subdomains

28
IPs

2
Countries

1733 kB
Transfer

6576 kB
Size

34
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://www.statefarm.com/#oneX-main-content
Title: Skip to Main Content

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/

Search URL Search Domain Scan URL

URL: https://auth.proofing.statefarm.com/login-ui/login
Title: Log in

Search URL Search Domain Scan URL

URL: https://auth.proofing.statefarm.com/login-ui/login
Title: Log in

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/

Search URL Search Domain Scan URL

URL: https://financials.statefarm.com/guest-pay/
Title: Pay a Bill

Search URL Search Domain Scan URL

URL: https://get-id-card.delitess.c1.statefarm/view-insurance-card
Title: Get ID Card

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/insurance/retrievequote
Title: or continue a quote

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/agent/us/ga/berkeley-lake/ethan-collins-qbqpt9r82ak/map?officeAssociateId=MXLKLC8Y7AK
Title: Get Directions

Search URL Search Domain Scan URL

URL: https://www.protectgwinnett.com/
Title: www.protectgwinnett.com

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/claims
Title: File a Claim

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/pdf/billing-options-product-sheet.pdf
Title: Pay your way

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/insurance/auto
Title: auto insurance

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/insurance/motorcycles/coverage-options
Title: more coverage options

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/lead/contact#agentAssociateID=QBQPT9R82AK&event=proxyagentdomain
Title: motorcycle insurance quote

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/insurance/home-and-property/ting-fire-safety/?cmpid=Link%3ATing%3AAgent+Website
Title: Explore Ting

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/small-business-solutions/insurance/contact#agentAssociateID=QBQPT9R82AK&source=proxyagentdomain
Title: small business insurance

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/download-mobile-apps/life-enhanced
Title: Take a closer look

Search URL Search Domain Scan URL

URL: https://brokercheck.finra.org/
Title: FINRA's Broker Check

Search URL Search Domain Scan URL

URL: https://static1.st8fm.com/en_US/downloads/sf/customer-relationship-summary.pdf
Title: State Farm VP Management Corp. Customer Relationship Summary

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1733992373124 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1733992373124

Request Chain 68

https://cm.everesttech.net/cm/dd?d_uuid=04415601480127801052485554730223910685 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Z1qftQAAABgJ8wN_

103 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ga-insurance-quotes-now.com/ 57 KB
16 KB 326ms
224ms Document
text/html 34.69.219.172
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ga-insurance-quotes-now.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.69.219.172 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 172.219.69.34.bc.googleusercontent.com
Software: /
Resource Hash: 050a9ed70054814432bfc7f62f804ea64c4bd749d6c4caffa9e0a58020628683

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 12 Dec 2024 08:32:48 GMT
vary: origin,accept-encoding
x-cheesecrd-backend: mx-api
x-cheesecrd-lookup: master:ga-insurance-quotes-now.com/
x-cheesecrd-path: /
x-microsite-source: https://www.statefarm.com/agent/us/ga/berkeley-lake/ethan-collins-qbqpt9r82ak

GET
H2 200 deel.js Show response
invocation.deel.c1.statefarm/ 12 KB
6 KB 204ms
54ms Script
text/javascript 3.221.220.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://invocation.deel.c1.statefarm/deel.js?prop=agent&optOut=abtesting,survey
Requested by: Host: ga-insurance-quotes-now.com
URL: https://ga-insurance-quotes-now.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.221.220.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-221-220-136.compute-1.amazonaws.com
Software: /
Resource Hash: 6830cb8cceb6226901558a5de6ffc9d51d9c868b1dbc6fff7c0550744d393266

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

content-encoding: gzip
x-amz-apigw-id: Cq3juEExIAMEp0w=
x-amzn-trace-id: Root=1-675a9fb1-66b7ebfa1f045f9d0d80a4fa
access-control-allow-methods: OPTIONS,POST,GET,HEAD
x-amzn-requestid: d1a964c8-7058-4bc5-8851-35a89985e66e
access-control-allow-origin: *
server-timing: generated;dur=7.8003439996391535
content-length: 5439
date: Thu, 12 Dec 2024 08:32:49 GMT
content-type: text/javascript
access-control-allow-headers: Content-Type, Referer

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.6/css/ 147 KB
21 KB 110ms
54ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.6/css/bootstrap.min.css

Requested by

Host: ga-insurance-quotes-now.com
URL: https://ga-insurance-quotes-now.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aebf611c1438dc7ec748e9a6364c734066b34bf2a1c7e2fc6511ed784635b50e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

cdn-status: 200
content-encoding: br
cf-cache-status: HIT
etag: "7e923ad223e9f33e54d22e50cf2bcce5"
age: 1043652
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 08:32:48 GMT
last-modified: Mon, 25 Jan 2021 22:04:02 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-cache: HIT
cdn-cachedat: 10/10/2024 12:17:50
cdn-requestpullcode: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-requesttime: 0
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: a3ffdec4e698a56681eabcf8a66001eb
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.04
cf-ray: 8f0c5db20d98ec71-YYZ
access-control-allow-origin: *
cdn-edgestorageid: 845
server: cloudflare
cdn-requestcountrycode: US

GET
H2 200 normalize.css
static2.st8fm.com/en_US/dxl-1x/prod/css/lib/ 16 KB
6 KB 214ms
40ms Stylesheet
text/css 117.18.238.236
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static2.st8fm.com/en_US/dxl-1x/prod/css/lib/normalize.css

Requested by

Host: ga-insurance-quotes-now.com
URL: https://ga-insurance-quotes-now.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.238.236 Phoenix, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (chd/0771) /

Resource Hash

1fe711aec93171cacefa8198f5b235bf84fde20b14a8c873a66b044373037128

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

x-request-id: 1625725302747356823317837030482513118061, 480806905692738172314055196548118827812
content-encoding: br
age: 11723
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=d3af5b5b-1757-4d50-996a-390a62a1abed&pop=chd"}]}
x-edg-mr: 84:0;84:1;84:2;84:5;84:6;84:8;
expires: Thu, 12 Dec 2024 12:32:49 GMT
server-timing: edgio_cache;desc=TCP_HIT,edgio_pop;desc=chd,edgio_country;desc=CA
x-cache: HIT
x-edg-version: 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e, 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e
date: Thu, 12 Dec 2024 08:32:49 GMT
content-type: text/css
last-modified: Wed, 11 Dec 2024 11:42:02 GMT
vary: Accept-Encoding
x-frame-options: DENY
cache-control: max-age=14400
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5749
server: ECAcc (chd/0771)

GET
H2 200 1x.core.css
static2.st8fm.com/en_US/dxl-1x/prod/css/ 648 KB
57 KB 254ms
80ms Stylesheet
text/css 117.18.238.236
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css

Requested by

Host: ga-insurance-quotes-now.com
URL: https://ga-insurance-quotes-now.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.238.236 Phoenix, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (chd/077A) /

Resource Hash

6f75ce7e70ffd0812db7e8644d35fc0d6ed3cfea6d3dde7774e69e7ea8921142

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

x-request-id: 198163870081208565014955091213279744728, 135914915683738359339859559689078039048
content-encoding: br
age: 11723
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=d3af5b5b-1757-4d50-996a-390a62a1abed&pop=chd"}]}
x-edg-mr: 84:0;84:1;84:2;84:5;84:6;84:8;
expires: Thu, 12 Dec 2024 12:32:49 GMT
server-timing: edgio_cache;desc=TCP_HIT,edgio_pop;desc=chd,edgio_country;desc=CA
x-cache: HIT
x-edg-version: 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e, 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e
date: Thu, 12 Dec 2024 08:32:49 GMT
content-type: text/css
last-modified: Wed, 11 Dec 2024 11:43:02 GMT
vary: Accept-Encoding
x-frame-options: DENY
cache-control: max-age=14400
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
accept-ranges: bytes
access-control-allow-origin: *
content-length: 57801
server: ECAcc (chd/077A)

GET
H2 200 8421581994.js Show response
cdn-pci.optimizely.com/js/ 534 KB
130 KB 94ms
36ms Script
text/javascript 172.64.144.102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-pci.optimizely.com/js/8421581994.js
Requested by: Host: ga-insurance-quotes-now.com
URL: https://ga-insurance-quotes-now.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.102 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d64abfa74a9329c237441a8321b89036fa88a96079492812d2ce1e349ff7e2e2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

access-control-max-age: 86400
access-control-expose-headers: x-amz-meta-revision
content-encoding: gzip
cf-cache-status: HIT
etag: "a3dc816bbd03564898f7aca5dc3c88f5"
x-amz-version-id: 8VeI_lOqJ6XNfODZyff8bGQsSWu6qfXm
age: 26
access-control-allow-methods: HEAD
date: Thu, 12 Dec 2024 08:32:48 GMT
x-amz-meta-revision: 49870
content-type: text/javascript; charset=utf-8
last-modified: Wed, 11 Dec 2024 18:39:57 GMT
vary: Accept-Encoding
x-amz-id-2: MgwtWEK8VsNGvfwJBLo2GsuHtgRhtrbkx5I5FVd2/4J2doAvfV2N080XS4sRABqOBJzO9CyVelk0tVBa8RsIYO8Hwduy2r3CO4GmNy22Pgo=
access-control-allow-headers: *
x-amz-replication-status: PENDING
cache-control: max-age=600
timing-allow-origin: *
x-amz-meta-pci_enabled: True
access-control-allow-credentials: false
x-amz-request-id: QTTJGESG3FVJXR4J
cf-ray: 8f0c5db20d6ba22e-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 132516
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 StateFarmCommon.js Show response
static2.st8fm.com/en_US/b2c_dvts/common/js/lib/ 1 KB
972 B 472ms
298ms Script
application/javascript 117.18.238.236
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static2.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js

Requested by

Host: ga-insurance-quotes-now.com
URL: https://ga-insurance-quotes-now.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.238.236 Phoenix, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (dac/9C57) /

Resource Hash

61c6eda6cbdafc0c25d53414c537577cd6579757211cd1cc960d0e7f027edf3e

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

x-request-id: 155219025645604943029671349108642846353, 155219025645604943029671349108642846353
content-encoding: gzip
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=d3af5b5b-1757-4d50-996a-390a62a1abed&pop=chd"}]}
x-edg-mr: 84:0;84:1;84:2;84:5;84:6;84:8;
expires: 0
server-timing: edgio_cache;desc=UNCACHEABLE,edgio_pop;desc=chd,edgio_country;desc=CA
x-edg-version: 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e, 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e
date: Thu, 12 Dec 2024 08:32:49 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-frame-options: DENY
cache-control: no-cache, no-store, must-revalidate
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
pragma: no-cache
access-control-allow-origin: *
content-length: 759
server: ECAcc (dac/9C57)

GET
H2 200 deel.js Show response
invocation.deel.c1.statefarm/ 12 KB
6 KB 51ms
51ms Script
text/javascript 3.221.220.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://invocation.deel.c1.statefarm/deel.js
Requested by: Host: ga-insurance-quotes-now.com
URL: https://ga-insurance-quotes-now.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.221.220.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-221-220-136.compute-1.amazonaws.com
Software: /
Resource Hash: 6830cb8cceb6226901558a5de6ffc9d51d9c868b1dbc6fff7c0550744d393266

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

content-encoding: gzip
x-amz-apigw-id: Cq3j6HDEoAMEl4g=
x-amzn-trace-id: Root=1-675a9fb2-05ae6e4f1b3b96cd1d237eb0
access-control-allow-methods: OPTIONS,POST,GET,HEAD
x-amzn-requestid: b41cb476-6955-4573-9d83-98e17a3df5d9
access-control-allow-origin: *
server-timing: generated;dur=7.8003439996391535
content-length: 5439
date: Thu, 12 Dec 2024 08:32:50 GMT
content-type: text/javascript
access-control-allow-headers: Content-Type, Referer

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 154ms
50ms Script
text/javascript 173.194.205.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: ga-insurance-quotes-now.com
URL: https://ga-insurance-quotes-now.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.205.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qm-in-f95.1e100.net

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

content-encoding: gzip
age: 359699
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Mon, 08 Dec 2025 04:37:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 08 Dec 2024 04:37:50 GMT
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30306
x-xss-protection: 0
server: sffe

GET
H2 200 handlebars.js Show response
cdnjs.cloudflare.com/ajax/libs/handlebars.js/4.0.6/ 160 KB
29 KB 89ms
32ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/handlebars.js/4.0.6/handlebars.js

Requested by

Host: ga-insurance-quotes-now.com
URL: https://ga-insurance-quotes-now.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02e9c70478b4ed0444cfa8a953983e0a0388b731ec7b07662bd667d56816bf2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03e72-27e1d"
age: 1211447
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ndf%2BNZOsjcoeasQYZT8cwP8dbeIL8FVNOwX8to5KEDg5edmpxGcydGpMMNcFeL6ZAlnpcg910WDhQomVhv8MoTEQJmkxdhsvfZRDfIEkFgz0xUYRtlkiIzm2yRjyF446voB1xtST"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 02 Dec 2025 08:32:48 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 08:32:48 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:10:26 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f0c5db20a2dab84-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 29180
server: cloudflare

GET
H2 200 1x.core.js Show response
static2.st8fm.com/en_US/dxl-1x/prod/js/ 349 KB
89 KB 285ms
113ms Script
application/javascript 117.18.238.236
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static2.st8fm.com/en_US/dxl-1x/prod/js/1x.core.js

Requested by

Host: ga-insurance-quotes-now.com
URL: https://ga-insurance-quotes-now.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.238.236 Phoenix, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (chd/0725) /

Resource Hash

0df0c7cb2ebc14992f3392aee85d1671aaef4761ef63bc2f304a9dc1d2e508d3

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

x-request-id: 177638229915973092116296037628443886203, 34668135741540791633608036097486830462
content-encoding: br
age: 11723
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=d3af5b5b-1757-4d50-996a-390a62a1abed&pop=chd"}]}
x-edg-mr: 84:0;84:1;84:2;84:5;84:6;84:8;
expires: Thu, 12 Dec 2024 12:32:49 GMT
server-timing: edgio_cache;desc=TCP_HIT,edgio_pop;desc=chd,edgio_country;desc=CA
x-cache: HIT
x-edg-version: 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e, 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e
date: Thu, 12 Dec 2024 08:32:49 GMT
content-type: application/javascript
last-modified: Wed, 11 Dec 2024 11:43:01 GMT
vary: Accept-Encoding
x-frame-options: DENY
cache-control: max-age=14400
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
accept-ranges: bytes
access-control-allow-origin: *
content-length: 91284
server: ECAcc (chd/0725)

GET
H2 200 1x.client.js Show response
static2.st8fm.com/en_US/dxl-1x/prod/js/ 3 KB
1 KB 252ms
79ms Script
application/javascript 117.18.238.236
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static2.st8fm.com/en_US/dxl-1x/prod/js/1x.client.js

Requested by

Host: ga-insurance-quotes-now.com
URL: https://ga-insurance-quotes-now.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.238.236 Phoenix, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (chd/07A9) /

Resource Hash

785b6692d256f8286db7fff9d1e8caf87508b8e25721ac968bf5626eb3e82dbe

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

x-request-id: 173000417241949456449174241396978493341, 82030575060354936078526591418764381791
content-encoding: br
age: 11503
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=d3af5b5b-1757-4d50-996a-390a62a1abed&pop=chd"}]}
x-edg-mr: 84:0;84:1;84:2;84:5;84:6;84:8;
expires: Thu, 12 Dec 2024 12:32:49 GMT
server-timing: edgio_cache;desc=TCP_HIT,edgio_pop;desc=chd,edgio_country;desc=CA
x-cache: HIT
x-edg-version: 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e, 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e
date: Thu, 12 Dec 2024 08:32:49 GMT
content-type: application/javascript
last-modified: Wed, 11 Dec 2024 11:43:02 GMT
vary: Accept-Encoding
x-frame-options: DENY
cache-control: max-age=14400
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1235
server: ECAcc (chd/07A9)

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 48 KB
14 KB 85ms
32ms Script
application/javascript 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

Requested by

Host: ga-insurance-quotes-now.com
URL: https://ga-insurance-quotes-now.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

cdn-status: 200
content-encoding: br
cf-cache-status: HIT
etag: "14d449eb8876fa55e1ef3c2cc52b0c17"
age: 1372527
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 08:32:48 GMT
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-cache: HIT
cdn-cachedat: 09/24/2024 09:00:40
cdn-requestpullcode: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-requesttime: 0
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: ca49da3fb29e07efbacf1b18db3e7dc9
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.04
cf-ray: 8f0c5db20d99ec71-YYZ
access-control-allow-origin: *
cdn-edgestorageid: 1067
server: cloudflare
cdn-requestcountrycode: US

GET
H2 200 jquery-migrate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.0.0/ 7 KB
3 KB 89ms
34ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.0.0/jquery-migrate.min.js

Requested by

Host: ga-insurance-quotes-now.com
URL: https://ga-insurance-quotes-now.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26494360e0db8345fef2c3e22a47055116f9cfb46f94d308684dd1036cfdeefc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03ec2-1bab"
age: 2456719
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pBYItglrt2%2BLVc4X78I2qRL%2FtrdObvsOfLSrX87YU04MT%2FkW7etRPpd%2BqSyN0q8yYf5mu2%2FK67jGrbsE6TpR0CxcIv3YgLtJXUaCNtbyyH%2FNysqb3tdjx6MRMKbEkoMB%2FQfOXwze"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 02 Dec 2025 08:32:48 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 08:32:48 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:11:46 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f0c5db20a2eab84-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2382
server: cloudflare

GET
H2 200 jquery.lazy.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.6/ 5 KB
3 KB 86ms
31ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.6/jquery.lazy.min.js

Requested by

Host: ga-insurance-quotes-now.com
URL: https://ga-insurance-quotes-now.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b79c2cee1e5d9ece0147e076bf08b9eae8b61e1d9cd7c5715dcbc54816decaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03ec3-139e"
age: 948682
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6A2zu%2F4fPaxXGeHqSOE4md4ee5XCK4mVeHTF4r4mmXmQwxt5OZMnz1uKak8MYbo1lfFKOEtAqxoY1p7zwZCSPSp4dTcyPDmqvG2MnMc780xS3dEuZSW%2BzBXtY%2Fq7etkVsQWUEfZ9"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 02 Dec 2025 08:32:48 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 08:32:48 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:11:47 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f0c5db20a31ab84-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2092
server: cloudflare

GET
H2 200 jquery.lazy.plugins.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.6/ 4 KB
1 KB 89ms
34ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.6/jquery.lazy.plugins.min.js

Requested by

Host: ga-insurance-quotes-now.com
URL: https://ga-insurance-quotes-now.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bc192aee347215f0a0764e0ffb8d1f9962807fcd1fdf64607e60073212b10e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03ec3-106c"
age: 1216634
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YmvcGsClSo8MLobVWkn3jEz1x%2BuVbJ3pmsr1YgP0hmMoLB6cKWyTuq1vbS7O%2BlAlSYH%2FyTuJOWxo4IuHP6td0jDZq%2BiqgbnLQlJ1u8XVDYsvjaB2G6oNJIxOvR7dwi64NX%2BpxzbW"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 02 Dec 2025 08:32:48 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 08:32:48 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:11:47 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f0c5db20a30ab84-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1222
server: cloudflare

GET
H2 200 util.min.js Show response
static2.st8fm.com/en_US/dxl/js/min/ 29 KB
8 KB 397ms
227ms Script
application/javascript 117.18.238.236
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static2.st8fm.com/en_US/dxl/js/min/util.min.js

Requested by

Host: ga-insurance-quotes-now.com
URL: https://ga-insurance-quotes-now.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.238.236 Phoenix, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (chd/072E) /

Resource Hash

c097d6cc5f8b74266f5017664694839e3bbbaea74b25d3de4b4aa1ddf09280fd

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

x-request-id: 137958472982753188648030877129512857380, 130445899221197785104047050122364119969
content-encoding: br
age: 11361
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=d3af5b5b-1757-4d50-996a-390a62a1abed&pop=chd"}]}
x-edg-mr: 84:0;84:1;84:2;84:5;84:6;84:8;
expires: Thu, 12 Dec 2024 12:32:49 GMT
server-timing: edgio_cache;desc=TCP_HIT,edgio_pop;desc=chd,edgio_country;desc=CA
x-edg-version: 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e, 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e
x-cache: HIT
date: Thu, 12 Dec 2024 08:32:49 GMT
content-type: application/javascript
last-modified: Mon, 09 Dec 2024 14:50:02 GMT
vary: Accept-Encoding
x-frame-options: DENY
cache-control: max-age=14400
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
access-control-allow-origin: *
content-length: 8150
server: ECAcc (chd/072E)

GET
H2 200 microsite.min.css
static2.st8fm.com/en_US/applications/agent/sf.gd.aoi.agentlocatormicrosite.agent-6.2.0-RC-225/styles/ 4 KB
1 KB 282ms
112ms Stylesheet
text/css 117.18.238.236
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static2.st8fm.com/en_US/applications/agent/sf.gd.aoi.agentlocatormicrosite.agent-6.2.0-RC-225/styles/microsite.min.css
Requested by: Host: ga-insurance-quotes-now.com
URL: https://ga-insurance-quotes-now.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 117.18.238.236 Phoenix, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (chd/0771) /
Resource Hash: 3298b9cccd36ac312543d28cff41257de5a8abb934085d54877418c865fb0e4e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

x-request-id: 23807305414870963912186397652135024245, 127167278236902223818050934006839921943
content-encoding: br
age: 105842
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=d3af5b5b-1757-4d50-996a-390a62a1abed&pop=chd"}]}
x-edg-mr: 84:0;84:1;84:2;84:5;84:6;84:8;
expires: Thu, 19 Dec 2024 08:32:49 GMT
server-timing: edgio_cache;desc=TCP_HIT,edgio_pop;desc=chd,edgio_country;desc=CA
x-cache: HIT
x-edg-version: 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e, 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e
date: Thu, 12 Dec 2024 08:32:49 GMT
content-type: text/css
last-modified: Mon, 02 Dec 2024 20:02:02 GMT
vary: Accept-Encoding
cache-control: max-age=604800
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1136
server: ECAcc (chd/0771)

GET
H2 200 formalColorFull.jpg
ac1.st8fm.com/associate-photos/Q/QBQPT9R82AK/ 38 KB
39 KB 246ms
42ms Image
image/jpeg 117.18.238.236
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ac1.st8fm.com/associate-photos/Q/QBQPT9R82AK/formalColorFull.jpg

Requested by

Host: ga-insurance-quotes-now.com
URL: https://ga-insurance-quotes-now.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.238.236 Phoenix, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (chd/076C) /

Resource Hash

f207fbda4de3f548de2e14bd2d27702dc2b0adcd03da8c8cada34846ec578048

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

x-request-id: 62824751712901206238822784589067124352, 66925298139127481101422663559193806076
etag: "dcfb276fe42edb1:0"
age: 172
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=d3af5b5b-1757-4d50-996a-390a62a1abed&pop=chd"}]}
x-edg-mr: 84:0;84:1;84:2;84:5;84:6;84:8;
server-timing: edgio_cache;desc=TCP_HIT,edgio_pop;desc=chd,edgio_country;desc=CA
x-edg-version: 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e, 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e
x-cache: HIT
date: Thu, 12 Dec 2024 08:32:49 GMT
content-type: image/jpeg
last-modified: Mon, 04 Nov 2024 18:07:38 GMT
x-frame-options: DENY
cache-control: max-age=7200
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
accept-ranges: bytes
access-control-allow-origin: *
content-length: 39361
server: ECAcc (chd/076C)

GET
H2 200 StateFarmisThere_en_desktop.png
static2.st8fm.com/en_US/applications/agent_microsite/6.0.0/resources/Media/Campaign/ 17 KB
17 KB 199ms
198ms Image
image/png 117.18.238.236
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static2.st8fm.com/en_US/applications/agent_microsite/6.0.0/resources/Media/Campaign/StateFarmisThere_en_desktop.png

Requested by

Host: ga-insurance-quotes-now.com
URL: https://ga-insurance-quotes-now.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.238.236 Phoenix, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (chd/0749) /

Resource Hash

746164f668cd2513526e7b3bc8bc14c980c03fb967b4015f898164a89da8e70a

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

x-request-id: 598097774994745264913030753257729772352, 147479434439390884477193456177185459481
age: 111660
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=d3af5b5b-1757-4d50-996a-390a62a1abed&pop=chd"}]}
x-edg-mr: 84:0;84:1;84:2;84:5;84:6;84:8;
expires: Thu, 19 Dec 2024 08:32:49 GMT
server-timing: edgio_cache;desc=TCP_HIT,edgio_pop;desc=chd,edgio_country;desc=CA
x-edg-version: 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e, 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e
x-cache: HIT
date: Thu, 12 Dec 2024 08:32:49 GMT
content-type: image/png
last-modified: Thu, 28 Apr 2022 20:22:21 GMT
x-frame-options: DENY
cache-control: max-age=604800
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
accept-ranges: bytes
access-control-allow-origin: *
content-length: 17093
server: ECAcc (chd/0749)

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 384 KB
120 KB 97ms
95ms Script
text/javascript 173.194.205.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyBS9DDO8i_AGakIP4RrMhBIycy08imFG4g&libraries=places&channel=b2c-geo-code&language=&v=3

Requested by

Host: ga-insurance-quotes-now.com
URL: https://ga-insurance-quotes-now.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.205.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qm-in-f95.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

ee0b31f6368b4346fccc7661076269403346e539ec03b3be9d2b673a3fb6c61c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

cache-control: public, max-age=1800, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: gzip
etag: a3513a45
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123011
date: Thu, 12 Dec 2024 08:32:49 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
vary: Accept-Language, Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN

GET
H2 200 cookie Show response
www.statefarm.com/agent/ 0
1 KB 314ms
287ms Script
text/plain 117.18.238.236
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.statefarm.com/agent/cookie?associateID=QBQPT9R82AK&app=AMS

Requested by

Host: ga-insurance-quotes-now.com
URL: https://ga-insurance-quotes-now.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.238.236 Phoenix, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (dac/9CA1) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

x-request-id: 111658618857486404583513646001532673902, 111658618857486404583513646001532673902
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=d3af5b5b-1757-4d50-996a-390a62a1abed&pop=chd"}]}
x-content-type-options: nosniff
x-edg-mr: 84:0;84:1;84:2;84:3;84:5;84:6;84:8;
expires: 0
server-timing: edgio_cache;desc=TCP_MISS,edgio_pop;desc=chd,edgio_country;desc=CA
x-edg-version: 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e, 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e
date: Thu, 12 Dec 2024 08:32:48 GMT
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
cache-control: no-cache, no-store, max-age=0, must-revalidate
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
pragma: no-cache
x-vcap-request-id: 6d845091-7a4b-498a-677b-615203f1d2b5
content-length: 0
x-xss-protection: 1; mode=block
content-language: en-US
server: ECAcc (dac/9CA1)

GET
H2 200 jquery.mobile-1.2.0.min.js Show response
static2.st8fm.com/en_US/applications/agent/sf.gd.aoi.agentlocatormicrosite.agent-6.2.0-RC-225/scripts/ 111 KB
34 KB 42ms
42ms Script
application/javascript 117.18.238.236
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static2.st8fm.com/en_US/applications/agent/sf.gd.aoi.agentlocatormicrosite.agent-6.2.0-RC-225/scripts/jquery.mobile-1.2.0.min.js
Requested by: Host: ga-insurance-quotes-now.com
URL: https://ga-insurance-quotes-now.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 117.18.238.236 Phoenix, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (chd/070C) /
Resource Hash: b434e7b06d1e76c8ecf4b8fb260010f4b414c03da3ce0ee7fcc2391478bde1be

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

x-request-id: 140036096110166199571994676304766941125, 514290070917696175017745586830786715202
content-encoding: br
age: 105858
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=d3af5b5b-1757-4d50-996a-390a62a1abed&pop=chd"}]}
x-edg-mr: 84:0;84:1;84:2;84:5;84:6;84:8;
expires: Thu, 19 Dec 2024 08:32:49 GMT
server-timing: edgio_cache;desc=TCP_HIT,edgio_pop;desc=chd,edgio_country;desc=CA
x-cache: HIT
x-edg-version: 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e, 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e
date: Thu, 12 Dec 2024 08:32:49 GMT
content-type: application/javascript
last-modified: Mon, 02 Dec 2024 20:02:01 GMT
vary: Accept-Encoding
cache-control: max-age=604800
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34625
server: ECAcc (chd/070C)

GET
H2 200 microsite.min.js Show response
static2.st8fm.com/en_US/applications/agent/sf.gd.aoi.agentlocatormicrosite.agent-6.2.0-RC-225/scripts/ 6 KB
2 KB 39ms
38ms Script
application/javascript 117.18.238.236
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static2.st8fm.com/en_US/applications/agent/sf.gd.aoi.agentlocatormicrosite.agent-6.2.0-RC-225/scripts/microsite.min.js

Requested by

Host: ga-insurance-quotes-now.com
URL: https://ga-insurance-quotes-now.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.238.236 Phoenix, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (chd/077E) /

Resource Hash

fa8f0c6c5d43a72996d5a4ec3ba825e4c70b8df8a92eac0e9206f2c416849182

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

x-request-id: 8724237511385922638994929436414158366, 99972932352050742293820102512868791583
content-encoding: br
age: 105857
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=d3af5b5b-1757-4d50-996a-390a62a1abed&pop=chd"}]}
x-edg-mr: 84:0;84:1;84:2;84:5;84:6;84:8;
expires: Thu, 19 Dec 2024 08:32:49 GMT
server-timing: edgio_cache;desc=TCP_HIT,edgio_pop;desc=chd,edgio_country;desc=CA
x-cache: HIT
x-edg-version: 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e, 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e
date: Thu, 12 Dec 2024 08:32:49 GMT
content-type: application/javascript
last-modified: Mon, 02 Dec 2024 20:02:01 GMT
vary: Accept-Encoding
x-frame-options: DENY
cache-control: max-age=604800
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1879
server: ECAcc (chd/077E)

GET
H2 200 quoteModule.min.js Show response
static2.st8fm.com/en_US/applications/agent/sf.gd.aoi.agentlocatormicrosite.agent-6.2.0-RC-225/scripts/ 4 KB
2 KB 42ms
42ms Script
application/javascript 117.18.238.236
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static2.st8fm.com/en_US/applications/agent/sf.gd.aoi.agentlocatormicrosite.agent-6.2.0-RC-225/scripts/quoteModule.min.js
Requested by: Host: ga-insurance-quotes-now.com
URL: https://ga-insurance-quotes-now.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 117.18.238.236 Phoenix, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (chd/0710) /
Resource Hash: 45faa773aa72605e3e884bb29701be909db6bc33295c2096ab98e1100dbe8b22

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

x-request-id: 1688697706680135352710627027809286858840, 150109224295262968027481226848279637950
content-encoding: br
age: 105857
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=d3af5b5b-1757-4d50-996a-390a62a1abed&pop=chd"}]}
x-edg-mr: 84:0;84:1;84:2;84:5;84:6;84:8;
expires: Thu, 19 Dec 2024 08:32:49 GMT
server-timing: edgio_cache;desc=TCP_HIT,edgio_pop;desc=chd,edgio_country;desc=CA
x-cache: HIT
x-edg-version: 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e, 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e
date: Thu, 12 Dec 2024 08:32:49 GMT
content-type: application/javascript
last-modified: Mon, 02 Dec 2024 20:02:02 GMT
vary: Accept-Encoding
cache-control: max-age=604800
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1351
server: ECAcc (chd/0710)

GET
H2 200 peachy-client Show response
mx-api.prod.mirus.io/ 65 KB
20 KB 152ms
52ms Script
text/html 104.198.70.133
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://mx-api.prod.mirus.io/peachy-client

Requested by

Host: ga-insurance-quotes-now.com
URL: https://ga-insurance-quotes-now.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.70.133 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

133.70.198.104.bc.googleusercontent.com

Software

Resource Hash

6e17fa3cc4118440d1111d00c3aca6e3183e736de354210eafe140eb92dba8d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
content-encoding: gzip
date: Thu, 12 Dec 2024 08:32:50 GMT
content-type: text/html; charset=utf-8
vary: origin,accept-encoding

GET
H2 403 trafficdetection.aspx Show response
online.statefarm.com/ddc/ 1 KB
2 KB 413ms
248ms Fetch
text/html 117.18.238.236
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://online.statefarm.com/ddc/trafficdetection.aspx

Requested by

Host: invocation.deel.c1.statefarm
URL: https://invocation.deel.c1.statefarm/deel.js?prop=agent&optOut=abtesting,survey

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.238.236 Phoenix, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (dac/9C17) /

Resource Hash

c55f527e536de44c7980fecece7428ae5a765647495e47008a8a54fa1e434736

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

x-request-id: 1052116901523256483511068543314529324156, 1052116901523256483511068543314529324156
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=d3af5b5b-1757-4d50-996a-390a62a1abed&pop=chd"}]}
x-edg-mr: 84:0;84:1;84:5;84:6;84:8;
access-control-allow-origin: https://ga-insurance-quotes-now.com
server-timing: edgio_cache;desc=CONFIG_NOCACHE,edgio_pop;desc=chd,edgio_country;desc=CA
x-edg-version: 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e, 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e
content-length: 1233
date: Thu, 12 Dec 2024 08:32:48 GMT
content-type: text/html
server: ECAcc (dac/9C17)
x-frame-options: DENY

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 430ms
57ms Stylesheet
text/css 172.253.122.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700

Requested by

Host: static2.st8fm.com
URL: https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f95.1e100.net

Software

ESF /

Resource Hash

6340eeec1584be5ab457b30c9736f0820c777a28dfdeb2b26923b7c6ed51cca8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://static2.st8fm.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 12 Dec 2024 08:32:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 08:32:49 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 12 Dec 2024 06:55:36 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 sfuid.js Show response
static1.st8fm.com/en_US/applications/dasenblt_static_content/ 21 KB
5 KB 2083ms
2083ms Script
application/javascript 117.18.238.236
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/applications/dasenblt_static_content/sfuid.js

Requested by

Host: invocation.deel.c1.statefarm
URL: https://invocation.deel.c1.statefarm/deel.js?prop=agent&optOut=abtesting,survey

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.238.236 Phoenix, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (chd/0774) /

Resource Hash

06a074fccbce7830a8a826c4748e8e47d01e971f2b6bb7190d2c9542337fb88f

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

x-request-id: 77784048014557864410320212742785165219, 755410307219445450815363879222739988934
content-encoding: br
age: 12343
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=d3af5b5b-1757-4d50-996a-390a62a1abed&pop=chd"}]}
x-edg-mr: 84:0;84:1;84:2;84:5;84:6;84:8;
expires: Thu, 12 Dec 2024 12:32:50 GMT
server-timing: edgio_cache;desc=TCP_HIT,edgio_pop;desc=chd,edgio_country;desc=CA
x-cache: HIT
x-edg-version: 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e, 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e
date: Thu, 12 Dec 2024 08:32:50 GMT
content-type: application/javascript
last-modified: Wed, 30 Oct 2024 20:13:01 GMT
vary: Accept-Encoding
x-frame-options: DENY
cache-control: max-age=14400
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4747
server: ECAcc (chd/0774)

GET index.js
deel-id-persistence.deel.c1.statefarm/ 0
0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 784 KB
140 KB 213ms
111ms Script
application/javascript 172.217.222.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Requested by

Host: invocation.deel.c1.statefarm
URL: https://invocation.deel.c1.statefarm/deel.js?prop=agent&optOut=abtesting,survey

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.222.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

7b72853e5e78fcf4bd0103b975ec8256d8aa5cb3722afaf4c4f0c47688e86de6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

content-encoding: gzip
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Thu, 12 Dec 2024 08:32:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 08:32:52 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 12 Dec 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 142107
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/statefarm/mirus/ 94 KB
31 KB 229ms
84ms Script
application/javascript 108.138.85.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Requested by: Host: invocation.deel.c1.statefarm
URL: https://invocation.deel.c1.statefarm/deel.js?prop=agent&optOut=abtesting,survey
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.85.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-85-96.iad12.r.cloudfront.net
Software: CloudFront /
Resource Hash: e979780b46689b0611328b1e366eb52b9c5e26a6be7c603bad94db1bafa7b24a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

content-encoding: br
x-amz-version-id: LikBM7iNJEGrq9o9w5PJJ.3pte.bqAdF
etag: W/"20e0378c9bb9cc1f4cab8ca94d133f93"
age: 56384
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 2OLWh7DSB3H89MOwcIpvWtql-9pFsHnAQJbAiGdchygzo5yIQzgltA==
date: Wed, 11 Dec 2024 16:53:09 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding
last-modified: Wed, 11 Dec 2024 16:52:45 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=300
via: 1.1 7e2fab32e11703f7384de4d8fef36848.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P2
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H2 200 oeu1733992369697r0.05444867204435133 Show response
tapi.optimizely.com/api/targeting/8421581994/8453960666/ 31 KB
2 KB 163ms
108ms XHR
application/json 172.64.148.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tapi.optimizely.com/api/targeting/8421581994/8453960666/oeu1733992369697r0.05444867204435133
Requested by: Host: cdn-pci.optimizely.com
URL: https://cdn-pci.optimizely.com/js/8421581994.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.72 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 00a735022a0585ebce6bbc8df6dd9a1c84ac4f539523c318b5606b09b642e070

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://ga-insurance-quotes-now.com/

Response headers

content-encoding: br
cf-cache-status: MISS
access-control-allow-credentials: true
via: 1.1 google
cf-ray: 8f0c5db70fbf3972-YYZ
access-control-allow-origin: https://ga-insurance-quotes-now.com
date: Thu, 12 Dec 2024 08:32:49 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
server: cloudflare

GET
H2 200 geo4.js Show response
cdn-pci.optimizely.com/js/ 306 B
318 B 43ms
42ms Script
application/javascript 172.64.144.102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-pci.optimizely.com/js/geo4.js
Requested by: Host: cdn-pci.optimizely.com
URL: https://cdn-pci.optimizely.com/js/8421581994.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.102 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0d4f49c7e78dfedc0392372e987233a3c10f736e7d180d775b30dcc4a2e339e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

access-control-max-age: 86400
access-control-expose-headers: x-amz-meta-revision
timing-allow-origin: *
content-encoding: gzip
access-control-allow-credentials: false
access-control-allow-methods: HEAD
cf-ray: 8f0c5dc9b870a22e-YYZ
access-control-allow-origin: *
date: Thu, 12 Dec 2024 08:32:52 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: *

GET
H2 200 StateFarmCommon.js Show response
static1.st8fm.com/en_US/b2c_dvts/common/js/lib/ 292 KB
157 KB 73ms
40ms Script
application/javascript 117.18.238.236
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AEA3_bmTAQAAbZoy9H_AP2Wwqdtp8JnjZ4qcB-0IDd7UawAabhDK1hNrfEy3&J5odCIZGx--z=q
Requested by: Host: static2.st8fm.com
URL: https://static2.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 117.18.238.236 Phoenix, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (chd/078A) /
Resource Hash: d7b365daf731edb4b2fcbeaa4d612cc9a87df619653412ec95887a62f540b71c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer: https://ga-insurance-quotes-now.com/

Response headers

x-request-id: 22116618861783093987363938648917830502, 89008491222590629246650111635447016903
content-encoding: br
age: 168
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=d3af5b5b-1757-4d50-996a-390a62a1abed&pop=chd"}]}
x-edg-mr: 84:0;84:1;84:2;84:5;84:6;84:8;
server-timing: edgio_cache;desc=TCP_HIT,edgio_pop;desc=chd,edgio_country;desc=CA
x-edg-version: 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e, 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e
x-cache: HIT
date: Thu, 12 Dec 2024 08:32:49 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 12 Dec 2024 08:30:01 GMT
vary: Accept-Encoding
cache-control: public, max-age=3600, immutable
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
accept-ranges: bytes
access-control-allow-origin: *
content-length: 160073
server: ECAcc (chd/078A)

POST
H2 204 events Show response
logx.optimizely.com/v1/ 0
394 B 393ms
59ms XHR
text/plain 34.49.241.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: cdn-pci.optimizely.com
URL: https://cdn-pci.optimizely.com/js/8421581994.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.49.241.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.241.49.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://ga-insurance-quotes-now.com/

Response headers

x-request-id: dcabb8f7-8554-4b8a-bf54-e89968c62bcc
access-control-expose-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
via: 1.1 google
access-control-allow-origin: https://ga-insurance-quotes-now.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 08:32:51 GMT
content-type: text/plain
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict

OPTIONS
H2 200 enterprisesfuid
apps.statefarm.com/sfuidservice/ Frame 0
0 542ms
460ms Preflight 117.18.238.236
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.statefarm.com/sfuidservice/enterprisesfuid

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.238.236 Phoenix, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (dac/9C8A) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://ga-insurance-quotes-now.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://ga-insurance-quotes-now.com
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Thu, 12 Dec 2024 08:32:52 GMT
expires: 0
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
pragma: no-cache
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=d3af5b5b-1757-4d50-996a-390a62a1abed&pop=chd"}]}
server: ECAcc (dac/9C8A)
server-timing: edgio_cache;desc=NONE,edgio_pop;desc=chd,edgio_country;desc=CA
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-edg-mr: 84:0;84:1;84:5;84:6;84:8;
x-edg-version: 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e
x-frame-options: DENY
x-request-id: 61086725870062569842034624752720827953 61086725870062569842034624752720827953
x-vcap-request-id: 45a49cef-ac30-46d1-41a8-b594737a374e
x-xss-protection: 1; mode=block

GET
H2 200 enterprisesfuid Show response
apps.statefarm.com/sfuidservice/ 50 B
1 KB 271ms
267ms XHR
application/json 117.18.238.236
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.statefarm.com/sfuidservice/enterprisesfuid

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/applications/dasenblt_static_content/sfuid.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.238.236 Phoenix, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (dac/9C8A) /

Resource Hash

da4978f4c694507346d9cdd8581e7e0f39215c5ca3b8fc4b54a364c6533d5f45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://ga-insurance-quotes-now.com/

Response headers

x-request-id: 128021733030055021735991849952463794321, 128021733030055021735991849952463794321
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=d3af5b5b-1757-4d50-996a-390a62a1abed&pop=chd"}]}
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
x-edg-mr: 84:0;84:1;84:5;84:6;84:8;
server-timing: edgio_cache;desc=CONFIG_NOCACHE,edgio_pop;desc=chd,edgio_country;desc=CA
x-edg-version: 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e, 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e
date: Thu, 12 Dec 2024 08:32:53 GMT
content-type: application/json
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
cache-control: no-store
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
pragma: no-cache
access-control-allow-credentials: true
x-vcap-request-id: 4bb7987f-bd44-48ab-70a0-f493a09b792e
access-control-allow-origin: https://ga-insurance-quotes-now.com
content-length: 50
x-xss-protection: 1; mode=block
server: ECAcc (dac/9C8A)

GET
H2 200 ErrorPage.json Show response
static1.st8fm.com/en_US/errors/1/ 4 KB
4 KB 255ms
254ms Script
application/json 117.18.238.236
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/errors/1/ErrorPage.json?callback=jQuery32105094557965884834_1733992372718&_=1733992372719

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.238.236 Phoenix, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (dac/9C68) /

Resource Hash

c459691f5389de616773286683cd2870125551ed4020d3f29bdc161d35cc976f

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

x-request-id: 29934836965465334634346949458392242942, 29934836965465334634346949458392242942
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=d3af5b5b-1757-4d50-996a-390a62a1abed&pop=chd"}]}
x-edg-mr: 84:0;84:1;84:2;84:5;84:6;84:8;
expires: Thu, 12 Dec 2024 08:32:52 GMT
server-timing: edgio_cache;desc=TCP_MISS,edgio_pop;desc=chd,edgio_country;desc=CA
x-edg-version: 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e, 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e
date: Thu, 12 Dec 2024 08:32:52 GMT
content-type: application/json
last-modified: Tue, 07 Jul 2020 13:13:01 GMT
x-frame-options: DENY
cache-control: max-age=0
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4301
server: ECAcc (dac/9C68)

GET
H2 200 a8367280580.html
a8367280580.cdn-pci.optimizely.com/client_storage/ Frame 57D0 0
0 123ms
33ms Document
text/html 104.18.43.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a8367280580.cdn-pci.optimizely.com/client_storage/a8367280580.html
Requested by: Host: cdn-pci.optimizely.com
URL: https://cdn-pci.optimizely.com/js/8421581994.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.43.154 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ga-insurance-quotes-now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 27
cache-control: max-age=120
cf-cache-status: HIT
cf-ray: 8f0c5dca4ffa36ad-YYZ
content-encoding: gzip
content-length: 844
content-type: text/html; charset=utf-8
date: Thu, 12 Dec 2024 08:32:52 GMT
etag: "3ca02789f64ebcfb10847b1c33e2f180"
last-modified: Wed, 11 Dec 2024 18:39:33 GMT
server: cloudflare
vary: Accept-Encoding
x-amz-id-2: DIsR9oW+2lKkrUvbEdOtZexAoeA4RY50lrLJrwjUGPo9HQXT6tmI0zLkkkTGpe0oE2282EYaWcfd29o3T/YvTg==
x-amz-meta-pci_enabled: True
x-amz-replication-status: COMPLETED
x-amz-request-id: 7R58XHK658A6Y62M
x-amz-server-side-encryption: AES256
x-amz-version-id: LLjS6gxFuS0VoDnJAJZCp9wbstvQHd5A

GET
H2 403 trafficdetection.aspx Show response
online.statefarm.com/ddc/ 1 KB
2 KB 601ms
600ms Fetch
text/html 117.18.238.236
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://online.statefarm.com/ddc/trafficdetection.aspx

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AEA3_bmTAQAAbZoy9H_AP2Wwqdtp8JnjZ4qcB-0IDd7UawAabhDK1hNrfEy3&J5odCIZGx--z=q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.238.236 Phoenix, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (dac/9C17) /

Resource Hash

c55f527e536de44c7980fecece7428ae5a765647495e47008a8a54fa1e434736

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

x-request-id: 154008339195914810568811480705613853644, 154008339195914810568811480705613853644
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=d3af5b5b-1757-4d50-996a-390a62a1abed&pop=chd"}]}
x-edg-mr: 84:0;84:1;84:5;84:6;84:8;
access-control-allow-origin: https://ga-insurance-quotes-now.com
server-timing: edgio_cache;desc=CONFIG_NOCACHE,edgio_pop;desc=chd,edgio_country;desc=CA
x-edg-version: 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e, 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e
content-length: 1233
date: Thu, 12 Dec 2024 08:32:52 GMT
content-type: text/html
server: ECAcc (dac/9C17)
x-frame-options: DENY

GET
H2 200 jquery-migrate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.0.0/ 7 KB
0 0ms
0ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.0.0/jquery-migrate.min.js

Requested by

Host: ga-insurance-quotes-now.com
URL: https://ga-insurance-quotes-now.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26494360e0db8345fef2c3e22a47055116f9cfb46f94d308684dd1036cfdeefc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03ec2-1bab"
age: 2456719
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pBYItglrt2%2BLVc4X78I2qRL%2FtrdObvsOfLSrX87YU04MT%2FkW7etRPpd%2BqSyN0q8yYf5mu2%2FK67jGrbsE6TpR0CxcIv3YgLtJXUaCNtbyyH%2FNysqb3tdjx6MRMKbEkoMB%2FQfOXwze"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 02 Dec 2025 08:32:48 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 08:32:48 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:11:46 GMT
vary: Accept-Encoding
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f0c5db20a2eab84-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2382
server: cloudflare

GET
H2 200 chevron.svg
static2.st8fm.com/en_US/dxl-1x/prod/css/images/core/ 5 KB
6 KB 40ms
39ms Image
image/svg+xml 117.18.238.236
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static2.st8fm.com/en_US/dxl-1x/prod/css/images/core/chevron.svg

Requested by

Host: static2.st8fm.com
URL: https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.238.236 Phoenix, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (chd/077B) /

Resource Hash

cb598957119c60141717676dceb24704495e5cac111a62cea6c34f5d89007949

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css

Response headers

x-request-id: 16889611954305679611270449898650708875, 122689810428732713534222646775369154435
age: 10662
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=d3af5b5b-1757-4d50-996a-390a62a1abed&pop=chd"}]}
x-edg-mr: 84:0;84:1;84:2;84:5;84:6;84:8;
expires: Thu, 12 Dec 2024 12:32:52 GMT
server-timing: edgio_cache;desc=TCP_HIT,edgio_pop;desc=chd,edgio_country;desc=CA
x-edg-version: 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e, 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e
x-cache: HIT
date: Thu, 12 Dec 2024 08:32:52 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Sep 2024 21:07:26 GMT
x-frame-options: DENY
cache-control: max-age=14400
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5576
server: ECAcc (chd/077B)

GET
H2 200 MecherleSans-Regular.woff2
static2.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/ 31 KB
31 KB 191ms
188ms Font
font/woff2 117.18.238.236
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static2.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/MecherleSans-Regular.woff2

Requested by

Host: static2.st8fm.com
URL: https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.238.236 Phoenix, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (chd/0712) /

Resource Hash

891eec21df42d40440bc9c3dee3aa2dda8ada02102865925b7edc7e4802f46f6

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://ga-insurance-quotes-now.com
Referer: https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css

Response headers

x-request-id: 409043025829537742515452365029293201730, 818179953179105175510150633481771654652
age: 11573
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=d3af5b5b-1757-4d50-996a-390a62a1abed&pop=chd"}]}
x-edg-mr: 84:0;84:1;84:2;84:5;84:6;84:8;
expires: Thu, 12 Dec 2024 12:32:52 GMT
server-timing: edgio_cache;desc=TCP_HIT,edgio_pop;desc=chd,edgio_country;desc=CA
x-edg-version: 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e, 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e
x-cache: HIT
date: Thu, 12 Dec 2024 08:32:52 GMT
content-type: font/woff2
last-modified: Mon, 23 Sep 2024 21:02:08 GMT
x-frame-options: DENY
cache-control: max-age=14400
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
accept-ranges: bytes
access-control-allow-origin: *
content-length: 31948
server: ECAcc (chd/0712)

GET
H2 200 MecherleSans-Medium.woff2
static2.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/ 31 KB
32 KB 45ms
42ms Font
font/woff2 117.18.238.236
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static2.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/MecherleSans-Medium.woff2

Requested by

Host: static2.st8fm.com
URL: https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.238.236 Phoenix, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (chd/07AA) /

Resource Hash

befea78b20324739582ae2458e7b3677fd4ac77acbf60aaeb476e4fcd84e58b1

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://ga-insurance-quotes-now.com
Referer: https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css

Response headers

x-request-id: 52432236876491232367355616716748729201, 113028418523144236405338896572164807442
age: 11573
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=d3af5b5b-1757-4d50-996a-390a62a1abed&pop=chd"}]}
x-edg-mr: 84:0;84:1;84:2;84:5;84:6;84:8;
expires: Thu, 12 Dec 2024 12:32:52 GMT
server-timing: edgio_cache;desc=TCP_HIT,edgio_pop;desc=chd,edgio_country;desc=CA
x-edg-version: 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e, 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e
x-cache: HIT
date: Thu, 12 Dec 2024 08:32:52 GMT
content-type: font/woff2
last-modified: Mon, 23 Sep 2024 21:01:58 GMT
x-frame-options: DENY
cache-control: max-age=14400
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
accept-ranges: bytes
access-control-allow-origin: *
content-length: 32200
server: ECAcc (chd/07AA)

GET
H2 200 MecherleSans-SemiBold.woff2
static2.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/ 31 KB
32 KB 194ms
191ms Font
font/woff2 117.18.238.236
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static2.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/MecherleSans-SemiBold.woff2

Requested by

Host: static2.st8fm.com
URL: https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.238.236 Phoenix, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (chd/0705) /

Resource Hash

d98509f5351c7f8a41a5aa749a3ca3e1fe31984a4e8dddbe436508e69b77434e

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://ga-insurance-quotes-now.com
Referer: https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css

Response headers

x-request-id: 4954313130782470286704318777485506199, 179478926446512744815565971780859050649
age: 11573
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=d3af5b5b-1757-4d50-996a-390a62a1abed&pop=chd"}]}
x-edg-mr: 84:0;84:1;84:2;84:5;84:6;84:8;
expires: Thu, 12 Dec 2024 12:32:52 GMT
server-timing: edgio_cache;desc=TCP_HIT,edgio_pop;desc=chd,edgio_country;desc=CA
x-edg-version: 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e, 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e
x-cache: HIT
date: Thu, 12 Dec 2024 08:32:52 GMT
content-type: font/woff2
last-modified: Mon, 23 Sep 2024 21:02:03 GMT
x-frame-options: DENY
cache-control: max-age=14400
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
accept-ranges: bytes
access-control-allow-origin: *
content-length: 32208
server: ECAcc (chd/0705)

GET
H2 200 MecherleSans-Bold.woff2
static2.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/ 31 KB
31 KB 80ms
78ms Font
font/woff2 117.18.238.236
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static2.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/MecherleSans-Bold.woff2

Requested by

Host: static2.st8fm.com
URL: https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.238.236 Phoenix, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (chd/0763) /

Resource Hash

d835ef5a85deb9cccbe7c01f71fa555d72c25b49f07368645fba6022d79273a5

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://ga-insurance-quotes-now.com
Referer: https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css

Response headers

x-request-id: 1488235161599829092912643409117073890434, 43550810733688218381461507731365885433
age: 10794
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=d3af5b5b-1757-4d50-996a-390a62a1abed&pop=chd"}]}
x-edg-mr: 84:0;84:1;84:2;84:5;84:6;84:8;
expires: Thu, 12 Dec 2024 12:32:52 GMT
server-timing: edgio_cache;desc=TCP_HIT,edgio_pop;desc=chd,edgio_country;desc=CA
x-edg-version: 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e, 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e
x-cache: HIT
date: Thu, 12 Dec 2024 08:32:52 GMT
content-type: font/woff2
last-modified: Mon, 23 Sep 2024 21:01:56 GMT
x-frame-options: DENY
cache-control: max-age=14400
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
accept-ranges: bytes
access-control-allow-origin: *
content-length: 31812
server: ECAcc (chd/0763)

GET
H2 200 MecherleLegal-Regular.woff2
static2.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/ 32 KB
32 KB 117ms
115ms Font
font/woff2 117.18.238.236
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static2.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/MecherleLegal-Regular.woff2

Requested by

Host: static2.st8fm.com
URL: https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.238.236 Phoenix, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (chd/0783) /

Resource Hash

ca4079b45eb719dafb86f764c262fae2518608b533d4714aa5f897d961001cf1

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://ga-insurance-quotes-now.com
Referer: https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css

Response headers

x-request-id: 157059696108110062310489132426056425584, 39184334124397790801690383403090936586
age: 11168
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=d3af5b5b-1757-4d50-996a-390a62a1abed&pop=chd"}]}
x-edg-mr: 84:0;84:1;84:2;84:5;84:6;84:8;
expires: Thu, 12 Dec 2024 12:32:52 GMT
server-timing: edgio_cache;desc=TCP_HIT,edgio_pop;desc=chd,edgio_country;desc=CA
x-edg-version: 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e, 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e
x-cache: HIT
date: Thu, 12 Dec 2024 08:32:52 GMT
content-type: font/woff2
last-modified: Mon, 23 Sep 2024 21:02:04 GMT
x-frame-options: DENY
cache-control: max-age=14400
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
accept-ranges: bytes
access-control-allow-origin: *
content-length: 32844
server: ECAcc (chd/0783)

GET
H2 200 jquery.lazy.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.6/ 5 KB
0 1ms
1ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.6/jquery.lazy.min.js

Requested by

Host: ga-insurance-quotes-now.com
URL: https://ga-insurance-quotes-now.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b79c2cee1e5d9ece0147e076bf08b9eae8b61e1d9cd7c5715dcbc54816decaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03ec3-139e"
age: 948682
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6A2zu%2F4fPaxXGeHqSOE4md4ee5XCK4mVeHTF4r4mmXmQwxt5OZMnz1uKak8MYbo1lfFKOEtAqxoY1p7zwZCSPSp4dTcyPDmqvG2MnMc780xS3dEuZSW%2BzBXtY%2Fq7etkVsQWUEfZ9"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 02 Dec 2025 08:32:48 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 08:32:48 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:11:47 GMT
vary: Accept-Encoding
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f0c5db20a31ab84-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2092
server: cloudflare

GET
H2 200 jquery.lazy.plugins.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.6/ 4 KB
0 0ms
0ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.6/jquery.lazy.plugins.min.js

Requested by

Host: ga-insurance-quotes-now.com
URL: https://ga-insurance-quotes-now.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bc192aee347215f0a0764e0ffb8d1f9962807fcd1fdf64607e60073212b10e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03ec3-106c"
age: 1216634
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YmvcGsClSo8MLobVWkn3jEz1x%2BuVbJ3pmsr1YgP0hmMoLB6cKWyTuq1vbS7O%2BlAlSYH%2FyTuJOWxo4IuHP6td0jDZq%2BiqgbnLQlJ1u8XVDYsvjaB2G6oNJIxOvR7dwi64NX%2BpxzbW"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 02 Dec 2025 08:32:48 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 08:32:48 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:11:47 GMT
vary: Accept-Encoding
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f0c5db20a30ab84-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1222
server: cloudflare

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
44 B 162ms
62ms XHR
application/json 172.217.222.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AEA3_bmTAQAAbZoy9H_AP2Wwqdtp8JnjZ4qcB-0IDd7UawAabhDK1hNrfEy3&J5odCIZGx--z=q

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.222.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f95.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: https://ga-insurance-quotes-now.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
date: Thu, 12 Dec 2024 08:32:52 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN

GET
H2 200 navigation-footer-limited.html Show response
static1.st8fm.com/en_US/dxl-1x/prod/renders/footer/ 1 KB
565 B 259ms
258ms XHR
text/html 117.18.238.236
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/renders/footer/navigation-footer-limited.html

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AEA3_bmTAQAAbZoy9H_AP2Wwqdtp8JnjZ4qcB-0IDd7UawAabhDK1hNrfEy3&J5odCIZGx--z=q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.238.236 Phoenix, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (chd/078B) /

Resource Hash

db328693065730fc4066970235b2cc48c813e3c3433e10f8ba002051b2467ee2

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: text/html, */*; q=0.01
Referer: https://ga-insurance-quotes-now.com/

Response headers

x-request-id: 40191801561869113734915801477265149816, 1052814537976716002415600016154417289759
content-encoding: br
age: 12278
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=d3af5b5b-1757-4d50-996a-390a62a1abed&pop=chd"}]}
x-edg-mr: 84:0;84:1;84:2;84:5;84:6;84:8;
expires: Thu, 12 Dec 2024 12:32:52 GMT
server-timing: edgio_cache;desc=TCP_HIT,edgio_pop;desc=chd,edgio_country;desc=CA
x-cache: HIT
x-edg-version: 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e, 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e
date: Thu, 12 Dec 2024 08:32:52 GMT
content-type: text/html
last-modified: Wed, 11 Dec 2024 11:43:01 GMT
vary: Accept-Encoding
x-frame-options: DENY
cache-control: max-age=14400
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
accept-ranges: bytes
access-control-allow-origin: *
content-length: 403
server: ECAcc (chd/078B)

GET
H2 200 navigation-header-unauth-limited.html Show response
static1.st8fm.com/en_US/dxl-1x/prod/renders/header/ 6 KB
2 KB 258ms
258ms XHR
text/html 117.18.238.236
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/renders/header/navigation-header-unauth-limited.html

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AEA3_bmTAQAAbZoy9H_AP2Wwqdtp8JnjZ4qcB-0IDd7UawAabhDK1hNrfEy3&J5odCIZGx--z=q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.238.236 Phoenix, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (chd/075A) /

Resource Hash

68a8e898999e0d8d388fce499a4b00871047c2270b2a5afc6d896d44625c2320

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: text/html, */*; q=0.01
Referer: https://ga-insurance-quotes-now.com/

Response headers

x-request-id: 1722418130884146572213766576210687350579, 122581115966315124184828897463631592192
content-encoding: br
age: 12288
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=d3af5b5b-1757-4d50-996a-390a62a1abed&pop=chd"}]}
x-edg-mr: 84:0;84:1;84:2;84:5;84:6;84:8;
expires: Thu, 12 Dec 2024 12:32:52 GMT
server-timing: edgio_cache;desc=TCP_HIT,edgio_pop;desc=chd,edgio_country;desc=CA
x-cache: HIT
x-edg-version: 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e, 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e
date: Thu, 12 Dec 2024 08:32:52 GMT
content-type: text/html
last-modified: Wed, 11 Dec 2024 11:43:01 GMT
vary: Accept-Encoding
x-frame-options: DENY
cache-control: max-age=14400
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1542
server: ECAcc (chd/075A)

GET
H2 200 MecherleSans-RegularItalic.woff2
static2.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/ 33 KB
33 KB 243ms
243ms Font
font/woff2 117.18.238.236
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static2.st8fm.com/en_US/dxl-1x/prod/css/fonts/Mecherle/woff/MecherleSans-RegularItalic.woff2

Requested by

Host: static2.st8fm.com
URL: https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.238.236 Phoenix, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (chd/0757) /

Resource Hash

1317d4275e30dc08856be654c0535788817866a5d89ef27a01898d7ae1ee3600

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://ga-insurance-quotes-now.com
Referer: https://static2.st8fm.com/en_US/dxl-1x/prod/css/1x.core.css

Response headers

x-request-id: 294362063600717677115700290365785019992, 801646911370168880213511735547801550474
age: 11017
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=d3af5b5b-1757-4d50-996a-390a62a1abed&pop=chd"}]}
x-edg-mr: 84:0;84:1;84:2;84:5;84:6;84:8;
expires: Thu, 12 Dec 2024 12:32:52 GMT
server-timing: edgio_cache;desc=TCP_HIT,edgio_pop;desc=chd,edgio_country;desc=CA
x-edg-version: 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e, 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e
x-cache: HIT
date: Thu, 12 Dec 2024 08:32:52 GMT
content-type: font/woff2
last-modified: Mon, 23 Sep 2024 21:02:03 GMT
x-frame-options: DENY
cache-control: max-age=14400
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34016
server: ECAcc (chd/0757)

GET
H2 200 phone_32.svg Show response
static1.st8fm.com/en_US/dxl-1x/prod/css/images/icons/ 405 B
883 B 246ms
246ms XHR
image/svg+xml 117.18.238.236
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/css/images/icons/phone_32.svg

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AEA3_bmTAQAAbZoy9H_AP2Wwqdtp8JnjZ4qcB-0IDd7UawAabhDK1hNrfEy3&J5odCIZGx--z=q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.238.236 Phoenix, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (chd/0785) /

Resource Hash

52dab22dd893cdb9dc9d2bafe35e9733ebef85efa1410f339d6acc0478281cc5

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

x-request-id: 66871292132329921184163834846752128080, 94036081965643761098524609946381766202
age: 11912
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=d3af5b5b-1757-4d50-996a-390a62a1abed&pop=chd"}]}
x-edg-mr: 84:0;84:1;84:2;84:5;84:6;84:8;
expires: Thu, 12 Dec 2024 12:32:52 GMT
server-timing: edgio_cache;desc=TCP_HIT,edgio_pop;desc=chd,edgio_country;desc=CA
x-edg-version: 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e, 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e
x-cache: HIT
date: Thu, 12 Dec 2024 08:32:52 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Sep 2024 21:03:06 GMT
x-frame-options: DENY
cache-control: max-age=14400
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
accept-ranges: bytes
access-control-allow-origin: *
content-length: 405
server: ECAcc (chd/0785)

GET
H2 200 email_32.svg Show response
static1.st8fm.com/en_US/dxl-1x/prod/css/images/icons/ 251 B
552 B 245ms
245ms XHR
image/svg+xml 117.18.238.236
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/css/images/icons/email_32.svg

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AEA3_bmTAQAAbZoy9H_AP2Wwqdtp8JnjZ4qcB-0IDd7UawAabhDK1hNrfEy3&J5odCIZGx--z=q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.238.236 Phoenix, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (chd/077C) /

Resource Hash

b3bea6904c6130332fdc7ca63b0b971b63b60752654b956ebf0e4b7753ecb09d

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

x-request-id: 35039765244377171783512596738550952779, 8464961089923116750774111937329403614
age: 11403
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=d3af5b5b-1757-4d50-996a-390a62a1abed&pop=chd"}]}
x-edg-mr: 84:0;84:1;84:2;84:5;84:6;84:8;
expires: Thu, 12 Dec 2024 12:32:52 GMT
server-timing: edgio_cache;desc=TCP_HIT,edgio_pop;desc=chd,edgio_country;desc=CA
x-edg-version: 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e, 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e
x-cache: HIT
date: Thu, 12 Dec 2024 08:32:52 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Sep 2024 21:04:37 GMT
x-frame-options: DENY
cache-control: max-age=14400
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
accept-ranges: bytes
access-control-allow-origin: *
content-length: 251
server: ECAcc (chd/077C)

GET
H2 200 payment_32.svg Show response
static1.st8fm.com/en_US/dxl-1x/prod/css/images/icons/ 702 B
849 B 436ms
436ms XHR
image/svg+xml 117.18.238.236
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/css/images/icons/payment_32.svg

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AEA3_bmTAQAAbZoy9H_AP2Wwqdtp8JnjZ4qcB-0IDd7UawAabhDK1hNrfEy3&J5odCIZGx--z=q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.238.236 Phoenix, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (chd/0774) /

Resource Hash

59789b85b1a8b5dec038e5921b2b8f1a597a935d9798bfbfaa8892dad89f919c

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

x-request-id: 1335083605484235071314821577369973953507, 1552266412865314593316194124123912349673
age: 11375
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=d3af5b5b-1757-4d50-996a-390a62a1abed&pop=chd"}]}
x-edg-mr: 84:0;84:1;84:2;84:5;84:6;84:8;
expires: Thu, 12 Dec 2024 12:32:52 GMT
server-timing: edgio_cache;desc=TCP_HIT,edgio_pop;desc=chd,edgio_country;desc=CA
x-edg-version: 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e, 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e
x-cache: HIT
date: Thu, 12 Dec 2024 08:32:52 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Sep 2024 21:04:54 GMT
x-frame-options: DENY
cache-control: max-age=14400
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
accept-ranges: bytes
access-control-allow-origin: *
content-length: 702
server: ECAcc (chd/0774)

GET
H2 200 id_card_32.svg Show response
static1.st8fm.com/en_US/dxl-1x/prod/css/images/icons/ 468 B
613 B 472ms
472ms XHR
image/svg+xml 117.18.238.236
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/css/images/icons/id_card_32.svg

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AEA3_bmTAQAAbZoy9H_AP2Wwqdtp8JnjZ4qcB-0IDd7UawAabhDK1hNrfEy3&J5odCIZGx--z=q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.238.236 Phoenix, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (chd/077F) /

Resource Hash

de10644653057a725f07b153c651cd920b75e5ca4b4e395b7a271c7620ce45d7

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

x-request-id: 1770527202783480853015102692958362380320, 5145310662845168101458940197844235119
age: 10944
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=d3af5b5b-1757-4d50-996a-390a62a1abed&pop=chd"}]}
x-edg-mr: 84:0;84:1;84:2;84:5;84:6;84:8;
expires: Thu, 12 Dec 2024 12:32:52 GMT
server-timing: edgio_cache;desc=TCP_HIT,edgio_pop;desc=chd,edgio_country;desc=CA
x-edg-version: 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e, 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e
x-cache: HIT
date: Thu, 12 Dec 2024 08:32:52 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Sep 2024 21:02:48 GMT
x-frame-options: DENY
cache-control: max-age=14400
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
accept-ranges: bytes
access-control-allow-origin: *
content-length: 468
server: ECAcc (chd/077F)

GET
H2

200

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1733992373124
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1733992373124

1 KB
1 KB

45ms
45ms

XHR
application/json

34.236.201.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1733992373124

Requested by

Host: ga-insurance-quotes-now.com
URL: https://ga-insurance-quotes-now.com/

Protocol

Server

34.236.201.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-236-201-56.compute-1.amazonaws.com

Software

Resource Hash

e35804e798d378afa1d946ba9047ec217d15522b968a658d3e1cbbd5daee036e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs: dcs-prod-va6-1-v068-037cc51dc.edge-va6.demdex.com 2 ms
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
x-tid: Ua/FHEIRQLg=
expires: Thu, 01 Jan 1970 00:00:00 UTC
access-control-allow-origin: https://ga-insurance-quotes-now.com
content-length: 618
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Thu, 12 Dec 2024 08:32:53 GMT
content-type: application/json;charset=utf-8
vary: Origin

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
location: https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1733992373124
dcs: dcs-prod-va6-1-v068-03a1d6102.edge-va6.demdex.com 0 ms
pragma: no-cache
access-control-allow-credentials: true
x-tid: 8FVEIMAhQvs=
expires: Thu, 01 Jan 1970 00:00:00 UTC
access-control-allow-origin: https://ga-insurance-quotes-now.com
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Thu, 12 Dec 2024 08:32:53 GMT
vary: Origin

GET
H2 200 8421581994.js Show response
cdn-pci.optimizely.com/js/ 534 KB
0 0ms
0ms Script
text/javascript 172.64.144.102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-pci.optimizely.com/js/8421581994.js
Requested by: Host: static2.st8fm.com
URL: https://static2.st8fm.com/en_US/dxl-1x/prod/js/1x.core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.102 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d64abfa74a9329c237441a8321b89036fa88a96079492812d2ce1e349ff7e2e2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

access-control-max-age: 86400
access-control-expose-headers: x-amz-meta-revision
content-encoding: gzip
cf-cache-status: HIT
etag: "a3dc816bbd03564898f7aca5dc3c88f5"
x-amz-version-id: 8VeI_lOqJ6XNfODZyff8bGQsSWu6qfXm
age: 26
access-control-allow-methods: HEAD
date: Thu, 12 Dec 2024 08:32:48 GMT
x-amz-meta-revision: 49870
content-type: text/javascript; charset=utf-8
last-modified: Wed, 11 Dec 2024 18:39:57 GMT
vary: Accept-Encoding
x-amz-id-2: MgwtWEK8VsNGvfwJBLo2GsuHtgRhtrbkx5I5FVd2/4J2doAvfV2N080XS4sRABqOBJzO9CyVelk0tVBa8RsIYO8Hwduy2r3CO4GmNy22Pgo=
access-control-allow-headers: *
x-amz-replication-status: PENDING
cache-control: max-age=600
timing-allow-origin: *
x-amz-meta-pci_enabled: True
access-control-allow-credentials: false
x-amz-request-id: QTTJGESG3FVJXR4J
cf-ray: 8f0c5db20d6ba22e-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 132516
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 state-farm-logo-4.svg
static1.st8fm.com/en_US/dxl-1x/prod/css/images/header/ 9 KB
10 KB 41ms
40ms Image
image/svg+xml 117.18.238.236
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/css/images/header/state-farm-logo-4.svg

Requested by

Host: ga-insurance-quotes-now.com
URL: https://ga-insurance-quotes-now.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.238.236 Phoenix, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (chd/0792) /

Resource Hash

c46ea001dc81eea0f86c7a32507f648f78a6e4f40b14db44ebd1fe0111a10c26

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

x-request-id: 208182259064143051514234939746175057024, 1747454607015830821710720750733946818917
age: 12343
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=d3af5b5b-1757-4d50-996a-390a62a1abed&pop=chd"}]}
x-edg-mr: 84:0;84:1;84:2;84:5;84:6;84:8;
expires: Thu, 12 Dec 2024 12:32:53 GMT
server-timing: edgio_cache;desc=TCP_HIT,edgio_pop;desc=chd,edgio_country;desc=CA
x-edg-version: 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e, 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e
x-cache: HIT
date: Thu, 12 Dec 2024 08:32:53 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Sep 2024 21:06:50 GMT
x-frame-options: DENY
cache-control: max-age=14400
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9541
server: ECAcc (chd/0792)

GET
H2 200 state-farm-logo-5.svg
static1.st8fm.com/en_US/dxl-1x/prod/css/images/header/ 3 KB
3 KB 123ms
122ms Image
image/svg+xml 117.18.238.236
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/css/images/header/state-farm-logo-5.svg

Requested by

Host: ga-insurance-quotes-now.com
URL: https://ga-insurance-quotes-now.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.238.236 Phoenix, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (chd/0710) /

Resource Hash

af3b33bb6b8b4ae08f0ffa60d9b975e0b50ac4710a8c53c26d52946a6401e484

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

x-request-id: 965195872856494831015412147030312018138, 167605428489216517927468508735392402829
age: 12345
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=d3af5b5b-1757-4d50-996a-390a62a1abed&pop=chd"}]}
x-edg-mr: 84:0;84:1;84:2;84:5;84:6;84:8;
expires: Thu, 12 Dec 2024 12:32:53 GMT
server-timing: edgio_cache;desc=TCP_HIT,edgio_pop;desc=chd,edgio_country;desc=CA
x-edg-version: 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e, 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e
x-cache: HIT
date: Thu, 12 Dec 2024 08:32:53 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Sep 2024 21:06:12 GMT
x-frame-options: DENY
cache-control: max-age=14400
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3325
server: ECAcc (chd/0710)

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/statefarm/mirus/ 496 B
827 B 47ms
47ms Script
text/javascript 108.138.85.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/statefarm/mirus/code/&publishedOn=Wed%20Dec%2011%2016:52:42%20GMT%202024&ClientID=603&PageID=https%3A%2F%2Fga-insurance-quotes-now.com%2F
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.85.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-85-96.iad12.r.cloudfront.net
Software: CloudFront /
Resource Hash: a22de178a5b9e34c393e1924491e03e3ff9805a6cea5e6e68f093d1dbf6b9009

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

cache-control: no-cache, no-store
via: 1.1 7e2fab32e11703f7384de4d8fef36848.cloudfront.net (CloudFront)
expires: Thu, 12 Dec 2024 08:32:52 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
content-length: 496
x-amz-cf-id: NULcNrs-3IaRkoGKzAtyaAorGMbFxCmtxzE5ld2R4_PzO_GFwPQBug==
date: Thu, 12 Dec 2024 08:32:53 GMT
content-type: text/javascript
x-amz-cf-pop: IAD12-P2
server: CloudFront

GET 3845c5fd-feeb-46bf-b265-e4b2ecfc83f6
https://ga-insurance-quotes-now.com/ Frame 0
0

GET
H3 200 dea0c3a05a4139fee8d01ea90e63aaa6.js Show response
nexus.ensighten.com/statefarm/mirus/code/ 152 KB
42 KB 43ms
42ms Script
application/javascript 108.138.85.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/code/dea0c3a05a4139fee8d01ea90e63aaa6.js?conditionId0=423109
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.85.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-85-96.iad12.r.cloudfront.net
Software: CloudFront /
Resource Hash: c6242eb411ad81eb667e6aa1d3ecfb5fc3e19cd5a732610ba96231337d7bf692

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

content-encoding: br
x-amz-version-id: _ljm5Iij2em4QUxLb1anFRvBxGVSavD.
age: 56400
etag: W/"e039451d3876a9a472913bf56f625057"
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: TugF7R0gYUay2IeSis8MAyOAgsqi0t6wCI-ujcQQAHihT9OQSIISlQ==
date: Wed, 11 Dec 2024 16:52:54 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding
last-modified: Wed, 11 Dec 2024 16:52:45 GMT
x-amz-replication-status: PENDING
cache-control: max-age=315360000
via: 1.1 55545918b0c914bb8f5282930649df4c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P2
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H3 200 1002ca91edaefbd5ced9a815a45c91fc.js Show response
nexus.ensighten.com/statefarm/mirus/code/ 3 KB
1 KB 44ms
43ms Script
application/javascript 108.138.85.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/code/1002ca91edaefbd5ced9a815a45c91fc.js?conditionId0=1539709
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.85.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-85-96.iad12.r.cloudfront.net
Software: CloudFront /
Resource Hash: d67459ce9dc53557007c678187d006099d3959b43674749777f1c36da65db388

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

content-encoding: gzip
x-amz-version-id: Q1JhtmtuRTybjaI9CRBbKeiLUsbp5bc9
age: 4183602
etag: W/"6c07e85833bf1abb3644f87e2b41de69"
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: IIEng1hXQnnimBlMPzxuOuSw4tIZ2oZaw8sZKpSIE92C4DGyeeUWtQ==
date: Thu, 24 Oct 2024 22:26:12 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding
last-modified: Thu, 24 Oct 2024 21:30:34 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=315360000
via: 1.1 55545918b0c914bb8f5282930649df4c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P2
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H3 200 5e334ea84cabc62ff640733a87d598af.js Show response
nexus.ensighten.com/statefarm/mirus/code/ 3 KB
2 KB 44ms
44ms Script
application/javascript 108.138.85.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/code/5e334ea84cabc62ff640733a87d598af.js?conditionId0=567025
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.85.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-85-96.iad12.r.cloudfront.net
Software: CloudFront /
Resource Hash: 83526314b1fd8fb11460e3817fe7cf8442de3eea006d7a1ca81951f3426930cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

content-encoding: gzip
x-amz-version-id: qcgHGgKViDglNuNW2WXQDzl6fS.KMh0O
age: 4183601
etag: W/"5418d8c4cd6405b507c0398211fa991d"
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: WCTk9scyBHk6okYge7QJNdKzKv7TY97YUKmPyIbN1V4-A6yJ3NJpXQ==
date: Thu, 24 Oct 2024 22:26:12 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding
last-modified: Thu, 24 Oct 2024 21:30:34 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=315360000
via: 1.1 55545918b0c914bb8f5282930649df4c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P2
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H2 200 dest5.html
statefarmmutualautomobileinsurancecompany.demdex.net/ Frame 3084 0
0 146ms
43ms Document
text/html 52.207.43.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://statefarmmutualautomobileinsurancecompany.demdex.net/dest5.html?d_nsid=0

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.207.43.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-207-43-21.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ga-insurance-quotes-now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Thu, 12 Dec 2024 08:32:53 GMT
dcs: dcs-prod-va6-1-v068-0ad5b0747.edge-va6.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 22 Nov 2024 13:01:16 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: IV83l0RzRGo=

GET
H2 200 id Show response
smetrics.statefarm.com/ 48 B
473 B 220ms
47ms XHR
application/x-javascript 63.140.38.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.statefarm.com/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&mid=10076818882874904533000183573248767169&ts=1733992373484

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AEA3_bmTAQAAbZoy9H_AP2Wwqdtp8JnjZ4qcB-0IDd7UawAabhDK1hNrfEy3&J5odCIZGx--z=q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.38.217 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-38-217.data.adobedc.net

Software

jag /

Resource Hash

4cd706753d64b45d7d9b84051b79f7f212e938d301eba9f85b222a6285436566

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://ga-insurance-quotes-now.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://ga-insurance-quotes-now.com
p3p: CP="This is not a P3P policy"
content-length: 48
date: Thu, 12 Dec 2024 08:32:53 GMT
x-xss-protection: 1; mode=block
content-type: application/x-javascript;charset=utf-8
vary: Origin
server: jag

GET
H2

200

ibs:dpid=411&dpuuid=Z1qftQAAABgJ8wN_
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=04415601480127801052485554730223910685
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Z1qftQAAABgJ8wN_

42 B
713 B

47ms
46ms

Image
image/gif

34.236.201.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Z1qftQAAABgJ8wN_

Requested by

Host: ga-insurance-quotes-now.com
URL: https://ga-insurance-quotes-now.com/

Protocol

Server

34.236.201.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-236-201-56.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs: dcs-prod-va6-1-v068-0e901a6ee.edge-va6.demdex.com 3 ms
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
x-tid: i04k9yiWT6s=
expires: Thu, 01 Jan 1970 00:00:00 UTC
content-length: 59
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Thu, 12 Dec 2024 08:32:53 GMT
content-type: image/gif

Redirect headers

Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Z1qftQAAABgJ8wN_
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Length: 0
Date: Thu, 12 Dec 2024 08:32:53 GMT
Connection: keep-alive
Server: AMO-cookiemap/1.1

POST
H3 200 collect
www.google.com/ccm/ 0
0 188ms
88ms Ping
text/plain 74.125.192.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fga-insurance-quotes-now.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1203612049.1733992374&auid=440579779.1733992374&npa=0&gtm=45He4cb0v849799669za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485&tft=1733992373509&tfd=4953&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.192.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: qn-in-f105.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 414 KB
132 KB 139ms
139ms Script
application/javascript 172.217.222.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3WRNTYXP84&l=GTMdataLayer&cx=c&gtm=45He4cb0v849799669za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.222.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

7528c329f7f315a6e470875ef6b0e97bda4e68c58d1d42fbe83109944a5b2723

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 12 Dec 2024 08:32:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 08:32:53 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 135298
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
83 KB 59ms
59ms Script
application/javascript 172.217.222.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-11264551&l=GTMdataLayer&cx=c&gtm=45He4cb0v849799669za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.222.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

f40b0ab3bfc033479dddd5c0393e8a53ecefb612b8741f8b3d0b045eb61c0051

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 12 Dec 2024 08:32:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 08:32:53 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 12 Dec 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 85139
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 87ms
42ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ga-insurance-quotes-now.com
URL: https://ga-insurance-quotes-now.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

c4eb49795f7a703429e7012cec0a556e6faf6f551f07cd337f66c5a1ec3a5847

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-nhSV3hXu' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 08:32:53 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-nhSV3hXu' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=23, mss=1232, tbw=4477, tp=9, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: oq6/jBrgabi0jipmTvfFh1JbX+phfoyBAmE28wpHEw6xVKHs1yPU1e3cppmqMX6cpmIJh64JHIRM6+3197S8fA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62212
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 15 KB
6 KB 251ms
110ms Script
application/javascript 3.167.72.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.167.72.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-167-72-96.iad61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bb19cc9bb9e4e0f0237ee1f0c213487452c77e6f9fa6fa9edcb87f4de9f0c21a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

Transfer-Encoding: chunked
Vary: accept-encoding
Content-Encoding: gzip
ETag: W/"dd635a85604f92ec6b3a600d010dd4e3"
Age: 17090
Connection: keep-alive
Via: 1.1 5072b2d5201c1f2f8d4d9135dcd39754.cloudfront.net (CloudFront)
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: MesL465m0eqILcogO7RA9E4xBI2JajqftzEWdsSnIsyml8LelKnKxg==
Date: Thu, 12 Dec 2024 03:48:04 GMT
Content-Type: application/javascript
Last-Modified: Mon, 09 Dec 2024 03:47:21 GMT
Server: AmazonS3
X-Amz-Cf-Pop: IAD61-P6
x-amz-server-side-encryption: AES256

GET
H2 200 scevent.min.js Show response
sc-static.net/ 55 KB
24 KB 479ms
96ms Script
application/javascript 3.163.245.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: ga-insurance-quotes-now.com
URL: https://ga-insurance-quotes-now.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.163.245.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: d3744f7a6202504d32e2b4d7e017ab1b4012a859d771aeefa5751dd8dbc2f59e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

cache-control: private, s-maxage=0, max-age=600
content-encoding: gzip
via: 1.1 2080aae7ace369c71819923852e1b17e.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 23799
x-amz-cf-id: jbc2QEWmhkq2I1vvs3WT4JrxbkxyRe6f1NHNs7x_whG5oZggbM4t8w==
date: Thu, 12 Dec 2024 08:32:53 GMT
content-type: application/javascript;charset=utf-8
x-amz-cf-pop: YUL62-P2
server: CloudFront
access-control-allow-headers: Content-Type

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4c30/ Frame B97E 0
0 148ms
50ms Document
text/html 172.217.222.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4c30/sw_iframe.html?origin=https%3A%2F%2Fga-insurance-quotes-now.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.222.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f97.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Thu, 12 Dec 2024 08:32:53 GMT
expires: Fri, 12 Dec 2025 08:32:53 GMT
last-modified: Tue, 03 Dec 2024 10:18:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET dataLayer_logic.js
deel-id-persistence.deel.c1.statefarm/ 0
0

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

Content-Type: image/png

GET
H3 200 528857779805042 Show response
connect.facebook.net/signals/config/ 77 KB
16 KB 43ms
43ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/528857779805042?v=2.9.178&r=stable&domain=ga-insurance-quotes-now.com&hme=28abfdc7e582ae2a8fdd6ac5ebb406923cf601dc2ee488049b0628e75e0f6b36&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

c2a812ebca89df586e489698f093186977d6f4d29866461fd9df20f5859640fd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-sX3oLN8o' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 08:32:53 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-sX3oLN8o' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=4, c=77, mss=1232, tbw=75421, tp=69, tpl=4, uplat=1, ullat=-1
pragma: public
x-fb-debug: C+kQv2xK0Hx3Jmq0eQxzaNP339KIf0PwyFYP2qWLhSqYURS/N4/GsPlaWpKVozPFQp+RaFB0VTnRqJn23NgXMA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 16317
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 collect Show response
sst.statefarm.com/g/ 947 B
1 KB 157ms
77ms Fetch
text/plain 34.128.179.202
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sst.statefarm.com/g/collect?v=2&tid=G-3WRNTYXP84&gtm=45je4cb0v9178161793z8849799669za200zb849799669&_p=1733992369522&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485&cid=73040700.1733992374&ecid=682924569&ul=en-ca&sr=1600x1200&_fplc=0&ur=CA-ON&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&sst.etld=google.ca&sst.tft=1733992369522&sst.ude=0&_s=1&sid=1733992373&sct=1&seg=0&dl=https%3A%2F%2Fga-insurance-quotes-now.com%2F&dt=Ethan%20Collins%20-%20State%20Farm%20Insurance%20Agent%20in%20Berkeley%20Lake%2C%20GA&en=page_view&_fv=1&_nsi=1&_ss=1&up.ECID=&tfd=5275&richsstsse

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AEA3_bmTAQAAbZoy9H_AP2Wwqdtp8JnjZ4qcB-0IDd7UawAabhDK1hNrfEy3&J5odCIZGx--z=q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.128.179.202 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

202.179.128.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

724f6efc770f20de22f89aa96149c0b9d29cba83febaaaa6d6202eff314a49d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

cache-control: no-cache
x-accel-buffering: no
access-control-allow-credentials: true
x-content-type-options: nosniff
via: 1.1 google
access-control-allow-origin: https://ga-insurance-quotes-now.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 08:32:53 GMT
content-type: text/plain
server: Google Frontend

GET
H3 200 1673276772914128 Show response
connect.facebook.net/signals/config/ 76 KB
13 KB 2071ms
2070ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1673276772914128?v=2.9.178&r=stable&domain=ga-insurance-quotes-now.com&hme=28abfdc7e582ae2a8fdd6ac5ebb406923cf601dc2ee488049b0628e75e0f6b36&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C128%2C147%2C174%2C160%2C119%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

9e1a60d52e6b810c402176421ae774773ce07c8b7d81c78b5e2a1db1161227b3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-D5to3Rxv' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 08:32:55 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-D5to3Rxv' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=5, c=77, mss=1232, tbw=94077, tp=87, tpl=5, uplat=2028, ullat=0
pragma: public
x-fb-debug: U4c6IrwQ49AMtF+x0QkJCtbwttU1LcBqJ/0v6ko+o+axu8nkVqDfCTieALNKzcemRE4KzrCu0BLrpU8VJVLA8A==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 s44368805974715
smetrics.statefarm.com/b/ss/sfglobalprod/1/JS-2.1.0/ 43 B
324 B 47ms
46ms Image
image/gif 63.140.38.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smetrics.statefarm.com/b/ss/sfglobalprod/1/JS-2.1.0/s44368805974715?AQB=1&ndh=1&pf=1&t=12%2F11%2F2024%200%3A32%3A53%204%20480&D=..&mid=10076818882874904533000183573248767169&aamlh=7&ce=UTF-8&pageName=sf%3Aus%3Aagent-micro-v%3Aqbqpt9r82ak&g=https%3A%2F%2Fga-insurance-quotes-now.com%2F&ch=sf%3Aus%3Aagent-micro-v&server=ga-insurance-quotes-now.com&events=event44%2Cevent31&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=sf%3Aagent-micro-v%3Aqbqpt9r82ak&h1=home%7Cagent-micro-v%7Cqbqpt9r82ak&c4=sf%3Aagent-micro-v%3Aqbqpt9r82ak&v6=ga-insurance-quotes-now.com&v9=..pageName&v11=..c5&c16=https%3A%2F%2Fga-insurance-quotes-now.com%2F&v26=%2B1&v32=direct%20load&v37=%2B1&c38=en&v38=thursday%7C2%3A30am&c50=true%3Blimited&v50=12%2F12%2F2024&v52=..c16&v53=direct%20load&v54=n%2Fa&v55=direct%20load&v62=mozilla%2F5.0%20%28x11%3B%20linux%20x86_64%29%20applewebkit%2F537.36%20%28khtml%2C%20like%20gecko%29%20chrome%2F131.0.0.0%20safari%2F537.36&c70=en-us&v121=ens%7Cdeel&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&AQE=1

Requested by

Host: ga-insurance-quotes-now.com
URL: https://ga-insurance-quotes-now.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.38.217 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-38-217.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
pragma: no-cache
etag: 3723720267128176640-4618455696616402396
x-content-type-options: nosniff
expires: Wed, 11 Dec 2024 08:32:53 GMT
access-control-allow-origin: *
p3p: CP="This is not a P3P policy"
content-length: 43
date: Thu, 12 Dec 2024 08:32:53 GMT
x-xss-protection: 1; mode=block
last-modified: Fri, 13 Dec 2024 08:32:53 GMT
vary: *
server: jag
content-type: image/gif;charset=utf-8

GET
H2 204 collect
analytics.google.com/g/s/ 0
510 B 484ms
154ms Image
text/plain 216.239.36.181
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.google.com/g/s/collect?dma=0&npa=0&gcd=13l3l3l3l1l1&gtm=45j91e4c50v9178161793z8849799669z99193227662za200zb849799669&tag_exp=101925629~102067555~102067808~102081485&_gsid=3WRNTYXP84NIxTlYDDp7iDgZrFdO6c1w
Requested by: Host: ga-insurance-quotes-now.com
URL: https://ga-insurance-quotes-now.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:194:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:194:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 08:32:54 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 275ms
56ms Image
image/gif 173.194.205.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&dma=0&npa=0&gcd=13l3l3l3l1l1&tid=G-3WRNTYXP84&cid=73040700.1733992374&gtm=45j91e4c50v9178161793z8849799669z99193227662za200zb849799669&tag_exp=101925629~102067555~102067808~102081485&aip=1&z=849518375

Requested by

Host: ga-insurance-quotes-now.com
URL: https://ga-insurance-quotes-now.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.205.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qm-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 12 Dec 2024 08:32:54 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 204 collect
stats.g.doubleclick.net/g/ 0
510 B 429ms
49ms Image
text/plain 142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&dma=0&npa=0&gcd=13l3l3l3l1l1&tid=G-3WRNTYXP84&cid=73040700.1733992374&gtm=45j91e4c50v9178161793z8849799669z99193227662za200zb849799669&tag_exp=101925629~102067555~102067808~102081485&aip=1
Requested by: Host: ga-insurance-quotes-now.com
URL: https://ga-insurance-quotes-now.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.16.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: bl-in-f157.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 08:32:54 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 3343c101-8725-4e3e-a691-2052c85e1bce.json Show response
tr.snapchat.com/config/com/ 100 B
402 B 128ms
107ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/3343c101-8725-4e3e-a691-2052c85e1bce.json?v=3.34.2-2412102248

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AEA3_bmTAQAAbZoy9H_AP2Wwqdtp8JnjZ4qcB-0IDd7UawAabhDK1hNrfEy3&J5odCIZGx--z=q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

0de7beadf73727d4f4f2b1fe7383e5a8f5481ca4dc3c0d0cfc13ac41818630b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept: application/json
Referer: https://ga-insurance-quotes-now.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 34
access-control-allow-credentials: true
observe-browsing-topics: ?1
via: 1.1 google, 1.1 google
access-control-allow-origin: https://ga-insurance-quotes-now.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
date: Thu, 12 Dec 2024 08:32:54 GMT
content-type: application/json
server: API Gateway

GET
H2 200 i
tr.snapchat.com/cm/ Frame B0A9 0
0 159ms
79ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=3343c101-8725-4e3e-a691-2052c85e1bce&u_scsid=6b60126b-ac56-44b5-b7f2-1788fdeda465&u_sclid=bb6427b7-efbd-4b92-8133-0c8730dd0de6

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://ga-insurance-quotes-now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 672
content-type: text/html
date: Thu, 12 Dec 2024 08:32:54 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 2f0ca4be-e310-4347-a688-421e70cfc0e5.js Show response
tr.snapchat.com/config/com/ 209 B
288 B 285ms
114ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/2f0ca4be-e310-4347-a688-421e70cfc0e5.js?v=3.34.2-2412102248

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

930955b3823a0f040f2080eda11fc8268f15f97e4da6714ead3e860a8fa44e7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://ga-insurance-quotes-now.com
Referer: https://ga-insurance-quotes-now.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 38
access-control-allow-credentials: true
via: 1.1 google, 1.1 google
access-control-allow-origin: https://ga-insurance-quotes-now.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 209
date: Thu, 12 Dec 2024 08:32:54 GMT
content-type: application/javascript
server: API Gateway

GET
H2 200 i
tr.snapchat.com/cm/ Frame A7F6 0
0 159ms
80ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=2f0ca4be-e310-4347-a688-421e70cfc0e5&u_scsid=6b60126b-ac56-44b5-b7f2-1788fdeda465&u_sclid=bb6427b7-efbd-4b92-8133-0c8730dd0de6

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://ga-insurance-quotes-now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 672
content-type: text/html
date: Thu, 12 Dec 2024 08:32:54 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
x-envoy-upstream-service-time: 0

POST
H2 200 p
tr.snapchat.com/ 0
257 B 135ms
84ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://ga-insurance-quotes-now.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 6
access-control-allow-credentials: true
via: 1.1 google, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-origin: https://ga-insurance-quotes-now.com
content-length: 0
date: Thu, 12 Dec 2024 08:32:54 GMT
server: API Gateway

POST
H2 200 p
tr6.snapchat.com/ 0
46 B 98ms
77ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://ga-insurance-quotes-now.com/

Response headers

via: 1.1 google, 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 12 Dec 2024 08:32:54 GMT
x-envoy-upstream-service-time: 0
server: API Gateway

POST
H2 200 p
tr.snapchat.com/ 0
53 B 82ms
79ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://ga-insurance-quotes-now.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 2
access-control-allow-credentials: true
via: 1.1 google, 1.1 google
alt-svc: clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-origin: https://ga-insurance-quotes-now.com
content-length: 0
date: Thu, 12 Dec 2024 08:32:54 GMT
server: API Gateway

GET
H3 200 1936962093151750 Show response
connect.facebook.net/signals/config/ 95 KB
16 KB 2052ms
2051ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1936962093151750?v=2.9.178&r=stable&domain=ga-insurance-quotes-now.com&hme=28abfdc7e582ae2a8fdd6ac5ebb406923cf601dc2ee488049b0628e75e0f6b36&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C128%2C147%2C174%2C160%2C119%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

9b97a7d00e6cbf313b46328eda23a81e908dee0188d13a48792658ff3febbcf5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-WuyI4nki' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 08:32:58 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-WuyI4nki' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=7, c=77, mss=1232, tbw=110525, tp=105, tpl=7, uplat=2009, ullat=0
pragma: public
x-fb-debug: UMq1v76/vIyApawzYQ4yCYNuDiQ+KtJMb2ZlO68IzxCLW6oz8ojabt178uIDSQy24hGHr6Y6PGyGc0Myp+TmHA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/58/11a/ 267 KB
56 KB 53ms
52ms Script
text/javascript 172.217.222.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/58/11a/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBS9DDO8i_AGakIP4RrMhBIycy08imFG4g&libraries=places&channel=b2c-geo-code&language=&v=3

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.222.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f95.1e100.net

Software

sffe /

Resource Hash

87969313ec0e62ca6dd87f362f5d80be5d5850df5cc92e40aea16d405a80b9b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

content-encoding: br
age: 409506
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options: nosniff
expires: Sun, 07 Dec 2025 14:47:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 07 Dec 2024 14:47:51 GMT
last-modified: Tue, 29 Oct 2024 22:44:00 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges: bytes
content-length: 56823
x-xss-protection: 0
server: sffe

GET
H3 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/58/11a/ 191 KB
58 KB 56ms
56ms Script
text/javascript 172.217.222.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/58/11a/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBS9DDO8i_AGakIP4RrMhBIycy08imFG4g&libraries=places&channel=b2c-geo-code&language=&v=3

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.222.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f95.1e100.net

Software

sffe /

Resource Hash

bfd7735ba4bbccdafb1fd3c00d9182d5ed058e194a1c33a15c096091b5a2a630

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ga-insurance-quotes-now.com/

Response headers

content-encoding: br
age: 386949
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options: nosniff
expires: Sun, 07 Dec 2025 21:03:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 07 Dec 2024 21:03:48 GMT
last-modified: Tue, 29 Oct 2024 22:44:00 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges: bytes
content-length: 59447
x-xss-protection: 0
server: sffe

GET /
www.facebook.com/tr/ 0
0

GET /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 0
0

GET /
www.facebook.com/tr/ 0
0

GET /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 0
0

GET /
www.facebook.com/tr/ 0
0

GET /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 0
0

POST
H2 200 pageviews Show response
peachy.prod.mirus.io/record/3.0/projects/null/events/ 66 B
319 B 53ms
51ms Fetch
application/json 104.198.70.133
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://peachy.prod.mirus.io/record/3.0/projects/null/events/pageviews

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AEA3_bmTAQAAbZoy9H_AP2Wwqdtp8JnjZ4qcB-0IDd7UawAabhDK1hNrfEy3&J5odCIZGx--z=q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.70.133 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

133.70.198.104.bc.googleusercontent.com

Software

Resource Hash

bf3fc45582fe123a3c1b7ee6a4c0eecfed606ec8a4613bca4b7c66890b15e748

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

keen-sdk: javascript-5.0.1
Authorization: null
Referer: https://ga-insurance-quotes-now.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
access-control-allow-origin: https://ga-insurance-quotes-now.com
content-length: 66
date: Thu, 12 Dec 2024 08:32:58 GMT
content-type: application/json; charset=utf-8
vary: origin

OPTIONS
H2 204 pageviews
peachy.prod.mirus.io/record/3.0/projects/null/events/ Frame 0
0 271ms
50ms Preflight 104.198.70.133
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://peachy.prod.mirus.io/record/3.0/projects/null/events/pageviews

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.70.133 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

133.70.198.104.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,keen-sdk
Access-Control-Request-Method: POST
Origin: https://ga-insurance-quotes-now.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,origin,referer,user-agent,x-requested-with,keen-sdk,accept-language
access-control-allow-methods: POST
access-control-allow-origin: https://ga-insurance-quotes-now.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
access-control-max-age: 86400
cache-control: no-cache
date: Thu, 12 Dec 2024 08:32:58 GMT
strict-transport-security: max-age=15724800; includeSubDomains

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: deel-id-persistence.deel.c1.statefarm
URL: https://deel-id-persistence.deel.c1.statefarm/index.js

Domain: ga-insurance-quotes-now.com
URL: blob:https://ga-insurance-quotes-now.com/3845c5fd-feeb-46bf-b265-e4b2ecfc83f6

Domain: deel-id-persistence.deel.c1.statefarm
URL: https://deel-id-persistence.deel.c1.statefarm/dataLayer_logic.js

Domain: www.facebook.com
URL: https://www.facebook.com/tr/?id=528857779805042&ev=PageView&dl=https%3A%2F%2Fga-insurance-quotes-now.com&rl=&if=false&ts=1733992378054&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=4124&fbp=fb.1.1733992378050.877950205763214091&pm=1&hrl=471a08&ler=empty&cdl=API_unavailable&it=1733992373758&coo=false&cs_cc=1&cas=8991258507552987&rqm=GET

Domain: www.facebook.com
URL: https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=528857779805042&ev=PageView&dl=https%3A%2F%2Fga-insurance-quotes-now.com&rl=&if=false&ts=1733992378054&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=4124&fbp=fb.1.1733992378050.877950205763214091&pm=1&hrl=471a08&ler=empty&cdl=API_unavailable&it=1733992373758&coo=false&cs_cc=1&cas=8991258507552987&rqm=FGET

Domain: www.facebook.com
URL: https://www.facebook.com/tr/?id=1673276772914128&ev=PageView&dl=https%3A%2F%2Fga-insurance-quotes-now.com&rl=&if=false&ts=1733992378058&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=4124&fbp=fb.1.1733992378050.877950205763214091&pm=1&hrl=7944df&ler=empty&cdl=API_unavailable&it=1733992373758&coo=false&cs_cc=1&ccs=1116103673136860&cas=1214633611919409%2C8755091551250466%2C7774361879320453%2C7617600818324929%2C24929369213345389%2C7675131075842370%2C7425328607552657%2C7624177140967951%2C7670719459657551%2C7215761388545315%2C7044499848989369%2C26618354901146596%2C7324820104275253%2C7238804569529676%2C7374958915955390%2C7252568091464087%2C7360650587360734%2C5230493466989894&rqm=GET

Domain: www.facebook.com
URL: https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1673276772914128&ev=PageView&dl=https%3A%2F%2Fga-insurance-quotes-now.com&rl=&if=false&ts=1733992378058&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=4124&fbp=fb.1.1733992378050.877950205763214091&pm=1&hrl=7944df&ler=empty&cdl=API_unavailable&it=1733992373758&coo=false&cs_cc=1&ccs=1116103673136860&cas=1214633611919409%2C8755091551250466%2C7774361879320453%2C7617600818324929%2C24929369213345389%2C7675131075842370%2C7425328607552657%2C7624177140967951%2C7670719459657551%2C7215761388545315%2C7044499848989369%2C26618354901146596%2C7324820104275253%2C7238804569529676%2C7374958915955390%2C7252568091464087%2C7360650587360734%2C5230493466989894&rqm=FGET

Domain: www.facebook.com
URL: https://www.facebook.com/tr/?id=1936962093151750&ev=PageView&dl=https%3A%2F%2Fga-insurance-quotes-now.com&rl=&if=false&ts=1733992378061&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=4124&fbp=fb.1.1733992378050.877950205763214091&pm=1&hrl=9d20e4&ler=empty&cdl=API_unavailable&it=1733992373758&coo=false&cs_cc=1&cas=7218815278226275%2C25500980252833703%2C7380101898751939%2C8291848377510553%2C25686451994273421%2C7500200006682408%2C25118593361121421%2C7555123887841809%2C25195590966722337%2C7361528717267869%2C7319385778178009%2C7685024611562335%2C8204370092923960%2C7491566387545976%2C7333112786736156%2C7550353818344647%2C7854743601225667%2C7297345487017009%2C7131998973572208%2C7802671699783023%2C7288683261254452%2C7867538586632075%2C6626898844079554%2C8268824213133391%2C7569112853151196%2C7442094839208402%2C7434432033312355%2C25109235288723423%2C25199182166395817%2C25203507072627411%2C7347831435335218%2C25522515250680222%2C25259422107035510%2C26078319375088594%2C7294803430634651%2C7686397834749767%2C6948992248539919%2C25183950664553886%2C7173226052803726%2C7065819623522858%2C24576154631999236%2C7110286525723394%2C5643849709017872%2C7353531021412875%2C7369615686466734%2C7114562148666732%2C25377678148545163%2C7406423582768358%2C7322495404485244%2C7452567494860296%2C7532523723500708%2C8196232670394126%2C8047347431942109%2C8141189212562199%2C7852591648092831%2C7553381094718092%2C7293802560714708&rqm=GET

Domain: www.facebook.com
URL: https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1936962093151750&ev=PageView&dl=https%3A%2F%2Fga-insurance-quotes-now.com&rl=&if=false&ts=1733992378061&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=4124&fbp=fb.1.1733992378050.877950205763214091&pm=1&hrl=9d20e4&ler=empty&cdl=API_unavailable&it=1733992373758&coo=false&cs_cc=1&cas=7218815278226275%2C25500980252833703%2C7380101898751939%2C8291848377510553%2C25686451994273421%2C7500200006682408%2C25118593361121421%2C7555123887841809%2C25195590966722337%2C7361528717267869%2C7319385778178009%2C7685024611562335%2C8204370092923960%2C7491566387545976%2C7333112786736156%2C7550353818344647%2C7854743601225667%2C7297345487017009%2C7131998973572208%2C7802671699783023%2C7288683261254452%2C7867538586632075%2C6626898844079554%2C8268824213133391%2C7569112853151196%2C7442094839208402%2C7434432033312355%2C25109235288723423%2C25199182166395817%2C25203507072627411%2C7347831435335218%2C25522515250680222%2C25259422107035510%2C26078319375088594%2C7294803430634651%2C7686397834749767%2C6948992248539919%2C25183950664553886%2C7173226052803726%2C7065819623522858%2C24576154631999236%2C7110286525723394%2C5643849709017872%2C7353531021412875%2C7369615686466734%2C7114562148666732%2C25377678148545163%2C7406423582768358%2C7322495404485244%2C7452567494860296%2C7532523723500708%2C8196232670394126%2C8047347431942109%2C8141189212562199%2C7852591648092831%2C7553381094718092%2C7293802560714708&rqm=FGET

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: State Farm (Insurance)

167 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-21 01:41:18	Name: X-AB Value: c09143d0a14843b288a0a3e950ecfe0b
ga-insurance-quotes-now.com/	1970-01-21 01:41:18	Name: __cheesecrd_version Value: master
.ga-insurance-quotes-now.com/	1970-01-21 11:15:52	Name: optimizelyEndUserId Value: oeu1733992369697r0.05444867204435133
.demdex.net/	1970-01-21 05:59:04	Name: demdex Value: 04415601480127801052485554730223910685
.ga-insurance-quotes-now.com/	1969-12-31 23:59:59	Name: AMCVS_AAD53BC75245B4BA0A490D4D%40AdobeOrg Value: 1
.ga-insurance-quotes-now.com/	1970-01-21 03:49:28	Name: _gcl_au Value: 1.1.440579779.1733992374
.ga-insurance-quotes-now.com/	1970-01-21 01:39:54	Name: s_gad Value: 1
.statefarm.com/	1970-01-21 11:15:52	Name: s_ecid Value: MCMID%7C10076818882874904533000183573248767169
.dpm.demdex.net/	1970-01-21 05:59:04	Name: dpm Value: 04415601480127801052485554730223910685
.ga-insurance-quotes-now.com/	1970-01-21 11:15:52	Name: AMCV_AAD53BC75245B4BA0A490D4D%40AdobeOrg Value: 179643557%7CMCIDTS%7C20070%7CMCMID%7C10076818882874904533000183573248767169%7CMCAAMLH-1734597173%7C7%7CMCAAMB-1734597173%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1733999573s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-20077%7CvVersion%7C5.5.0
.ga-insurance-quotes-now.com/	1970-01-21 11:15:52	Name: _ga_3WRNTYXP84 Value: GS1.1.1733992373.1.0.1733992373.0.0.682924569
.ga-insurance-quotes-now.com/	1970-01-21 11:15:52	Name: _ga Value: GA1.1.73040700.1733992374
.ga-insurance-quotes-now.com/	1970-01-21 01:39:54	Name: s_pre_pn Value: sf%3Aus%3Aagent-micro-v%3Aqbqpt9r82ak
.ga-insurance-quotes-now.com/	1970-01-21 01:39:54	Name: s_pre_v6 Value: ga-insurance-quotes-now.com
.ga-insurance-quotes-now.com/	1970-01-21 01:39:54	Name: s_dl Value: 1
.ga-insurance-quotes-now.com/	1969-12-31 23:59:59	Name: s_cm Value: typed%2Fbookmarkedundefinedtyped%2Fbookmarked
.ga-insurance-quotes-now.com/	1970-01-21 11:15:52	Name: s_ev32 Value: %5B%5B%27direct%2520load%27%2C%271733992373955%27%5D%5D
.ga-insurance-quotes-now.com/	1969-12-31 23:59:59	Name: s_session Value: s_prev_url%3Dhttps%3A%2F%2Fga-insurance-quotes-now.com%2F%7CentryProperty%3Dhttps%3A%2F%2Fga-insurance-quotes-now.com%2F%7Cs_prev_channel%3Dsf%3Aundefined%3Aagent-micro-v%7Cs_prev_ch%3Dagent-micro-v%7Cs_prev_pn%3Dqbqpt9r82ak%7Cs_prev_pageName%3Dsf%3Aundefined%3Aagent-micro-v%3Aqbqpt9r82ak%7Cmc%3Ddirect%20load%7C
.ga-insurance-quotes-now.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.demdex.net/	1970-01-21 05:59:04	Name: dextp Value: 771-1-1733992373702\|903-1-1733992373803\|30646-1-1733992373904\|66757-1-1733992374005
.ga-insurance-quotes-now.com/	1970-01-21 11:09:39	Name: _scid Value: mLdFANR0D-aalHY6_NoRZ5XMAYuaoSFZ
.ga-insurance-quotes-now.com/	1970-01-21 11:09:39	Name: _scid_r Value: mLdFANR0D-aalHY6_NoRZ5XMAYuaoSFZ
.doubleclick.net/	1970-01-21 11:15:52	Name: IDE Value: AHWqTUkL5flenqi0-ng-LcWTJi3u2exZO1LhvfSQ0WrAh0LDCTuKxpTQbccXkXH1h9k
.adsrvr.org/	1970-01-21 10:25:28	Name: TDID Value: 5587bf99-d36b-4408-8f0e-1aed235c0e77
.ga-insurance-quotes-now.com/	1970-01-21 01:49:57	Name: _ScCbts Value: %5B%5D
.adsrvr.org/	1970-01-21 10:25:28	Name: TDCPM Value: CAESEgoDYWFtEgsIjpzHsrOkzT0QBRgFIAEoAjILCOiH_NvJpM09EAU4AQ..
.yahoo.com/	1970-01-21 10:25:49	Name: A3 Value: d=AQABBLafWmcCEERmM9ciUsHm1OP5H7tSRkwFEgEBAQHxW2dkZyXaxyMA_eMAAA&S=AQAAAnWoZLM3P3Ds7vSmUbap_ng
.analytics.yahoo.com/	1970-01-21 10:25:28	Name: IDSYNC Value: 19cu~2mc8
.tapad.com/	1970-01-21 03:06:16	Name: TapAd_TS Value: 1733992374752
.tapad.com/	1970-01-21 03:06:16	Name: TapAd_DID Value: c2817935-206b-4984-96be-b0cd8e8fa20f
.tapad.com/	1970-01-21 03:06:16	Name: TapAd_3WAY_SYNCS Value:
.snapchat.com/	1970-01-21 11:01:28	Name: sc_at Value: v2\|H4sIAAAAAAAAAE3GuRHAMAgEwIqYEXAY425OTxcq3gq10aLmTHMVAynASmHYOOta7+h8glvRPk33KvOMfbX9RhcVhUAAAAA=
.ga-insurance-quotes-now.com/	1970-01-21 11:09:39	Name: _sctr Value: 1%7C1733990400000
.ga-insurance-quotes-now.com/	1970-01-21 03:49:28	Name: _fbp Value: fb.1.1733992378050.877950205763214091

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://online.statefarm.com/ddc/trafficdetection.aspx Message: Failed to load resource: the server responded with a status of 403 ()
javascript	warning	URL: https://static2.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AEA3_bmTAQAAbZoy9H_AP2Wwqdtp8JnjZ4qcB-0IDd7UawAabhDK1hNrfEy3&J5odCIZGx--z=q, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://static2.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AEA3_bmTAQAAbZoy9H_AP2Wwqdtp8JnjZ4qcB-0IDd7UawAabhDK1hNrfEy3&J5odCIZGx--z=q, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	error	URL: https://ga-insurance-quotes-now.com/ Message: Access to script at 'https://deel-id-persistence.deel.c1.statefarm/index.js' from origin 'https://ga-insurance-quotes-now.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://deel-id-persistence.deel.c1.statefarm/index.js Message: Failed to load resource: net::ERR_FAILED
security	error	URL: https://ga-insurance-quotes-now.com/ Message: Refused to execute script from 'https://www.statefarm.com/agent/cookie?associateID=QBQPT9R82AK&app=AMS' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
rendering	warning	URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AEA3_bmTAQAAbZoy9H_AP2Wwqdtp8JnjZ4qcB-0IDd7UawAabhDK1hNrfEy3&J5odCIZGx--z=q Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering	warning	URL: https://ga-insurance-quotes-now.com/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A060F0004C1F0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AEA3_bmTAQAAbZoy9H_AP2Wwqdtp8JnjZ4qcB-0IDd7UawAabhDK1hNrfEy3&J5odCIZGx--z=q Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
network	error	URL: https://online.statefarm.com/ddc/trafficdetection.aspx Message: Failed to load resource: the server responded with a status of 403 ()
worker	warning	URL: https://ga-insurance-quotes-now.com/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A090F0004C1F0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
javascript	error	URL: https://ga-insurance-quotes-now.com/ Message: Access to script at 'https://deel-id-persistence.deel.c1.statefarm/dataLayer_logic.js' from origin 'https://ga-insurance-quotes-now.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://deel-id-persistence.deel.c1.statefarm/dataLayer_logic.js Message: Failed to load resource: net::ERR_FAILED
rendering	warning	URL: https://static1.st8fm.com/en_US/b2c_dvts/common/js/lib/StateFarmCommon.js?seed=AEA3_bmTAQAAbZoy9H_AP2Wwqdtp8JnjZ4qcB-0IDd7UawAabhDK1hNrfEy3&J5odCIZGx--z=q Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a8367280580.cdn-pci.optimizely.com
ac1.st8fm.com
ajax.googleapis.com
analytics.google.com
apps.statefarm.com
cdn-pci.optimizely.com
cdnjs.cloudflare.com
cm.everesttech.net
connect.facebook.net
deel-id-persistence.deel.c1.statefarm
dpm.demdex.net
fonts.googleapis.com
ga-insurance-quotes-now.com
invocation.deel.c1.statefarm
js.adsrvr.org
logx.optimizely.com
maps.googleapis.com
maxcdn.bootstrapcdn.com
mx-api.prod.mirus.io
nexus.ensighten.com
online.statefarm.com
peachy.prod.mirus.io
sc-static.net
smetrics.statefarm.com
sst.statefarm.com
statefarmmutualautomobileinsurancecompany.demdex.net
static1.st8fm.com
static2.st8fm.com
stats.g.doubleclick.net
tapi.optimizely.com
tr.snapchat.com
tr6.snapchat.com
www.facebook.com
www.google.ca
www.google.com
www.googletagmanager.com
www.statefarm.com
deel-id-persistence.deel.c1.statefarm
ga-insurance-quotes-now.com
www.facebook.com
104.17.24.14
104.18.11.207
104.18.43.154
104.198.70.133
108.138.85.96
117.18.238.236
142.251.16.157
172.217.222.95
172.217.222.97
172.253.122.95
172.64.144.102
172.64.148.72
173.194.205.94
173.194.205.95
216.239.36.181
3.163.245.4
3.167.72.96
3.221.220.136
3.81.197.94
31.13.66.19
34.128.179.202
34.236.201.56
34.49.241.189
34.69.219.172
35.190.43.134
52.207.43.21
63.140.38.217
74.125.192.105
00a735022a0585ebce6bbc8df6dd9a1c84ac4f539523c318b5606b09b642e070
02e9c70478b4ed0444cfa8a953983e0a0388b731ec7b07662bd667d56816bf2c
050a9ed70054814432bfc7f62f804ea64c4bd749d6c4caffa9e0a58020628683
06a074fccbce7830a8a826c4748e8e47d01e971f2b6bb7190d2c9542337fb88f
0bc192aee347215f0a0764e0ffb8d1f9962807fcd1fdf64607e60073212b10e3
0de7beadf73727d4f4f2b1fe7383e5a8f5481ca4dc3c0d0cfc13ac41818630b3
0df0c7cb2ebc14992f3392aee85d1671aaef4761ef63bc2f304a9dc1d2e508d3
1317d4275e30dc08856be654c0535788817866a5d89ef27a01898d7ae1ee3600
1fe711aec93171cacefa8198f5b235bf84fde20b14a8c873a66b044373037128
26494360e0db8345fef2c3e22a47055116f9cfb46f94d308684dd1036cfdeefc
3298b9cccd36ac312543d28cff41257de5a8abb934085d54877418c865fb0e4e
45faa773aa72605e3e884bb29701be909db6bc33295c2096ab98e1100dbe8b22
4cd706753d64b45d7d9b84051b79f7f212e938d301eba9f85b222a6285436566
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
52dab22dd893cdb9dc9d2bafe35e9733ebef85efa1410f339d6acc0478281cc5
59789b85b1a8b5dec038e5921b2b8f1a597a935d9798bfbfaa8892dad89f919c
61c6eda6cbdafc0c25d53414c537577cd6579757211cd1cc960d0e7f027edf3e
6340eeec1584be5ab457b30c9736f0820c777a28dfdeb2b26923b7c6ed51cca8
6830cb8cceb6226901558a5de6ffc9d51d9c868b1dbc6fff7c0550744d393266
68a8e898999e0d8d388fce499a4b00871047c2270b2a5afc6d896d44625c2320
6b79c2cee1e5d9ece0147e076bf08b9eae8b61e1d9cd7c5715dcbc54816decaa
6e17fa3cc4118440d1111d00c3aca6e3183e736de354210eafe140eb92dba8d7
6f75ce7e70ffd0812db7e8644d35fc0d6ed3cfea6d3dde7774e69e7ea8921142
724f6efc770f20de22f89aa96149c0b9d29cba83febaaaa6d6202eff314a49d4
746164f668cd2513526e7b3bc8bc14c980c03fb967b4015f898164a89da8e70a
7528c329f7f315a6e470875ef6b0e97bda4e68c58d1d42fbe83109944a5b2723
785b6692d256f8286db7fff9d1e8caf87508b8e25721ac968bf5626eb3e82dbe
7b72853e5e78fcf4bd0103b975ec8256d8aa5cb3722afaf4c4f0c47688e86de6
83526314b1fd8fb11460e3817fe7cf8442de3eea006d7a1ca81951f3426930cf
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
87969313ec0e62ca6dd87f362f5d80be5d5850df5cc92e40aea16d405a80b9b0
891eec21df42d40440bc9c3dee3aa2dda8ada02102865925b7edc7e4802f46f6
930955b3823a0f040f2080eda11fc8268f15f97e4da6714ead3e860a8fa44e7a
9b97a7d00e6cbf313b46328eda23a81e908dee0188d13a48792658ff3febbcf5
9e1a60d52e6b810c402176421ae774773ce07c8b7d81c78b5e2a1db1161227b3
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a22de178a5b9e34c393e1924491e03e3ff9805a6cea5e6e68f093d1dbf6b9009
aebf611c1438dc7ec748e9a6364c734066b34bf2a1c7e2fc6511ed784635b50e
af3b33bb6b8b4ae08f0ffa60d9b975e0b50ac4710a8c53c26d52946a6401e484
b3bea6904c6130332fdc7ca63b0b971b63b60752654b956ebf0e4b7753ecb09d
b434e7b06d1e76c8ecf4b8fb260010f4b414c03da3ce0ee7fcc2391478bde1be
bb19cc9bb9e4e0f0237ee1f0c213487452c77e6f9fa6fa9edcb87f4de9f0c21a
befea78b20324739582ae2458e7b3677fd4ac77acbf60aaeb476e4fcd84e58b1
bf3fc45582fe123a3c1b7ee6a4c0eecfed606ec8a4613bca4b7c66890b15e748
bfd7735ba4bbccdafb1fd3c00d9182d5ed058e194a1c33a15c096091b5a2a630
c097d6cc5f8b74266f5017664694839e3bbbaea74b25d3de4b4aa1ddf09280fd
c2a812ebca89df586e489698f093186977d6f4d29866461fd9df20f5859640fd
c459691f5389de616773286683cd2870125551ed4020d3f29bdc161d35cc976f
c46ea001dc81eea0f86c7a32507f648f78a6e4f40b14db44ebd1fe0111a10c26
c4eb49795f7a703429e7012cec0a556e6faf6f551f07cd337f66c5a1ec3a5847
c55f527e536de44c7980fecece7428ae5a765647495e47008a8a54fa1e434736
c6242eb411ad81eb667e6aa1d3ecfb5fc3e19cd5a732610ba96231337d7bf692
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca4079b45eb719dafb86f764c262fae2518608b533d4714aa5f897d961001cf1
cb598957119c60141717676dceb24704495e5cac111a62cea6c34f5d89007949
d3744f7a6202504d32e2b4d7e017ab1b4012a859d771aeefa5751dd8dbc2f59e
d64abfa74a9329c237441a8321b89036fa88a96079492812d2ce1e349ff7e2e2
d67459ce9dc53557007c678187d006099d3959b43674749777f1c36da65db388
d7b365daf731edb4b2fcbeaa4d612cc9a87df619653412ec95887a62f540b71c
d835ef5a85deb9cccbe7c01f71fa555d72c25b49f07368645fba6022d79273a5
d98509f5351c7f8a41a5aa749a3ca3e1fe31984a4e8dddbe436508e69b77434e
da4978f4c694507346d9cdd8581e7e0f39215c5ca3b8fc4b54a364c6533d5f45
db328693065730fc4066970235b2cc48c813e3c3433e10f8ba002051b2467ee2
de10644653057a725f07b153c651cd920b75e5ca4b4e395b7a271c7620ce45d7
e0d4f49c7e78dfedc0392372e987233a3c10f736e7d180d775b30dcc4a2e339e
e35804e798d378afa1d946ba9047ec217d15522b968a658d3e1cbbd5daee036e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
e979780b46689b0611328b1e366eb52b9c5e26a6be7c603bad94db1bafa7b24a
ee0b31f6368b4346fccc7661076269403346e539ec03b3be9d2b673a3fb6c61c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f207fbda4de3f548de2e14bd2d27702dc2b0adcd03da8c8cada34846ec578048
f40b0ab3bfc033479dddd5c0393e8a53ecefb612b8741f8b3d0b045eb61c0051
fa8f0c6c5d43a72996d5a4ec3ba825e4c70b8df8a92eac0e9206f2c416849182

ga-insurance-quotes-now.com Open in urlscan Pro 34.69.219.172 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

103 Requests

89 %HTTPS

0 %IPv6

21 Domains

37 Subdomains

28 IPs

2 Countries

1733 kBTransfer

6576 kBSize

34 Cookies

20 Outgoing links

Redirected requests

103 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ga-insurance-quotes-now.com Open in urlscan Pro
34.69.219.172 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

103
Requests

89 %
HTTPS

0 %
IPv6

21
Domains

37
Subdomains

28
IPs

2
Countries

1733 kB
Transfer

6576 kB
Size

34
Cookies

103 HTTP transactions
1 data transactions