Submitted URL: http://accounts.bestrates.com/
Effective URL: https://accounts.bestrates.com/savings-and-money-market-accounts
Submission: On October 18 via api from US — Scanned from US

Summary

This website contacted 17 IPs in 2 countries across 12 domains to perform 114 HTTP transactions. The main IP is 2606:4700:4400::ac40:99d2, located in United States and belongs to CLOUDFLARENET, US. The main domain is accounts.bestrates.com.
TLS certificate: Issued by WE1 on September 4th 2024. Valid for: 3 months.
This is the only time accounts.bestrates.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 21 2606:4700:440... 13335 (CLOUDFLAR...)
2 2a04:4e42:400... 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
60 104.18.36.214 13335 (CLOUDFLAR...)
12 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2620:1ec:33::10 8075 (MICROSOFT...)
3 23.55.205.76 16625 (AKAMAI-AS)
1 2a04:4e42:200... 54113 (FASTLY)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 70.42.32.159 13789 (INTERNAP-...)
3 6 209.85.144.148 15169 (GOOGLE)
114 17
Apex Domain
Subdomains
Transfer
60 nextinsure.com
www.nextinsure.com — Cisco Umbrella Rank: 45247
cdn.nextinsure.com — Cisco Umbrella Rank: 110538
256 KB
21 bestrates.com
accounts.bestrates.com
48 KB
12 gstatic.com
fonts.gstatic.com
211 KB
8 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
td.doubleclick.net — Cisco Umbrella Rank: 192
ad.doubleclick.net — Cisco Umbrella Rank: 150
18 KB
5 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 3182
wave.outbrain.com — Cisco Umbrella Rank: 3153
tr.outbrain.com — Cisco Umbrella Rank: 3133
11 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 348
15 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
182 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 412
fonts.googleapis.com — Cisco Umbrella Rank: 30
33 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 311
49 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 3
64 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 686
715 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 683
7 KB
114 12
Domain Requested by
43 www.nextinsure.com accounts.bestrates.com
www.nextinsure.com
21 accounts.bestrates.com 2 redirects accounts.bestrates.com
static.cloudflareinsights.com
17 cdn.nextinsure.com
12 fonts.gstatic.com accounts.bestrates.com
fonts.googleapis.com
6 ad.doubleclick.net 3 redirects
3 bat.bing.com www.googletagmanager.com
bat.bing.com
2 tr.outbrain.com amplify.outbrain.com
2 amplify.outbrain.com accounts.bestrates.com
amplify.outbrain.com
2 www.googletagmanager.com accounts.bestrates.com
www.googletagmanager.com
2 cdn.jsdelivr.net accounts.bestrates.com
1 wave.outbrain.com amplify.outbrain.com
1 www.google.com
1 td.doubleclick.net www.googletagmanager.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 trc.taboola.com
1 fonts.googleapis.com www.nextinsure.com
1 ajax.googleapis.com accounts.bestrates.com
1 static.cloudflareinsights.com accounts.bestrates.com
114 18

This site contains links to these domains. Also see Links.

Domain
www.betterment.com
www.fdic.gov
o1.qnsr.com
www.bestrates.com
www.quinstreet.com
Subject Issuer Validity Valid
accounts.bestrates.com
WE1
2024-09-04 -
2024-12-03
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3
2024-07-30 -
2025-08-31
a year crt.sh
cloudflareinsights.com
WE1
2024-09-03 -
2024-12-02
3 months crt.sh
upload.video.google.com
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
nextinsure.com
E6
2024-08-22 -
2024-11-20
3 months crt.sh
*.gstatic.com
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
*.google-analytics.com
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 03
2024-09-16 -
2025-03-15
6 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1
2023-12-14 -
2024-12-14
a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-07-30 -
2024-12-31
5 months crt.sh
*.g.doubleclick.net
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
*.doubleclick.net
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
*.google.com
WR2
2024-09-30 -
2024-12-23
3 months crt.sh

This page contains 2 frames:

Primary Page: https://accounts.bestrates.com/savings-and-money-market-accounts
Frame ID: 0319112AA6018C28C6A75D75624A42DF
Requests: 103 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/1055505811?random=1729274426333&cv=11&fst=1729274426333&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v9130089605z86772502za201zb6772502&gcd=13l3l3l3l1l1&dma=0&tag_exp=101529665~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Faccounts.bestrates.com%2Fsavings-and-money-market-accounts&hn=www.googleadservices.com&frm=0&tiba=High%20Interest%20Savings%20and%20Money%20Market%20Accounts%20Online&npa=0&pscdl=noapi&auid=116360056.1729274426&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: 38FA80F08D02B448B79FE953BCDB1886
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

High Interest Savings and Money Market Accounts Online

Page URL History Show full URLs

  1. http://accounts.bestrates.com/ HTTP 307
    https://accounts.bestrates.com/ HTTP 302
    https://accounts.bestrates.com/savings-and-money-market-accounts/ HTTP 301
    https://accounts.bestrates.com/savings-and-money-market-accounts Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

114
Requests

96 %
HTTPS

75 %
IPv6

12
Domains

18
Subdomains

17
IPs

2
Countries

831 kB
Transfer

2069 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://accounts.bestrates.com/ HTTP 307
    https://accounts.bestrates.com/ HTTP 302
    https://accounts.bestrates.com/savings-and-money-market-accounts/ HTTP 301
    https://accounts.bestrates.com/savings-and-money-market-accounts Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 104
  • https://ad.doubleclick.net/ddm/trackimp/N3282.QuinnStreet/B29760667.405132401;dc_trk_aid=597073238;dc_trk_cid=223594161;ord=638648530365257090;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N3282.QuinnStreet/B29760667.405132401;dc_pre=CKGyrp_BmIkDFX43iAkdSV0lAQ;dc_trk_aid=597073238;dc_trk_cid=223594161;ord=638648530365257090;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1
Request Chain 105
  • https://ad.doubleclick.net/ddm/trackimpj/N553.amex/B22113503.236413603;dc_trk_aid=433913379;dc_trk_cid=110088570;u=QS5110014;ord=638648530365257090;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimpj/N553.amex/B22113503.236413603;dc_pre=CIu0rp_BmIkDFWBtRwEd_zwoZA;dc_trk_aid=433913379;dc_trk_cid=110088570;u=QS5110014;ord=638648530365257090;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
Request Chain 111
  • https://ad.doubleclick.net/ddm/trackimp/N450204.112817QUINSTREET/B26995872.327767208;dc_trk_aid=519897804;dc_trk_cid=165879770;u=285d05f75b40636c9676b31029ad6fd4;ord=638648530367923278;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N450204.112817QUINSTREET/B26995872.327767208;dc_pre=CJu2uZ_BmIkDFWIFaAgd6ikL2w;dc_trk_aid=519897804;dc_trk_cid=165879770;u=285d05f75b40636c9676b31029ad6fd4;ord=638648530367923278;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=

114 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request savings-and-money-market-accounts
accounts.bestrates.com/
Redirect Chain
  • http://accounts.bestrates.com/
  • https://accounts.bestrates.com/
  • https://accounts.bestrates.com/savings-and-money-market-accounts/
  • https://accounts.bestrates.com/savings-and-money-market-accounts
54 KB
13 KB
Document
General
Full URL
https://accounts.bestrates.com/savings-and-money-market-accounts
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:99d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bed91fd20d0f8abbd9918cb133b519941cea2100879e63d38062288e67ed5de
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=600, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8d4a6d886e741791-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 18 Oct 2024 18:00:25 GMT
expect-ct
max-age=86400, enforce
link
<https://accounts.bestrates.com/wp-json/>; rel="https://api.w.org/" <https://accounts.bestrates.com/wp-json/wp/v2/pages/12>; rel="alternate"; title="JSON"; type="application/json" <https://accounts.bestrates.com/?p=12>; rel=shortlink
referrer-policy
same-origin
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC"
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 2
x-cache-group
normal
x-cacheable
SHORT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=600, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8d4a6d86dd301791-EWR
content-type
text/html; charset=UTF-8
date
Fri, 18 Oct 2024 18:00:25 GMT
expect-ct
max-age=86400, enforce
location
https://accounts.bestrates.com/savings-and-money-market-accounts
referrer-policy
same-origin
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-cache
HIT: 2
x-cache-group
normal
x-cacheable
non200
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-redirect-by
WordPress
x-xss-protection
1; mode=block
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/
152 KB
25 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css
Requested by
Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/savings-and-money-market-accounts
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://accounts.bestrates.com
Referer

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
age
3559651
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Fri, 18 Oct 2024 18:00:25 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-eddf8230097-FRA, cache-lga21969-LGA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
25360
x-jsd-version
5.0.2
main.css
accounts.bestrates.com/css/
15 KB
5 KB
Stylesheet
General
Full URL
https://accounts.bestrates.com/css/main.css
Requested by
Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/savings-and-money-market-accounts
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:99d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f4237ebaa83bba947a269821b7789968d07d945591b18a95cda9ad6bec7f0c8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://accounts.bestrates.com/savings-and-money-market-accounts

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"66a1f641-4e1f"
age
24692
cf-cache-status
HIT
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 18:00:25 GMT
cf-polished
origSize=19999
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:25 GMT
content-type
text/css
last-modified
Thu, 25 Jul 2024 06:52:49 GMT
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
referrer-policy
same-origin
cf-ray
8d4a6d89cf9f1791-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
fonts.css
accounts.bestrates.com/css/
2 KB
714 B
Stylesheet
General
Full URL
https://accounts.bestrates.com/css/fonts.css
Requested by
Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/savings-and-money-market-accounts
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:99d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db51dd1ca5d2bf657f3c4ebcd1bd00ac6c485abf9a9d9bdf32f451db73b0abab
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://accounts.bestrates.com/savings-and-money-market-accounts

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"6479902b-d55"
age
24692
cf-cache-status
HIT
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 18:00:25 GMT
cf-polished
origSize=3413
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:25 GMT
content-type
text/css
last-modified
Fri, 02 Jun 2023 06:46:03 GMT
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
referrer-policy
same-origin
cf-ray
8d4a6d89cfa11791-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
footer.css
accounts.bestrates.com/css/
747 B
652 B
Stylesheet
General
Full URL
https://accounts.bestrates.com/css/footer.css
Requested by
Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/savings-and-money-market-accounts
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:99d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
332bb1f9170df5a66bbd26409c839f29ff9d093c152fe14edd9e4213090fe9fb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://accounts.bestrates.com/savings-and-money-market-accounts

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"64798272-46c"
age
24692
cf-cache-status
HIT
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 18:00:25 GMT
cf-polished
origSize=1132
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:25 GMT
content-type
text/css
last-modified
Fri, 02 Jun 2023 05:47:30 GMT
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
referrer-policy
same-origin
cf-ray
8d4a6d89cfa31791-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
article_resources_samma.css
accounts.bestrates.com/css/
673 B
700 B
Stylesheet
General
Full URL
https://accounts.bestrates.com/css/article_resources_samma.css
Requested by
Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/savings-and-money-market-accounts
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:99d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54973f7bbb6641fbd60efa3375ad8bf54cb57199caf74cb684750bd8f61e69d8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://accounts.bestrates.com/savings-and-money-market-accounts

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"6479c95c-35a"
age
24692
cf-cache-status
HIT
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 18:00:25 GMT
cf-polished
origSize=858
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:25 GMT
content-type
text/css
last-modified
Fri, 02 Jun 2023 10:50:04 GMT
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
referrer-policy
same-origin
cf-ray
8d4a6d89cfa41791-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
content.css
accounts.bestrates.com/css/
2 KB
979 B
Stylesheet
General
Full URL
https://accounts.bestrates.com/css/content.css
Requested by
Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/savings-and-money-market-accounts
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:99d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26053b9c33a6fd794f9dfef5ff2f91f15d29b6fe1e97468d601254f9bcd6405b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://accounts.bestrates.com/savings-and-money-market-accounts

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"64798272-b61"
age
24692
cf-cache-status
HIT
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 18:00:25 GMT
cf-polished
origSize=2913
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:25 GMT
content-type
text/css
last-modified
Fri, 02 Jun 2023 05:47:30 GMT
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
referrer-policy
same-origin
cf-ray
8d4a6d89cfa51791-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
logo_BestRates.svg
accounts.bestrates.com/images/
5 KB
2 KB
Image
General
Full URL
https://accounts.bestrates.com/images/logo_BestRates.svg
Requested by
Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/savings-and-money-market-accounts
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:99d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27bb3ffecdefcef2ca4d5a171de8321a8c9d100d14c0dba286723c6143b95d33
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://accounts.bestrates.com/savings-and-money-market-accounts

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6479902b-1416"
age
24692
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 18:00:25 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:25 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified
Fri, 02 Jun 2023 06:46:03 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
referrer-policy
same-origin
cf-ray
8d4a6d89efc21791-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
close.png
accounts.bestrates.com/images/
291 B
622 B
Image
General
Full URL
https://accounts.bestrates.com/images/close.png
Requested by
Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/savings-and-money-market-accounts
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:99d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa023eec1dca02880b3d392bb45cade3aaca67c36c5183eb53d6da7705bb87cc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://accounts.bestrates.com/savings-and-money-market-accounts

Response headers

cf-bgj
imgq:100,h2pri
etag
"6479902b-149"
age
16806
cf-cache-status
HIT
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 18:00:25 GMT
cf-polished
origSize=329
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:25 GMT
content-type
image/png
last-modified
Fri, 02 Jun 2023 06:46:03 GMT
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
referrer-policy
same-origin
cf-ray
8d4a6d89efc31791-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
291
x-xss-protection
1; mode=block
server
cloudflare
cd_sec.svg
accounts.bestrates.com/images/
2 KB
1 KB
Image
General
Full URL
https://accounts.bestrates.com/images/cd_sec.svg
Requested by
Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/savings-and-money-market-accounts
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:99d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6779aadd03ff0da77f3f52ce85c7c59f471a2adbdff02ae4977e86bd43a7645
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://accounts.bestrates.com/savings-and-money-market-accounts

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"66a1f641-6b0"
age
24692
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 18:00:25 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:25 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified
Thu, 25 Jul 2024 06:52:49 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
referrer-policy
same-origin
cf-ray
8d4a6d89cfa61791-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
check_sec.svg
accounts.bestrates.com/images/
1 KB
976 B
Image
General
Full URL
https://accounts.bestrates.com/images/check_sec.svg
Requested by
Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/savings-and-money-market-accounts
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:99d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7930faed30f9e60c8cdc2ecbbf1937f6e066d85c190789edfb3568a79dfb190e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://accounts.bestrates.com/savings-and-money-market-accounts

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"66a1f641-5fa"
age
24692
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 18:00:25 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:25 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified
Thu, 25 Jul 2024 06:52:49 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
referrer-policy
same-origin
cf-ray
8d4a6d89cfa71791-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
rocket-loader.min.js
accounts.bestrates.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://accounts.bestrates.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/savings-and-money-market-accounts
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:99d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://accounts.bestrates.com/savings-and-money-market-accounts

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"670fb497-302c"
x-content-type-options
nosniff
cf-ray
8d4a6d89efc41791-EWR
expires
Sun, 20 Oct 2024 18:00:25 GMT
date
Fri, 18 Oct 2024 18:00:25 GMT
content-type
application/javascript
last-modified
Wed, 16 Oct 2024 12:41:59 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
DENY
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/
19 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/savings-and-money-market-accounts
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://accounts.bestrates.com
Referer

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8d4a6d8a098cde9b-EWR
access-control-allow-origin
*
date
Fri, 18 Oct 2024 18:00:25 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.3/
88 KB
31 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js
Requested by
Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0e::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
age
127855
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Fri, 17 Oct 2025 06:29:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 17 Oct 2024 06:29:30 GMT
last-modified
Wed, 11 Jan 2023 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
31191
x-xss-protection
0
server
sffe
sh
www.nextinsure.com/listingdisplay/loader/
112 KB
34 KB
Script
General
Full URL
https://www.nextinsure.com/listingdisplay/loader/sh
Requested by
Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f18d8d8b74192206718fb83b63bfb6ff7b40aa36ef96cfdafd60944b21150cc3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
cf-cache-status
HIT
age
61825
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Sat, 26 Oct 2024 18:00:26 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 18 Oct 2024 00:40:42 GMT
vary
X-Akamai-Device-Characteristics, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=691200
timing-allow-origin
*
content-security-policy-report-only
default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
referrer-policy
same-origin
cf-ray
8d4a6d8a7cbf8c54-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
frontend.js
accounts.bestrates.com/wp-content/plugins/stop-user-enumeration/frontend/js/
486 B
572 B
Script
General
Full URL
https://accounts.bestrates.com/wp-content/plugins/stop-user-enumeration/frontend/js/frontend.js?ver=1.4.7
Requested by
Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:99d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bbc0a7737643dd7c2344ba961592632153cb5353c92c5127339627e14b09143
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://accounts.bestrates.com/savings-and-money-market-accounts

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"64881f9c-1e6"
age
24040
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:25 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified
Tue, 13 Jun 2023 07:49:48 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
referrer-policy
same-origin
cf-ray
8d4a6d8a1ff51791-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
qscookie.js
accounts.bestrates.com/js/
3 KB
2 KB
Script
General
Full URL
https://accounts.bestrates.com/js/qscookie.js
Requested by
Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:99d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3412b8c5cf77bac478079e46548d2b58cabd7bfac5a282d780a3555c6f248e6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://accounts.bestrates.com/savings-and-money-market-accounts

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"6620a8bc-1a3c"
age
24691
cf-cache-status
HIT
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 18:00:25 GMT
cf-polished
origSize=6716
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:25 GMT
content-type
application/javascript
last-modified
Thu, 18 Apr 2024 04:59:40 GMT
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
referrer-policy
same-origin
cf-ray
8d4a6d8a1ff61791-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
main.js
accounts.bestrates.com/js/
2 KB
1 KB
Script
General
Full URL
https://accounts.bestrates.com/js/main.js
Requested by
Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:99d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b03f3b1bd6d87e7faad1461dd226399e3b16df180ab1693864a35435dff047f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://accounts.bestrates.com/savings-and-money-market-accounts

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"670f5f2e-cb2"
age
24691
cf-cache-status
HIT
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 18:00:25 GMT
cf-polished
origSize=3250
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:25 GMT
content-type
application/javascript
last-modified
Wed, 16 Oct 2024 06:37:34 GMT
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
referrer-policy
same-origin
cf-ray
8d4a6d8a1ff91791-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
leader_background.svg
accounts.bestrates.com/images/
2 KB
1 KB
Image
General
Full URL
https://accounts.bestrates.com/images/leader_background.svg
Requested by
Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/css/content.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:99d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
229da6a94b00e61915267cd9baefe74dfa5ea45fbc9ee8a1e8eb49fb937fabf3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://accounts.bestrates.com/css/content.css

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6479902b-7d7"
age
23408
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 18:00:25 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:25 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified
Fri, 02 Jun 2023 06:46:03 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
referrer-policy
same-origin
cf-ray
8d4a6d8a18001791-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
image_savings_desktop.svg
accounts.bestrates.com/images/
24 KB
7 KB
Image
General
Full URL
https://accounts.bestrates.com/images/image_savings_desktop.svg
Requested by
Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/css/content.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:99d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fae9285252d41944165bb2d1c16a0c56a409cda79460077b5485ca4f90313bec
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://accounts.bestrates.com/css/content.css

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6479902b-61f1"
age
23408
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 18:00:25 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:25 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified
Fri, 02 Jun 2023 06:46:03 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
referrer-policy
same-origin
cf-ray
8d4a6d8a18021791-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/css/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0b::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://accounts.bestrates.com
Referer

Response headers

age
233668
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 16 Oct 2025 01:05:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 01:05:58 GMT
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15920
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/css/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0b::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://accounts.bestrates.com
Referer

Response headers

age
286827
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 15 Oct 2025 10:19:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 15 Oct 2024 10:19:59 GMT
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15828
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/
56 KB
56 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/css/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0b::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1287b4c6427119cabf899a5ea898f81e831a2742614813a3302f671690b399c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://accounts.bestrates.com
Referer

Response headers

age
240680
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 15 Oct 2025 23:09:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 15 Oct 2024 23:09:06 GMT
last-modified
Tue, 21 Sep 2021 23:13:54 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
57116
x-xss-protection
0
server
sffe
gtm.js
www.googletagmanager.com/
262 KB
94 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-THH685
Requested by
Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/savings-and-money-market-accounts
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0d::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d1cb5510a9472d5a75f36b81eab2129c49e28788494bfab18da049270aeef6c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 18 Oct 2024 18:00:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
95121
x-xss-protection
0
server
Google Tag Manager
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/
77 KB
24 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js
Requested by
Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://accounts.bestrates.com
Referer

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0"
age
2367794
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230080-FRA, cache-lga21969-LGA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
23943
x-jsd-version
5.0.2
favicon.ico
accounts.bestrates.com/
0
288 B
Other
General
Full URL
https://accounts.bestrates.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:99d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://accounts.bestrates.com/savings-and-money-market-accounts

Response headers

cf-cache-status
HIT
etag
"670f5f45-0"
age
24692
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 18:00:26 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
image/x-icon
last-modified
Wed, 16 Oct 2024 06:37:57 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
referrer-policy
same-origin
cf-ray
8d4a6d8b08e71791-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-xss-protection
1; mode=block
server
cloudflare
f406cb12-dc0e-4c76-b878-e7ef3e6a2aea
https://accounts.bestrates.com/ Frame
0
0

widget
www.nextinsure.com/ListingDisplay/
63 KB
10 KB
Script
General
Full URL
https://www.nextinsure.com/ListingDisplay/widget?src=574298&idx=0&it=banking_br_featuredclient_promo-ppc-standalone&wp=top
Requested by
Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a6f482b7d25e088cd8e9074acd3e2fdc60c81f196f36b093f9bf02f6214675a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
cf-cache-status
HIT
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Sat, 26 Oct 2024 18:00:26 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 18 Oct 2024 00:49:25 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=691200
timing-allow-origin
*
x-widgetcachehit
1
content-security-policy-report-only
default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
referrer-policy
same-origin
cf-ray
8d4a6d8b4dc08c54-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
widget
www.nextinsure.com/ListingDisplay/
104 KB
13 KB
Script
General
Full URL
https://www.nextinsure.com/ListingDisplay/widget?src=574298&idx=1&it=banking_br_cd_promo-ppc-standalone
Requested by
Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50ad02064041e5a7014ce01ce02a6f03493cc304bcfd1aeede3623fec35ec714
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
cf-cache-status
HIT
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Sat, 26 Oct 2024 18:00:26 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 05 Sep 2024 21:02:20 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=691200
timing-allow-origin
*
x-widgetcachehit
1
content-security-policy-report-only
default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
referrer-policy
same-origin
cf-ray
8d4a6d8b4dc48c54-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
widget
www.nextinsure.com/ListingDisplay/
52 KB
9 KB
Script
General
Full URL
https://www.nextinsure.com/ListingDisplay/widget?src=574298&idx=2&it=banking_br_singleclient_investments-ppc-standalone
Requested by
Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c808eb309896b3ee2905b329d6eab4e4f7375961e03a490443a32d566a5bcdb3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
cf-cache-status
HIT
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Sat, 26 Oct 2024 18:00:26 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 18 Oct 2024 00:49:25 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=691200
timing-allow-origin
*
x-widgetcachehit
1
content-security-policy-report-only
default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
referrer-policy
same-origin
cf-ray
8d4a6d8b4dc68c54-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
widget
www.nextinsure.com/ListingDisplay/
63 KB
10 KB
Script
General
Full URL
https://www.nextinsure.com/ListingDisplay/widget?src=574298&idx=3&it=banking_br_singleclient-ppc-standalone
Requested by
Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6e14d449ee936e544e763b13c61f25feef2e39d2aecc43ac9757721235d533c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
cf-cache-status
HIT
age
2198
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Sat, 26 Oct 2024 18:00:26 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 18 Oct 2024 00:49:25 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=691200
timing-allow-origin
*
x-widgetcachehit
1
content-security-policy-report-only
default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
referrer-policy
same-origin
cf-ray
8d4a6d8b4dc98c54-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
rum
accounts.bestrates.com/cdn-cgi/
0
145 B
XHR
General
Full URL
https://accounts.bestrates.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:99d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json
Referer
https://accounts.bestrates.com/savings-and-money-market-accounts

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8d4a6d8b49221791-EWR
access-control-allow-origin
https://accounts.bestrates.com
date
Fri, 18 Oct 2024 18:00:26 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
wp-emoji-release.min.js
accounts.bestrates.com/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://accounts.bestrates.com/wp-includes/js/wp-emoji-release.min.js?ver=6.6.1
Requested by
Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/savings-and-money-market-accounts
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:99d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://accounts.bestrates.com/savings-and-money-market-accounts

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"667d6e6f-4926"
age
23393
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 18:00:26 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified
Thu, 27 Jun 2024 13:51:43 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
referrer-policy
same-origin
cf-ray
8d4a6d8b69381791-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
ev.ashx
www.nextinsure.com/ListingDisplay/handlers/ Frame
0
0
Preflight
General
Full URL
https://www.nextinsure.com/ListingDisplay/handlers/ev.ashx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://accounts.bestrates.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Cache-Control
access-control-allow-methods
GET, POST
access-control-allow-origin
https://accounts.bestrates.com
access-control-max-age
2592000
alt-svc
h3=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
8d4a6d8bcdfe32e4-EWR
content-length
2
content-security-policy-report-only
default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
content-type
application/json; charset=utf-8
date
Fri, 18 Oct 2024 18:00:26 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
timing-allow-origin
*
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
css
fonts.googleapis.com/
25 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Heebo:400,500,600,700,900%7CRoboto:400,500,700
Requested by
Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6a6ffc132e28f0d816668bcdeba9d2a9a29cb016be74672875e5a329dce4d69e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 18 Oct 2024 18:00:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 18 Oct 2024 18:00:26 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
/
www.nextinsure.com/ListingDisplay/display/
10 KB
5 KB
XHR
General
Full URL
https://www.nextinsure.com/ListingDisplay/display/
Requested by
Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1afa90c2187dd7bd9ee7dd1454d114723af56b8bd99bec24f25c809655248ae3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Referer

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
server-timing
retImp;dur=33, sl;dur=14, alg;dur=0
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
private
timing-allow-origin
*
access-control-allow-credentials
true
content-security-policy-report-only
default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
referrer-policy
same-origin
cf-ray
8d4a6d8bbe9b8c54-EWR
access-control-allow-origin
https://accounts.bestrates.com
x-xss-protection
1; mode=block
server
cloudflare
ev.ashx
www.nextinsure.com/ListingDisplay/handlers/
2 B
812 B
XHR
General
Full URL
https://www.nextinsure.com/ListingDisplay/handlers/ev.ashx
Requested by
Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8
Referer

Response headers

cf-cache-status
DYNAMIC
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
private
timing-allow-origin
*
access-control-allow-credentials
true
content-security-policy-report-only
default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
referrer-policy
same-origin
cf-ray
8d4a6d8c9fc68c54-EWR
access-control-allow-origin
https://accounts.bestrates.com
content-length
2
x-xss-protection
1; mode=block
server
cloudflare
telemetry.ashx
www.nextinsure.com/ListingDisplay/handlers/
2 B
724 B
XHR
General
Full URL
https://www.nextinsure.com/ListingDisplay/handlers/telemetry.ashx
Requested by
Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8
Referer

Response headers

cf-cache-status
DYNAMIC
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
private
timing-allow-origin
*
access-control-allow-credentials
true
content-security-policy-report-only
default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
referrer-policy
same-origin
cf-ray
8d4a6d8c9fb98c54-EWR
access-control-allow-origin
https://accounts.bestrates.com
content-length
2
x-xss-protection
1; mode=block
server
cloudflare
telemetry.ashx
www.nextinsure.com/ListingDisplay/handlers/
2 B
724 B
XHR
General
Full URL
https://www.nextinsure.com/ListingDisplay/handlers/telemetry.ashx
Requested by
Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8
Referer

Response headers

cf-cache-status
DYNAMIC
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
private
timing-allow-origin
*
access-control-allow-credentials
true
content-security-policy-report-only
default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
referrer-policy
same-origin
cf-ray
8d4a6d8c8fae8c54-EWR
access-control-allow-origin
https://accounts.bestrates.com
content-length
2
x-xss-protection
1; mode=block
server
cloudflare
telemetry.ashx
www.nextinsure.com/ListingDisplay/handlers/ Frame
0
0
Preflight
General
Full URL
https://www.nextinsure.com/ListingDisplay/handlers/telemetry.ashx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://accounts.bestrates.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Cache-Control
access-control-allow-methods
GET, POST
access-control-allow-origin
https://accounts.bestrates.com
access-control-max-age
2592000
alt-svc
h3=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
8d4a6d8bcdfc32e4-EWR
content-length
0
content-security-policy-report-only
default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
date
Fri, 18 Oct 2024 18:00:26 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
timing-allow-origin
*
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
telemetry.ashx
www.nextinsure.com/ListingDisplay/handlers/ Frame
0
0
Preflight
General
Full URL
https://www.nextinsure.com/ListingDisplay/handlers/telemetry.ashx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://accounts.bestrates.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Cache-Control
access-control-allow-methods
GET, POST
access-control-allow-origin
https://accounts.bestrates.com
access-control-max-age
2592000
alt-svc
h3=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
8d4a6d8bcdf732e4-EWR
content-length
0
content-security-policy-report-only
default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
date
Fri, 18 Oct 2024 18:00:26 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
timing-allow-origin
*
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
ev.ashx
www.nextinsure.com/ListingDisplay/handlers/ Frame
0
0
Preflight
General
Full URL
https://www.nextinsure.com/ListingDisplay/handlers/ev.ashx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://accounts.bestrates.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Cache-Control
access-control-allow-methods
GET, POST
access-control-allow-origin
https://accounts.bestrates.com
access-control-max-age
2592000
alt-svc
h3=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
8d4a6d8bde1432e4-EWR
content-length
2
content-security-policy-report-only
default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
content-type
application/json; charset=utf-8
date
Fri, 18 Oct 2024 18:00:26 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
timing-allow-origin
*
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
telemetry.ashx
www.nextinsure.com/ListingDisplay/handlers/ Frame
0
0
Preflight
General
Full URL
https://www.nextinsure.com/ListingDisplay/handlers/telemetry.ashx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://accounts.bestrates.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Cache-Control
access-control-allow-methods
GET, POST
access-control-allow-origin
https://accounts.bestrates.com
access-control-max-age
2592000
alt-svc
h3=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
8d4a6d8bde1732e4-EWR
content-length
0
content-security-policy-report-only
default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
date
Fri, 18 Oct 2024 18:00:26 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
timing-allow-origin
*
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
/
www.nextinsure.com/ListingDisplay/display/
2 KB
2 KB
XHR
General
Full URL
https://www.nextinsure.com/ListingDisplay/display/
Requested by
Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b361f7a81d21a5766dfdf1d6472f638e73df16137ad6f94a855fadaaaac2df20
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Referer

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
expect-ct
max-age=86400, enforce
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=HYkPcnui5CmGkS88_P1Kusqr_Bhr.3y9s12Ugdbh7Nw-1729274426-1.0.1.1-MQCFw_PxVCrfYhxAdK1PKm_chJdanFT3dehLrmaVA4lRhnuuwl5X1c4XNGhgm6c6VOBMdsQWO6CbOlRJ.h7frzmmCCbl9funAH5T5tozQ_fNRFHcmAMWuzG84xBQuonSBqP7DZPeAJNkSi4G_zhxK9iOLouNj5F7Y8bcOxU1eCE"}],"group":"cf-csp-endpoint","max_age":86400}
x-content-type-options
nosniff
server-timing
retImp;dur=42, sl;dur=15
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
private
timing-allow-origin
*
access-control-allow-credentials
true
content-security-policy-report-only
default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;, script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=HYkPcnui5CmGkS88_P1Kusqr_Bhr.3y9s12Ugdbh7Nw-1729274426-1.0.1.1-MQCFw_PxVCrfYhxAdK1PKm_chJdanFT3dehLrmaVA4lRhnuuwl5X1c4XNGhgm6c6VOBMdsQWO6CbOlRJ.h7frzmmCCbl9funAH5T5tozQ_fNRFHcmAMWuzG84xBQuonSBqP7DZPeAJNkSi4G_zhxK9iOLouNj5F7Y8bcOxU1eCE; report-to cf-csp-endpoint
referrer-policy
same-origin
cf-ray
8d4a6d8bdebe8c54-EWR
access-control-allow-origin
https://accounts.bestrates.com
x-xss-protection
1; mode=block
server
cloudflare
ev.ashx
www.nextinsure.com/ListingDisplay/handlers/
2 B
812 B
XHR
General
Full URL
https://www.nextinsure.com/ListingDisplay/handlers/ev.ashx
Requested by
Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8
Referer

Response headers

cf-cache-status
DYNAMIC
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
private
timing-allow-origin
*
access-control-allow-credentials
true
content-security-policy-report-only
default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
referrer-policy
same-origin
cf-ray
8d4a6d8c9fbc8c54-EWR
access-control-allow-origin
https://accounts.bestrates.com
content-length
2
x-xss-protection
1; mode=block
server
cloudflare
telemetry.ashx
www.nextinsure.com/ListingDisplay/handlers/ Frame
0
0
Preflight
General
Full URL
https://www.nextinsure.com/ListingDisplay/handlers/telemetry.ashx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://accounts.bestrates.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Cache-Control
access-control-allow-methods
GET, POST
access-control-allow-origin
https://accounts.bestrates.com
access-control-max-age
2592000
alt-svc
h3=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
8d4a6d8bde1a32e4-EWR
content-length
0
content-security-policy-report-only
default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx; script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=2zuUVd_qrWtkEhOXD4aibhLN1Dhjs2ujBJMx8G1_RDs-1729274426-1.0.1.1-yLeiPeVrjB5KOTsTTCnQYTmLLCtaX9_heg3TXXQAZ0WjoBwghUcmC2ZUeddePGV3Nv4zpkz2Mx4NNL2XKwVhEd9T6oLLuPd7PIv2wGc962wIVPKZ0gXa0adJ7QlE.LDsw7dVHqw1bAtlU1S2XNzTYdsyhd1eCuO1bGIJYVA9MPw; report-to cf-csp-endpoint
date
Fri, 18 Oct 2024 18:00:26 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=2zuUVd_qrWtkEhOXD4aibhLN1Dhjs2ujBJMx8G1_RDs-1729274426-1.0.1.1-yLeiPeVrjB5KOTsTTCnQYTmLLCtaX9_heg3TXXQAZ0WjoBwghUcmC2ZUeddePGV3Nv4zpkz2Mx4NNL2XKwVhEd9T6oLLuPd7PIv2wGc962wIVPKZ0gXa0adJ7QlE.LDsw7dVHqw1bAtlU1S2XNzTYdsyhd1eCuO1bGIJYVA9MPw"}],"group":"cf-csp-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
timing-allow-origin
*
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
telemetry.ashx
www.nextinsure.com/ListingDisplay/handlers/
2 B
724 B
XHR
General
Full URL
https://www.nextinsure.com/ListingDisplay/handlers/telemetry.ashx
Requested by
Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8
Referer

Response headers

cf-cache-status
DYNAMIC
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
private
timing-allow-origin
*
access-control-allow-credentials
true
content-security-policy-report-only
default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
referrer-policy
same-origin
cf-ray
8d4a6d8c8fb58c54-EWR
access-control-allow-origin
https://accounts.bestrates.com
content-length
2
x-xss-protection
1; mode=block
server
cloudflare
telemetry.ashx
www.nextinsure.com/ListingDisplay/handlers/
2 B
724 B
XHR
General
Full URL
https://www.nextinsure.com/ListingDisplay/handlers/telemetry.ashx
Requested by
Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8
Referer

Response headers

cf-cache-status
DYNAMIC
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
private
timing-allow-origin
*
access-control-allow-credentials
true
content-security-policy-report-only
default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
referrer-policy
same-origin
cf-ray
8d4a6d8c9fbf8c54-EWR
access-control-allow-origin
https://accounts.bestrates.com
content-length
2
x-xss-protection
1; mode=block
server
cloudflare
ev.ashx
www.nextinsure.com/ListingDisplay/handlers/ Frame
0
0
Preflight
General
Full URL
https://www.nextinsure.com/ListingDisplay/handlers/ev.ashx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://accounts.bestrates.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Cache-Control
access-control-allow-methods
GET, POST
access-control-allow-origin
https://accounts.bestrates.com
access-control-max-age
2592000
alt-svc
h3=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
8d4a6d8c0e6d32e4-EWR
content-length
2
content-security-policy-report-only
default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
content-type
application/json; charset=utf-8
date
Fri, 18 Oct 2024 18:00:26 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
timing-allow-origin
*
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
/
www.nextinsure.com/ListingDisplay/display/
69 KB
13 KB
XHR
General
Full URL
https://www.nextinsure.com/ListingDisplay/display/
Requested by
Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7949dad26f487ff438b4d0821d847fbda17d6a9a64a95d699d6b828ad279a806
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Referer

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
server-timing
retImp;dur=70, sl;dur=33, alg;dur=0
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
private
timing-allow-origin
*
access-control-allow-credentials
true
content-security-policy-report-only
default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
referrer-policy
same-origin
cf-ray
8d4a6d8c0ef48c54-EWR
access-control-allow-origin
https://accounts.bestrates.com
x-xss-protection
1; mode=block
server
cloudflare
ev.ashx
www.nextinsure.com/ListingDisplay/handlers/
2 B
812 B
XHR
General
Full URL
https://www.nextinsure.com/ListingDisplay/handlers/ev.ashx
Requested by
Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8
Referer

Response headers

cf-cache-status
DYNAMIC
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
private
timing-allow-origin
*
access-control-allow-credentials
true
content-security-policy-report-only
default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
referrer-policy
same-origin
cf-ray
8d4a6d8ccffc8c54-EWR
access-control-allow-origin
https://accounts.bestrates.com
content-length
2
x-xss-protection
1; mode=block
server
cloudflare
destination
www.googletagmanager.com/gtag/
250 KB
89 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-1055505811&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THH685
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0d::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4f903f1793079be07d532933c8d9ff3e54f153ea993d1e22712de93656b91c81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Fri, 18 Oct 2024 18:00:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
90484
x-xss-protection
0
server
Google Tag Manager
bat.js
bat.bing.com/
50 KB
15 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THH685
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
gzip
etag
"028e0691d20db1:0"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 30E9D87BFD724B18989150743E515FC5 Ref B: EWR30EDGE0413 Ref C: 2024-10-18T18:00:26Z
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
14570
date
Fri, 18 Oct 2024 18:00:25 GMT
content-type
application/javascript
last-modified
Wed, 16 Oct 2024 22:47:44 GMT
vary
Accept-Encoding
obtp.js
amplify.outbrain.com/cp/
29 KB
9 KB
Script
General
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/savings-and-money-market-accounts
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.205.76 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-205-76.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9f5da34f9af883822335cae8d65129b525249727f2f6d2277af00c28b520fee2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control
max-age=1200
Content-Encoding
gzip
ETag
"77592c9c8cb3fb76384b235442a3df99:1729083409.642176"
Connection
keep-alive
Expires
Fri, 18 Oct 2024 18:20:26 GMT
Accept-Ranges
bytes
X-CC
US
Content-Length
9009
X-RG
NA
Date
Fri, 18 Oct 2024 18:00:26 GMT
Content-Type
application/x-javascript
Last-Modified
Wed, 16 Oct 2024 12:54:43 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
unip
trc.taboola.com/1010576/log/3/
0
715 B
Image
General
Full URL
https://trc.taboola.com/1010576/log/3/unip?en=retarget
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
image/gif
x-served-by
cache-lga21945-LGA
x-cache-hits
0
cache-control
no-cache
x-fastly-to-nlb-rtt
16763
pragma
no-cache
x-timer
S1729274426.316435,VS0,VE18
x-vcl-time-ms
18
access-control-allow-credentials
true
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-service-version
v1
server
nginx
ev.ashx
www.nextinsure.com/ListingDisplay/handlers/ Frame
0
0
Preflight
General
Full URL
https://www.nextinsure.com/ListingDisplay/handlers/ev.ashx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://accounts.bestrates.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Cache-Control
access-control-allow-methods
GET, POST
access-control-allow-origin
https://accounts.bestrates.com
access-control-max-age
2592000
alt-svc
h3=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
8d4a6d8c4ec532e4-EWR
content-length
2
content-security-policy-report-only
default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
content-type
application/json; charset=utf-8
date
Fri, 18 Oct 2024 18:00:26 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
timing-allow-origin
*
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
/
www.nextinsure.com/ListingDisplay/display/
2 KB
2 KB
XHR
General
Full URL
https://www.nextinsure.com/ListingDisplay/display/
Requested by
Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58261720e5758b8cacc47277665cabd7cf4ae471dfae9d334a8926245a83d298
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Referer

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
server-timing
retImp;dur=26, sl;dur=12
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
private
timing-allow-origin
*
access-control-allow-credentials
true
content-security-policy-report-only
default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
referrer-policy
same-origin
cf-ray
8d4a6d8c4f518c54-EWR
access-control-allow-origin
https://accounts.bestrates.com
x-xss-protection
1; mode=block
server
cloudflare
telemetry.ashx
www.nextinsure.com/ListingDisplay/handlers/ Frame
0
0
Preflight
General
Full URL
https://www.nextinsure.com/ListingDisplay/handlers/telemetry.ashx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://accounts.bestrates.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Cache-Control
access-control-allow-methods
GET, POST
access-control-allow-origin
https://accounts.bestrates.com
access-control-max-age
2592000
alt-svc
h3=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
8d4a6d8c4ec732e4-EWR
content-length
0
content-security-policy-report-only
default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
date
Fri, 18 Oct 2024 18:00:26 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
timing-allow-origin
*
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
ev.ashx
www.nextinsure.com/ListingDisplay/handlers/
2 B
812 B
XHR
General
Full URL
https://www.nextinsure.com/ListingDisplay/handlers/ev.ashx
Requested by
Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8
Referer

Response headers

cf-cache-status
DYNAMIC
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
private
timing-allow-origin
*
access-control-allow-credentials
true
content-security-policy-report-only
default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
referrer-policy
same-origin
cf-ray
8d4a6d8d08548c54-EWR
access-control-allow-origin
https://accounts.bestrates.com
content-length
2
x-xss-protection
1; mode=block
server
cloudflare
telemetry.ashx
www.nextinsure.com/ListingDisplay/handlers/
2 B
724 B
XHR
General
Full URL
https://www.nextinsure.com/ListingDisplay/handlers/telemetry.ashx
Requested by
Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8
Referer

Response headers

cf-cache-status
DYNAMIC
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
private
timing-allow-origin
*
access-control-allow-credentials
true
content-security-policy-report-only
default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
referrer-policy
same-origin
cf-ray
8d4a6d8cf8388c54-EWR
access-control-allow-origin
https://accounts.bestrates.com
content-length
2
x-xss-protection
1; mode=block
server
cloudflare
NGS6v5_NC0k9P9H2TbE.woff2
fonts.gstatic.com/s/heebo/v26/
30 KB
30 KB
Font
General
Full URL
https://fonts.gstatic.com/s/heebo/v26/NGS6v5_NC0k9P9H2TbE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:400,500,600,700,900%7CRoboto:400,500,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0b::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
964dfe7c512a6166c71c6c9791d84a9ce38c192f66e596dbc507114024a5c431
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://accounts.bestrates.com
Referer
https://fonts.googleapis.com/

Response headers

age
239848
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 15 Oct 2025 23:22:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 15 Oct 2024 23:22:58 GMT
last-modified
Wed, 31 Jan 2024 23:13:02 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
30240
x-xss-protection
0
server
sffe
NGS6v5_NC0k9P9H2TbE.woff2
fonts.gstatic.com/s/heebo/v26/
30 KB
0
Font
General
Full URL
https://fonts.gstatic.com/s/heebo/v26/NGS6v5_NC0k9P9H2TbE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:400,500,600,700,900%7CRoboto:400,500,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0b::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
964dfe7c512a6166c71c6c9791d84a9ce38c192f66e596dbc507114024a5c431
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://accounts.bestrates.com
Referer
https://fonts.googleapis.com/

Response headers

age
239848
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 15 Oct 2025 23:22:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 15 Oct 2024 23:22:58 GMT
last-modified
Wed, 31 Jan 2024 23:13:02 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
30240
x-xss-protection
0
server
sffe
NGS6v5_NC0k9P9H2TbE.woff2
fonts.gstatic.com/s/heebo/v26/
30 KB
0
Font
General
Full URL
https://fonts.gstatic.com/s/heebo/v26/NGS6v5_NC0k9P9H2TbE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:400,500,600,700,900%7CRoboto:400,500,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0b::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
964dfe7c512a6166c71c6c9791d84a9ce38c192f66e596dbc507114024a5c431
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://accounts.bestrates.com
Referer
https://fonts.googleapis.com/

Response headers

age
239848
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 15 Oct 2025 23:22:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 15 Oct 2024 23:22:58 GMT
last-modified
Wed, 31 Jan 2024 23:13:02 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
30240
x-xss-protection
0
server
sffe
NGS6v5_NC0k9P9H2TbE.woff2
fonts.gstatic.com/s/heebo/v26/
30 KB
0
Font
General
Full URL
https://fonts.gstatic.com/s/heebo/v26/NGS6v5_NC0k9P9H2TbE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:400,500,600,700,900%7CRoboto:400,500,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0b::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
964dfe7c512a6166c71c6c9791d84a9ce38c192f66e596dbc507114024a5c431
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://accounts.bestrates.com
Referer
https://fonts.googleapis.com/

Response headers

age
239848
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 15 Oct 2025 23:22:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 15 Oct 2024 23:22:58 GMT
last-modified
Wed, 31 Jan 2024 23:13:02 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
30240
x-xss-protection
0
server
sffe
NGS6v5_NC0k9P9H2TbE.woff2
fonts.gstatic.com/s/heebo/v26/
30 KB
0
Font
General
Full URL
https://fonts.gstatic.com/s/heebo/v26/NGS6v5_NC0k9P9H2TbE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:400,500,600,700,900%7CRoboto:400,500,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0b::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
964dfe7c512a6166c71c6c9791d84a9ce38c192f66e596dbc507114024a5c431
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://accounts.bestrates.com
Referer
https://fonts.googleapis.com/

Response headers

age
239848
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 15 Oct 2025 23:22:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 15 Oct 2024 23:22:58 GMT
last-modified
Wed, 31 Jan 2024 23:13:02 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
30240
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:400,500,600,700,900%7CRoboto:400,500,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0b::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://accounts.bestrates.com
Referer
https://fonts.googleapis.com/

Response headers

age
242812
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 15 Oct 2025 22:33:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 15 Oct 2024 22:33:34 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:400,500,600,700,900%7CRoboto:400,500,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0b::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://accounts.bestrates.com
Referer
https://fonts.googleapis.com/

Response headers

age
233496
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 16 Oct 2025 01:08:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 01:08:50 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18588
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:400,500,600,700,900%7CRoboto:400,500,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0b::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://accounts.bestrates.com
Referer
https://fonts.googleapis.com/

Response headers

age
242820
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 15 Oct 2025 22:33:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 15 Oct 2024 22:33:26 GMT
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18596
x-xss-protection
0
server
sffe
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1055505811/
5 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1055505811/?random=1729274426333&cv=11&fst=1729274426333&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v9130089605z86772502za201zb6772502&gcd=13l3l3l3l1l1&dma=0&tag_exp=101529665~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Faccounts.bestrates.com%2Fsavings-and-money-market-accounts&hn=www.googleadservices.com&frm=0&tiba=High%20Interest%20Savings%20and%20Money%20Market%20Accounts%20Online&npa=0&pscdl=noapi&auid=116360056.1729274426&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-1055505811&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c1d::9b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f9c951acb6cff94e407fb1139c21bb1a8c986a0deed771be0f96d6794d353914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2343
date
Fri, 18 Oct 2024 18:00:26 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
1055505811
td.doubleclick.net/td/rul/ Frame 38FA
0
0
Document
General
Full URL
https://td.doubleclick.net/td/rul/1055505811?random=1729274426333&cv=11&fst=1729274426333&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v9130089605z86772502za201zb6772502&gcd=13l3l3l3l1l1&dma=0&tag_exp=101529665~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Faccounts.bestrates.com%2Fsavings-and-money-market-accounts&hn=www.googleadservices.com&frm=0&tiba=High%20Interest%20Savings%20and%20Money%20Market%20Accounts%20Online&npa=0&pscdl=noapi&auid=116360056.1729274426&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-1055505811&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0e::9b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
1194
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 18 Oct 2024 18:00:26 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
16003851.js
bat.bing.com/p/action/
370 B
424 B
Script
General
Full URL
https://bat.bing.com/p/action/16003851.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7f47f02c93d5de5de03db0ebffa39fe1060767437b086996e295c9818a05b2f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2C9041D1C6AD492CB199A674C7348362 Ref B: EWR30EDGE0413 Ref C: 2024-10-18T18:00:26Z
x-cache
CONFIG_NOCACHE
date
Fri, 18 Oct 2024 18:00:25 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
0
bat.bing.com/action/
0
359 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=16003851&tm=gtm002&Ver=2&mid=0e67a971-616d-486f-b9a8-e43bdbc5e8e8&bo=1&sid=da9121408d7a11efb881615574c09516&vid=da9139008d7a11ef9131c990a9081162&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1600&sh=1200&sc=24&tl=High%20Interest%20Savings%20and%20Money%20Market%20Accounts%20Online&kw=saving,%20savings%20account,%20money%20market,%20money%20markets,%20accounts,%20interest,%20yield,%20yields,%20yielding,%20high,%20highest,%20rate,%20rates,%20best,%20top,%20online,%20open,%20compare,%20apply,%20earn,%20earning,%20personal,%20joint,%20jumbo,%20custodial,%20baby,%20infant,%20kid,%20kids,%20child,%20children,%20grandchild,%20grandchildren,%20teen,%20teenager&p=https%3A%2F%2Faccounts.bestrates.com%2Fsavings-and-money-market-accounts&r=&lt=983&evt=pageLoad&sv=1&cdb=AQAQ&rn=43870
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B113857057D84020B0368EFD101FD245 Ref B: EWR30EDGE0413 Ref C: 2024-10-18T18:00:26Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Fri, 18 Oct 2024 18:00:25 GMT
/
www.google.com/pagead/1p-user-list/1055505811/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/1055505811/?random=1729274426333&cv=11&fst=1729274400000&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v9130089605z86772502za201zb6772502&gcd=13l3l3l3l1l1&dma=0&tag_exp=101529665~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Faccounts.bestrates.com%2Fsavings-and-money-market-accounts&hn=www.googleadservices.com&frm=0&tiba=High%20Interest%20Savings%20and%20Money%20Market%20Accounts%20Online&npa=0&pscdl=noapi&auid=116360056.1729274426&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfggTXUjjQIHQBVFj6QKA42j9JU15T4g&random=3629550626&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0b::93 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 18 Oct 2024 18:00:26 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.nextinsure.com/ListingDisplay/display/
10 KB
4 KB
XHR
General
Full URL
https://www.nextinsure.com/ListingDisplay/display/
Requested by
Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a45d6368b8fecd9267c5206e2a1127c617f510dcf5bda82a953c6aae46f2b2fb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Referer

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
server-timing
retImp;dur=30, sl;dur=20, alg;dur=0
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
private
timing-allow-origin
*
access-control-allow-credentials
true
content-security-policy-report-only
default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
referrer-policy
same-origin
cf-ray
8d4a6d8d98e18c54-EWR
access-control-allow-origin
https://accounts.bestrates.com
x-xss-protection
1; mode=block
server
cloudflare
ev.ashx
www.nextinsure.com/ListingDisplay/handlers/
2 B
724 B
XHR
General
Full URL
https://www.nextinsure.com/ListingDisplay/handlers/ev.ashx
Requested by
Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8
Referer

Response headers

cf-cache-status
DYNAMIC
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
private
timing-allow-origin
*
access-control-allow-credentials
true
content-security-policy-report-only
default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
referrer-policy
same-origin
cf-ray
8d4a6d8d98e38c54-EWR
access-control-allow-origin
https://accounts.bestrates.com
content-length
2
x-xss-protection
1; mode=block
server
cloudflare
imp_px.ashx
www.nextinsure.com/ListingDisplay/handlers/ Frame
0
0
Preflight
General
Full URL
https://www.nextinsure.com/ListingDisplay/handlers/imp_px.ashx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://accounts.bestrates.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Cache-Control
access-control-allow-methods
GET, POST
access-control-allow-origin
https://accounts.bestrates.com
access-control-max-age
2592000
alt-svc
h3=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
8d4a6d8da84d32e4-EWR
content-length
0
content-security-policy-report-only
default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
date
Fri, 18 Oct 2024 18:00:26 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
timing-allow-origin
*
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
imp_px.ashx
www.nextinsure.com/ListingDisplay/handlers/
49 B
748 B
XHR
General
Full URL
https://www.nextinsure.com/ListingDisplay/handlers/imp_px.ashx
Requested by
Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93db6ff0af01c1416a4cf5643fa970e6facf75aa2c38a66404085039c2314e33
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8
Referer

Response headers

cf-cache-status
DYNAMIC
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
image/gif
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
private
timing-allow-origin
*
access-control-allow-credentials
true
content-security-policy-report-only
default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
referrer-policy
same-origin
cf-ray
8d4a6d8e59ba8c54-EWR
access-control-allow-origin
https://accounts.bestrates.com
content-length
49
x-xss-protection
1; mode=block
server
cloudflare
telemetry.ashx
www.nextinsure.com/ListingDisplay/handlers/
2 B
724 B
XHR
General
Full URL
https://www.nextinsure.com/ListingDisplay/handlers/telemetry.ashx
Requested by
Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8
Referer

Response headers

cf-cache-status
DYNAMIC
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
private
timing-allow-origin
*
access-control-allow-credentials
true
content-security-policy-report-only
default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
referrer-policy
same-origin
cf-ray
8d4a6d8da9008c54-EWR
access-control-allow-origin
https://accounts.bestrates.com
content-length
2
x-xss-protection
1; mode=block
server
cloudflare
telemetry.ashx
www.nextinsure.com/ListingDisplay/handlers/
2 B
724 B
XHR
General
Full URL
https://www.nextinsure.com/ListingDisplay/handlers/telemetry.ashx
Requested by
Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8
Referer

Response headers

cf-cache-status
DYNAMIC
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
private
timing-allow-origin
*
access-control-allow-credentials
true
content-security-policy-report-only
default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
referrer-policy
same-origin
cf-ray
8d4a6d8da9028c54-EWR
access-control-allow-origin
https://accounts.bestrates.com
content-length
2
x-xss-protection
1; mode=block
server
cloudflare
opt
cdn.nextinsure.com/imaging/
8 KB
8 KB
Image
General
Full URL
https://cdn.nextinsure.com/imaging/opt?u=aHR0cHM6Ly9pbWFnZXNlcnZlci5xdWluc3RyZWV0LmNvbS9jb250ZW50L29uZS8zMzM0L0JldHRlcm1lbnRfTG9nb180OTZ4MjgwX3VwZGF0ZWQxMi44LjIyLmpwZw%3d%3d&w=150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d406438f765ce96245ba1fe9c92a01e05f465df406ffed6d6d4e09cf3c71c287
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-origin-s
G1
cf-bgj
h2pri
cf-cache-status
HIT
age
267123
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 18:00:26 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
image/jpeg
last-modified
Tue, 15 Oct 2024 15:43:51 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
x-aspnet-version
4.0.30319
referrer-policy
same-origin
cf-ray
8d4a6d8df9578c54-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
opt
cdn.nextinsure.com/imaging/
6 KB
6 KB
Image
General
Full URL
https://cdn.nextinsure.com/imaging/opt?u=aHR0cHM6Ly9pbWFnZXNlcnZlci5xdWluc3RyZWV0LmNvbS9jb250ZW50L29uZS8zMzM0L0JldHRlcm1lbnRfTG9nb180OTZ4MjgwX3VwZGF0ZWQxMi44LjIyLmpwZw%3d%3d&w=130
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6745ec73d464d8a53f4e584c475295aaa46979661d10a05e3d0b83fd47dd1f62
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-origin-s
D2
cf-bgj
h2pri
cf-cache-status
HIT
age
61174
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 18:00:26 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
image/jpeg
last-modified
Fri, 18 Oct 2024 00:54:46 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
x-aspnet-version
4.0.30319
referrer-policy
same-origin
cf-ray
8d4a6d8df9548c54-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
truncated
/
444 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
55940aebfb92d6b34636e41c2f8ca1523bd3461ffd29576e0ca59aba0884c492

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
519 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f50b412a99d1ad4e34c80f4e4529ec7b8cbe371d5d01492ae9fcfc3c9d4b1fb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v27/
40 KB
40 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0b::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f9dddb63471d51abd7cf3cdf75c3e4b3e8beb21b53c22cda24dae68eeeea6ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://accounts.bestrates.com
Referer
https://accounts.bestrates.com/

Response headers

age
228260
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 16 Oct 2025 02:36:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 02:36:06 GMT
last-modified
Tue, 21 Sep 2021 23:16:38 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
40528
x-xss-protection
0
server
sffe
00e3c6461d93e85f1f5ebab35ed4e601ae
wave.outbrain.com/mtWavesBundler/handler/
2 B
516 B
Script
General
Full URL
https://wave.outbrain.com/mtWavesBundler/handler/00e3c6461d93e85f1f5ebab35ed4e601ae
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.205.76 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-205-76.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
Cache-Control
max-age=60
ob-sent-time
1729209405222
Content-Encoding
gzip
ETag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Connection
keep-alive
Expires
Fri, 18 Oct 2024 18:01:26 GMT
Access-Control-Allow-Origin
*
X-CC
US
Content-Length
22
X-RG
NA
Date
Fri, 18 Oct 2024 18:00:26 GMT
Content-Type
text/html; charset=utf-8
Vary
Accept-Encoding
x-traceid
31968243ce26fa8a0df99d9ffb80c9c5
topics
amplify.outbrain.com/
26 B
301 B
Fetch
General
Full URL
https://amplify.outbrain.com/topics
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.205.76 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-205-76.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control
max-age=1200
Connection
keep-alive
Observe-Browsing-Topics
?1
Expires
Fri, 18 Oct 2024 18:20:26 GMT
Access-Control-Allow-Origin
*
X-CC
US
Content-Length
26
X-RG
NA
Date
Fri, 18 Oct 2024 18:00:26 GMT
Content-Type
text/html
unifiedPixel
tr.outbrain.com/
53 B
321 B
Fetch
General
Full URL
https://tr.outbrain.com/unifiedPixel?au=false&bust=009294594703275583&referrer=&cht=gtm&marketerId=00e3c6461d93e85f1f5ebab35ed4e601ae&name=PAGE_VIEW&dl=https%3A%2F%2Faccounts.bestrates.com%2Fsavings-and-money-market-accounts&g=1&obApiVersion=1.1&obtpVersion=2.0.5
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
content-length
54
content-encoding
br
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
image/gif;
x-traceid
fb574edde3dadef2a42f01dd18ef326e
cachedClickId
tr.outbrain.com/
35 B
293 B
Script
General
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=00e3c6461d93e85f1f5ebab35ed4e601ae
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
39
content-encoding
br
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
application/javascript
x-traceid
994b899c1216fb706584c3e9a5d83cd9
imp_px.ashx
www.nextinsure.com/ListingDisplay/handlers/ Frame
0
0
Preflight
General
Full URL
https://www.nextinsure.com/ListingDisplay/handlers/imp_px.ashx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://accounts.bestrates.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Cache-Control
access-control-allow-methods
GET, POST
access-control-allow-origin
https://accounts.bestrates.com
access-control-max-age
2592000
alt-svc
h3=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
8d4a6d8e38e132e4-EWR
content-length
0
content-security-policy-report-only
default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
date
Fri, 18 Oct 2024 18:00:26 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
timing-allow-origin
*
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
imp_px.ashx
www.nextinsure.com/ListingDisplay/handlers/
49 B
748 B
XHR
General
Full URL
https://www.nextinsure.com/ListingDisplay/handlers/imp_px.ashx
Requested by
Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93db6ff0af01c1416a4cf5643fa970e6facf75aa2c38a66404085039c2314e33
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8
Referer

Response headers

cf-cache-status
DYNAMIC
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
image/gif
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
private
timing-allow-origin
*
access-control-allow-credentials
true
content-security-policy-report-only
default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
referrer-policy
same-origin
cf-ray
8d4a6d8eda5f8c54-EWR
access-control-allow-origin
https://accounts.bestrates.com
content-length
49
x-xss-protection
1; mode=block
server
cloudflare
telemetry.ashx
www.nextinsure.com/ListingDisplay/handlers/
2 B
724 B
XHR
General
Full URL
https://www.nextinsure.com/ListingDisplay/handlers/telemetry.ashx
Requested by
Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8
Referer

Response headers

cf-cache-status
DYNAMIC
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
private
timing-allow-origin
*
access-control-allow-credentials
true
content-security-policy-report-only
default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
referrer-policy
same-origin
cf-ray
8d4a6d8e39968c54-EWR
access-control-allow-origin
https://accounts.bestrates.com
content-length
2
x-xss-protection
1; mode=block
server
cloudflare
opt
cdn.nextinsure.com/imaging/
11 KB
12 KB
Image
General
Full URL
https://cdn.nextinsure.com/imaging/opt?u=aHR0cHM6Ly9pbWFnZXNlcnZlci5xdWluc3RyZWV0LmNvbS9jb250ZW50L29uZS83Nzc5L1NvRmlfTG9nb19Eb3dubG9hZF8xMC4yMDIzLmpwZw%3d%3d&w=150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd7931c36437d5a9f863f1bf645d50e10259f0115dd7839ca269062c163e898d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-origin-s
F3
cf-bgj
h2pri
cf-cache-status
HIT
age
267123
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 18:00:26 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
image/jpeg
last-modified
Tue, 15 Oct 2024 15:43:50 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
x-aspnet-version
4.0.30319
referrer-policy
same-origin
cf-ray
8d4a6d8e39988c54-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
opt
cdn.nextinsure.com/imaging/
10 KB
10 KB
Image
General
Full URL
https://cdn.nextinsure.com/imaging/opt?u=aHR0cHM6Ly9pbWFnZXNlcnZlci5xdWluc3RyZWV0LmNvbS9jb250ZW50L29uZS83Nzc5L1NvRmlfTG9nb19Eb3dubG9hZF8xMC4yMDIzLmpwZw%3d%3d&w=130
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acb20a3284613939e681daf4652d2f259cceb47cf7101e152166181995082d47
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-origin-s
G1
cf-bgj
h2pri
cf-cache-status
HIT
age
61070
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 18:00:26 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
image/jpeg
last-modified
Fri, 18 Oct 2024 00:54:46 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
x-aspnet-version
4.0.30319
referrer-policy
same-origin
cf-ray
8d4a6d8e399b8c54-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
opt
cdn.nextinsure.com/imaging/
12 KB
12 KB
Image
General
Full URL
https://cdn.nextinsure.com/imaging/opt?u=aHR0cHM6Ly9pbWFnZXNlcnZlci5xdWluc3RyZWV0LmNvbS9jb250ZW50L29uZS85Nzg4Lzk1NTM4NThkLWJhYzQtNGEyNS04YTE1LWI3YWMzOGFkZTJjMy5qcGc%3d&w=150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b66f0c1dd44cb2a20a05f83b2d256c99abe23f0a40908550382c149fa019e5f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-origin-s
E1
cf-bgj
h2pri
cf-cache-status
HIT
age
267123
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 18:00:26 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
image/jpeg
last-modified
Tue, 15 Oct 2024 15:43:50 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
x-aspnet-version
4.0.30319
referrer-policy
same-origin
cf-ray
8d4a6d8e399d8c54-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
opt
cdn.nextinsure.com/imaging/
10 KB
10 KB
Image
General
Full URL
https://cdn.nextinsure.com/imaging/opt?u=aHR0cHM6Ly9pbWFnZXNlcnZlci5xdWluc3RyZWV0LmNvbS9jb250ZW50L29uZS85Nzg4Lzk1NTM4NThkLWJhYzQtNGEyNS04YTE1LWI3YWMzOGFkZTJjMy5qcGc%3d&w=130
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7f9e0de8a252c0ba2a415661a042d0e92c4ef6b8836947652aa5e41a38a0180
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-origin-s
E3
cf-bgj
h2pri
cf-cache-status
HIT
age
60858
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 18:00:26 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
image/jpeg
last-modified
Fri, 18 Oct 2024 00:54:46 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
x-aspnet-version
4.0.30319
referrer-policy
same-origin
cf-ray
8d4a6d8e399e8c54-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
opt
cdn.nextinsure.com/imaging/
6 KB
6 KB
Image
General
Full URL
https://cdn.nextinsure.com/imaging/opt?u=aHR0cHM6Ly9pbWFnZXNlcnZlci5xdWluc3RyZWV0LmNvbS9jb250ZW50L29uZS8zMTA3L1N5bmNocm9ueUxvZ29fNDk2eDI4MC5qcGc%3d&w=150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58fb6f60872f1d6b4ce9e97b3928bdce223d7e9a799794d2ae51fb5cc3cbe32e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-origin-s
E2
cf-bgj
h2pri
cf-cache-status
HIT
age
267089
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 18:00:26 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
image/jpeg
last-modified
Tue, 15 Oct 2024 15:43:50 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
x-aspnet-version
4.0.30319
referrer-policy
same-origin
cf-ray
8d4a6d8e49a58c54-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
opt
cdn.nextinsure.com/imaging/
5 KB
5 KB
Image
General
Full URL
https://cdn.nextinsure.com/imaging/opt?u=aHR0cHM6Ly9pbWFnZXNlcnZlci5xdWluc3RyZWV0LmNvbS9jb250ZW50L29uZS8zMTA3L1N5bmNocm9ueUxvZ29fNDk2eDI4MC5qcGc%3d&w=130
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af7396be1c33641da57f6670206e277963187b29ea1a30dc32389c88ddd9b1cf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-origin-s
H3
cf-bgj
h2pri
cf-cache-status
HIT
age
61155
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 18:00:26 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
image/jpeg
last-modified
Fri, 18 Oct 2024 00:54:46 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
x-aspnet-version
4.0.30319
referrer-policy
same-origin
cf-ray
8d4a6d8e49a68c54-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
opt
cdn.nextinsure.com/imaging/
10 KB
10 KB
Image
General
Full URL
https://cdn.nextinsure.com/imaging/opt?u=aHR0cHM6Ly9pbWFnZXNlcnZlci5xdWluc3RyZWV0LmNvbS9jb250ZW50L29uZS81Mzk1L0FtZXhfTWF5MjAyMl9Mb2dvXzQ5NngyODAuanBn&w=150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2d9cd75c14f31ed384db34183dda9a1cb1302df05b9789f97a2aa09e23aabed
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-origin-s
F2
cf-bgj
h2pri
cf-cache-status
HIT
age
267123
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 18:00:26 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
image/jpeg
last-modified
Tue, 15 Oct 2024 15:43:50 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
x-aspnet-version
4.0.30319
referrer-policy
same-origin
cf-ray
8d4a6d8e49a78c54-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
opt
cdn.nextinsure.com/imaging/
8 KB
8 KB
Image
General
Full URL
https://cdn.nextinsure.com/imaging/opt?u=aHR0cHM6Ly9pbWFnZXNlcnZlci5xdWluc3RyZWV0LmNvbS9jb250ZW50L29uZS81Mzk1L0FtZXhfTWF5MjAyMl9Mb2dvXzQ5NngyODAuanBn&w=130
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3939c6ade6dfd5c5113df683a065295d9e19704a469805d572ea4923637f4581
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-origin-s
A1
cf-bgj
h2pri
cf-cache-status
HIT
age
60858
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 18:00:26 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
image/jpeg
last-modified
Fri, 18 Oct 2024 00:54:46 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
x-aspnet-version
4.0.30319
referrer-policy
same-origin
cf-ray
8d4a6d8e49a98c54-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
opt
cdn.nextinsure.com/imaging/
9 KB
10 KB
Image
General
Full URL
https://cdn.nextinsure.com/imaging/opt?u=aHR0cHM6Ly9pbWFnZXNlcnZlci5xdWluc3RyZWV0LmNvbS9jb250ZW50L29uZS80MzA2L2I1MWQ4YjdkLWQwYjMtNDY0Yy05ODhkLTZlZjkyMjUwYzRmMi5qcGc%3d&w=150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c5b89a9f0ccebdd1ae19d9ff42734fc31e69b4bba65004175167506300e8f0f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-origin-s
E2
cf-bgj
h2pri
cf-cache-status
HIT
age
267089
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 18:00:26 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
image/jpeg
last-modified
Tue, 15 Oct 2024 15:43:51 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
x-aspnet-version
4.0.30319
referrer-policy
same-origin
cf-ray
8d4a6d8e49aa8c54-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
opt
cdn.nextinsure.com/imaging/
8 KB
8 KB
Image
General
Full URL
https://cdn.nextinsure.com/imaging/opt?u=aHR0cHM6Ly9pbWFnZXNlcnZlci5xdWluc3RyZWV0LmNvbS9jb250ZW50L29uZS80MzA2L2I1MWQ4YjdkLWQwYjMtNDY0Yy05ODhkLTZlZjkyMjUwYzRmMi5qcGc%3d&w=130
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
096ce10d291b4db53e1301f3a8891e427274707817f551080e335ae4a7c102f0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-origin-s
H1
cf-bgj
h2pri
cf-cache-status
HIT
age
60858
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 18:00:26 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
image/jpeg
last-modified
Fri, 18 Oct 2024 00:54:46 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
x-aspnet-version
4.0.30319
referrer-policy
same-origin
cf-ray
8d4a6d8e49ab8c54-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
opt
cdn.nextinsure.com/imaging/
6 KB
6 KB
Image
General
Full URL
https://cdn.nextinsure.com/imaging/opt?u=aHR0cHM6Ly9pbWFnZXNlcnZlci5xdWluc3RyZWV0LmNvbS9jb250ZW50L29uZS81ODI3L1VGQl9EaXJlY3RfTG9nb180OTZ4MjgwICgxKSAoMSkuanBn&w=150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20eb33f50879ae2701bb633a4fb0cb465a486c120c66e9a0c8be7c78fb9b44ff
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-origin-s
F1
cf-bgj
h2pri
cf-cache-status
HIT
age
267123
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 18:00:26 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
image/jpeg
last-modified
Tue, 15 Oct 2024 15:43:51 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
x-aspnet-version
4.0.30319
referrer-policy
same-origin
cf-ray
8d4a6d8e49ad8c54-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
opt
cdn.nextinsure.com/imaging/
4 KB
5 KB
Image
General
Full URL
https://cdn.nextinsure.com/imaging/opt?u=aHR0cHM6Ly9pbWFnZXNlcnZlci5xdWluc3RyZWV0LmNvbS9jb250ZW50L29uZS81ODI3L1VGQl9EaXJlY3RfTG9nb180OTZ4MjgwICgxKSAoMSkuanBn&w=130
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30ae7993d0450c74428086b6c954d75d47e7b5a1514316b11d32bbabd99373b5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-origin-s
H1
cf-bgj
h2pri
cf-cache-status
HIT
age
60858
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 18:00:26 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
image/jpeg
last-modified
Fri, 18 Oct 2024 00:54:46 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
x-aspnet-version
4.0.30319
referrer-policy
same-origin
cf-ray
8d4a6d8e49af8c54-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
opt
cdn.nextinsure.com/imaging/
4 KB
4 KB
Image
General
Full URL
https://cdn.nextinsure.com/imaging/opt?u=aHR0cHM6Ly9pbWFnZXNlcnZlci5xdWluc3RyZWV0LmNvbS9jb250ZW50L29uZS8xNjYvV0FCIExvZ28gVXBkYXRlIC0gV2hpdGUgQmFja2dyb3VuZCAtIDQ5NngyODAgLSA3LjIwMjQucG5n&w=150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d503ccd31454135c2c0a661185f66622a263fb88875513b9ddaacfa5ffeb24ac
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-origin-s
H3
cf-cache-status
HIT
age
267089
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 18:00:26 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
image/png
last-modified
Tue, 15 Oct 2024 15:43:50 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
x-aspnet-version
4.0.30319
referrer-policy
same-origin
cf-ray
8d4a6d8e49b08c54-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
opt
cdn.nextinsure.com/imaging/
3 KB
3 KB
Image
General
Full URL
https://cdn.nextinsure.com/imaging/opt?u=aHR0cHM6Ly9pbWFnZXNlcnZlci5xdWluc3RyZWV0LmNvbS9jb250ZW50L29uZS8xNjYvV0FCIExvZ28gVXBkYXRlIC0gV2hpdGUgQmFja2dyb3VuZCAtIDQ5NngyODAgLSA3LjIwMjQucG5n&w=130
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd55a6c45dad14f56dc7d0e16c5a0ffe193c174d1f81e7f8a126957b9cb504aa
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-origin-s
A1
cf-cache-status
HIT
age
61174
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 18:00:26 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
image/png
last-modified
Fri, 18 Oct 2024 00:54:47 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
x-aspnet-version
4.0.30319
referrer-policy
same-origin
cf-ray
8d4a6d8e49b28c54-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
B29760667.405132401;dc_pre=CKGyrp_BmIkDFX43iAkdSV0lAQ;dc_trk_aid=597073238;dc_trk_cid=223594161;ord=638648530365257090;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr...
ad.doubleclick.net/ddm/trackimp/N3282.QuinnStreet/
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N3282.QuinnStreet/B29760667.405132401;dc_trk_aid=597073238;dc_trk_cid=223594161;ord=638648530365257090;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfu...
  • https://ad.doubleclick.net/ddm/trackimp/N3282.QuinnStreet/B29760667.405132401;dc_pre=CKGyrp_BmIkDFX43iAkdSV0lAQ;dc_trk_aid=597073238;dc_trk_cid=223594161;ord=638648530365257090;dc_lat=;dc_rdid=;tag...
42 B
67 B
Image
General
Full URL
https://ad.doubleclick.net/ddm/trackimp/N3282.QuinnStreet/B29760667.405132401;dc_pre=CKGyrp_BmIkDFX43iAkdSV0lAQ;dc_trk_aid=597073238;dc_trk_cid=223594161;ord=638648530365257090;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?
Protocol
H3
Server
209.85.144.148 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f148.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
42
date
Fri, 18 Oct 2024 18:00:26 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
location
https://ad.doubleclick.net/ddm/trackimp/N3282.QuinnStreet/B29760667.405132401;dc_pre=CKGyrp_BmIkDFX43iAkdSV0lAQ;dc_trk_aid=597073238;dc_trk_cid=223594161;ord=638648530365257090;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?
pragma
no-cache
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Fri, 18 Oct 2024 18:00:26 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
cafe
B22113503.236413603;dc_pre=CIu0rp_BmIkDFWBtRwEd_zwoZA;dc_trk_aid=433913379;dc_trk_cid=110088570;u=QS5110014;ord=638648530365257090;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimpj/N553.amex/
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimpj/N553.amex/B22113503.236413603;dc_trk_aid=433913379;dc_trk_cid=110088570;u=QS5110014;ord=638648530365257090;dc_lat=;dc_rdid=;tag_for_child_directed_treatment...
  • https://ad.doubleclick.net/ddm/trackimpj/N553.amex/B22113503.236413603;dc_pre=CIu0rp_BmIkDFWBtRwEd_zwoZA;dc_trk_aid=433913379;dc_trk_cid=110088570;u=QS5110014;ord=638648530365257090;dc_lat=;dc_rdid...
16 KB
16 KB
Image
General
Full URL
https://ad.doubleclick.net/ddm/trackimpj/N553.amex/B22113503.236413603;dc_pre=CIu0rp_BmIkDFWBtRwEd_zwoZA;dc_trk_aid=433913379;dc_trk_cid=110088570;u=QS5110014;ord=638648530365257090;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Protocol
H3
Server
209.85.144.148 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f148.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
15179
date
Fri, 18 Oct 2024 18:00:26 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe

Redirect headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
location
https://ad.doubleclick.net/ddm/trackimpj/N553.amex/B22113503.236413603;dc_pre=CIu0rp_BmIkDFWBtRwEd_zwoZA;dc_trk_aid=433913379;dc_trk_cid=110088570;u=QS5110014;ord=638648530365257090;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
pragma
no-cache
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Fri, 18 Oct 2024 18:00:26 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
cafe
/
www.nextinsure.com/ListingDisplay/display/
2 KB
2 KB
XHR
General
Full URL
https://www.nextinsure.com/ListingDisplay/display/
Requested by
Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3c74dfc01dd427038aa0152dfca701d84e0ef8b2ecdfaea0188e7dd74854981
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Referer

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
server-timing
retImp;dur=26, sl;dur=17
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
private
timing-allow-origin
*
access-control-allow-credentials
true
content-security-policy-report-only
default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
referrer-policy
same-origin
cf-ray
8d4a6d8e49b48c54-EWR
access-control-allow-origin
https://accounts.bestrates.com
x-xss-protection
1; mode=block
server
cloudflare
telemetry.ashx
www.nextinsure.com/ListingDisplay/handlers/
2 B
724 B
XHR
General
Full URL
https://www.nextinsure.com/ListingDisplay/handlers/telemetry.ashx
Requested by
Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8
Referer

Response headers

cf-cache-status
DYNAMIC
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
private
timing-allow-origin
*
access-control-allow-credentials
true
content-security-policy-report-only
default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
referrer-policy
same-origin
cf-ray
8d4a6d8e49b68c54-EWR
access-control-allow-origin
https://accounts.bestrates.com
content-length
2
x-xss-protection
1; mode=block
server
cloudflare
imp_px.ashx
www.nextinsure.com/ListingDisplay/handlers/
49 B
748 B
XHR
General
Full URL
https://www.nextinsure.com/ListingDisplay/handlers/imp_px.ashx
Requested by
Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93db6ff0af01c1416a4cf5643fa970e6facf75aa2c38a66404085039c2314e33
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8
Referer

Response headers

cf-cache-status
DYNAMIC
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
image/gif
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
private
timing-allow-origin
*
access-control-allow-credentials
true
content-security-policy-report-only
default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
referrer-policy
same-origin
cf-ray
8d4a6d8fbbbc8c54-EWR
access-control-allow-origin
https://accounts.bestrates.com
content-length
49
x-xss-protection
1; mode=block
server
cloudflare
telemetry.ashx
www.nextinsure.com/ListingDisplay/handlers/
2 B
725 B
XHR
General
Full URL
https://www.nextinsure.com/ListingDisplay/handlers/telemetry.ashx
Requested by
Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8
Referer

Response headers

cf-cache-status
DYNAMIC
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
private
timing-allow-origin
*
access-control-allow-credentials
true
content-security-policy-report-only
default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
referrer-policy
same-origin
cf-ray
8d4a6d8fbbbd8c54-EWR
access-control-allow-origin
https://accounts.bestrates.com
content-length
2
x-xss-protection
1; mode=block
server
cloudflare
opt
cdn.nextinsure.com/imaging/
13 KB
13 KB
Image
General
Full URL
https://cdn.nextinsure.com/imaging/opt?u=aHR0cHM6Ly9pbWFnZXNlcnZlci5xdWluc3RyZWV0LmNvbS9jb250ZW50L29uZS8xNjI0L01hcmN1c19Mb2dvXzQ5NngyODBfVXBkYXRlZDExLjIwMjMuanBn&w=150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
882d6315675b65f23d7fc7803709f49eeb557b358ee32db86fbe20b194651e72
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-origin-s
G3
cf-bgj
h2pri
cf-cache-status
HIT
age
266468
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 18:00:26 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
image/jpeg
last-modified
Tue, 15 Oct 2024 15:45:32 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31536000
x-aspnet-version
4.0.30319
referrer-policy
same-origin
cf-ray
8d4a6d8fbbc18c54-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
B26995872.327767208;dc_pre=CJu2uZ_BmIkDFWIFaAgd6ikL2w;dc_trk_aid=519897804;dc_trk_cid=165879770;u=285d05f75b40636c9676b31029ad6fd4;ord=638648530367923278;dc_lat=;dc_rdid=;tag_for_child_directed_tre...
ad.doubleclick.net/ddm/trackimp/N450204.112817QUINSTREET/
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N450204.112817QUINSTREET/B26995872.327767208;dc_trk_aid=519897804;dc_trk_cid=165879770;u=285d05f75b40636c9676b31029ad6fd4;ord=638648530367923278;dc_lat=;dc_r...
  • https://ad.doubleclick.net/ddm/trackimp/N450204.112817QUINSTREET/B26995872.327767208;dc_pre=CJu2uZ_BmIkDFWIFaAgd6ikL2w;dc_trk_aid=519897804;dc_trk_cid=165879770;u=285d05f75b40636c9676b31029ad6fd4;o...
42 B
64 B
Image
General
Full URL
https://ad.doubleclick.net/ddm/trackimp/N450204.112817QUINSTREET/B26995872.327767208;dc_pre=CJu2uZ_BmIkDFWIFaAgd6ikL2w;dc_trk_aid=519897804;dc_trk_cid=165879770;u=285d05f75b40636c9676b31029ad6fd4;ord=638648530367923278;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
Protocol
H3
Server
209.85.144.148 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f148.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
42
date
Fri, 18 Oct 2024 18:00:26 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
location
https://ad.doubleclick.net/ddm/trackimp/N450204.112817QUINSTREET/B26995872.327767208;dc_pre=CJu2uZ_BmIkDFWIFaAgd6ikL2w;dc_trk_aid=519897804;dc_trk_cid=165879770;u=285d05f75b40636c9676b31029ad6fd4;ord=638648530367923278;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
pragma
no-cache
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Fri, 18 Oct 2024 18:00:26 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
cafe
/
www.nextinsure.com/ListingDisplay/display/
2 KB
2 KB
XHR
General
Full URL
https://www.nextinsure.com/ListingDisplay/display/
Requested by
Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d595bf0f233a104e317b70c24b7bdd79b647591b414a2753ac310646951cba2a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Referer

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
server-timing
retImp;dur=46, sl;dur=17
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:27 GMT
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
private
timing-allow-origin
*
access-control-allow-credentials
true
content-security-policy-report-only
default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
referrer-policy
same-origin
cf-ray
8d4a6d8febf28c54-EWR
access-control-allow-origin
https://accounts.bestrates.com
x-xss-protection
1; mode=block
server
cloudflare
telemetry.ashx
www.nextinsure.com/ListingDisplay/handlers/
2 B
725 B
XHR
General
Full URL
https://www.nextinsure.com/ListingDisplay/handlers/telemetry.ashx
Requested by
Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8
Referer

Response headers

cf-cache-status
DYNAMIC
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:26 GMT
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
private
timing-allow-origin
*
access-control-allow-credentials
true
content-security-policy-report-only
default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
referrer-policy
same-origin
cf-ray
8d4a6d8ffbf48c54-EWR
access-control-allow-origin
https://accounts.bestrates.com
content-length
2
x-xss-protection
1; mode=block
server
cloudflare
telemetry.ashx
www.nextinsure.com/ListingDisplay/handlers/
2 B
724 B
XHR
General
Full URL
https://www.nextinsure.com/ListingDisplay/handlers/telemetry.ashx
Requested by
Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8
Referer

Response headers

cf-cache-status
DYNAMIC
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 18:00:27 GMT
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
private
timing-allow-origin
*
access-control-allow-credentials
true
content-security-policy-report-only
default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
referrer-policy
same-origin
cf-ray
8d4a6d91ee678c54-EWR
access-control-allow-origin
https://accounts.bestrates.com
content-length
2
x-xss-protection
1; mode=block
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
accounts.bestrates.com
URL
blob:https://accounts.bestrates.com/f406cb12-dc0e-4c76-b878-e7ef3e6a2aea

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| __cfQR object| __cfBeacon object| dataLayer function| $ function| jQuery number| uidEvent object| bootstrap object| QS_Cookie object| urlParams object| campaignParams object| extClickIdParams object| _wpemojiSettings string| ajaxurl object| ShWebFont object| shNunjucks object| sh object| widget_config_sa string| cookieZipcode string| cookieSrc string| cookieQuadUrl string| cookieNiLPUrl object| trackingParam object| widget_config_cd_sec634471729273623_640813 object| widget_config_investement_sec153941729273623_692787 object| widget_config_cashmgmt_sec933681729273623_691116 boolean| __cfRLUnblockHandlers object| XsoEYkJaVnZymBdl_fonts function| initializeWidget object| nunjucksPrecompiled object| twemoji object| wp object| google_tag_manager object| google_tag_data object| aFRmiKPShTHKaeWX_fonts function| obApi object| wjQInjcAjdjaqpFK_fonts object| GooglebQhCsO function| UET function| UET_init function| UET_push object| ueto_38c3de360b object| uetq function| apiObj

16 Cookies

Domain/Path Name / Value
.bestrates.com/ Name: __cf_bm
Value: crjzlQmj7to37e5KJLAzguM6Rn1gKrf96Jx_AgdsCP4-1729274425-1.0.1.1-0y.M6oW5qKHhjzz_rvQGUcxJkicDX3GJjF9YYW57ENQ.9azgiaSjcJ372ATBee6Bsjvr37dZow05uhKdOoQ74A
.nextinsure.com/ Name: __cf_bm
Value: U4xSMroYFTcZyf7eOZIv8QxfVWFJsqZfimwTDHIJYWA-1729274426-1.0.1.1-q9LsOwuZqzDNxmS05Ae1QrM9Gjg8kcVuFtDEsOYG9qObRUAJf8sxXZ8SKTLCX0IMOWU_RFr3M5uEB4FbSzXGcQ
accounts.bestrates.com/ Name: ni_lp_url
Value: https%3A%2F%2Faccounts.bestrates.com%2Fsavings-and-money-market-accounts
.bestrates.com/ Name: _gcl_au
Value: 1.1.116360056.1729274426
.taboola.com/ Name: t_gid
Value: 96a9a1f6-9e14-498f-a710-a380ba82319e-tucte0c27ba
.taboola.com/ Name: t_pt_gid
Value: 96a9a1f6-9e14-498f-a710-a380ba82319e-tucte0c27ba
.taboola.com/ Name: receive-cookie-deprecation
Value: 1
.bestrates.com/ Name: _uetsid
Value: da9121408d7a11efb881615574c09516
.bestrates.com/ Name: _uetvid
Value: da9139008d7a11ef9131c990a9081162
.bing.com/ Name: MUID
Value: 051B1A74DD17642B107A0F68DC656567
.bat.bing.com/ Name: MR
Value: 0
www.nextinsure.com/ Name: uid
Value: d145fbcf70c0598de8d39b9cae82660c
accounts.bestrates.com/ Name: dicbo_id
Value: %7B%22dicbo_fetch%22%3A1729274426608%7D
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.doubleclick.net/ Name: APC
Value: AfxxVi44VVVbZ416ju2vn0AfoxjeVer_7ZZ23pCheUETT4FHbGAokQ
.doubleclick.net/ Name: IDE
Value: AHWqTUkkWzHcNmG8D0UJkgI9eh8Wtyagj6w8uFpvlyUCEimkV4sJzLXS9zkQ-AKolDI

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.bestrates.com
ad.doubleclick.net
ajax.googleapis.com
amplify.outbrain.com
bat.bing.com
cdn.jsdelivr.net
cdn.nextinsure.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
static.cloudflareinsights.com
td.doubleclick.net
tr.outbrain.com
trc.taboola.com
wave.outbrain.com
www.google.com
www.googletagmanager.com
www.nextinsure.com
accounts.bestrates.com
104.18.36.214
209.85.144.148
23.55.205.76
2606:4700:4400::ac40:99d2
2606:4700::6810:4f49
2607:f8b0:4004:c0b::5f
2607:f8b0:400d:c0b::5e
2607:f8b0:400d:c0b::93
2607:f8b0:400d:c0d::61
2607:f8b0:400d:c0e::5f
2607:f8b0:400d:c0e::9b
2607:f8b0:400d:c1d::9b
2620:1ec:33::10
2a04:4e42:200::300
2a04:4e42:400::485
70.42.32.159
096ce10d291b4db53e1301f3a8891e427274707817f551080e335ae4a7c102f0
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1287b4c6427119cabf899a5ea898f81e831a2742614813a3302f671690b399c2
1afa90c2187dd7bd9ee7dd1454d114723af56b8bd99bec24f25c809655248ae3
1b66f0c1dd44cb2a20a05f83b2d256c99abe23f0a40908550382c149fa019e5f
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
20eb33f50879ae2701bb633a4fb0cb465a486c120c66e9a0c8be7c78fb9b44ff
229da6a94b00e61915267cd9baefe74dfa5ea45fbc9ee8a1e8eb49fb937fabf3
26053b9c33a6fd794f9dfef5ff2f91f15d29b6fe1e97468d601254f9bcd6405b
27bb3ffecdefcef2ca4d5a171de8321a8c9d100d14c0dba286723c6143b95d33
30ae7993d0450c74428086b6c954d75d47e7b5a1514316b11d32bbabd99373b5
332bb1f9170df5a66bbd26409c839f29ff9d093c152fe14edd9e4213090fe9fb
3939c6ade6dfd5c5113df683a065295d9e19704a469805d572ea4923637f4581
3f4237ebaa83bba947a269821b7789968d07d945591b18a95cda9ad6bec7f0c8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4f903f1793079be07d532933c8d9ff3e54f153ea993d1e22712de93656b91c81
50ad02064041e5a7014ce01ce02a6f03493cc304bcfd1aeede3623fec35ec714
54973f7bbb6641fbd60efa3375ad8bf54cb57199caf74cb684750bd8f61e69d8
55940aebfb92d6b34636e41c2f8ca1523bd3461ffd29576e0ca59aba0884c492
58261720e5758b8cacc47277665cabd7cf4ae471dfae9d334a8926245a83d298
58fb6f60872f1d6b4ce9e97b3928bdce223d7e9a799794d2ae51fb5cc3cbe32e
5f50b412a99d1ad4e34c80f4e4529ec7b8cbe371d5d01492ae9fcfc3c9d4b1fb
6745ec73d464d8a53f4e584c475295aaa46979661d10a05e3d0b83fd47dd1f62
6a6ffc132e28f0d816668bcdeba9d2a9a29cb016be74672875e5a329dce4d69e
6b03f3b1bd6d87e7faad1461dd226399e3b16df180ab1693864a35435dff047f
6bed91fd20d0f8abbd9918cb133b519941cea2100879e63d38062288e67ed5de
6c5b89a9f0ccebdd1ae19d9ff42734fc31e69b4bba65004175167506300e8f0f
6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552
6f9dddb63471d51abd7cf3cdf75c3e4b3e8beb21b53c22cda24dae68eeeea6ae
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
7930faed30f9e60c8cdc2ecbbf1937f6e066d85c190789edfb3568a79dfb190e
7949dad26f487ff438b4d0821d847fbda17d6a9a64a95d699d6b828ad279a806
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
7f47f02c93d5de5de03db0ebffa39fe1060767437b086996e295c9818a05b2f2
882d6315675b65f23d7fc7803709f49eeb557b358ee32db86fbe20b194651e72
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8bbc0a7737643dd7c2344ba961592632153cb5353c92c5127339627e14b09143
93db6ff0af01c1416a4cf5643fa970e6facf75aa2c38a66404085039c2314e33
964dfe7c512a6166c71c6c9791d84a9ce38c192f66e596dbc507114024a5c431
9a6f482b7d25e088cd8e9074acd3e2fdc60c81f196f36b093f9bf02f6214675a
9f5da34f9af883822335cae8d65129b525249727f2f6d2277af00c28b520fee2
a3c74dfc01dd427038aa0152dfca701d84e0ef8b2ecdfaea0188e7dd74854981
a45d6368b8fecd9267c5206e2a1127c617f510dcf5bda82a953c6aae46f2b2fb
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
acb20a3284613939e681daf4652d2f259cceb47cf7101e152166181995082d47
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
af7396be1c33641da57f6670206e277963187b29ea1a30dc32389c88ddd9b1cf
b361f7a81d21a5766dfdf1d6472f638e73df16137ad6f94a855fadaaaac2df20
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b6e14d449ee936e544e763b13c61f25feef2e39d2aecc43ac9757721235d533c
b7f9e0de8a252c0ba2a415661a042d0e92c4ef6b8836947652aa5e41a38a0180
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bd55a6c45dad14f56dc7d0e16c5a0ffe193c174d1f81e7f8a126957b9cb504aa
c808eb309896b3ee2905b329d6eab4e4f7375961e03a490443a32d566a5bcdb3
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d1cb5510a9472d5a75f36b81eab2129c49e28788494bfab18da049270aeef6c9
d406438f765ce96245ba1fe9c92a01e05f465df406ffed6d6d4e09cf3c71c287
d503ccd31454135c2c0a661185f66622a263fb88875513b9ddaacfa5ffeb24ac
d595bf0f233a104e317b70c24b7bdd79b647591b414a2753ac310646951cba2a
d6779aadd03ff0da77f3f52ce85c7c59f471a2adbdff02ae4977e86bd43a7645
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
db51dd1ca5d2bf657f3c4ebcd1bd00ac6c485abf9a9d9bdf32f451db73b0abab
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f18d8d8b74192206718fb83b63bfb6ff7b40aa36ef96cfdafd60944b21150cc3
f2d9cd75c14f31ed384db34183dda9a1cb1302df05b9789f97a2aa09e23aabed
f3412b8c5cf77bac478079e46548d2b58cabd7bfac5a282d780a3555c6f248e6
f9c951acb6cff94e407fb1139c21bb1a8c986a0deed771be0f96d6794d353914
fa023eec1dca02880b3d392bb45cade3aaca67c36c5183eb53d6da7705bb87cc
fae9285252d41944165bb2d1c16a0c56a409cda79460077b5485ca4f90313bec
fd7931c36437d5a9f863f1bf645d50e10259f0115dd7839ca269062c163e898d