app.lifeinsurance.net Open in urlscan Pro
100.26.124.138 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.purportedlypreparing.com/nagged-Lottie/17a5S2q395F8I6r13U2151Y3Y4731F19etbxGafhbrgIHbrEGsi8zROnKdSo7OrDr10s5C@ih@
Effective URL:
https://app.lifeinsurance.net/
Submission: On August 13 via manual (August 13th 2019, 3:26:12 am UTC) from IN

Summary HTTP 70 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 24 IPs in 8 countries across 30 domains to perform 70 HTTP transactions. The main IP is 100.26.124.138, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is app.lifeinsurance.net.
TLS certificate: Issued by Amazon on December 18th 2018. Valid for: a year.

This is the only time app.lifeinsurance.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:30:... 2606:4700:30::6818:7840	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 3	23.95.199.211 23.95.199.211	36352 (AS-COLOCR...) (AS-COLOCROSSING - ColoCrossing)
1	100.26.124.138 100.26.124.138	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
12	54.230.95.247 54.230.95.247	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a00:1450:400... 2a00:1450:4001:825::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2606:4700::68... 2606:4700::6813:c397	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	54.230.95.149 54.230.95.149	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2600:9000:200... 2600:9000:200c:9a00:14:6bfc:5740:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	2a00:1450:400... 2a00:1450:4001:815::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2606:4700:10:... 2606:4700:10::6814:4a82	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
7	169.48.197.124 169.48.197.124	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
1	2600:9000:200... 2600:9000:200c:2a00:1:1faa:9040:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	52.218.253.88 52.218.253.88	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	2a00:1450:400... 2a00:1450:4001:825::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a03:2880:f00... 2a03:2880:f006:21:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	2a00:1288:f03... 2a00:1288:f03d:1fa::2000	10310 (YAHOO-1) (YAHOO-1 - Oath Holdings Inc.)
1	2a02:26f0:6c0... 2a02:26f0:6c00:19c::63cc	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	151.101.114.2 151.101.114.2	54113 (FASTLY) (FASTLY - Fastly)
1	2620:1ec:bdf::10 2620:1ec:bdf::10	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
2	199.68.195.199 199.68.195.199	19626 (EVC-AS) (EVC-AS - QuoVadis Services Limited)
1 1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:4001:81f::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	34.238.10.193 34.238.10.193	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2	2a03:2880:f10... 2a03:2880:f106:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	23.97.254.205 23.97.254.205	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
70	24

1 2606:4700:30::6818:7840 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.purportedlypreparing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.95.199.211 (Buffalo, United States) 1 redirects

ASN36352 (AS-COLOCROSSING - ColoCrossing, US)
PTR: 23-95-199-211-host.colocrossing.com

crossmelody.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 100.26.124.138 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-100-26-124-138.compute-1.amazonaws.com

app.lifeinsurance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 54.230.95.247 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-95-247.fra2.r.cloudfront.net

cdn.assurance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:c397 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.95.149 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-95-149.fra2.r.cloudfront.net

js.honeybadger.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:200c:9a00:14:6bfc:5740:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

cdn.ywxi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:815::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:4a82 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 169.48.197.124 (Netherlands)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 7c.c5.30a9.ip4.static.sl-reverse.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:200c:2a00:1:1faa:9040:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

d2ysjycjrua9tt.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.218.253.88 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f006:21:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:f03d:1fa::2000 (United Kingdom)

ASN10310 (YAHOO-1 - Oath Holdings Inc., US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:19c::63cc (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:bdf::10 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

na5.cdn.thunderhead.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.68.195.199 (Bermuda)

ASN19626 (EVC-AS - QuoVadis Services Limited, BM)

c1.ox-bio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.238.10.193 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-238-10-193.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f106:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.97.254.205 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

na5.thunderhead.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	assurance.com cdn.assurance.com	210 KB
7	trustedform.com api.trustedform.com	23 KB
4	gstatic.com fonts.gstatic.com	53 KB
4	googletagmanager.com www.googletagmanager.com	27 KB
3	crossmelody.com 1 redirects crossmelody.com	5 KB
2	facebook.com www.facebook.com	511 B
2	ox-bio.com c1.ox-bio.com	21 KB
2	thunderhead.com na5.cdn.thunderhead.com na5.thunderhead.com	27 KB
2	taboola.com cdn.taboola.com trc.taboola.com	19 KB
2	yimg.com s.yimg.com	6 KB
2	facebook.net connect.facebook.net	33 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	amazonaws.com s3-us-west-2.amazonaws.com	2 KB
2	ywxi.net cdn.ywxi.net	37 KB
2	cloudflare.com cdnjs.cloudflare.com	82 KB
2	googleapis.com fonts.googleapis.com	1 KB
1	leadid.com create.leadid.com	850 B
1	google.de www.google.de	109 B
1	google.com 1 redirects www.google.com	187 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net	165 B
1	liadm.com b-code.liadm.com i.liadm.com Failed c.liadm.com Failed	36 KB
1	cloudfront.net d2ysjycjrua9tt.cloudfront.net d2m2wsoho8qq12.cloudfront.net Failed	575 B
1	lidstatic.com create.lidstatic.com	39 KB
1	honeybadger.io js.honeybadger.io	4 KB
1	lifeinsurance.net app.lifeinsurance.net	5 KB
1	purportedlypreparing.com 1 redirects www.purportedlypreparing.com	479 B
0	outbrain.com Failed amplify.outbrain.com Failed
0	krxd.net Failed cdn.krxd.net Failed
0	amazon-adsystem.com Failed s.amazon-adsystem.com Failed
0	steelhousemedia.com Failed dx.steelhousemedia.com Failed
70	30

	Domain	Requested by
12	cdn.assurance.com	app.lifeinsurance.net
7	api.trustedform.com	cdn.assurance.com api.trustedform.com
4	fonts.gstatic.com	app.lifeinsurance.net
4	www.googletagmanager.com	cdn.assurance.com app.lifeinsurance.net
3	crossmelody.com	1 redirects crossmelody.com
2	www.facebook.com	app.lifeinsurance.net
2	c1.ox-bio.com	www.googletagmanager.com app.lifeinsurance.net
2	s.yimg.com	crossmelody.com s.yimg.com
2	connect.facebook.net	crossmelody.com connect.facebook.net
2	www.google-analytics.com	1 redirects www.googletagmanager.com
2	s3-us-west-2.amazonaws.com	cdn.ywxi.net
2	cdn.ywxi.net	app.lifeinsurance.net cdn.ywxi.net
2	cdnjs.cloudflare.com	app.lifeinsurance.net
2	fonts.googleapis.com	app.lifeinsurance.net
1	trc.taboola.com	cdn.taboola.com
1	na5.thunderhead.com	na5.cdn.thunderhead.com
1	create.leadid.com	create.lidstatic.com
1	www.google.de	app.lifeinsurance.net
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	na5.cdn.thunderhead.com	crossmelody.com
1	cdn.taboola.com	crossmelody.com
1	b-code.liadm.com	www.googletagmanager.com
1	d2ysjycjrua9tt.cloudfront.net	app.lifeinsurance.net
1	create.lidstatic.com	cdn.assurance.com
1	js.honeybadger.io	app.lifeinsurance.net
1	app.lifeinsurance.net	crossmelody.com
1	www.purportedlypreparing.com	1 redirects
0	d2m2wsoho8qq12.cloudfront.net Failed	create.lidstatic.com
0	c.liadm.com Failed	app.lifeinsurance.net
0	i.liadm.com Failed	b-code.liadm.com
0	amplify.outbrain.com Failed	crossmelody.com
0	cdn.krxd.net Failed	crossmelody.com
0	s.amazon-adsystem.com Failed	crossmelody.com app.lifeinsurance.net
0	dx.steelhousemedia.com Failed	crossmelody.com
70	35

This site contains links to these domains. Also see Links.

Domain
healthcare.gov

Subject Issuer	Validity	Valid
	`1970-01-01` - `1970-01-01`	a few seconds	crt.sh
*.lifeinsurance.net Amazon	`2018-12-18` - `2020-01-18`	a year	crt.sh
*.assurance.com Amazon	`2019-01-08` - `2020-02-08`	a year	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-07-29` - `2019-10-21`	3 months	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-10` - `2020-02-16`	6 months	crt.sh
*.honeybadger.io COMODO RSA Domain Validation Secure Server CA	`2017-06-07` - `2020-07-14`	3 years	crt.sh
*.ywxi.net Amazon	`2018-09-14` - `2019-10-14`	a year	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-07-29` - `2019-10-21`	3 months	crt.sh
*.google.com Google Internet Authority G3	`2019-07-29` - `2019-10-21`	3 months	crt.sh
lidstatic.com CloudFlare Inc ECC CA-2	`2019-07-02` - `2020-07-01`	a year	crt.sh
*.trustedform.com Go Daddy Secure Certificate Authority - G2	`2019-01-04` - `2020-03-05`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2018-10-08` - `2019-10-09`	a year	crt.sh
*.s3-us-west-2.amazonaws.com DigiCert Baltimore CA-2 G2	`2018-11-08` - `2019-11-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-06-06` - `2019-09-04`	3 months	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2019-08-08` - `2019-09-22`	a month	crt.sh
b-code.liadm.com DigiCert SHA2 Secure Server CA	`2019-05-17` - `2020-08-15`	a year	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-07-30` - `2020-07-25`	a year	crt.sh
*.cdn.thunderhead.com DigiCert SHA2 High Assurance Server CA	`2018-10-25` - `2019-09-19`	a year	crt.sh
ox-bio.com QuoVadis Global SSL ICA G2	`2017-08-01` - `2020-08-01`	3 years	crt.sh
www.google.de Google Internet Authority G3	`2019-07-29` - `2019-10-21`	3 months	crt.sh
create.leadid.com Amazon	`2019-01-16` - `2020-02-16`	a year	crt.sh
*.thunderhead.com DigiCert SHA2 High Assurance Server CA	`2016-10-21` - `2019-10-30`	3 years	crt.sh

This page contains 4 frames:

Primary Page: https://app.lifeinsurance.net/
Frame ID: 0EE8D4D35838B4BB14CD594DA073E353
Requests: 67 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D526a12a2-f822-63e2-94eb-1bd395356f0f%26type%3D45%26m%3D1&ex-fch=416613&ex-src=https://www.lifeinsurance.net&ex-hargs=v%3D1.0%3Bc%3D4565912920301%3Bp%3D526A12A2-F822-63E2-94EB-1BD395356F0F&cb=537017391196255200
Frame ID: B75221F267218F79614A7A23922E9450
Requests: 1 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-00wv?s=&cim=&ps=true&ls=false&duid=a-00wv--cc9e229e-9534-44c2-a25c-7a2095e41949&domainSessionId=&ppid=0&euns=0&ci=0&version=sc-2.2.2&nosync=true&
Frame ID: F17AFE92F26C14A343668A58BEF7BF1D
Requests: 1 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=2757CCAE-E2E4-AF6E-9F4D-31751101236D&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.5.2&lck=CF934278-B099-EB50-BF86-105A165FCB4E&lac=8AA3F211-CA81-3833-51B1-095D2985DA90
Frame ID: AA0A37C9692CC8BB3A2CE75D6E27AC20
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.purportedlypreparing.com/nagged-Lottie/17a5S2q395F8I6r13U2151Y3Y4731F19etbxGafhbrgIHbrEGsi8zROnKdSo7O... HTTP 302
http://crossmelody.com/clicks?cid=23881&pub=201465&sid1=&sid2=&sid3=&sid4= HTTP 301
http://crossmelody.com/clicks/?cid=23881&pub=201465&sid1=&sid2=&sid3=&sid4= Page URL
https://app.lifeinsurance.net/ Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /php\/?([\d.]+)?/i

Ruby (Programming Languages) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

CentOS (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /CentOS/i

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

70
Requests

79 %
HTTPS

62 %
IPv6

30
Domains

35
Subdomains

24
IPs

8
Countries

649 kB
Transfer

1324 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://healthcare.gov/
Title: healthcare.gov

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.purportedlypreparing.com/nagged-Lottie/17a5S2q395F8I6r13U2151Y3Y4731F19etbxGafhbrgIHbrEGsi8zROnKdSo7OrDr10s5C@ih@ HTTP 302
http://crossmelody.com/clicks?cid=23881&pub=201465&sid1=&sid2=&sid3=&sid4= HTTP 301
http://crossmelody.com/clicks/?cid=23881&pub=201465&sid1=&sid2=&sid3=&sid4= Page URL
https://app.lifeinsurance.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.purportedlypreparing.com/nagged-Lottie/17a5S2q395F8I6r13U2151Y3Y4731F19etbxGafhbrgIHbrEGsi8zROnKdSo7OrDr10s5C@ih@ HTTP 302
http://crossmelody.com/clicks?cid=23881&pub=201465&sid1=&sid2=&sid3=&sid4= HTTP 301
http://crossmelody.com/clicks/?cid=23881&pub=201465&sid1=&sid2=&sid3=&sid4=

Request Chain 45

https://www.google-analytics.com/r/collect?v=1&_v=j78&a=1039003864&t=pageview&_s=1&dl=https%3A%2F%2Fapp.lifeinsurance.net%2F&dr=http%3A%2F%2Fcrossmelody.com%2Fclicks%2F%3Fcid%3D23881%26pub%3D201465%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&dp=%2F&ul=en-us&de=UTF-8&dt=Lifeinsurance.net%20%7C%20All%20of%20Your%20Insurance%20in%20One%20Place&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAAAB~&jid=1049902081&gjid=882283887&cid=1390426351.1565666763&tid=UA-73253617-5&_gid=54322467.1565666763&_r=1&gtm=2wg7v2PVQZQBQ&z=1091970029 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-73253617-5&cid=1390426351.1565666763&jid=1049902081&_gid=54322467.1565666763&gjid=882283887&_v=j78&z=1091970029 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73253617-5&cid=1390426351.1565666763&jid=1049902081&_v=j78&z=1091970029 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73253617-5&cid=1390426351.1565666763&jid=1049902081&_v=j78&z=1091970029&slf_rd=1&random=3013476324

70 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
crossmelody.com/clicks/
Redirect Chain

http://www.purportedlypreparing.com/nagged-Lottie/17a5S2q395F8I6r13U2151Y3Y4731F19etbxGafhbrgIHbrEGsi8zROnKdSo7OrDr10s5C@ih@
http://crossmelody.com/clicks?cid=23881&pub=201465&sid1=&sid2=&sid3=&sid4=
http://crossmelody.com/clicks/?cid=23881&pub=201465&sid1=&sid2=&sid3=&sid4=

4 KB
4 KB

126ms
125ms

Document
text/html

23.95.199.211
ColoCrossing

General

Check archive.org

Show headers Download Go to

Full URL: http://crossmelody.com/clicks/?cid=23881&pub=201465&sid1=&sid2=&sid3=&sid4=
Protocol: HTTP/1.1
Server: 23.95.199.211 Buffalo, United States, ASN36352 (AS-COLOCROSSING - ColoCrossing, US),
Reverse DNS: 23-95-199-211-host.colocrossing.com
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 / PHP/5.4.16
Resource Hash: b8c6eca61538841fc1bb9ad98ff5659e04cd14f3e2e7390c37c6c26e98380792

Request headers

Host: crossmelody.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 13 Aug 2019 03:25:57 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By: PHP/5.4.16
Content-Length: 4162
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Tue, 13 Aug 2019 03:25:57 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
Location: http://crossmelody.com/clicks/?cid=23881&pub=201465&sid1=&sid2=&sid3=&sid4=
Content-Length: 303
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

POST
H/1.1 200
OK index.php
crossmelody.com/ 116 B
356 B 479ms
478ms XHR
text/html 23.95.199.211
ColoCrossing

General

Check archive.org

Show headers Download Go to

Full URL: http://crossmelody.com/index.php
Requested by: Host: crossmelody.com
URL: http://crossmelody.com/clicks/?cid=23881&pub=201465&sid1=&sid2=&sid3=&sid4=
Protocol: HTTP/1.1
Security: , ,
Server: 23.95.199.211 Buffalo, United States, ASN36352 (AS-COLOCROSSING - ColoCrossing, US),
Reverse DNS: 23-95-199-211-host.colocrossing.com
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 / PHP/5.4.16
Resource Hash

Request headers

Referer: http://crossmelody.com/clicks/?cid=23881&pub=201465&sid1=&sid2=&sid3=&sid4=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Tue, 13 Aug 2019 03:25:57 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
Connection: Keep-Alive
X-Powered-By: PHP/5.4.16
Content-Length: 116
Keep-Alive: timeout=5, max=98
Content-Type: text/html; charset=UTF-8

GET
H2 200 Primary Request / Show response
app.lifeinsurance.net/ 11 KB
5 KB 408ms
124ms Document
text/html 100.26.124.138
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://app.lifeinsurance.net/

Requested by

Host: crossmelody.com
URL: http://crossmelody.com/clicks/?cid=23881&pub=201465&sid1=&sid2=&sid3=&sid4=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

100.26.124.138 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-100-26-124-138.compute-1.amazonaws.com

Software

Resource Hash

cb9eaeb2adaffbe4521224ddfe2b21fb6573d4350edaf3ea112c044b359feaf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: app.lifeinsurance.net
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://crossmelody.com/clicks/?cid=23881&pub=201465&sid1=&sid2=&sid3=&sid4=
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: http://crossmelody.com/clicks/?cid=23881&pub=201465&sid1=&sid2=&sid3=&sid4=

Response headers

status: 200
date: Tue, 13 Aug 2019 03:25:58 GMT
content-type: text/html; charset=utf-8
x-frame-options: ALLOWALL
assur-appversion: 1.0.964
etag: W/"cb9eaeb2adaffbe4521224ddfe2b21fb"
cache-control: max-age=0, private, must-revalidate
set-cookie: _insurance_session=18e3e9d18dd052b1b3b6aef8bd5aa358; path=/; secure; HttpOnly
x-request-id: 439343d2-c2bd-47d6-b88c-2e62ca8b3ef1
x-runtime: 0.018267
vary: Origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: same-origin
content-encoding: gzip

GET
H/1.1 200
OK home-2bbf7bde8e4ccebaaa95dedc9d43aff8ecfdef6ab3dcf12b119a4900cd97b13f.css
cdn.assurance.com/insurance/public/assets/ 133 KB
24 KB 3114ms
26ms Stylesheet
text/css 54.230.95.247
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/home-2bbf7bde8e4ccebaaa95dedc9d43aff8ecfdef6ab3dcf12b119a4900cd97b13f.css
Requested by: Host: app.lifeinsurance.net
URL: https://app.lifeinsurance.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.230.95.247 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-95-247.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c1335238d00aa95341b6ec5a15c6b43a44c802afe1ed97dd713043311e7d21c7

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 12 Aug 2019 23:50:23 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Aug 2019 23:22:28 GMT
Server: AmazonS3
Age: 12939
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:80c60811-e2e2-4995-a83d-4f0fff7678db
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 35df23774438ec8a6c97dd0fb08fcb73.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA2
X-Amz-Cf-Id: _ZYlsWGvnzWfFuxOsyoWZj-Bac5VIynWOmxkKHDol30ZpG0RxlA8GA==

GET
H2 200 css
fonts.googleapis.com/ 6 KB
624 B 20ms
17ms Stylesheet
text/css 2a00:1450:4001:825::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather:400,700,900

Requested by

Host: app.lifeinsurance.net
URL: https://app.lifeinsurance.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

3bbe7803a8febce34a5636801c69b5ac2ca4f8e1819a512744d5aec2862ccf28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 13 Aug 2019 03:25:58 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Tue, 13 Aug 2019 03:25:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection: 0
expires: Tue, 13 Aug 2019 03:25:58 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
502 B 19ms
16ms Stylesheet
text/css 2a00:1450:4001:825::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,900

Requested by

Host: app.lifeinsurance.net
URL: https://app.lifeinsurance.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

5eecac60daf67e9978b368ef66fe2b25e1f0a61da04d77ee55905ac53d1a1cf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 13 Aug 2019 03:25:58 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Tue, 13 Aug 2019 03:25:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection: 0
expires: Tue, 13 Aug 2019 03:25:58 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
7 KB 16ms
14ms Stylesheet
text/css 2606:4700::6813:c397
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: app.lifeinsurance.net
URL: https://app.lifeinsurance.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c397 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 13 Aug 2019 03:25:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 10300700
status: 200
served-in-seconds: 0.016
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:19:53 GMT
server: cloudflare
etag: W/"5afd4939-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 505795b76933c2ef-FRA
expires: Sun, 02 Aug 2020 03:25:58 GMT

GET
H/1.1 200
OK browser-notifier-96e2879f524104c1f3ec9ebd581656d685526af8a7a93b2bbe5f0d21dcc9c42e.css
cdn.assurance.com/insurance/public/assets/ 798 B
1 KB 3109ms
23ms Stylesheet
text/css 54.230.95.247
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/browser-notifier-96e2879f524104c1f3ec9ebd581656d685526af8a7a93b2bbe5f0d21dcc9c42e.css
Requested by: Host: app.lifeinsurance.net
URL: https://app.lifeinsurance.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.230.95.247 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-95-247.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 96e2879f524104c1f3ec9ebd581656d685526af8a7a93b2bbe5f0d21dcc9c42e

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 12 Aug 2019 23:50:23 GMT
Via: 1.1 0316586b8fd7e325258707448d98d7cd.cloudfront.net (CloudFront)
Last-Modified: Mon, 12 Aug 2019 23:41:58 GMT
Server: AmazonS3
Age: 12939
ETag: "0e5f984e7f32620ffc8904c6b40b1288"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:b9ee32d0-ff75-4319-939b-31e82c656eb0
X-Cache: Hit from cloudfront
Content-Type: text/css
Connection: keep-alive
X-Amz-Cf-Pop: FRA2
Accept-Ranges: bytes
Content-Length: 798
X-Amz-Cf-Id: XpgkKhYbnw9u9eMiwBkgT7xBDntPnbyQqLGKXrDWCEdbxLdmw5njog==

GET
H/1.1 200
OK honeybadger.min.js Show response
js.honeybadger.io/v0.4/ 7 KB
4 KB 4837ms
23ms Script
application/x-javascript 54.230.95.149
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://js.honeybadger.io/v0.4/honeybadger.min.js
Requested by: Host: app.lifeinsurance.net
URL: https://app.lifeinsurance.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.230.95.149 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-95-149.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a5a03ffb74678bd02d15096bdb6d36f08338cde8f8f51d7fa8c2cc3df9e6f4e5

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: oVQfnkFyjGraPKHgRCAgdUvTx_OvZVYJ
Content-Encoding: gzip
Last-Modified: Wed, 19 Jul 2017 17:08:27 GMT
Server: AmazonS3
Age: 41791
Date: Mon, 12 Aug 2019 19:57:32 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 6e761598d9637d0090f3661d0d27be14.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA2
X-Amz-Cf-Id: cR3hRxacYbjgWguTgN5ZDHUr2j0dTdOBeFPZb-fFIuUDxIQb2cyAZQ==

GET
H/1.1 200
OK honeybadger-62400bc84c0bbc6c3d92853f1dc29871b5f5b247b2cf4ca92bbe9cb496ba2c60.js Show response
cdn.assurance.com/insurance/public/assets/install/ 2 KB
3 KB 3156ms
43ms Script
application/x-javascript 54.230.95.247
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/install/honeybadger-62400bc84c0bbc6c3d92853f1dc29871b5f5b247b2cf4ca92bbe9cb496ba2c60.js
Requested by: Host: app.lifeinsurance.net
URL: https://app.lifeinsurance.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.230.95.247 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-95-247.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 62400bc84c0bbc6c3d92853f1dc29871b5f5b247b2cf4ca92bbe9cb496ba2c60

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 12 Aug 2019 18:05:28 GMT
Via: 1.1 0316586b8fd7e325258707448d98d7cd.cloudfront.net (CloudFront)
Last-Modified: Mon, 12 Aug 2019 17:37:31 GMT
Server: AmazonS3
Age: 33634
ETag: "7f187c244324fce013a103f9e8426f46"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:597c036d-8460-4010-8d7e-e5a807aab4b2
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA2
Accept-Ranges: bytes
Content-Length: 2071
X-Amz-Cf-Id: KAJErFfwZqOx2hDn1MgP7aSxd7ZrPbsyCn5vyyro6AzY9k_U_BsZ4A==

GET
H/1.1 200
OK utility-c3c0f5a1e3c2f4e7471c3cf34ce7b3f10540750c3b05fdb5b1576d5be1f9170b.js Show response
cdn.assurance.com/insurance/public/assets/customer/ 5 KB
6 KB 3185ms
26ms Script
application/x-javascript 54.230.95.247
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/customer/utility-c3c0f5a1e3c2f4e7471c3cf34ce7b3f10540750c3b05fdb5b1576d5be1f9170b.js
Requested by: Host: app.lifeinsurance.net
URL: https://app.lifeinsurance.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.230.95.247 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-95-247.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c3c0f5a1e3c2f4e7471c3cf34ce7b3f10540750c3b05fdb5b1576d5be1f9170b

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 12 Aug 2019 18:05:28 GMT
Via: 1.1 35df23774438ec8a6c97dd0fb08fcb73.cloudfront.net (CloudFront)
Last-Modified: Mon, 12 Aug 2019 17:37:58 GMT
Server: AmazonS3
Age: 33634
ETag: "693ba158e729fb0410a75efaa38f9fe7"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:597c036d-8460-4010-8d7e-e5a807aab4b2
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA2
Accept-Ranges: bytes
Content-Length: 5485
X-Amz-Cf-Id: dirLeycXEkOMDo36P_pio3Z1ykDnWPZ5B5-y6t2QvOFVE05oC73Ctg==

GET
H/1.1 200
OK gtm-7c7f70f57e19f37ca0ba828fa6215001063ff07fb00a8bf50069ac99473b0a69.js Show response
cdn.assurance.com/insurance/public/assets/install/lifeinsurance/ 331 B
930 B 3183ms
23ms Script
application/x-javascript 54.230.95.247
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/install/lifeinsurance/gtm-7c7f70f57e19f37ca0ba828fa6215001063ff07fb00a8bf50069ac99473b0a69.js
Requested by: Host: app.lifeinsurance.net
URL: https://app.lifeinsurance.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.230.95.247 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-95-247.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7c7f70f57e19f37ca0ba828fa6215001063ff07fb00a8bf50069ac99473b0a69

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 12 Aug 2019 18:05:36 GMT
Via: 1.1 0316586b8fd7e325258707448d98d7cd.cloudfront.net (CloudFront)
Last-Modified: Mon, 12 Aug 2019 17:37:50 GMT
Server: AmazonS3
Age: 33626
ETag: "9da0f09204a45c5f96989c36cb86cc44"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:597c036d-8460-4010-8d7e-e5a807aab4b2
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA2
Accept-Ranges: bytes
Content-Length: 331
X-Amz-Cf-Id: tjG9SseORz3CWEkX28ElNQiP8cGUCanC0zyN56lg_OA1kw-7GUuoQA==

GET
H/1.1 200
OK lifeinsurance-6eb8e4e56ac835e35770db07a9194052f2493791a252822e80d1fe11703d0e23.png
cdn.assurance.com/insurance/public/assets/logos/ 11 KB
11 KB 3214ms
25ms Image
image/png 54.230.95.247
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.assurance.com/insurance/public/assets/logos/lifeinsurance-6eb8e4e56ac835e35770db07a9194052f2493791a252822e80d1fe11703d0e23.png
Requested by: Host: app.lifeinsurance.net
URL: https://app.lifeinsurance.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.230.95.247 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-95-247.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6eb8e4e56ac835e35770db07a9194052f2493791a252822e80d1fe11703d0e23

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 12 Aug 2019 23:50:26 GMT
Via: 1.1 0316586b8fd7e325258707448d98d7cd.cloudfront.net (CloudFront)
Last-Modified: Mon, 12 Aug 2019 23:41:56 GMT
Server: AmazonS3
Age: 12936
ETag: "d7530065d7b68d2f7abf18d13d6174d0"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:b9ee32d0-ff75-4319-939b-31e82c656eb0
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: FRA2
Accept-Ranges: bytes
Content-Length: 10801
X-Amz-Cf-Id: slbdgOEPqWx14RyLUh7zZNzgg_A-hHtewZ8ZN_OodYPLZfOkK14GCA==

GET
H/1.1 200
OK icon_life-a8f1b691ce12ecea58bdc55430897e5c9d9d07a45bdf14390aaaf4555e0d4a51.svg
cdn.assurance.com/insurance/public/assets/icons/ 745 B
1 KB 103ms
23ms Image
image/svg+xml 54.230.95.247
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.assurance.com/insurance/public/assets/icons/icon_life-a8f1b691ce12ecea58bdc55430897e5c9d9d07a45bdf14390aaaf4555e0d4a51.svg
Requested by: Host: app.lifeinsurance.net
URL: https://app.lifeinsurance.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.230.95.247 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-95-247.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a8f1b691ce12ecea58bdc55430897e5c9d9d07a45bdf14390aaaf4555e0d4a51

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 12 Aug 2019 23:50:26 GMT
Via: 1.1 35df23774438ec8a6c97dd0fb08fcb73.cloudfront.net (CloudFront)
Last-Modified: Mon, 12 Aug 2019 23:42:05 GMT
Server: AmazonS3
Age: 12936
ETag: "cf6e9cefab5ab4c5f8541d9516950e69"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:b9ee32d0-ff75-4319-939b-31e82c656eb0
X-Cache: Hit from cloudfront
Content-Type: image/svg+xml
Connection: keep-alive
X-Amz-Cf-Pop: FRA2
Accept-Ranges: bytes
Content-Length: 745
X-Amz-Cf-Id: gCj2gFHGrQeHnCeZKRwbOmjxzenNPMIzG8Z21r9Iytj9npZJXkT87w==

GET
H/1.1 200
OK icon_health-6bcd4fcf22ced2f329b4e22fe27b23294d942418a6a00e5f15d822b00c485fe4.svg
cdn.assurance.com/insurance/public/assets/icons/ 623 B
1 KB 23ms
23ms Image
image/svg+xml 54.230.95.247
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.assurance.com/insurance/public/assets/icons/icon_health-6bcd4fcf22ced2f329b4e22fe27b23294d942418a6a00e5f15d822b00c485fe4.svg
Requested by: Host: app.lifeinsurance.net
URL: https://app.lifeinsurance.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.230.95.247 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-95-247.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6bcd4fcf22ced2f329b4e22fe27b23294d942418a6a00e5f15d822b00c485fe4

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 12 Aug 2019 23:50:26 GMT
Via: 1.1 0316586b8fd7e325258707448d98d7cd.cloudfront.net (CloudFront)
Last-Modified: Mon, 12 Aug 2019 23:42:02 GMT
Server: AmazonS3
Age: 12936
ETag: "b45ed90118878d98566abf3ab845bbf6"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:b9ee32d0-ff75-4319-939b-31e82c656eb0
X-Cache: Hit from cloudfront
Content-Type: image/svg+xml
Connection: keep-alive
X-Amz-Cf-Pop: FRA2
Accept-Ranges: bytes
Content-Length: 623
X-Amz-Cf-Id: yER13J-6D5i6NgnsB90SZM_4B07r01FKoh0DRvN1n8TdKo7gTH8q_A==

GET
H/1.1 200
OK bbb-logo-246e878a2429720cd8ee6c3446d30c82ec5b5c39a7c32cab999e7c5b109939ce.svg
cdn.assurance.com/insurance/public/assets/icons/ 9 KB
10 KB 28ms
28ms Image
image/svg+xml 54.230.95.247
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.assurance.com/insurance/public/assets/icons/bbb-logo-246e878a2429720cd8ee6c3446d30c82ec5b5c39a7c32cab999e7c5b109939ce.svg
Requested by: Host: app.lifeinsurance.net
URL: https://app.lifeinsurance.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.230.95.247 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-95-247.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 246e878a2429720cd8ee6c3446d30c82ec5b5c39a7c32cab999e7c5b109939ce

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 12 Aug 2019 18:16:22 GMT
Via: 1.1 0316586b8fd7e325258707448d98d7cd.cloudfront.net (CloudFront)
Last-Modified: Mon, 12 Aug 2019 17:38:03 GMT
Server: AmazonS3
Age: 32979
ETag: "56f7fd133b2e8b85f2b37d874078ec61"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:597c036d-8460-4010-8d7e-e5a807aab4b2
X-Cache: Hit from cloudfront
Content-Type: image/svg+xml
Connection: keep-alive
X-Amz-Cf-Pop: FRA2
Accept-Ranges: bytes
Content-Length: 9668
X-Amz-Cf-Id: ivyx6OYDzrEohJhF9VY3S9GD6k-VwEBavFFyxRgeIaPDMPVlBDTeqw==

GET
H2 200 1.js Show response
cdn.ywxi.net/js/ 12 KB
4 KB 28ms
6ms Script
text/javascript 2600:9000:200c:9a00:14:6bfc:5740:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ywxi.net/js/1.js

Requested by

Host: app.lifeinsurance.net
URL: https://app.lifeinsurance.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:200c:9a00:14:6bfc:5740:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

8df064dcd8eb35db1551d1c4b2e8850ba9e51b81321f5951d6bd31a2bdf4373c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 13 Aug 2019 02:38:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
age: 2830
status: 200
x-cache: Hit from cloudfront
content-type: text/javascript; charset=UTF-8
via: 1.1 28edd995979e84232ebdb595b33d9deb.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2
content-length: 3579
x-xss-protection: 1; mode=block
x-amz-cf-id: CTzQxUD6_GH0aBbIX0TUgOK1Eqc6qr_DvKRdPdQrNAJaFb8iZWUUZw==
expires: Tue, 13 Aug 2019 03:38:51 GMT

GET
H/1.1 200
OK leadid-fc8ec001faf2a4299e345bfe462404de9efca8ddca4b663821b8f65865f4dc9b.js Show response
cdn.assurance.com/insurance/public/assets/ 294 B
893 B 23ms
22ms Script
application/x-javascript 54.230.95.247
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/leadid-fc8ec001faf2a4299e345bfe462404de9efca8ddca4b663821b8f65865f4dc9b.js
Requested by: Host: app.lifeinsurance.net
URL: https://app.lifeinsurance.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.230.95.247 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-95-247.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fc8ec001faf2a4299e345bfe462404de9efca8ddca4b663821b8f65865f4dc9b

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 12 Aug 2019 18:05:31 GMT
Via: 1.1 0316586b8fd7e325258707448d98d7cd.cloudfront.net (CloudFront)
Last-Modified: Mon, 12 Aug 2019 17:37:56 GMT
Server: AmazonS3
Age: 33631
ETag: "4eaa75c84ccb4b4dabef51d291650dcf"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:495edc04-5536-4f78-9bdb-9c880e3b51c6
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA2
Accept-Ranges: bytes
Content-Length: 294
X-Amz-Cf-Id: gGL_jy-f5jEz9-xc4uTUlQPs9qr2SIpOiamhF4_ibK6lN0yoOUyvgA==

GET
H/1.1 200
OK trustedForm-351e617fe9eba5db39ecdff23a83d6dc680e286691aa48fad095225902d3238d.js Show response
cdn.assurance.com/insurance/public/assets/ 412 B
1011 B 23ms
22ms Script
application/x-javascript 54.230.95.247
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/trustedForm-351e617fe9eba5db39ecdff23a83d6dc680e286691aa48fad095225902d3238d.js
Requested by: Host: app.lifeinsurance.net
URL: https://app.lifeinsurance.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.230.95.247 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-95-247.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 351e617fe9eba5db39ecdff23a83d6dc680e286691aa48fad095225902d3238d

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 12 Aug 2019 18:05:33 GMT
Via: 1.1 0316586b8fd7e325258707448d98d7cd.cloudfront.net (CloudFront)
Last-Modified: Mon, 12 Aug 2019 17:38:08 GMT
Server: AmazonS3
Age: 33629
ETag: "fc7eb0ec8d79420f602f398e9138e868"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:597c036d-8460-4010-8d7e-e5a807aab4b2
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA2
Accept-Ranges: bytes
Content-Length: 412
X-Amz-Cf-Id: wgTYlWCiH2YVjjh-L7iyDcEWykx4rwST5C9ZrbOpGU8vaeuJrtS24A==

GET
H/1.1 200
OK home-3245d56a22ccd358181c0569816ffd98d51c3562be68e4350e82f2298808ac55.js Show response
cdn.assurance.com/insurance/public/assets/ 150 KB
150 KB 26ms
25ms Script
application/x-javascript 54.230.95.247
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assurance.com/insurance/public/assets/home-3245d56a22ccd358181c0569816ffd98d51c3562be68e4350e82f2298808ac55.js
Requested by: Host: app.lifeinsurance.net
URL: https://app.lifeinsurance.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.230.95.247 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-95-247.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3245d56a22ccd358181c0569816ffd98d51c3562be68e4350e82f2298808ac55

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 12 Aug 2019 18:05:34 GMT
Via: 1.1 35df23774438ec8a6c97dd0fb08fcb73.cloudfront.net (CloudFront)
Last-Modified: Mon, 12 Aug 2019 17:37:47 GMT
Server: AmazonS3
Age: 33628
ETag: "d32cc2d0ab751c6aea5559256415bf7a"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:231904212587:build/insurance:597c036d-8460-4010-8d7e-e5a807aab4b2
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA2
Accept-Ranges: bytes
Content-Length: 153306
X-Amz-Cf-Id: U3jgilW8H1_XKRYD80n4N6Zp62qR0JuKvd55INPYRi2pSthHpS4Bpg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 90 KB
26 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:815::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PVQZQBQ

Requested by

Host: cdn.assurance.com
URL: https://cdn.assurance.com/insurance/public/assets/install/lifeinsurance/gtm-7c7f70f57e19f37ca0ba828fa6215001063ff07fb00a8bf50069ac99473b0a69.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d260b7cea34f8c626705081c4e45052b12196fb4440914161f8efb926f5c7157

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 13 Aug 2019 03:26:03 GMT
content-encoding: br
last-modified: Tue, 13 Aug 2019 03:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 26933
x-xss-protection: 0
expires: Tue, 13 Aug 2019 03:26:03 GMT

GET
H2 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 34ms
10ms Font
application/octet-stream 2606:4700::6813:c397
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: app.lifeinsurance.net
URL: https://app.lifeinsurance.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c397 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: cors
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://app.lifeinsurance.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 13 Aug 2019 03:26:03 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 10300704
status: 200
content-length: 77160
served-in-seconds: 0.007
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:19:12 GMT
server: cloudflare
etag: "5afd4910-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 505795d5dc95d719-FRA
expires: Sun, 02 Aug 2020 03:26:03 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: app.lifeinsurance.net
URL: https://app.lifeinsurance.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Lato:400,700,900
Origin: https://app.lifeinsurance.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 23 Jul 2019 04:03:13 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:54 GMT
server: sffe
age: 1812170
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 14176
x-xss-protection: 0
expires: Wed, 22 Jul 2020 04:03:13 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6hPvhPQ.woff2
fonts.gstatic.com/s/merriweather/v21/ 12 KB
12 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v21/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6hPvhPQ.woff2

Requested by

Host: app.lifeinsurance.net
URL: https://app.lifeinsurance.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b986fbc59b4f9794ff0d1bd475093053df31b2b79b545daf4125f0abf912716b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Merriweather:400,700,900
Origin: https://app.lifeinsurance.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 22 Jul 2019 19:36:37 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:18:58 GMT
server: sffe
age: 1842566
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 12192
x-xss-protection: 0
expires: Tue, 21 Jul 2020 19:36:37 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: app.lifeinsurance.net
URL: https://app.lifeinsurance.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Lato:400,700,900
Origin: https://app.lifeinsurance.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 12 Aug 2019 17:18:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:55 GMT
server: sffe
age: 36471
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 14044
x-xss-protection: 0
expires: Tue, 11 Aug 2020 17:18:12 GMT

GET
H2 200 jquery-1.12.4.min.js Show response
cdn.ywxi.net/static/jquery/1.12.4/ 95 KB
33 KB 8ms
7ms Script
application/x-javascript 2600:9000:200c:9a00:14:6bfc:5740:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ywxi.net/static/jquery/1.12.4/jquery-1.12.4.min.js?2

Requested by

Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:200c:9a00:14:6bfc:5740:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 12 Aug 2019 23:29:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14206
x-cache: Hit from cloudfront
status: 200
content-length: 33793
x-xss-protection: 1; mode=block
last-modified: Tue, 16 Jan 2018 18:04:33 GMT
server: Apache
etag: "DQa4otN0xdk"
content-type: application/x-javascript; charset=UTF-8
via: 1.1 28edd995979e84232ebdb595b33d9deb.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA2
accept-ranges: bytes
x-amz-cf-id: KDidAqTl9c9lrOcIR6NsQseznHW7xAjnWUKRZLLcJxhGbI2GgCfjbw==
expires: Tue, 13 Aug 2019 23:29:17 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 13 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2

Requested by

Host: app.lifeinsurance.net
URL: https://app.lifeinsurance.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Lato:400,700,900
Origin: https://app.lifeinsurance.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 23 Jul 2019 04:03:14 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:45 GMT
server: sffe
age: 1812169
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 13732
x-xss-protection: 0
expires: Wed, 22 Jul 2020 04:03:14 GMT

GET
H2 200 cf934278-b099-eb50-bf86-105a165fcb4e.js Show response
create.lidstatic.com/campaign/ 122 KB
39 KB 64ms
20ms Script
text/javascript 2606:4700:10::6814:4a82
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/cf934278-b099-eb50-bf86-105a165fcb4e.js?snippet_version=2
Requested by: Host: cdn.assurance.com
URL: https://cdn.assurance.com/insurance/public/assets/leadid-fc8ec001faf2a4299e345bfe462404de9efca8ddca4b663821b8f65865f4dc9b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4a82 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d3af696c2533f25ef034358c8d15cc791fa1539c40058c6bfcef813cbaeda20

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 13 Aug 2019 03:26:03 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1355
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: 72DD6E682092A9E7
x-amz-id-2: 2xfiCvWbwmm42UN2I2OudeBaI79lU+hFC3yTJcs08x3hpqSPaTf9xgH67V6TatKsaplldlXszIo=
last-modified: Wed, 25 Apr 2018 20:36:01 GMT
server: cloudflare
etag: W/"3ea0b096baa971b909a35c48d07c8594"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1800
x-amz-version-id: 9wVYTyhMD0sMyMEprga7nOjqwgqVYS0P
cf-ray: 505795d628f897f6-FRA
expires: Tue, 13 Aug 2019 03:56:03 GMT

GET
H2 200 trustedform.js Show response
api.trustedform.com/ 3 KB
1 KB 436ms
136ms Script
application/javascript 169.48.197.124
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=15656667631860.7311411143720881&invert_field_sensitivity=false

Requested by

Host: cdn.assurance.com
URL: https://cdn.assurance.com/insurance/public/assets/trustedForm-351e617fe9eba5db39ecdff23a83d6dc680e286691aa48fad095225902d3238d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

169.48.197.124 , Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

7c.c5.30a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

31d62e1324894d0ff3ed754e866a3fc755e44053114334b78f35ea2d92d71fe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 13 Aug 2019 03:26:03 GMT
cache-control: max-age=0, private, must-revalidate
server: nginx
content-encoding: gzip
strict-transport-security: max-age=15768000
content-type: application/javascript; charset=utf-8

GET
H2 200 ic_close_black_24dp_2x.png
d2ysjycjrua9tt.cloudfront.net/img/icons/ 235 B
575 B 23ms
7ms Image
image/png 2600:9000:200c:2a00:1:1faa:9040:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2ysjycjrua9tt.cloudfront.net/img/icons/ic_close_black_24dp_2x.png
Requested by: Host: app.lifeinsurance.net
URL: https://app.lifeinsurance.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:2a00:1:1faa:9040:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1121422aa828fb8f2f421b88b5d2437c78e51cd43a338094ec62ada2012887b1

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 05 May 2019 12:55:44 GMT
via: 1.1 7af5638099b4c0c5cbf2f9c79d5100fd.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jan 2019 04:11:22 GMT
server: AmazonS3
age: 18651
etag: "637093407c90164fe23f9a0239638b56"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: 86400
x-amz-cf-pop: FRA2
accept-ranges: bytes
content-length: 235
x-amz-cf-id: 2ohsz3W-10KNbT_p8EumFHIqlCZNLvOL97bNmt5WdsACNO__JEjnCw==

GET
H/1.1 403
Forbidden client.json Show response
s3-us-west-2.amazonaws.com/mfesecure-public/host/app.lifeinsurance.net/ 243 B
826 B 697ms
176ms XHR
application/xml 52.218.253.88
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/mfesecure-public/host/app.lifeinsurance.net/client.json?source=jsmain
Requested by: Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/static/jquery/1.12.4/jquery-1.12.4.min.js?2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.253.88 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: bf7809e8e25328472d278215503325a2a569be3f117d17390e9f6cc9b5266cfe

Request headers

Accept: application/json, text/javascript, */*; q=0.01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Tue, 13 Aug 2019 03:26:02 GMT
Server: AmazonS3
x-amz-request-id: 3F942B691D45D835
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/xml
Access-Control-Allow-Origin: https://app.lifeinsurance.net
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 60
Transfer-Encoding: chunked
x-amz-id-2: bAad2nXYDIoPVB7amz0Y/xNhgXEJj3hCk6RcdLVVJdbitnBgTIE4wFSA9ZHrUVIX/8rc/JNKoyo=

GET
H/1.1 403
Forbidden client.json Show response
s3-us-west-2.amazonaws.com/mfesecure-public/host/app.lifeinsurance.net/ 243 B
826 B 869ms
176ms XHR
application/xml 52.218.253.88
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/mfesecure-public/host/app.lifeinsurance.net/client.json?source=jsmain
Requested by: Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/static/jquery/1.12.4/jquery-1.12.4.min.js?2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.253.88 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 19b291790544de16f034793ea1af6d9ab4fc16692bc08e3b75901a012937aa0f

Request headers

Accept: application/json, text/javascript, */*; q=0.01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Tue, 13 Aug 2019 03:26:03 GMT
Server: AmazonS3
x-amz-request-id: 430D93FCD8ECA66E
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/xml
Access-Control-Allow-Origin: https://app.lifeinsurance.net
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 60
Transfer-Encoding: chunked
x-amz-id-2: sw9vrY5JL0vdZy5ajgGyKTWh4eUd5eZ96ENvzMiCqbDxgiRCgo9TIk2qvq6tfeXDAlnI42SIoHo=

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVQZQBQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

cec3748d0c3da4700300d5424aaea375b03550b0ee8b3dd38e242c4022261446

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 29 Jul 2019 21:35:27 GMT
server: Golfe2
age: 472
date: Tue, 13 Aug 2019 03:18:11 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17724
expires: Tue, 13 Aug 2019 05:18:11 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 85 KB
22 KB 35ms
12ms Script
application/x-javascript 2a03:2880:f006:21:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: crossmelody.com
URL: http://crossmelody.com/clicks/?cid=23881&pub=201465&sid1=&sid2=&sid3=&sid4=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f006:21:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

c7ffb5c7a2fcc93bf5553df1f27de7c5b2dbd4affcb74fd0bef82371e4e22caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fb-trip-id: 194532234
pragma: private
x-fb-debug: k7zDg8dAvdF9aTYz5opwzxJhWzUUHwSThlyqN/umHIuMphabCgDWxpW0ZdraosHzScS5Uy57wiMfC+RtL2Pnkw==
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: DENY
date: Tue, 13 Aug 2019 03:26:03 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
status: 200
cache-control: private
vary: Accept-Encoding
content-length: 22680
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 18 KB
5 KB 42ms
15ms Script
application/javascript 2a00:1288:f03d:1fa::2000
Oath Holdings Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: crossmelody.com
URL: http://crossmelody.com/clicks/?cid=23881&pub=201465&sid1=&sid2=&sid3=&sid4=

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),

Reverse DNS

Software

ATS /

Resource Hash

97fd47b2a2bc905922463b3ba0b0d726eaf214cd02540466cebc102a32348e98

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 13 Aug 2019 03:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1481
x-amz-server-side-encryption: AES256
status: 200
vary: Origin, Accept-Encoding
x-amz-request-id: AF7279475B761B53
x-amz-id-2: XiqvxN6v243Y5QcGxToGVJ0WMTb6eH38NeHT/5xGiQzNxrM/7MYUAqOBB8OXefxMQpw109hmhJw=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Fri, 28 Aug 2020 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Wed, 24 Jul 2019 11:33:24 GMT
server: ATS
etag: "f0737c96607a897bd5c4b86e364b3e28-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-version-id: O__PgtPqBm2npiKf3ZYV0ppfblQUYlnj
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 a-00wv.min.js Show response
b-code.liadm.com/ 106 KB
36 KB 215ms
202ms Script
application/javascript 2a02:26f0:6c00:19c::63cc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-00wv.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVQZQBQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:19c::63cc , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: d16f2113b69d9eef34c248c440c78c94be9950442900cb3d8aed78be2752112b

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 13 Aug 2019 03:26:03 GMT
content-encoding: gzip
last-modified: Tue, 23 Jul 2019 09:35:12 GMT
etag: "f13a78228cceeb59197e89f6155c8627"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
content-length: 36216

GET spx
dx.steelhousemedia.com/ 0
0

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1069983/ 52 KB
18 KB 1271ms
216ms Script
application/javascript 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1069983/tfa.js
Requested by: Host: crossmelody.com
URL: http://crossmelody.com/clicks/?cid=23881&pub=201465&sid1=&sid2=&sid3=&sid4=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 519ee11f881ccbc802f7eb156c92f44f62f67d9c73184dbc1ebf456814f74ebf

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: EorBP_tnECpVrl59i1SJBnehICB.8Iw_
content-encoding: gzip
etag: "3884861bb62fa67c300375513b014f23"
age: 0
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 18239
x-amz-id-2: hD2ZOGn2CiuoRReqmmXfHrB7igRXS5TxsPoaz2aAfcPEqsEZZOgCwXLO3BzMBx90f5r8Dwuy6MI=
x-served-by: cache-hhn4033-HHN
last-modified: Mon, 12 Aug 2019 14:40:02 GMT
server: AmazonS3
x-timer: S1565666764.307443,VS0,VE191
date: Tue, 13 Aug 2019 03:26:04 GMT
vary: Accept-Encoding
x-amz-request-id: 89A9B1E8AD047EE0
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 15
x-cache-hits: 1

GET iu3
s.amazon-adsystem.com/ Frame B752 0
0

GET t2d2k7619.js
cdn.krxd.net/controltag/ 0
0

GET
H2 200 one-tag.js Show response
na5.cdn.thunderhead.com/one/rt/js/ 85 KB
27 KB 676ms
554ms Script
text/javascript 2620:1ec:bdf::10
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://na5.cdn.thunderhead.com/one/rt/js/one-tag.js?siteKey=ONE-QJJVTVNQNN-2522

Requested by

Host: crossmelody.com
URL: http://crossmelody.com/clicks/?cid=23881&pub=201465&sid1=&sid2=&sid3=&sid4=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Resource Hash

6afe06ce88b927163790138f2746fdc4e268ec563ca5967f991f8da10e4479bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
content-encoding: gzip
x-azure-ref-originshield: 0yy1SXQAAAAC0ZFFHOfbnQqfgOnubH4j2QU1TRURHRTA0MTUAMzg5ZjM1OTMtMWU5ZC00NjBhLTljMGUtMWQwOTU5NDg4YTE2
x-one-req-metric: 1565666763674;0;2
etag: "ONE-QJJVTVNQNN-2522-null-1521427951"
vary: Accept-Encoding
x-cache: TCP_MISS
content-type: text/javascript
status: 200
cache-control: no-transform, max-age=1200
date: Tue, 13 Aug 2019 03:26:03 GMT
x-azure-ref: 0yy1SXQAAAAC6hcizJeNGR5RZUFVskLIKVklFRURHRTAyMTYAMzg5ZjM1OTMtMWU5ZC00NjBhLTljMGUtMWQwOTU5NDg4YTE2
content-length: 26903

GET obtp.js
amplify.outbrain.com/cp/ 0
0

GET iui3
s.amazon-adsystem.com/ 0
0

GET
H2 200 t0 Show response
c1.ox-bio.com/ 21 KB
21 KB 3653ms
238ms Script
application/javascript 199.68.195.199
QuoVadis Services...

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.ox-bio.com/t0?oxtrk=141&oxhrt=fb47614a-b32a-ac49-f027-0b0a982cd7df&oxuid=ASS0001&cid1=undefined&cid2=undefined&cid3=undefined
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVQZQBQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 199.68.195.199 , Bermuda, ASN19626 (EVC-AS - QuoVadis Services Limited, BM),
Reverse DNS
Software: /
Resource Hash: e55b261029c47ec9da3a77edf26599b7aeb6db5853b8f57b72815d752e26b6ce

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 13 Aug 2019 03:26:06 GMT
cache-control: no-cache, must-revalidate
expires: Tue, 25 Dec 2018 14:00:00 GMT
content-type: application/javascript

GET
H2 204 a
www.googletagmanager.com/ 0
130 B 14ms
14ms Image
image/gif 2a00:1450:4001:815::2008
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-PVQZQBQ&cv=57&v=3&t=t&pid=1967860321&rv=7v2&es=1&e=gtm.js&eid=0&tc=59&tr=1ua.1hl.1hl.1hl.1hl.1hl.1hl.1hl.1hl.1hl.1hl.1hl.1hl.1hl.1hl.1hl.1hl.1hl.1hl.1hl.1hl.1hl.1hl.1html.5html.1html.5html.1html.1html.5html.1html.5html.1html.5html.1html.5html.1html.5html.1html.5html.1html.5html&z=0

Requested by

Host: app.lifeinsurance.net
URL: https://app.lifeinsurance.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2019 03:26:03 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
status: 204
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 a
www.googletagmanager.com/ 0
56 B 14ms
14ms Image
image/gif 2a00:1450:4001:815::2008
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-PVQZQBQ&cv=57&v=3&t=t&pid=1967860321&rv=7v2&es=1&e=gtm.dom&eid=2&tc=59&tr=1html&z=0

Requested by

Host: app.lifeinsurance.net
URL: https://app.lifeinsurance.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2019 03:26:03 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
status: 204
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j78&a=1039003864&t=pageview&_s=1&dl=https%3A%2F%2Fapp.lifeinsurance.net%2F&dr=http%3A%2F%2Fcrossmelody.com%2Fclicks%2F%3Fcid%3D23881%26pub%3D201465...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-73253617-5&cid=1390426351.1565666763&jid=1049902081&_gid=54322467.1565666763&gjid=882283887&_v=j78&z=1091970029
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73253617-5&cid=1390426351.1565666763&jid=1049902081&_v=j78&z=1091970029
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73253617-5&cid=1390426351.1565666763&jid=1049902081&_v=j78&z=1091970029&slf_rd=1&random=3013476324

42 B
109 B

18ms
17ms

Image
image/gif

2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73253617-5&cid=1390426351.1565666763&jid=1049902081&_v=j78&z=1091970029&slf_rd=1&random=3013476324

Requested by

Host: app.lifeinsurance.net
URL: https://app.lifeinsurance.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2019 03:26:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 13 Aug 2019 03:26:03 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73253617-5&cid=1390426351.1565666763&jid=1049902081&_v=j78&z=1091970029&slf_rd=1&random=3013476324
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK GenerateToken Show response
create.leadid.com/2.5.2/ 36 B
850 B 2422ms
139ms XHR
text/plain 34.238.10.193
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.5.2/GenerateToken?msn=1&pid=2441337d-5c05-43bf-b0cf-7c7ac287f024&_=423243346
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cf934278-b099-eb50-bf86-105a165fcb4e.js?snippet_version=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.10.193 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-238-10-193.compute-1.amazonaws.com
Software: nginx/1.10.1 / PHP/7.1.30
Resource Hash: 523c2ab17046b7b5dfc6efd5a7806daec49bfdcb55ac6a97d515893dfc092122

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Tue, 13 Aug 2019 03:26:05 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
X-Powered-By: PHP/7.1.30
Access-Control-Max-Age: 1728000
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 56
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 1142711882428866 Show response
connect.facebook.net/signals/config/ 33 KB
10 KB 59ms
59ms Script
application/x-javascript 2a03:2880:f006:21:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1142711882428866?v=2.9.2&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f006:21:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

3fc1f00b400046a6e4d17af4ddd88132891d49a0bfb75489bd4d4a249efc09fb

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-xss-protection: 0
pragma: public
x-fb-debug: /nwa65wDyn0ilyAfi0UQEglI+u4qsCbDB3iu0T1E6Z6bO50owTkMgrQk9m+DN3r/aaNTRC8bW1e7V5tdQvqc5Q==
x-fb-trip-id: 194532234
x-frame-options: DENY
date: Tue, 13 Aug 2019 03:26:03 GMT
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 10033302.json Show response
s.yimg.com/wi/config/ 2 B
481 B 477ms
445ms XHR
application/json 2a00:1288:f03d:1fa::2000
Oath Holdings Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10033302.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 13 Aug 2019 03:26:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
status: 200
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: A2B41312985C4528
x-amz-id-2: GwSdslObfr5kblMZr6z7uqt5ZpXOAjak7XpIBzd+sQ994ULf68ZpzXfqggpLwMoXqM+aOlyi6gE=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600

GET
H2 200 /
www.facebook.com/tr/ 44 B
200 B 12ms
12ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1142711882428866&ev=PageView&dl=https%3A%2F%2Fapp.lifeinsurance.net%2F&rl=http%3A%2F%2Fcrossmelody.com%2Fclicks%2F%3Fcid%3D23881%26pub%3D201465%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&if=false&ts=1565666763348&sw=1600&sh=1200&v=2.9.2&r=stable&ec=0&o=28&fbp=fb.1.1565666763348.501525610&it=1565666763284&coo=false&rqm=GET

Requested by

Host: app.lifeinsurance.net
URL: https://app.lifeinsurance.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 13 Aug 2019 03:26:03 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Tue, 13 Aug 2019 03:26:03 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
311 B 12ms
12ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1142711882428866&ev=Fragment&dl=https%3A%2F%2Fapp.lifeinsurance.net%2F&rl=http%3A%2F%2Fcrossmelody.com%2Fclicks%2F%3Fcid%3D23881%26pub%3D201465%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&if=false&ts=1565666763349&cd[page]=%2F&sw=1600&sh=1200&v=2.9.2&r=stable&ec=1&o=28&fbp=fb.1.1565666763348.501525610&it=1565666763284&coo=false&rqm=GET

Requested by

Host: app.lifeinsurance.net
URL: https://app.lifeinsurance.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 13 Aug 2019 03:26:03 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Tue, 13 Aug 2019 03:26:03 GMT

GET a-00wv
i.liadm.com/s/c/ Frame F17A 0
0

GET i
c.liadm.com/ 0
0

GET
H2 200 t.js Show response
api.trustedform.com/2f96e50116bef1be914251ef68dfa54c6a55c455/ 56 KB
20 KB 143ms
143ms Script
application/javascript 169.48.197.124
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.trustedform.com/2f96e50116bef1be914251ef68dfa54c6a55c455/t.js?lo=https%3A%2F%2Fapp.lifeinsurance.net%2F&l=15656667631860.7311411143720881&f=false&n=dc3109f5a947152ba7969dd9e85e36aacc0f204d&cs=g3QAAAACZAABdGJdUi3LZAABdnQAAAAEbQAAAAVmaWVsZG0AAAAUeHhUcnVzdGVkRm9ybUNlcnRVcmxtAAAAGGludmVydF9maWVsZF9zZW5zaXRpdml0eWQABWZhbHNlbQAAAAFsbQAAAB8xNTY1NjY2NzYzMTg2MC43MzExNDExMTQzNzIwODgxbQAAABBwcm92aWRlX3JlZmVycmVyZAAFZmFsc2U%3D&csh=O%2FvKNO9teS1FpaegGa4ty75ucrh2APM8qA8UtpQU8YE%3D

Requested by

Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=15656667631860.7311411143720881&invert_field_sensitivity=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

169.48.197.124 , Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

7c.c5.30a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

d084eaaa40196be9bac561e110706a67a2577c891753aa352ecd57354f261b34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 13 Aug 2019 03:26:03 GMT
cache-control: max-age=0, private, must-revalidate
server: nginx
content-encoding: gzip
strict-transport-security: max-age=15768000
content-type: application/javascript; charset=utf-8

GET
H/1.1 200 / Show response
na5.thunderhead.com/one/rt/web/onetag/ONE-QJJVTVNQNN-2522/ 205 B
491 B 401ms
320ms Script
application/javascript 23.97.254.205
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://na5.thunderhead.com/one/rt/web/onetag/ONE-QJJVTVNQNN-2522/?pv=&tid=&flash=true&uri=https%3A%2F%2Fapp.lifeinsurance.net%2F&_1565666763933&callback=THX_1565666763933_76

Requested by

Host: na5.cdn.thunderhead.com
URL: https://na5.cdn.thunderhead.com/one/rt/js/one-tag.js?siteKey=ONE-QJJVTVNQNN-2522

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.97.254.205 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Resource Hash

7d64b0455fa83a520a331605f47ac061107e2429000ed25db4f66d2a77df32d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 13 Aug 2019 03:26:03 GMT
content-encoding: gzip
x-one-req-metric: 1565666764249;0;2
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-store
transfer-encoding: chunked
strict-transport-security: max-age=15768000

POST
H2 200 h Show response
api.trustedform.com/2f96e50116bef1be914251ef68dfa54c6a55c455/ 0
262 B 1550ms
274ms XHR
text/html 169.48.197.124
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.trustedform.com/2f96e50116bef1be914251ef68dfa54c6a55c455/h?n=350a90c12f16ec880122a7a22a025063035d2588&l=15656667631860.7311411143720881&a=1&ce=z&t=cors

Requested by

Host: api.trustedform.com
URL: https://api.trustedform.com/2f96e50116bef1be914251ef68dfa54c6a55c455/t.js?lo=https%3A%2F%2Fapp.lifeinsurance.net%2F&l=15656667631860.7311411143720881&f=false&n=dc3109f5a947152ba7969dd9e85e36aacc0f204d&cs=g3QAAAACZAABdGJdUi3LZAABdnQAAAAEbQAAAAVmaWVsZG0AAAAUeHhUcnVzdGVkRm9ybUNlcnRVcmxtAAAAGGludmVydF9maWVsZF9zZW5zaXRpdml0eWQABWZhbHNlbQAAAAFsbQAAAB8xNTY1NjY2NzYzMTg2MC43MzExNDExMTQzNzIwODgxbQAAABBwcm92aWRlX3JlZmVycmVyZAAFZmFsc2U%3D&csh=O%2FvKNO9teS1FpaegGa4ty75ucrh2APM8qA8UtpQU8YE%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

169.48.197.124 , Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

7c.c5.30a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Aug 2019 03:26:05 GMT
server: nginx
status: 200
access-control-max-age: 1728000
access-control-allow-methods: POST
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=15768000
access-control-allow-headers: Content-Type,Content-Length,X-Requested-With
content-length: 0

POST
H2 200 f Show response
api.trustedform.com/2f96e50116bef1be914251ef68dfa54c6a55c455/ 0
263 B 1411ms
136ms XHR
text/html 169.48.197.124
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.trustedform.com/2f96e50116bef1be914251ef68dfa54c6a55c455/f?l=15656667631860.7311411143720881&n=04a458917ce56b5c8c0d983beafb943c82be4a80&rn=0&a=1&t=cors

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

169.48.197.124 , Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

7c.c5.30a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Aug 2019 03:26:05 GMT
server: nginx
status: 200
access-control-max-age: 1728000
access-control-allow-methods: POST
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=15768000
access-control-allow-headers: Content-Type,Content-Length,X-Requested-With
content-length: 0

POST
H2 200 md Show response
api.trustedform.com/2f96e50116bef1be914251ef68dfa54c6a55c455/ 0
262 B 1524ms
271ms XHR
text/html 169.48.197.124
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.trustedform.com/2f96e50116bef1be914251ef68dfa54c6a55c455/md?a=1&t=cors

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

169.48.197.124 , Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

7c.c5.30a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Aug 2019 03:26:05 GMT
server: nginx
status: 200
access-control-max-age: 1728000
access-control-allow-methods: POST
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=15768000
access-control-allow-headers: Content-Type,Content-Length,X-Requested-With
content-length: 0

GET
H2 204 unip Show response
trc.taboola.com/1069983/log/3/ 0
490 B 34ms
32ms XHR
image/gif 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1069983/log/3/unip?en=page_view&item-url=https%3A%2F%2Fapp.lifeinsurance.net%2F&tim=1565666764543&ref=http%3A%2F%2Fcrossmelody.com%2Fclicks%2F%3Fcid%3D23881%26pub%3D201465%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1069983/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2019 03:26:04 GMT
via: 1.1 varnish
server: nginx
x-timer: S1565666765.555016,VS0,VE8
x-served-by: cache-hhn4033-HHN
status: 204
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://app.lifeinsurance.net
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

POST
H2 200 e Show response
api.trustedform.com/2f96e50116bef1be914251ef68dfa54c6a55c455/ 0
262 B 799ms
273ms XHR
text/html 169.48.197.124
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.trustedform.com/2f96e50116bef1be914251ef68dfa54c6a55c455/e?cs=g2JdUi3L&csh=nA38qQBnPvyy%252BZTTvRJCie7zUi7lFo189VCKbBW7JCI%253D&a=1&t=cors

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

169.48.197.124 , Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

7c.c5.30a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Aug 2019 03:26:05 GMT
server: nginx
status: 200
access-control-max-age: 1728000
access-control-allow-methods: POST
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=15768000
access-control-allow-headers: Content-Type,Content-Length,X-Requested-With
content-length: 0

POST GenerateToken
create.leadid.com/2.5.2/ 0
0

GET iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame AA0A 0
0

POST SaveDom
create.leadid.com/2.5.2/ 0
0

POST InitFormData
create.leadid.com/2.5.2/ 0
0

POST Snap
create.leadid.com/2.5.2/ 0
0

POST
H2 200 e Show response
api.trustedform.com/2f96e50116bef1be914251ef68dfa54c6a55c455/ 0
262 B 136ms
136ms XHR
text/html 169.48.197.124
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.trustedform.com/2f96e50116bef1be914251ef68dfa54c6a55c455/e?cs=g2JdUi3L&csh=nA38qQBnPvyy%252BZTTvRJCie7zUi7lFo189VCKbBW7JCI%253D&a=1&t=cors

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

169.48.197.124 , Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

7c.c5.30a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Aug 2019 03:26:06 GMT
server: nginx
status: 200
access-control-max-age: 1728000
access-control-allow-methods: POST
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=15768000
access-control-allow-headers: Content-Type,Content-Length,X-Requested-With
content-length: 0

GET
H2 200 /
c1.ox-bio.com/t04/ 43 B
99 B 120ms
120ms Image
image/gif 199.68.195.199
QuoVadis Services...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c1.ox-bio.com/t04/?v=254124638669815170&oxtrk=141&zk=16404d80-bd7a-11e9-9df3-005056ac3fef&zl=6034&ts0=1565666767025&zm=0
Requested by: Host: app.lifeinsurance.net
URL: https://app.lifeinsurance.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 199.68.195.199 , Bermuda, ASN19626 (EVC-AS - QuoVadis Services Limited, BM),
Reverse DNS
Software: /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 13 Aug 2019 03:26:07 GMT
content-length: 43
content-type: image/gif

GET
H2 204 a
www.googletagmanager.com/ 0
56 B 14ms
14ms Image
image/gif 2a00:1450:4001:815::2008
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-PVQZQBQ&cv=57&v=3&t=t&pid=1967860321&rv=7v2&e=gtm.dom&eid=2&u=C&tc=59&tr=5hl.5hl.5hl.5hl.5hl.5hl.5hl.5hl.5hl.5hl.5hl.5hl.5hl.5hl.5hl.5hl.5hl.5hl.5hl.5hl.5hl.5hl.5ua.5html.5html&z=0

Requested by

Host: app.lifeinsurance.net
URL: https://app.lifeinsurance.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2019 03:26:07 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
status: 204
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST Snap
create.leadid.com/2.5.2/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dx.steelhousemedia.com
URL: https://dx.steelhousemedia.com/spx?dxver=4.0.0&shaid=22823&tdr=http%3A%2F%2Fcrossmelody.com%2Fclicks%2F%3Fcid%3D23881%26pub%3D201465%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&plh=https%3A%2F%2Fapp.lifeinsurance.net%2F&cb=79150580991291400

Domain: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D526a12a2-f822-63e2-94eb-1bd395356f0f%26type%3D45%26m%3D1&ex-fch=416613&ex-src=https://www.lifeinsurance.net&ex-hargs=v%3D1.0%3Bc%3D4565912920301%3Bp%3D526A12A2-F822-63E2-94EB-1BD395356F0F&cb=537017391196255200

Domain: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/t2d2k7619.js

Domain: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Domain: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D696c1601-f277-8bf6-8b38-866eed3833a8%26type%3D4%26m%3D1&ex-fch=416613&ex-src=https://lifeinsurance.net/&ex-hargs=v%3D1.0%3Bc%3D7715990030901%3Bp%3D696C1601-F277-8BF6-8B38-866EED3833A8

Domain: i.liadm.com
URL: https://i.liadm.com/s/c/a-00wv?s=&cim=&ps=true&ls=false&duid=a-00wv--cc9e229e-9534-44c2-a25c-7a2095e41949&domainSessionId=&ppid=0&euns=0&ci=0&version=sc-2.2.2&nosync=true&

Domain: c.liadm.com
URL: https://c.liadm.com/i?stm=1565666763509&e=ue&ue_px=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy91bnN0cnVjdF9ldmVudC9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9hcHBsaWNhdGlvbl9lcnJvci9qc29uc2NoZW1hLzEtMC0xIiwiZGF0YSI6eyJwcm9ncmFtbWluZ0xhbmd1YWdlIjoiSkFWQVNDUklQVCIsIm1lc3NhZ2UiOiJGYWlsIHRvIHN5bmMgQ29va2llcyB0byBMb2NhbCBzdG9yYWdlIiwic3RhY2tUcmFjZSI6IkVycm9yOiBMb2NhbFN0b3JhZ2UgaXMgbm90IGF2YWlsYWJsZVxuICAgIGF0IE9iamVjdC5vIFthcyB0cmFja2VyQ29va2llc1N5bmNdIChodHRwczovL2ItY29kZS5saWFkbS5jb20vYS0wMHd2Lm1pbi5qczozOjgyMjEpXG4gICAgYXQgZSAoaHR0cHM6Ly9iLWNvZGUubGlhZG0uY29tL2EtMDB3di5taW4uanM6NToyMDUzOClcbiAgICBhdCBPYmplY3QuPGFub255bW91cz4gKGh0dHBzOi8vYi1jb2RlLmxpYWRtLmNvbS9hLTAwd3YubWluLmpzOjU6MjEwNTMpXG4gICAgYXQgT2JqZWN0LmYgW2FzIHB1c2hdIChodHRwczovL2ItY29kZS5saWFkbS5jb20vYS0wMHd2Lm1pbi5qczo0OjIzMDIpXG4gICAgYXQgT2JqZWN0LmluaXRpYWxpc2UgKGh0dHBzOi8vYi1jb2RlLmxpYWRtLmNvbS9hLTAwd3YubWluLmpzOjU6MjA0OTYpXG4gICAgYXQgT2JqZWN0LjEuLi9zcmMvbGliL2V2ZW50cy1wdXNoZXIgKGh0dHBzOi8vYi1jb2RlLmxpYWRtLmNvbS9hLTAwd3YubWluLmpzOjM6ODE4KVxuICAgIGF0IG8gKGh0dHBzOi8vYi1jb2RlLmxpYWRtLmNvbS9hLTAwd3YubWluLmpzOjM6MjY0KVxuICAgIGF0IGUgKGh0dHBzOi8vYi1jb2RlLmxpYWRtLmNvbS9hLTAwd3YubWluLmpzOjM6NDMwKVxuICAgIGF0IGh0dHBzOi8vYi1jb2RlLmxpYWRtLmNvbS9hLTAwd3YubWluLmpzOjM6NDU4IiwibGluZU51bWJlciI6bnVsbCwibGluZUNvbHVtbiI6bnVsbCwiZmlsZU5hbWUiOm51bGx9fX0&tv=js-adv-5.1.1-sp-2.9.2&tna=litra&aid=a-00wv&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&eid=4ec5a518-586e-425c-88d1-8abbdd818adb&dtm=1565666763507&vp=1600x1200&ds=1585x1954&vid=1&sid=cd8b07fd-0f40-4b46-9771-ce46361205b9&duid=a-00wv--cc9e229e-9534-44c2-a25c-7a2095e41949&refr=http%3A%2F%2Fcrossmelody.com%2Fclicks%2F%3Fcid%3D23881%26pub%3D201465%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&url=https%3A%2F%2Fapp.lifeinsurance.net%2F&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20uZ29vZ2xlLmFuYWx5dGljcy9jb29raWVzL2pzb25zY2hlbWEvMS0wLTAiLCJkYXRhIjp7Il9nYSI6IkdBMS4zLjEzOTA0MjYzNTEuMTU2NTY2Njc2MyJ9fV19

Domain: create.leadid.com
URL: https://create.leadid.com/2.5.2/GenerateToken?msn=1&pid=2441337d-5c05-43bf-b0cf-7c7ac287f024&_=423243347

Domain: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=2757CCAE-E2E4-AF6E-9F4D-31751101236D&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.5.2&lck=CF934278-B099-EB50-BF86-105A165FCB4E&lac=8AA3F211-CA81-3833-51B1-095D2985DA90

Domain: create.leadid.com
URL: https://create.leadid.com/2.5.2/SaveDom?msn=2&pid=2441337d-5c05-43bf-b0cf-7c7ac287f024&token=2757CCAE-E2E4-AF6E-9F4D-31751101236D&_=423243348

Domain: create.leadid.com
URL: https://create.leadid.com/2.5.2/InitFormData?msn=3&pid=2441337d-5c05-43bf-b0cf-7c7ac287f024&token=2757CCAE-E2E4-AF6E-9F4D-31751101236D&_=423243349

Domain: create.leadid.com
URL: https://create.leadid.com/2.5.2/Snap?msn=4&pid=2441337d-5c05-43bf-b0cf-7c7ac287f024&token=2757CCAE-E2E4-AF6E-9F4D-31751101236D&_=423243350

Domain: create.leadid.com
URL: https://create.leadid.com/2.5.2/Snap?msn=5&pid=2441337d-5c05-43bf-b0cf-7c7ac287f024&token=2757CCAE-E2E4-AF6E-9F4D-31751101236D&_=423243351

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://na5.cdn.thunderhead.com/one/rt/js/one-tag.js?siteKey=ONE-QJJVTVNQNN-2522(Line 1) Message: ONE - TID not found:
console-api	warning	URL: https://na5.cdn.thunderhead.com/one/rt/js/one-tag.js?siteKey=ONE-QJJVTVNQNN-2522(Line 1) Message: No points of type [Optimization Point] to inject.
console-api	warning	URL: https://na5.cdn.thunderhead.com/one/rt/js/one-tag.js?siteKey=ONE-QJJVTVNQNN-2522(Line 1) Message: No points of type [Capture Point] to inject.
console-api	warning	URL: https://na5.cdn.thunderhead.com/one/rt/js/one-tag.js?siteKey=ONE-QJJVTVNQNN-2522(Line 1) Message: No points of type [Tracking Point] to inject.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amplify.outbrain.com
api.trustedform.com
app.lifeinsurance.net
b-code.liadm.com
c.liadm.com
c1.ox-bio.com
cdn.assurance.com
cdn.krxd.net
cdn.taboola.com
cdn.ywxi.net
cdnjs.cloudflare.com
connect.facebook.net
create.leadid.com
create.lidstatic.com
crossmelody.com
d2m2wsoho8qq12.cloudfront.net
d2ysjycjrua9tt.cloudfront.net
dx.steelhousemedia.com
fonts.googleapis.com
fonts.gstatic.com
i.liadm.com
js.honeybadger.io
na5.cdn.thunderhead.com
na5.thunderhead.com
s.amazon-adsystem.com
s.yimg.com
s3-us-west-2.amazonaws.com
stats.g.doubleclick.net
trc.taboola.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.purportedlypreparing.com
amplify.outbrain.com
c.liadm.com
cdn.krxd.net
create.leadid.com
d2m2wsoho8qq12.cloudfront.net
dx.steelhousemedia.com
i.liadm.com
s.amazon-adsystem.com
100.26.124.138
151.101.114.2
169.48.197.124
199.68.195.199
23.95.199.211
23.97.254.205
2600:9000:200c:2a00:1:1faa:9040:93a1
2600:9000:200c:9a00:14:6bfc:5740:93a1
2606:4700:10::6814:4a82
2606:4700:30::6818:7840
2606:4700::6813:c397
2620:1ec:bdf::10
2a00:1288:f03d:1fa::2000
2a00:1450:4001:80b::2003
2a00:1450:4001:815::2008
2a00:1450:4001:81f::2004
2a00:1450:4001:825::200a
2a00:1450:4001:825::200e
2a00:1450:400c:c0c::9b
2a02:26f0:6c00:19c::63cc
2a03:2880:f006:21:face:b00c:0:3
2a03:2880:f106:83:face:b00c:0:25de
34.238.10.193
52.218.253.88
54.230.95.149
54.230.95.247
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1121422aa828fb8f2f421b88b5d2437c78e51cd43a338094ec62ada2012887b1
19b291790544de16f034793ea1af6d9ab4fc16692bc08e3b75901a012937aa0f
246e878a2429720cd8ee6c3446d30c82ec5b5c39a7c32cab999e7c5b109939ce
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
31d62e1324894d0ff3ed754e866a3fc755e44053114334b78f35ea2d92d71fe1
3245d56a22ccd358181c0569816ffd98d51c3562be68e4350e82f2298808ac55
351e617fe9eba5db39ecdff23a83d6dc680e286691aa48fad095225902d3238d
3bbe7803a8febce34a5636801c69b5ac2ca4f8e1819a512744d5aec2862ccf28
3fc1f00b400046a6e4d17af4ddd88132891d49a0bfb75489bd4d4a249efc09fb
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
519ee11f881ccbc802f7eb156c92f44f62f67d9c73184dbc1ebf456814f74ebf
523c2ab17046b7b5dfc6efd5a7806daec49bfdcb55ac6a97d515893dfc092122
5eecac60daf67e9978b368ef66fe2b25e1f0a61da04d77ee55905ac53d1a1cf9
62400bc84c0bbc6c3d92853f1dc29871b5f5b247b2cf4ca92bbe9cb496ba2c60
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6afe06ce88b927163790138f2746fdc4e268ec563ca5967f991f8da10e4479bf
6bcd4fcf22ced2f329b4e22fe27b23294d942418a6a00e5f15d822b00c485fe4
6eb8e4e56ac835e35770db07a9194052f2493791a252822e80d1fe11703d0e23
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c7f70f57e19f37ca0ba828fa6215001063ff07fb00a8bf50069ac99473b0a69
7d64b0455fa83a520a331605f47ac061107e2429000ed25db4f66d2a77df32d7
8df064dcd8eb35db1551d1c4b2e8850ba9e51b81321f5951d6bd31a2bdf4373c
96e2879f524104c1f3ec9ebd581656d685526af8a7a93b2bbe5f0d21dcc9c42e
973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef
97fd47b2a2bc905922463b3ba0b0d726eaf214cd02540466cebc102a32348e98
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
9d3af696c2533f25ef034358c8d15cc791fa1539c40058c6bfcef813cbaeda20
a5a03ffb74678bd02d15096bdb6d36f08338cde8f8f51d7fa8c2cc3df9e6f4e5
a8f1b691ce12ecea58bdc55430897e5c9d9d07a45bdf14390aaaf4555e0d4a51
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b8c6eca61538841fc1bb9ad98ff5659e04cd14f3e2e7390c37c6c26e98380792
b986fbc59b4f9794ff0d1bd475093053df31b2b79b545daf4125f0abf912716b
bf7809e8e25328472d278215503325a2a569be3f117d17390e9f6cc9b5266cfe
c1335238d00aa95341b6ec5a15c6b43a44c802afe1ed97dd713043311e7d21c7
c3c0f5a1e3c2f4e7471c3cf34ce7b3f10540750c3b05fdb5b1576d5be1f9170b
c7ffb5c7a2fcc93bf5553df1f27de7c5b2dbd4affcb74fd0bef82371e4e22caa
cb9eaeb2adaffbe4521224ddfe2b21fb6573d4350edaf3ea112c044b359feaf2
cec3748d0c3da4700300d5424aaea375b03550b0ee8b3dd38e242c4022261446
d084eaaa40196be9bac561e110706a67a2577c891753aa352ecd57354f261b34
d16f2113b69d9eef34c248c440c78c94be9950442900cb3d8aed78be2752112b
d260b7cea34f8c626705081c4e45052b12196fb4440914161f8efb926f5c7157
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55b261029c47ec9da3a77edf26599b7aeb6db5853b8f57b72815d752e26b6ce
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc8ec001faf2a4299e345bfe462404de9efca8ddca4b663821b8f65865f4dc9b

app.lifeinsurance.net Open in urlscan Pro 100.26.124.138 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

70 Requests

79 %HTTPS

62 %IPv6

30 Domains

35 Subdomains

24 IPs

8 Countries

649 kBTransfer

1324 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

app.lifeinsurance.net Open in urlscan Pro
100.26.124.138 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

79 %
HTTPS

62 %
IPv6

30
Domains

35
Subdomains

24
IPs

8
Countries

649 kB
Transfer

1324 kB
Size

0
Cookies

70 HTTP transactions
0 data transactions