lenderhub.csaa-insurance.aaa.com Open in urlscan Pro
2a02:26f0:2c::216:f249  Public Scan

Submitted URL: http://lenderhub.csaa-insurance.aaa.com/
Effective URL: https://lenderhub.csaa-insurance.aaa.com/
Submission: On September 12 via manual from US — Scanned from DE

Summary

This website contacted 14 IPs in 3 countries across 10 domains to perform 41 HTTP transactions. The main IP is 2a02:26f0:2c::216:f249, located in Düsseldorf, Germany and belongs to AKAMAI-ASN1, NL. The main domain is lenderhub.csaa-insurance.aaa.com.
TLS certificate: Issued by DigiCert TLS Hybrid ECC SHA384 2020 CA1 on January 26th 2023. Valid for: a year.
This is the only time lenderhub.csaa-insurance.aaa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 2a02:26f0:2c:... 20940 (AKAMAI-ASN1)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 108.157.181.161 16509 (AMAZON-02)
1 2001:4de0:ac1... 20446 (STACKPATH...)
6 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 34.66.3.160 396982 (GOOGLE-CL...)
5 35.225.143.12 396982 (GOOGLE-CL...)
1 34.223.74.168 16509 (AMAZON-02)
41 14
Apex Domain
Subdomains
Transfer
11 quantummetric.com
cdn.quantummetric.com — Cisco Umbrella Rank: 2426
rl.quantummetric.com — Cisco Umbrella Rank: 4118
csaa-app.quantummetric.com — Cisco Umbrella Rank: 249346
110 KB
10 aaa.com
lenderhub.csaa-insurance.aaa.com
499 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
613 KB
4 segment.com
cdn.segment.com — Cisco Umbrella Rank: 1907
34 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
32 KB
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1495
c.go-mpulse.net — Cisco Umbrella Rank: 659
50 KB
1 segment.io
api.segment.io — Cisco Umbrella Rank: 1265
185 B
1 akstat.io
02179913.akstat.io — Cisco Umbrella Rank: 80481
213 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 918
30 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 63
45 KB
41 10
Domain Requested by
10 lenderhub.csaa-insurance.aaa.com 1 redirects lenderhub.csaa-insurance.aaa.com
6 www.gstatic.com www.google.com
www.gstatic.com
5 csaa-app.quantummetric.com cdn.quantummetric.com
4 rl.quantummetric.com cdn.quantummetric.com
4 cdn.segment.com lenderhub.csaa-insurance.aaa.com
cdn.segment.com
4 www.google.com lenderhub.csaa-insurance.aaa.com
www.google.com
www.gstatic.com
2 cdn.quantummetric.com lenderhub.csaa-insurance.aaa.com
cdn.quantummetric.com
1 api.segment.io cdn.quantummetric.com
1 02179913.akstat.io s.go-mpulse.net
1 fonts.gstatic.com www.google.com
1 code.jquery.com www.googletagmanager.com
1 www.googletagmanager.com lenderhub.csaa-insurance.aaa.com
1 c.go-mpulse.net s.go-mpulse.net
1 s.go-mpulse.net lenderhub.csaa-insurance.aaa.com
41 14

This site contains links to these domains. Also see Links.

Domain
csaa-insurance.aaa.com
Subject Issuer Validity Valid
api-appsec.n01.csaa-insurance.aaa.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-01-26 -
2024-02-15
a year crt.sh
akstat.io
DigiCert TLS RSA SHA256 2020 CA1
2023-04-05 -
2024-04-04
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
www.google.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
*.segment.com
Amazon RSA 2048 M01
2023-02-24 -
2024-01-12
a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-17 -
2024-05-16
a year crt.sh
*.google.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
rl.quantummetric.com
R3
2023-07-24 -
2023-10-22
3 months crt.sh
*.quantummetric.com
Sectigo RSA Domain Validation Secure Server CA
2023-01-18 -
2024-02-13
a year crt.sh
*.segment.io
Amazon RSA 2048 M01
2023-02-10 -
2024-02-10
a year crt.sh

This page contains 5 frames:

Primary Page: https://lenderhub.csaa-insurance.aaa.com/
Frame ID: 192888769ABAA9ACDDDB9DB06F55E462
Requests: 22 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcoL3QmAAAAABdRA4QjXQoOPbPc9GvVbgpq3nNx&co=aHR0cHM6Ly9sZW5kZXJodWIuY3NhYS1pbnN1cmFuY2UuYWFhLmNvbTo0NDM.&hl=de&type=image&v=0hCdE87LyjzAkFO5Ff-v7Hj1&theme=light&size=normal&badge=bottomright&cb=136macaqhiim
Frame ID: 15D2A94863850E0EEEB3A7B1AB4C4116
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6LcoL3QmAAAAABdRA4QjXQoOPbPc9GvVbgpq3nNx
Frame ID: D3D50760B025407271D9EE36C5C9A033
Requests: 3 HTTP requests in this frame

Frame: https://rl.quantummetric.com/csaa/hash-check
Frame ID: 31270A3D78FE218F0F53791B0150E73A
Requests: 7 HTTP requests in this frame

Frame: https://cdn.quantummetric.com/helpers/blank
Frame ID: 2C9E3834A96BE7D9785417FE63299520
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

LenderHub - the AAA Insurance self-service portal

Page URL History Show full URLs

  1. http://lenderhub.csaa-insurance.aaa.com/ HTTP 301
    https://lenderhub.csaa-insurance.aaa.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • backbone.*\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

41
Requests

100 %
HTTPS

69 %
IPv6

10
Domains

14
Subdomains

14
IPs

3
Countries

1414 kB
Transfer

4334 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://lenderhub.csaa-insurance.aaa.com/ HTTP 301
    https://lenderhub.csaa-insurance.aaa.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
lenderhub.csaa-insurance.aaa.com/
Redirect Chain
  • http://lenderhub.csaa-insurance.aaa.com/
  • https://lenderhub.csaa-insurance.aaa.com/
6 KB
3 KB
Document
General
Full URL
https://lenderhub.csaa-insurance.aaa.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2c::216:f249 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
19c1889e482e54668ae4dbabfb7e63a1fa12b3ae243131c55eab031111f072d9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-store
content-encoding
gzip
content-length
2711
content-type
text/html
date
Tue, 12 Sep 2023 19:43:24 GMT
etag
W/"48deff7a68175188afa6976cd4febbe3"
last-modified
Mon, 14 Aug 2023 18:02:12 GMT
server-timing
cdn-cache; desc=MISS edge; dur=2132 origin; dur=287 ak_p; desc="1694547801774_35058245_112968865_241930_810_22_74_255";dur=1
vary
Accept-Encoding
x-akamai-transformed
9 684 0 pmb=mRUM,1
x-amz-cf-id
WSSyabRjzOo5HU7jcoz1aqjJ9MipvPc8oGjqLam2rJB2P1cduaSxHA==
x-amz-cf-pop
IAD12-P1
x-amz-server-side-encryption
AES256

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Tue, 12 Sep 2023 19:43:21 GMT
Location
https://lenderhub.csaa-insurance.aaa.com/
Server-Timing
cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1694547801717_35058245_112968656_14_8623_22_0_-";dur=1
main.952bd105.js
lenderhub.csaa-insurance.aaa.com/static/js/
2 MB
404 KB
Script
General
Full URL
https://lenderhub.csaa-insurance.aaa.com/static/js/main.952bd105.js
Requested by
Host: lenderhub.csaa-insurance.aaa.com
URL: https://lenderhub.csaa-insurance.aaa.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2c::216:f249 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5e620a7617b6731476aacf1b318aa99fe749175d3efb24c7225df0bebce6fbec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lenderhub.csaa-insurance.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 19:43:25 GMT
content-encoding
gzip
last-modified
Mon, 14 Aug 2023 18:02:11 GMT
x-amz-request-id
1NNWNE8MYRY8QT7N
x-amz-cf-pop
IAD12-P1
x-amz-server-side-encryption
AES256
etag
W/"9ccc6ca70d64747ef323c0b8862f9ae7"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, must-revalidate
server-timing
cdn-cache; desc=MISS, edge; dur=442, origin; dur=294, ak_p; desc="1694547804297_35058245_112971657_73588_755_28_0_146";dur=1
x-amz-cf-id
579VjO0HR6xj2-maGt2E92JqcHnqDQ3I0nYXmxU3_8UvVldzhd4WZQ==
x-amz-id-2
7VlhbDOTiYhBYwgzxnEgV7rm3oH0k7lWyiy6JMCvqjM0HCC01fIDPFSy8v7RixL9cuRrMYJFHgI=
main.eda9fe8e.css
lenderhub.csaa-insurance.aaa.com/static/css/
23 KB
5 KB
Stylesheet
General
Full URL
https://lenderhub.csaa-insurance.aaa.com/static/css/main.eda9fe8e.css
Requested by
Host: lenderhub.csaa-insurance.aaa.com
URL: https://lenderhub.csaa-insurance.aaa.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2c::216:f249 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d87cbe4255e57ac7b7d15dab3a1737fb2aedd185b91687a7728cd5c55e152e3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lenderhub.csaa-insurance.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 19:43:24 GMT
content-encoding
gzip
last-modified
Mon, 14 Aug 2023 18:02:11 GMT
x-amz-request-id
1NNSFGQNDSH5N3GF
x-amz-cf-pop
IAD12-P1
x-amz-server-side-encryption
AES256
etag
W/"c680b4979d966d607ef211f252019891"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, must-revalidate
server-timing
cdn-cache; desc=MISS, edge; dur=265, origin; dur=306, ak_p; desc="1694547804297_35058245_112971656_57148_768_23_0_255";dur=1
x-amz-cf-id
FJY8Y_aQ_MDj2-2gQIXi0MuIthavNMKarmnXutJAL-_QO_rY5rSvgg==
x-amz-id-2
p985BHTP+Oxr9VZ6I9AB7se8mqIQpP9uN5wE+TkTKJ29v6bp7JWAs/MH++1WqWxbKEpu7aXhl5k=
content-length
4795
FF7HJ-WHYKL-RCH6S-TAV3A-GPVJ9
s.go-mpulse.net/boomerang/
205 KB
49 KB
Script
General
Full URL
https://s.go-mpulse.net/boomerang/FF7HJ-WHYKL-RCH6S-TAV3A-GPVJ9
Requested by
Host: lenderhub.csaa-insurance.aaa.com
URL: https://lenderhub.csaa-insurance.aaa.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:980::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lenderhub.csaa-insurance.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 19:43:25 GMT
content-encoding
br
customappheader
mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified
Mon, 11 Sep 2023 17:57:30 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
50393
config.json
c.go-mpulse.net/api/
623 B
896 B
XHR
General
Full URL
https://c.go-mpulse.net/api/config.json?key=FF7HJ-WHYKL-RCH6S-TAV3A-GPVJ9&d=lenderhub.csaa-insurance.aaa.com&t=5648493&v=1.720.0&sl=0&si=c65659ea-3117-44b1-b197-9827eb084d81-s0w1g9&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=954382
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/FF7HJ-WHYKL-RCH6S-TAV3A-GPVJ9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:981::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
57fcf7984c7898ea4633cf26e76f3e9d1eaff31d5b2b499d26e6d7bd2eba51c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lenderhub.csaa-insurance.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 12 Sep 2023 19:43:25 GMT
Cache-Control
private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
623
Content-Type
application/json
gtm.js
www.googletagmanager.com/
115 KB
45 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NXQRLDN&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: lenderhub.csaa-insurance.aaa.com
URL: https://lenderhub.csaa-insurance.aaa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
48318ea1e884d86a09920a268e096e60885ed7ca672b5e0c8907e3dbb28a0d73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lenderhub.csaa-insurance.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 19:43:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45687
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 19:02:21 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 12 Sep 2023 19:43:25 GMT
api.js
www.google.com/recaptcha/
1 KB
1 KB
Script
General
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit
Requested by
Host: lenderhub.csaa-insurance.aaa.com
URL: https://lenderhub.csaa-insurance.aaa.com/static/js/main.952bd105.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c685ccd0295a1765484cfb19d7ef545269703d94d6ea25b39b9da72474402697
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lenderhub.csaa-insurance.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 19:43:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
857
x-xss-protection
1; mode=block
expires
Tue, 12 Sep 2023 19:43:25 GMT
rtraleway-bold-webfont.5902f975b8b4600710d5.woff2
lenderhub.csaa-insurance.aaa.com/static/media/
23 KB
24 KB
Font
General
Full URL
https://lenderhub.csaa-insurance.aaa.com/static/media/rtraleway-bold-webfont.5902f975b8b4600710d5.woff2
Requested by
Host: lenderhub.csaa-insurance.aaa.com
URL: https://lenderhub.csaa-insurance.aaa.com/static/css/main.eda9fe8e.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2c::216:f249 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
89294fbc0f1efa510c9124b1becfa99d355c8a8de726075f636695e31c2f84e7

Request headers

Referer
https://lenderhub.csaa-insurance.aaa.com/static/css/main.eda9fe8e.css
Origin
https://lenderhub.csaa-insurance.aaa.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 19:43:25 GMT
last-modified
Mon, 14 Aug 2023 18:02:11 GMT
x-amz-request-id
WXDQS5T9X656S6WS
x-amz-cf-pop
IAD12-P1
x-amz-server-side-encryption
AES256
etag
"3d395a5d11908292c904e1464ebcf673"
vary
Accept-Encoding
content-type
binary/octet-stream
cache-control
max-age=31536000, must-revalidate
server-timing
cdn-cache; desc=MISS, edge; dur=90, origin; dur=362, ak_p; desc="1694547805542_35058245_112973030_45134_966_22_0_255";dur=1
accept-ranges
bytes
content-length
24000
x-amz-id-2
XI8EJmpeVUivQI7WHQ7YJolxhNQI6h3VfiAcOvTbKDHou5r+XNZvmaMX+CsT4jL7hRyHXD58fX0=
x-amz-cf-id
cmHJ5bCJ9CyUNBtyc7hRIEz5Y2RURCkQFa1qvZR68goZcsO8waF7xA==
rtraleway-regular-webfont.a56c12cf6209d5c1762e.woff2
lenderhub.csaa-insurance.aaa.com/static/media/
24 KB
25 KB
Font
General
Full URL
https://lenderhub.csaa-insurance.aaa.com/static/media/rtraleway-regular-webfont.a56c12cf6209d5c1762e.woff2
Requested by
Host: lenderhub.csaa-insurance.aaa.com
URL: https://lenderhub.csaa-insurance.aaa.com/static/css/main.eda9fe8e.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2c::216:f249 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3fa3e46064d722001b37675c33cfcec7019f0ef5ba5a4edb498ae8dcec07ab18

Request headers

Referer
https://lenderhub.csaa-insurance.aaa.com/static/css/main.eda9fe8e.css
Origin
https://lenderhub.csaa-insurance.aaa.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 19:43:26 GMT
last-modified
Mon, 14 Aug 2023 18:02:11 GMT
x-amz-request-id
WXDY3H928AJFTKJV
x-amz-cf-pop
IAD12-P1
x-amz-server-side-encryption
AES256
etag
"65c65930c94b0e05cb6f3107c50e8c11"
vary
Accept-Encoding
content-type
binary/octet-stream
cache-control
max-age=31536000, must-revalidate
server-timing
cdn-cache; desc=MISS, edge; dur=352, origin; dur=303, ak_p; desc="1694547805542_35058245_112973031_65437_972_24_0_255";dur=1
accept-ranges
bytes
content-length
24752
x-amz-id-2
JnshnW/6KunarNWp9T77Vhn7ZkAL2H2qDLClKiC3mWQ1b3jRC1SuCT7xg+hYEnbW6+TXGaJJYTs=
x-amz-cf-id
o7nn-N2_kw1ZSCyxabAr2HZPzNzWJjGaedI8YBmBkSMlBBSZl2aoeQ==
cabin-latin-400-normal.5480a0c69ea2f00116b5.woff2
lenderhub.csaa-insurance.aaa.com/static/media/
15 KB
16 KB
Font
General
Full URL
https://lenderhub.csaa-insurance.aaa.com/static/media/cabin-latin-400-normal.5480a0c69ea2f00116b5.woff2
Requested by
Host: lenderhub.csaa-insurance.aaa.com
URL: https://lenderhub.csaa-insurance.aaa.com/static/css/main.eda9fe8e.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2c::216:f249 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a3d8afcbc68d3ae65312e50ce252f5eb4cb817d3fe39452bd37a76f896ab5921

Request headers

Referer
https://lenderhub.csaa-insurance.aaa.com/static/css/main.eda9fe8e.css
Origin
https://lenderhub.csaa-insurance.aaa.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 19:43:25 GMT
last-modified
Mon, 14 Aug 2023 18:02:11 GMT
x-amz-request-id
WXDGT1NJRP5Z4FGW
x-amz-cf-pop
IAD12-P1
x-amz-server-side-encryption
AES256
etag
"083f5cafe748b8ac91823b36986d7fda"
vary
Accept-Encoding
content-type
binary/octet-stream
cache-control
max-age=31536000, must-revalidate
server-timing
cdn-cache; desc=MISS, edge; dur=89, origin; dur=299, ak_p; desc="1694547805542_35058245_112973032_38752_965_22_0_255";dur=1
accept-ranges
bytes
content-length
15476
x-amz-id-2
ZAZNNtzoruy1cO7iXnhN374I7k7wZkyZ6ltuCGDafgxWQZ8DPAbiNc9KnBZagKhu+ZiufV+81Jc=
x-amz-cf-id
oVm3R7XW4iN3NVx0sPpjGqhJ6CaR31PsP2REc-wFEPkanoMCyUFK6g==
logo.d96ea7c2b25af9eeee1b4811465b83c3.svg
lenderhub.csaa-insurance.aaa.com/static/media/
8 KB
4 KB
Image
General
Full URL
https://lenderhub.csaa-insurance.aaa.com/static/media/logo.d96ea7c2b25af9eeee1b4811465b83c3.svg
Requested by
Host: lenderhub.csaa-insurance.aaa.com
URL: https://lenderhub.csaa-insurance.aaa.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2c::216:f249 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
44ed94fad968b44f1737c7760b50aac24047cb266d01340dd2994522cd7b94be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lenderhub.csaa-insurance.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 19:43:26 GMT
content-encoding
gzip
last-modified
Mon, 14 Aug 2023 18:02:11 GMT
x-amz-request-id
WXDJFFK3GQ89WNKT
x-amz-cf-pop
IAD12-P1
x-amz-server-side-encryption
AES256
etag
W/"d72ec701720308f5b17810867f779d6b"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000, must-revalidate
server-timing
cdn-cache; desc=MISS, edge; dur=255, origin; dur=311, ak_p; desc="1694547805558_35058245_112973053_56645_732_25_0_146";dur=1
x-amz-cf-id
_HTrDFteNrOhJoo5nU_-cg1O3R7ulnYM6QkC1NXlCvCKtzGjc9bU1A==
x-amz-id-2
42i63IvIB5wD9EluiwKA5kx+BcOWLx/rdfEzmUdD7iDZPcXR1OCyUTQ/3iasbKqdhc+QU5zTA4E=
content-length
3658
lender-landing-image.96ed17d744a70a8562a874122b184527.svg
lenderhub.csaa-insurance.aaa.com/static/media/
45 KB
17 KB
Image
General
Full URL
https://lenderhub.csaa-insurance.aaa.com/static/media/lender-landing-image.96ed17d744a70a8562a874122b184527.svg
Requested by
Host: lenderhub.csaa-insurance.aaa.com
URL: https://lenderhub.csaa-insurance.aaa.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2c::216:f249 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
39e3f359d35d67d621c85e2a9743c0db46adafe6d83c6894eb37c31665164818

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lenderhub.csaa-insurance.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 19:43:26 GMT
content-encoding
gzip
last-modified
Mon, 14 Aug 2023 18:02:11 GMT
x-amz-request-id
WXDGSKCG1GGKNXEY
x-amz-cf-pop
IAD12-P1
x-amz-server-side-encryption
AES256
etag
W/"390d5b25a35241309b1c32f30aad2f32"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000, must-revalidate
server-timing
cdn-cache; desc=MISS, edge; dur=351, origin; dur=293, ak_p; desc="1694547805558_35058245_112973054_64434_622_24_0_219";dur=1
x-amz-cf-id
_evoeOcH_z9mJrsjLYtYkLhAP51d15vLA9wENsnyUQIgqGUA2E_0Qg==
x-amz-id-2
x4XZGmOZ8Ild/Q9+RuwmO2LqMPS7ZqzWiPdl/edCMBC8XBLEjSXsq23QUgECwBKzMOkZxH4dMiQ=
content-length
17351
location-icon.e51472801cc153040f51e229c6cfd266.svg
lenderhub.csaa-insurance.aaa.com/static/media/
736 B
1 KB
Image
General
Full URL
https://lenderhub.csaa-insurance.aaa.com/static/media/location-icon.e51472801cc153040f51e229c6cfd266.svg
Requested by
Host: lenderhub.csaa-insurance.aaa.com
URL: https://lenderhub.csaa-insurance.aaa.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2c::216:f249 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a24b606b2e5e29e3f90cb83d03a7a025dc8ff61054f26acadd01a4a520888f6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lenderhub.csaa-insurance.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 19:43:26 GMT
last-modified
Mon, 14 Aug 2023 18:02:11 GMT
x-amz-request-id
CVRJB6JGBVP7S17B
x-amz-cf-pop
IAD12-P1
x-amz-server-side-encryption
AES256
etag
"62713c4eeeb771fbf6c477258c89a126"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000, must-revalidate
server-timing
cdn-cache; desc=MISS, edge; dur=254, origin; dur=316, ak_p; desc="1694547805558_35058245_112973055_57020_703_25_0_219";dur=1
accept-ranges
bytes
content-length
736
x-amz-id-2
2QjvgtE3ONPhmVZnGe2Hu2UvrM2FbrlghF0jbRj7yyLoB7Edmh1pIFySKd4SVM6Y8bqIxp8muEI=
x-amz-cf-id
vbUi_kM0mBBJc_VPFrUIRChu6E5_YL_51zCTZEyHgyr-lqL8HV8KZg==
analytics.min.js
cdn.segment.com/analytics.js/v1/aDoKDDCBMT2dKIKkDgpaQwu9W4BxE64Y/
105 KB
28 KB
Script
General
Full URL
https://cdn.segment.com/analytics.js/v1/aDoKDDCBMT2dKIKkDgpaQwu9W4BxE64Y/analytics.min.js
Requested by
Host: lenderhub.csaa-insurance.aaa.com
URL: https://lenderhub.csaa-insurance.aaa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.181.161 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-181-161.mxp53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b35bcd2dff90e3f9fd30673ee2df4b2723f9201f0fbb192e82b7fe816c0fb6af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lenderhub.csaa-insurance.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 19:43:27 GMT
x-amz-version-id
31VZP_cGhKXPlGy87Yk4_HDRFlgDEcR5
content-encoding
br
via
1.1 1d2331bbe34d299e911f1921903638c6.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP53-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 11 Sep 2023 18:58:08 GMT
server
AmazonS3
etag
W/"163c5e23716bd0eef4998bad5ef0e2c5"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=120
vary
Accept-Encoding
x-amz-cf-id
O3F4qld0ulh0C6cUtoay6pS06sX1MFV5CNVsiLsN6_Aoh6RD8wDGFg==
jquery-3.4.1.min.js
code.jquery.com/
86 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXQRLDN&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lenderhub.csaa-insurance.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 19:43:25 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 13:47:02 GMT
server
nginx
etag
W/"62f659d6-15851"
vary
Accept-Encoding
x-hw
1694547805.dop167.fr8.t,1694547805.cds148.fr8.hn,1694547805.cds236.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30638
recaptcha__de.js
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/
454 KB
183 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
587fc1c1e943e8763bd2e2ff0be4a0e5efc61181b1a4834c99aac812c5c126a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lenderhub.csaa-insurance.aaa.com/
Origin
https://lenderhub.csaa-insurance.aaa.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 10:39:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32626
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
186637
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 02:02:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Sep 2024 10:39:39 GMT
quantum-csaa.js
cdn.quantummetric.com/qscripts/
501 KB
105 KB
Script
General
Full URL
https://cdn.quantummetric.com/qscripts/quantum-csaa.js
Requested by
Host: lenderhub.csaa-insurance.aaa.com
URL: https://lenderhub.csaa-insurance.aaa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:35fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6ca4f28f749e7f1cdb206fa58fe27b0b1adc979e183f4794d58454ec702a7a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options no-sniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lenderhub.csaa-insurance.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 19:43:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
no-sniff
cf-cache-status
EXPIRED
content-encoding
br
server
cloudflare
etag
W/"169447260725816941006034171691740804464"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600
x-robots-tag
noindex
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
alt-svc
h3=":443"; ma=86400
cf-ray
805aa3ab8acc8fec-FRA
anchor
www.google.com/recaptcha/api2/ Frame 15D2
52 KB
29 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcoL3QmAAAAABdRA4QjXQoOPbPc9GvVbgpq3nNx&co=aHR0cHM6Ly9sZW5kZXJodWIuY3NhYS1pbnN1cmFuY2UuYWFhLmNvbTo0NDM.&hl=de&type=image&v=0hCdE87LyjzAkFO5Ff-v7Hj1&theme=light&size=normal&badge=bottomright&cb=136macaqhiim
Requested by
Host: lenderhub.csaa-insurance.aaa.com
URL: https://lenderhub.csaa-insurance.aaa.com/static/js/main.952bd105.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
070330c65bdb7689c0f1de7b178dda3e237286f49882030870fe62ae6a69a46d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-l6HRwxFM6ZiPJLumzCQOUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://lenderhub.csaa-insurance.aaa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
29560
content-security-policy
script-src 'report-sample' 'nonce-l6HRwxFM6ZiPJLumzCQOUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 12 Sep 2023 19:43:26 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame 15D2
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcoL3QmAAAAABdRA4QjXQoOPbPc9GvVbgpq3nNx&co=aHR0cHM6Ly9sZW5kZXJodWIuY3NhYS1pbnN1cmFuY2UuYWFhLmNvbTo0NDM.&hl=de&type=image&v=0hCdE87LyjzAkFO5Ff-v7Hj1&theme=light&size=normal&badge=bottomright&cb=136macaqhiim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 13:30:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22394
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 02:02:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Sep 2024 13:30:12 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame 15D2
454 KB
182 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcoL3QmAAAAABdRA4QjXQoOPbPc9GvVbgpq3nNx&co=aHR0cHM6Ly9sZW5kZXJodWIuY3NhYS1pbnN1cmFuY2UuYWFhLmNvbTo0NDM.&hl=de&type=image&v=0hCdE87LyjzAkFO5Ff-v7Hj1&theme=light&size=normal&badge=bottomright&cb=136macaqhiim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
587fc1c1e943e8763bd2e2ff0be4a0e5efc61181b1a4834c99aac812c5c126a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 10:39:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32627
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
186637
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 02:02:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Sep 2024 10:39:39 GMT
truncated
/ Frame 15D2
14 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 15D2
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 15D2
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 06:02:48 GMT
x-content-type-options
nosniff
age
308438
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Sat, 16 Sep 2023 06:02:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 15D2
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcoL3QmAAAAABdRA4QjXQoOPbPc9GvVbgpq3nNx&co=aHR0cHM6Ly9sZW5kZXJodWIuY3NhYS1pbnN1cmFuY2UuYWFhLmNvbTo0NDM.&hl=de&type=image&v=0hCdE87LyjzAkFO5Ff-v7Hj1&theme=light&size=normal&badge=bottomright&cb=136macaqhiim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 02:58:03 GMT
x-content-type-options
nosniff
age
319523
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Sep 2024 02:58:03 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 15D2
102 B
134 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcoL3QmAAAAABdRA4QjXQoOPbPc9GvVbgpq3nNx&co=aHR0cHM6Ly9sZW5kZXJodWIuY3NhYS1pbnN1cmFuY2UuYWFhLmNvbTo0NDM.&hl=de&type=image&v=0hCdE87LyjzAkFO5Ff-v7Hj1&theme=light&size=normal&badge=bottomright&cb=136macaqhiim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c548ab92911cb0c3db4cbbe04248ddbfd4f50759d33b73ba54f6086cb7716b68
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcoL3QmAAAAABdRA4QjXQoOPbPc9GvVbgpq3nNx&co=aHR0cHM6Ly9sZW5kZXJodWIuY3NhYS1pbnN1cmFuY2UuYWFhLmNvbTo0NDM.&hl=de&type=image&v=0hCdE87LyjzAkFO5Ff-v7Hj1&theme=light&size=normal&badge=bottomright&cb=136macaqhiim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 19:43:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
x-xss-protection
1; mode=block
expires
Tue, 12 Sep 2023 19:43:26 GMT
bframe
www.google.com/recaptcha/api2/ Frame D3D5
7 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6LcoL3QmAAAAABdRA4QjXQoOPbPc9GvVbgpq3nNx
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2c25afa652cc61d25ac3b8ae1669731bb78837d1c2d96047424a4234317852aa
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BjMNQVYwy9-1_4sqmLva8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://lenderhub.csaa-insurance.aaa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1159
content-security-policy
script-src 'report-sample' 'nonce-BjMNQVYwy9-1_4sqmLva8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 12 Sep 2023 19:43:26 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame D3D5
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6LcoL3QmAAAAABdRA4QjXQoOPbPc9GvVbgpq3nNx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 13:30:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22394
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 02:02:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Sep 2024 13:30:12 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame D3D5
454 KB
182 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6LcoL3QmAAAAABdRA4QjXQoOPbPc9GvVbgpq3nNx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
587fc1c1e943e8763bd2e2ff0be4a0e5efc61181b1a4834c99aac812c5c126a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 10:39:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32627
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
186637
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 02:02:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Sep 2024 10:39:39 GMT
settings
cdn.segment.com/v1/projects/aDoKDDCBMT2dKIKkDgpaQwu9W4BxE64Y/
666 B
1 KB
Fetch
General
Full URL
https://cdn.segment.com/v1/projects/aDoKDDCBMT2dKIKkDgpaQwu9W4BxE64Y/settings
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/aDoKDDCBMT2dKIKkDgpaQwu9W4BxE64Y/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.181.161 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-181-161.mxp53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7c1c02cfe7e8d4f8e8334fce7e1d1cb7a18a67e3acd9f8740507faea77698b17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lenderhub.csaa-insurance.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 19:43:28 GMT
x-amz-version-id
MP6Xt.r7wz5Z9krtUslFhrBHAdzGxgRk
via
1.1 bfd9306be69cc7d86c13f6affafd9952.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP53-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
content-length
666
last-modified
Mon, 14 Aug 2023 18:29:40 GMT
server
AmazonS3
etag
"14b181ad04fbbfbbde93dd791aff7d47"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
accept-ranges
bytes
x-amz-cf-id
x4BAWFVRw19KT6tO0Orv1uh0p8xNSY5ltCqboyDb0gSjBd1xjKN8pw==
/
02179913.akstat.io/
0
213 B
Ping
General
Full URL
https://02179913.akstat.io/
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/FF7HJ-WHYKL-RCH6S-TAV3A-GPVJ9
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:980::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://lenderhub.csaa-insurance.aaa.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 19:43:27 GMT
content-type
image/gif
access-control-allow-origin
https://lenderhub.csaa-insurance.aaa.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
0
expires
Tue, 12 Sep 2023 19:43:27 GMT
hash-check
rl.quantummetric.com/csaa/ Frame 3127
2 B
237 B
XHR
General
Full URL
https://rl.quantummetric.com/csaa/hash-check
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-csaa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.66.3.160 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
160.3.66.34.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 12 Sep 2023 19:43:28 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin
access-control-allow-methods
*
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://lenderhub.csaa-insurance.aaa.com
access-control-allow-credentials
true
content-length
2
hash-check
rl.quantummetric.com/csaa/ Frame
0
0
Preflight
General
Full URL
https://rl.quantummetric.com/csaa/hash-check
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.66.3.160 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
160.3.66.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://lenderhub.csaa-insurance.aaa.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
https://lenderhub.csaa-insurance.aaa.com
content-length
0
date
Tue, 12 Sep 2023 19:43:27 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
/
csaa-app.quantummetric.com/ Frame 3127
90 B
785 B
XHR
General
Full URL
https://csaa-app.quantummetric.com/?T=B&u=https%3A%2F%2Flenderhub.csaa-insurance.aaa.com%2F&t=1694547807035&v=1694547807608&z=1&S=0&N=0&P=0
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-csaa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.225.143.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.143.225.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
19e4d2c7e6fa8190304b0f83d8b151e94f5bb548e1521261ab75e5b686ea86be
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Sep 2023 19:43:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
content-security-policy
default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server
nginx
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://lenderhub.csaa-insurance.aaa.com
access-control-allow-credentials
true
x-robots-tag
noindex
/
csaa-app.quantummetric.com/ Frame 3127
0
657 B
XHR
General
Full URL
https://csaa-app.quantummetric.com/?T=B&u=https%3A%2F%2Flenderhub.csaa-insurance.aaa.com%2F&t=1694547807035&v=1694547807618&z=2&Q=1&Y=1&X=7746f2d354bc4901c687ba5139b3585a
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-csaa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.225.143.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.143.225.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Sep 2023 19:43:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
content-security-policy
default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server
nginx
content-type
application/json
access-control-allow-origin
https://lenderhub.csaa-insurance.aaa.com
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
0
ajs-destination.bundle.0f003b5e4b03680982b4.js
cdn.segment.com/analytics-next/bundles/
9 KB
3 KB
Script
General
Full URL
https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.0f003b5e4b03680982b4.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/aDoKDDCBMT2dKIKkDgpaQwu9W4BxE64Y/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.181.161 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-181-161.mxp53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3e2bce089186ecc5310b103ce3056fce92ce32e1db3d5e2db4c1dab4fa87c175

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lenderhub.csaa-insurance.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 23:01:14 GMT
x-amz-version-id
3WH7fo_L3a6tJ5CveU3KsNM8ULxsLQXZ
content-encoding
br
via
1.1 1d2331bbe34d299e911f1921903638c6.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP53-P1
age
2407333
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 15 Aug 2023 20:49:50 GMT
server
AmazonS3
etag
W/"5c08e208387787e375df16faad0e6cd2"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
ktp59eiHLEkfsn_kPSwdqWH2TNsZs0wsA90yF4uuF2mm-nbWRqQBwg==
schemaFilter.bundle.f63551a29dc1697f71b6.js
cdn.segment.com/analytics-next/bundles/
2 KB
1 KB
Script
General
Full URL
https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.f63551a29dc1697f71b6.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/aDoKDDCBMT2dKIKkDgpaQwu9W4BxE64Y/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.181.161 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-181-161.mxp53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lenderhub.csaa-insurance.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 17:24:59 GMT
x-amz-version-id
z9.duCzpxRT4R19RwDYbcbNoSmoR01Uk
content-encoding
br
via
1.1 1d2331bbe34d299e911f1921903638c6.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP53-P1
age
4155509
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 26 Jul 2023 16:08:23 GMT
server
AmazonS3
etag
W/"2a359f6227308e4ee31623f9381ae1d7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
EB_0PNmNsSMDxszJWrGUnC39fxw1ZSAphW5l0Q48PWms1GJBzjAJkQ==
p
api.segment.io/v1/
21 B
185 B
Fetch
General
Full URL
https://api.segment.io/v1/p
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-csaa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.223.74.168 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-223-74-168.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://lenderhub.csaa-insurance.aaa.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://lenderhub.csaa-insurance.aaa.com
date
Tue, 12 Sep 2023 19:43:28 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
hash-check
rl.quantummetric.com/csaa/ Frame 3127
2 B
238 B
XHR
General
Full URL
https://rl.quantummetric.com/csaa/hash-check
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-csaa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.66.3.160 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
160.3.66.34.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 12 Sep 2023 19:43:28 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin
access-control-allow-methods
*
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://lenderhub.csaa-insurance.aaa.com
access-control-allow-credentials
true
content-length
2
hash-check
rl.quantummetric.com/csaa/ Frame
0
0
Preflight
General
Full URL
https://rl.quantummetric.com/csaa/hash-check
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.66.3.160 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
160.3.66.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://lenderhub.csaa-insurance.aaa.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
https://lenderhub.csaa-insurance.aaa.com
content-length
0
date
Tue, 12 Sep 2023 19:43:27 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
/
csaa-app.quantummetric.com/ Frame 3127
28 B
743 B
XHR
General
Full URL
https://csaa-app.quantummetric.com/?s=39d443ab4b87abd99a51c40c873c5252&H=f10726a89ab520540dbf40f6&Q=3
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-csaa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.225.143.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.143.225.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 19:43:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
content-security-policy
default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server
nginx
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://lenderhub.csaa-insurance.aaa.com
access-control-allow-credentials
true
x-robots-tag
noindex
/
csaa-app.quantummetric.com/ Frame 3127
0
657 B
XHR
General
Full URL
https://csaa-app.quantummetric.com/?T=B&u=https%3A%2F%2Flenderhub.csaa-insurance.aaa.com%2F&t=1694547807035&v=1694547808164&H=f10726a89ab520540dbf40f6&s=39d443ab4b87abd99a51c40c873c5252&U=108ab6134abe6af8d7387a6078591887&z=1&Q=2&S=0&N=0
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-csaa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.225.143.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.143.225.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Sep 2023 19:43:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
content-security-policy
default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server
nginx
content-type
application/json
access-control-allow-origin
https://lenderhub.csaa-insurance.aaa.com
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
0
/
csaa-app.quantummetric.com/ Frame 3127
0
657 B
XHR
General
Full URL
https://csaa-app.quantummetric.com/?T=B&u=https%3A%2F%2Flenderhub.csaa-insurance.aaa.com%2F&t=1694547807035&v=1694547808305&H=f10726a89ab520540dbf40f6&s=39d443ab4b87abd99a51c40c873c5252&z=1&S=1186&N=6&P=1
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-csaa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.225.143.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.143.225.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Sep 2023 19:43:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
content-security-policy
default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server
nginx
content-type
application/json
access-control-allow-origin
https://lenderhub.csaa-insurance.aaa.com
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
0
blank
cdn.quantummetric.com/helpers/ Frame 2C9E
209 B
257 B
Document
General
Full URL
https://cdn.quantummetric.com/helpers/blank
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-csaa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:35fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07e2a6fb0d22cdbde787ec2941eb285c222861ddc3cbc8903315b6e5942be8cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://lenderhub.csaa-insurance.aaa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2409
alt-svc
h3=":443"; ma=86400
cf-cache-status
HIT
cf-ray
805aa3c63bd08fec-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 12 Sep 2023 19:43:30 GMT
last-modified
Tue, 12 Sep 2023 19:03:21 GMT
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-robots-tag
noindex

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| Animation object| documentPictureInPicture string| BOOMR_API_key object| BOOMR function| BOOMR_check_doc_domain object| ErrorStackParser object| UserTimingCompression object| BOOMR_mq object| webpackChunkweb_lender_portal_ui object| dataLayer object| google_tag_manager object| google_tag_data object| analytics object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| $ function| jQuery function| _quantum_metric_invoke object| recaptcha object| closure_lm_912315 string| qmErrString function| QuantumMetricInstrumentationStart object| QuantumMetricAPI string| currentTab string| qm_quoteNum string| qm_quoteNumProperty function| QM_getCookie function| consoleError function| _QuantumMetricSymbol object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext number| BOOMR_onload function| qmflate

3 Cookies

Domain/Path Name / Value
.aaa.com/ Name: ajs_anonymous_id
Value: 76986ebc-1b57-46dd-8890-d56889cbd6e2
.aaa.com/ Name: QuantumMetricSessionID
Value: 39d443ab4b87abd99a51c40c873c5252
.aaa.com/ Name: QuantumMetricUserID
Value: 108ab6134abe6af8d7387a6078591887

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

02179913.akstat.io
api.segment.io
c.go-mpulse.net
cdn.quantummetric.com
cdn.segment.com
code.jquery.com
csaa-app.quantummetric.com
fonts.gstatic.com
lenderhub.csaa-insurance.aaa.com
rl.quantummetric.com
s.go-mpulse.net
www.google.com
www.googletagmanager.com
www.gstatic.com
108.157.181.161
2001:4de0:ac18::1:a:1b
2606:4700:10::6816:35fc
2a00:1450:4001:806::2004
2a00:1450:4001:80e::2008
2a00:1450:4001:828::2003
2a00:1450:4001:831::2003
2a02:26f0:2c::216:f249
2a02:26f0:3500:981::11a6
2a02:26f0:480:980::11a6
34.223.74.168
34.66.3.160
35.225.143.12
070330c65bdb7689c0f1de7b178dda3e237286f49882030870fe62ae6a69a46d
07e2a6fb0d22cdbde787ec2941eb285c222861ddc3cbc8903315b6e5942be8cb
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
19c1889e482e54668ae4dbabfb7e63a1fa12b3ae243131c55eab031111f072d9
19e4d2c7e6fa8190304b0f83d8b151e94f5bb548e1521261ab75e5b686ea86be
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2c25afa652cc61d25ac3b8ae1669731bb78837d1c2d96047424a4234317852aa
39e3f359d35d67d621c85e2a9743c0db46adafe6d83c6894eb37c31665164818
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e2bce089186ecc5310b103ce3056fce92ce32e1db3d5e2db4c1dab4fa87c175
3fa3e46064d722001b37675c33cfcec7019f0ef5ba5a4edb498ae8dcec07ab18
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
44ed94fad968b44f1737c7760b50aac24047cb266d01340dd2994522cd7b94be
48318ea1e884d86a09920a268e096e60885ed7ca672b5e0c8907e3dbb28a0d73
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
57fcf7984c7898ea4633cf26e76f3e9d1eaff31d5b2b499d26e6d7bd2eba51c2
587fc1c1e943e8763bd2e2ff0be4a0e5efc61181b1a4834c99aac812c5c126a0
5e620a7617b6731476aacf1b318aa99fe749175d3efb24c7225df0bebce6fbec
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7c1c02cfe7e8d4f8e8334fce7e1d1cb7a18a67e3acd9f8740507faea77698b17
89294fbc0f1efa510c9124b1becfa99d355c8a8de726075f636695e31c2f84e7
a24b606b2e5e29e3f90cb83d03a7a025dc8ff61054f26acadd01a4a520888f6f
a3d8afcbc68d3ae65312e50ce252f5eb4cb817d3fe39452bd37a76f896ab5921
b35bcd2dff90e3f9fd30673ee2df4b2723f9201f0fbb192e82b7fe816c0fb6af
b6ca4f28f749e7f1cdb206fa58fe27b0b1adc979e183f4794d58454ec702a7a2
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83
c548ab92911cb0c3db4cbbe04248ddbfd4f50759d33b73ba54f6086cb7716b68
c685ccd0295a1765484cfb19d7ef545269703d94d6ea25b39b9da72474402697
d87cbe4255e57ac7b7d15dab3a1737fb2aedd185b91687a7728cd5c55e152e3d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855