myprofile.grip.insure Open in urlscan Pro
2606:2800:233:1cb7:261b:1f9c:2074:3c Public Scan

Software

Resource Hash

b3cad51ca0cfdbeac9d38f7aad54e6564408f0da56a6fd56350e0d03d4f0aef9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://claimtmi.grip.insure/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 15:04:04 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4427, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: gxb/EYU3nZIuXTu6jSbC1VAKfSNq7ylY7CVh+zkeH8SfkRO8WtmJorOLw1JwQ9OKqpDUF3Dsxcdo5+aieM7gYg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
content-length: 59508
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 tracker.iife.js Show response
assets.apollo.io/micro/website-tracker/ 3 KB
2 KB 65ms
35ms Script
application/javascript 2606:4700:10::6814:28d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.apollo.io/micro/website-tracker/tracker.iife.js?nocache=6182wf
Requested by: Host: claimtmi.grip.insure
URL: https://claimtmi.grip.insure/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:28d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2039d204f18247df88a0f132f35fe67f9e52ee7268515ead1647c611f737ba07

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://claimtmi.grip.insure/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: *
content-encoding: gzip
x-goog-hash: crc32c=I3tUEw==, md5=SC6zvnW2DshviOm8MzN+iA==
etag: "482eb3be75b60ec86f88e9bc33337e88"
age: 62424
cf-cache-status: HIT
x-goog-stored-content-encoding: gzip
expires: Wed, 22 Oct 2025 21:43:40 GMT
x-goog-stored-content-length: 1168
date: Wed, 23 Oct 2024 15:04:04 GMT
content-type: application/javascript
last-modified: Mon, 12 Feb 2024 19:05:14 GMT
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY0j7gnZ8DAitZvvkYirjCrTFuH4kB4ihvhS4hQUlQqwDD8LVJmBb9yimJ_cFMdRtjtD1NwaOwGRUA
cache-control: public, max-age=31473576
x-goog-storage-class: MULTI_REGIONAL
cf-ray: 8d729e164942d285-FRA
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1707764714580510
content-length: 1168
server: cloudflare

GET
H3 200 665103104435941 Show response
connect.facebook.net/signals/config/ 65 KB
13 KB 200ms
199ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/665103104435941?v=2.9.173&r=stable&domain=claimtmi.grip.insure&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

146.133.107.34.bc.googleusercontent.com

Software

Resource Hash

c8faaff1f28ec6623e09ea7f6300e1c9a1aa7a5fad9e474f331c7a0ab2132775

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://claimtmi.grip.insure/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 15:04:05 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=74, mss=1232, tbw=67721, tp=64, tpl=0, uplat=190, ullat=0
pragma: public
x-fb-debug: odyK43sDTE4QMuVhDTe94jeF7byk57RU9mU2/d2o2tEGoPBWzv+11DnBd1tziZrD3AgqwNAwmbj5YsQ/DS8WMQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
424 B 15ms
14ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=447333611&t=pageview&_s=1&dl=https%3A%2F%2Fclaimtmi.grip.insure%2F&ul=de-de&de=UTF-8&dt=Claim&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAACAAI~&jid=588075841&gjid=985707270&cid=1995971874.1729695845&tid=UA-103807592-3&_gid=434348472.1729695845&_r=1&_slc=1&gtm=45He4ah0n815QK9P8Jv813136209za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533421~101686685~101823848&npa=1&z=1547738910

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://claimtmi.grip.insure/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 15:04:04 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://claimtmi.grip.insure
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

OPTIONS
H2 200 track_request
aplo-evnt.com/api/v1/intent_pixel/ 0
0 153ms
126ms Preflight 34.107.133.146
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://aplo-evnt.com/api/v1/intent_pixel/track_request?app_id=6675a5725e36ca068669ea74
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.133.146 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 146.133.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://claimtmi.grip.insure
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: *
access-control-max-age: 7200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache
content-length: 0
date: Wed, 23 Oct 2024 15:04:04 GMT
server: nginx
status: 200 OK
via: 1.1 google

POST
H2 400 track_request Show response
aplo-evnt.com/api/v1/intent_pixel/ 69 B
900 B 129ms
127ms Fetch
application/json 34.107.133.146
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://aplo-evnt.com/api/v1/intent_pixel/track_request?app_id=6675a5725e36ca068669ea74

Requested by

Host: assets.apollo.io
URL: https://assets.apollo.io/micro/website-tracker/tracker.iife.js?nocache=6182wf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.133.146 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

nginx /

Resource Hash

1fc6680a997709e233c4f395fcf89020477f25140cd297f96e2ef31351944c97

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' chrome-extension://alhgpfoeiimagjlnfekdhkjlkiomcapa chrome-extension://ececkagaccnfmkopaiemklekhoimmgpn .salesforce.com .lightning.force.com
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://claimtmi.grip.insure/

Response headers

x-transaction-id: 75e4a94abf958fd71f589c48b1a1b3a5
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
x-content-type-options: nosniff
status: 400 Bad Request
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 15:04:05 GMT
content-type: application/json; charset=utf-8
vary: Origin
x-frame-options: ALLOWALL
strict-transport-security: max-age=3600
content-security-policy: frame-ancestors 'self' chrome-extension://alhgpfoeiimagjlnfekdhkjlkiomcapa chrome-extension://ececkagaccnfmkopaiemklekhoimmgpn *.salesforce.com *.lightning.force.com
cache-control: no-cache
via: 1.1 google
access-control-allow-origin: *
server: nginx

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 29ms
8ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=665103104435941&ev=PageView&dl=https%3A%2F%2Fclaimtmi.grip.insure&rl=&if=false&ts=1729695845076&sw=1600&sh=1200&v=2.9.173&r=stable&ec=0&o=12316&fbp=fb.1.1729695845074.105875606907016566&pm=1&hrl=c9e39a&ler=empty&cdl=API_unavailable&it=1729695844856&coo=false&cs_cc=1&rqm=GET

Requested by

Host: claimtmi.grip.insure
URL: https://claimtmi.grip.insure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://claimtmi.grip.insure/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1297, tbw=2913, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 23 Oct 2024 15:04:05 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 332ms
311ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=665103104435941&ev=PageView&dl=https%3A%2F%2Fclaimtmi.grip.insure&rl=&if=false&ts=1729695845076&sw=1600&sh=1200&v=2.9.173&r=stable&ec=0&o=12316&fbp=fb.1.1729695845074.105875606907016566&pm=1&hrl=c9e39a&ler=empty&cdl=API_unavailable&it=1729695844856&coo=false&cs_cc=1&rqm=FGET

Requested by

Host: claimtmi.grip.insure
URL: https://claimtmi.grip.insure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://claimtmi.grip.insure/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7428987088167679207"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 15:04:05 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: fZ7VhjoPv+2m7T8TLucAbLct1cpvmn+luNDE/+EvMkXie+be+pY1SP/KH5msEE3xd7PWGuUfCp3yUI/3HOBBVA==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7428987088167679207", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=10, mss=1297, tbw=3230, tp=-1, tpl=-1, uplat=302, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 app-config.json Show response
claimtmi.grip.insure/assets/ 721 B
847 B 588ms
587ms XHR
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://claimtmi.grip.insure/assets/app-config.json

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

c892d9d2553cbe27b618fa67136e06679a5b719a49d853446e061a8400ef3057

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Request-Id: |BRa+q.pgp6f
Referer: https://claimtmi.grip.insure/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*

Response headers

content-md5: DARgOIc4WDxqOxOHKflH9Q==
strict-transport-security: max-age=31536000; includeSubDomains
x-ms-version: 2018-03-28
etag: "0x8DB8380EB8249C6"
x-content-type-options: nosniff
x-ms-request-id: 920963da-e01e-0051-585c-253ce6000000
accept-ranges: bytes
content-length: 721
date: Wed, 23 Oct 2024 15:04:06 GMT
content-type: application/json
last-modified: Thu, 13 Jul 2023 09:09:53 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 claim-rules-config.json
claimtmi.grip.insure/assets/ 72 KB
72 KB 580ms
580ms XHR
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://claimtmi.grip.insure/assets/claim-rules-config.json

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Request-Id: |BRa+q.Q7GhG
Referer: https://claimtmi.grip.insure/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*

Response headers

content-md5: Mwc6/QdZ2JzBmnLkmKeYYw==
strict-transport-security: max-age=31536000; includeSubDomains
x-ms-version: 2018-03-28
etag: "0x8DB8380DAC26C68"
x-content-type-options: nosniff
x-ms-request-id: 25451b1e-d01e-0065-065c-250f2e000000
accept-ranges: bytes
content-length: 73595
date: Wed, 23 Oct 2024 15:04:06 GMT
content-type: application/json
last-modified: Thu, 13 Jul 2023 09:09:25 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 p Show response
i.simpli.fi/ 805 B
767 B 25ms
17ms Script
application/javascript 35.234.162.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.simpli.fi/p?cid=293949&cb=sifi_att_986718357882._hp
Requested by: Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/1aeb8360-948e-0139-8bda-06b4c2516bae
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.162.234.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 3f9b5e49c176f22ae77239205d8a5a1d2c9b3b8bfc2f197fbf2131961287b380

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://claimtmi.grip.insure/

Response headers

cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding: gzip
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
date: Wed, 23 Oct 2024 15:04:06 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: openresty

OPTIONS
H2 204 track
dc.services.visualstudio.com/v2/ 0
0 151ms
30ms Preflight 20.50.88.242
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.242 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://claimtmi.grip.insure
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
date: Wed, 23 Oct 2024 15:04:05 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

POST
H2 400 track Show response
dc.services.visualstudio.com/v2/ 268 B
372 B 600ms
599ms XHR
application/json 20.50.88.242
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.242 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

a775f1294d8a58106a1069eb9f34dfeb4c1fcdd1fc29deb0bd15bee35596b4e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://claimtmi.grip.insure/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/json
Sdk-Context: appId

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: *
date: Wed, 23 Oct 2024 15:04:06 GMT
content-type: application/json; charset=utf-8
server: Microsoft-HTTPAPI/2.0
x-content-type-options: nosniff

GET
H2 200 favicon.png
claimtmi.grip.insure/ 14 KB
14 KB 575ms
575ms Other
image/png 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://claimtmi.grip.insure/favicon.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

88c9c35d65c8547c4693f7f0e2f2989418c5bac3d05aa55012c6800368987526

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://claimtmi.grip.insure/

Response headers

content-md5: Ar0TPDVFJdr54vfg2srnnQ==
strict-transport-security: max-age=31536000; includeSubDomains
x-ms-version: 2018-03-28
etag: "0x8DB8380DAA942C6"
x-content-type-options: nosniff
x-ms-request-id: 7c5abbc8-001e-002b-0e5c-2521a6000000
accept-ranges: bytes
content-length: 13905
date: Wed, 23 Oct 2024 15:04:06 GMT
content-type: image/png
last-modified: Thu, 13 Jul 2023 09:09:25 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0

GET
H2

204

/
s.ad.smaato.net/c/
Redirect Chain

https://um.simpli.fi/smaato
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=7A29B2D6A33F49EBA504297B44CF9B0A

0
239 B

51ms
23ms

Image
text/plain

2600:9000:211e:dc00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=7A29B2D6A33F49EBA504297B44CF9B0A
Protocol: H2
Server: 2600:9000:211e:dc00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://claimtmi.grip.insure/

Response headers

via: 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
cache-control: no-cache, must-revalidate
x-cache: Miss from cloudfront
x-amz-cf-id: FuHS8x8CYlHT7osfhNztEuWWLAwCcqKpSFWSIGxyjPj3ADwhc2x7PQ==
date: Wed, 23 Oct 2024 15:04:06 GMT
x-amz-cf-pop: FRA56-C2
server: CloudFront

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=7A29B2D6A33F49EBA504297B44CF9B0A
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Tue, 22 Oct 2024 15:04:06 GMT
access-control-allow-origin: *
content-length: 142
date: Wed, 23 Oct 2024 15:04:06 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

RX-9fd0d550-5d3c-444d-b65f-2bd4f2a649e8-003
sync.targeting.unrulymedia.com/csync/
Redirect Chain

https://um.simpli.fi/nexxen
https://sync.1rx.io/usersync/simplifi/7A29B2D6A33F49EBA504297B44CF9B0A
https://sync.1rx.io/usersync/simplifi/7A29B2D6A33F49EBA504297B44CF9B0A?zcc=1&cb=1729695846523
https://sync.targeting.unrulymedia.com/csync/RX-9fd0d550-5d3c-444d-b65f-2bd4f2a649e8-003

43 B
378 B

72ms
16ms

Image
image/gif

46.228.174.117
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-9fd0d550-5d3c-444d-b65f-2bd4f2a649e8-003
Protocol: H2
Server: 46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://claimtmi.grip.insure/

Response headers

p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
date: Wed, 23 Oct 2024 15:04:06 GMT
content-length: 43

Redirect headers

expires: 0
cache-control: no-store, no-cache, must-revalidate
location: https://sync.targeting.unrulymedia.com/csync/RX-9fd0d550-5d3c-444d-b65f-2bd4f2a649e8-003
date: Wed, 23 Oct 2024 15:04:06 GMT
pragma: no-cache
content-type: text/html

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=7A29B2D6A33F49EBA504297B44CF9B0A&dongle=yf3

37 B
140 B

32ms
9ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7969&xuid=7A29B2D6A33F49EBA504297B44CF9B0A&dongle=yf3
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://claimtmi.grip.insure/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
date: Wed, 23 Oct 2024 15:04:06 GMT
content-type: image/gif

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://eb2.3lift.com/xuid?mid=7969&xuid=7A29B2D6A33F49EBA504297B44CF9B0A&dongle=yf3
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Tue, 22 Oct 2024 15:04:06 GMT
access-control-allow-origin: *
content-length: 142
date: Wed, 23 Oct 2024 15:04:06 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=7A29B2D6A33F49EBA504297B44CF9B0A

43 B
175 B

289ms
93ms

Image
image/gif

2600:1f18:612b:4264:ce39:6c8e:ec49:65a1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=7A29B2D6A33F49EBA504297B44CF9B0A
Protocol: H2
Server: 2600:1f18:612b:4264:ce39:6c8e:ec49:65a1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://claimtmi.grip.insure/

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Wed, 23 Oct 2024 15:04:06 GMT
content-type: image/gif
server: nginx

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://simplifi.partners.tremorhub.com/sync?UISF=7A29B2D6A33F49EBA504297B44CF9B0A
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Tue, 22 Oct 2024 15:04:06 GMT
access-control-allow-origin: *
content-length: 142
date: Wed, 23 Oct 2024 15:04:06 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=7A29B2D6A33F49EBA504297B44CF9B0A
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=7A29B2D6A33F49EBA504297B44CF9B0A

95 B
427 B

24ms
19ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=7A29B2D6A33F49EBA504297B44CF9B0A

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://claimtmi.grip.insure/

Response headers

strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 95
date: Wed, 23 Oct 2024 15:04:06 GMT
content-type: image/png
server: Jetty(11.0.13)

Redirect headers

strict-transport-security: max-age=31536000
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=7A29B2D6A33F49EBA504297B44CF9B0A
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 0
date: Wed, 23 Oct 2024 15:04:06 GMT
server: Jetty(11.0.13)

GET
H2

200

empty.gif
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=7A29B2D6A33F49EBA504297B44CF9B0A
https://d.agkn.com/pixel/10751/?che=1729695846510&ip=81.95.5.42&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D216533105044002777059
https://um.simpli.fi/aa_px?sk=216533105044002777059
https://um.simpli.fi/empty.gif

43 B
361 B

15ms
15ms

Image
image/gif

35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/empty.gif

Protocol

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://claimtmi.grip.insure/

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: *
content-length: 43
date: Wed, 23 Oct 2024 15:04:06 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
location: /empty.gif
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-length: 142
date: Wed, 23 Oct 2024 15:04:06 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=7A29B2D6A33F49EBA504297B44CF9B0A

0
0

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
409 B 19ms
17ms Image
image/gif 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://claimtmi.grip.insure/

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Tue, 22 Oct 2024 15:04:06 GMT
access-control-allow-origin: *
content-length: 43
date: Wed, 23 Oct 2024 15:04:06 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 freewheel
um.simpli.fi/ 43 B
409 B 17ms
16ms Image
image/gif 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://claimtmi.grip.insure/

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Tue, 22 Oct 2024 15:04:06 GMT
access-control-allow-origin: *
content-length: 43
date: Wed, 23 Oct 2024 15:04:06 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=7A29B2D6A33F49EBA504297B44CF9B0A;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=7A29B2D6A33F49EBA504297B44CF9B0A;mimetype=img;sr
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Ffei.pro-market.net%2Fengine%3Fsite%3D161185%26size%3D1x1%26du%3D36%26csync%3D[sas_uid]
https://sync.smartadserver.com/getuid?url=https://fei.pro-market.net/engine?site=161185&size=1x1&du=36&csync=[sas_uid]&cklb=1

0
75 B

19ms
18ms

Image
text/plain

164.132.25.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?url=https://fei.pro-market.net/engine?site=161185&size=1x1&du=36&csync=[sas_uid]&cklb=1
Protocol: HTTP/1.1
Server: 164.132.25.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ip185.ip-164-132-25.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://claimtmi.grip.insure/

Response headers

date: Wed, 23 Oct 2024 15:04:06 GMT
content-length: 0

Redirect headers

cache-control: no-cache,no-store
location: https://sync.smartadserver.com:443/getuid?url=https://fei.pro-market.net/engine?site=161185&size=1x1&du=36&csync=[sas_uid]&cklb=1
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Wed, 23 Oct 2024 15:04:06 GMT
pragma: no-cache

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=7A29B2D6A33F49EBA504297B44CF9B0A&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=7A29B2D6A33F49EBA504297B44CF9B0A&j=0&xl8blockcheck=1

0
775 B

33ms
32ms

Image
text/plain

54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=7A29B2D6A33F49EBA504297B44CF9B0A&j=0&xl8blockcheck=1
Protocol: H2
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://claimtmi.grip.insure/

Response headers

cache-control: no-cache
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
date: Wed, 23 Oct 2024 15:04:06 GMT
x-powered-by: Undertow/1
server: nginx
access-control-allow-credentials: true

Redirect headers

cache-control: no-cache
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=7A29B2D6A33F49EBA504297B44CF9B0A&j=0&xl8blockcheck=1
access-control-allow-credentials: true
content-length: 0
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
date: Wed, 23 Oct 2024 15:04:06 GMT
content-type: image/gif
x-powered-by: Undertow/1
server: nginx

GET
H2 200 yahoo
um.simpli.fi/ 43 B
409 B 20ms
19ms Image
image/gif 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://claimtmi.grip.insure/

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Tue, 22 Oct 2024 15:04:06 GMT
access-control-allow-origin: *
content-length: 43
date: Wed, 23 Oct 2024 15:04:06 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=7A29B2D6A33F49EBA504297B44CF9B0A

0
421 B

391ms
92ms

Image
text/plain

34.193.229.172
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=7A29B2D6A33F49EBA504297B44CF9B0A
Protocol: HTTP/1.1
Server: 34.193.229.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-229-172.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://claimtmi.grip.insure/

Response headers

Date: Wed, 23 Oct 2024 15:04:06 GMT
Connection: keep-alive

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://sync.bfmio.com/sync?pid=141&uid=7A29B2D6A33F49EBA504297B44CF9B0A
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Tue, 22 Oct 2024 15:04:06 GMT
access-control-allow-origin: *
content-length: 142
date: Wed, 23 Oct 2024 15:04:06 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H/1.1

500
Internal Server Error

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=7A29B2D6A33F49EBA504297B44CF9B0A

27 B
27 B

55ms
10ms

Image
text/html

72.246.169.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=7A29B2D6A33F49EBA504297B44CF9B0A
Protocol: HTTP/1.1
Server: 72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-24.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5607bc0b49036b5f13acf3f5767e0fb2fb947f5369bda253939e78e2b11f85b4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://claimtmi.grip.insure/

Response headers

Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Connection: keep-alive
Expires: Wed, 23 Oct 2024 15:04:06 GMT
Content-Length: 27
Date: Wed, 23 Oct 2024 15:04:06 GMT
AK-GRN: 0.368f1402.1729695846.72aa359
Content-Type: text/html

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://stags.bluekai.com/site/29931?id=7A29B2D6A33F49EBA504297B44CF9B0A
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Tue, 22 Oct 2024 15:04:06 GMT
access-control-allow-origin: *
content-length: 142
date: Wed, 23 Oct 2024 15:04:06 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

404

tpid=7A29B2D6A33F49EBA504297B44CF9B0A
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=7A29B2D6A33F49EBA504297B44CF9B0A

49 B
265 B

107ms
30ms

Image
image/gif

54.76.238.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=7A29B2D6A33F49EBA504297B44CF9B0A
Protocol: H2
Server: 54.76.238.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-238-217.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://claimtmi.grip.insure/

Response headers

cache-control: no-cache
pragma: no-cache
expires: 0
access-control-allow-origin: *
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 49
date: Wed, 23 Oct 2024 15:04:06 GMT
content-type: image/gif
x-server: 10.45.26.33
server: Jetty(9.4.38.v20210224)

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=7A29B2D6A33F49EBA504297B44CF9B0A
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Tue, 22 Oct 2024 15:04:06 GMT
access-control-allow-origin: *
content-length: 142
date: Wed, 23 Oct 2024 15:04:06 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

204

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=7A29B2D6A33F49EBA504297B44CF9B0A

0
223 B

106ms
31ms

Image
text/plain

52.30.133.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=7A29B2D6A33F49EBA504297B44CF9B0A
Protocol: H2
Server: 52.30.133.118 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-133-118.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://claimtmi.grip.insure/

Response headers

expires: Fri, 20 Mar 2009 00:00:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 23 Oct 2024 15:04:06 GMT
pragma: no-cache
vary: Accept-Encoding
x-merge: GDPR Optout true

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://ce.lijit.com/merge?pid=2&3pid=7A29B2D6A33F49EBA504297B44CF9B0A
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Tue, 22 Oct 2024 15:04:06 GMT
access-control-allow-origin: *
content-length: 142
date: Wed, 23 Oct 2024 15:04:06 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=7A29B2D6A33F49EBA504297B44CF9B0A

0
98 B

53ms
19ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=7A29B2D6A33F49EBA504297B44CF9B0A
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://claimtmi.grip.insure/

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 23 Oct 2024 15:04:06 GMT

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://idsync.rlcdn.com/419566.gif?partner_uid=7A29B2D6A33F49EBA504297B44CF9B0A
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Tue, 22 Oct 2024 15:04:06 GMT
access-control-allow-origin: *
content-length: 142
date: Wed, 23 Oct 2024 15:04:06 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H3

200

/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1729695846399&cv=7&fst=1729695846399&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=757986437&cv=7&fst=1729695846399&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHB...
https://www.google.com/pagead/1p-conversion/1026675585/?random=757986437&cv=7&fst=1729695846399&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDs...
https://www.google.de/pagead/1p-conversion/1026675585/?random=757986437&cv=7&fst=1729695846399&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQ...

42 B
64 B

50ms
34ms

Image
image/gif

142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=757986437&cv=7&fst=1729695846399&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybEC&pscrd=IhMIhuL8k-OkiQMVYYeDBx3dUx4-MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh1odHRwczovL2NsYWltdG1pLmdyaXAuaW5zdXJlLw&is_vtc=1&cid=CAQSGwDpaXnf5OC87WdOwHA-5ALcjWQQn4Bw3OFSVQ&random=44346231&ipr=y

Protocol

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://claimtmi.grip.insure/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 23 Oct 2024 15:04:06 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=757986437&cv=7&fst=1729695846399&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybEC&pscrd=IhMIhuL8k-OkiQMVYYeDBx3dUx4-MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh1odHRwczovL2NsYWltdG1pLmdyaXAuaW5zdXJlLw&is_vtc=1&cid=CAQSGwDpaXnf5OC87WdOwHA-5ALcjWQQn4Bw3OFSVQ&random=44346231&ipr=y
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 23 Oct 2024 15:04:06 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 204 spotx_match
um.simpli.fi/ 0
272 B 21ms
20ms Image
text/plain 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/spotx_match

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://claimtmi.grip.insure/

Response headers

access-control-allow-methods: GET, POST, OPTIONS
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-origin: *
date: Wed, 23 Oct 2024 15:04:06 GMT
x-content-type-options: nosniff

GET
H2

200

bounce
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=7A29B2D6A33F49EBA504297B44CF9B0A
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D7A29B2D6A33F49EBA504297B44CF9B0A

43 B
1 KB

15ms
15ms

Image
image/gif

185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D7A29B2D6A33F49EBA504297B44CF9B0A

Protocol

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://claimtmi.grip.insure/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 81.95.5.42; 81.95.5.42; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 75e208eb-32d3-4435-9476-def107600114
content-length: 43
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Wed, 23 Oct 2024 15:04:06 GMT
x-xss-protection: 0
content-type: image/gif
server: nginx/1.23.4

Redirect headers

cache-control: no-store, no-cache, private
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D7A29B2D6A33F49EBA504297B44CF9B0A
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin: 81.95.5.42; 81.95.5.42; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid: ab82982e-f48c-445c-9548-0620408e6dae
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Wed, 23 Oct 2024 15:04:06 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=7A29B2D6A33F49EBA504297B44CF9B0A&expires=365

0
239 B

61ms
10ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=7A29B2D6A33F49EBA504297B44CF9B0A&expires=365
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://claimtmi.grip.insure/

Response headers

Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: bcdac959321a8cf7d38f9eb638bfa14f
Pragma: no-cache
Content-Type: image/gif

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=7A29B2D6A33F49EBA504297B44CF9B0A&expires=365
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Tue, 22 Oct 2024 15:04:06 GMT
access-control-allow-origin: *
content-length: 142
date: Wed, 23 Oct 2024 15:04:06 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=7A29B2D6A33F49EBA504297B44CF9B0A

43 B
264 B

83ms
59ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=7A29B2D6A33F49EBA504297B44CF9B0A
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://claimtmi.grip.insure/

Response headers

cache-control: private, max-age=0, no-cache
pragma: no-cache
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 23 Oct 2024 15:04:06 GMT
content-type: image/gif
vary: Accept
server: OXGW/0.0.0

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=7A29B2D6A33F49EBA504297B44CF9B0A
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Tue, 22 Oct 2024 15:04:06 GMT
access-control-allow-origin: *
content-length: 142
date: Wed, 23 Oct 2024 15:04:06 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 pixel
cm.g.doubleclick.net/ 170 B
409 B 85ms
48ms Image
image/png 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://claimtmi.grip.insure/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Wed, 23 Oct 2024 15:04:06 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

GET
H2 200 Primary Request / Show response
myprofile.grip.insure/ 7 KB
7 KB 176ms
9ms Document
text/html 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://myprofile.grip.insure/

Requested by

Host: claimtmi.grip.insure
URL: https://claimtmi.grip.insure/main.169780157c1a327c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4C86) /

Resource Hash

b8157ebedcffa19def650da6ee19e1cad375faeb10e1d5292da6810d30f9ed3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://claimtmi.grip.insure/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 216275
content-length: 7255
content-md5: uH1R2M0AIB+5wzu6Az461A==
content-type: text/html
date: Wed, 23 Oct 2024 15:04:07 GMT
etag: "0x8DBC4AF6F182D75"
last-modified: Wed, 04 Oct 2023 07:56:36 GMT
server: ECAcc (frc/4C86)
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: HIT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-ms-error-code: ConditionNotMet
x-ms-request-id: fa150283-401e-007a-6a65-23c7b1000000
x-ms-version: 2018-03-28

POST
H2 400 track
dc.services.visualstudio.com/v2/ 199 B
257 B 16ms
16ms XHR
application/json 20.50.88.242
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.242 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://claimtmi.grip.insure/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/json
Sdk-Context: appId

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: *
date: Wed, 23 Oct 2024 15:04:06 GMT
content-type: application/json; charset=utf-8
server: Microsoft-HTTPAPI/2.0
x-content-type-options: nosniff

GET logoGrip.png
claimtmi.grip.insure/assets/images/ 0
0

GET cancel.png
claimtmi.grip.insure/assets/images/ 0
0

GET warning-msg-icon.png
claimtmi.grip.insure/assets/images/ 0
0

GET
H2 200 /
www.facebook.com/tr/ 0
124 B 10ms
8ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=665103104435941&ev=PageView&dl=https%3A%2F%2Fclaimtmi.grip.insure&rl=&if=false&ts=1729695847257&sw=1600&sh=1200&v=2.9.173&r=stable&ec=1&o=12316&fbp=fb.1.1729695845074.105875606907016566&pm=1&hrl=d3ce33&ler=empty&cdl=API_unavailable&it=1729695844856&coo=false&cs_cc=1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://claimtmi.grip.insure/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=9, rtx=0, c=10, mss=1297, tbw=6138, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 23 Oct 2024 15:04:07 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
844 B 67ms
66ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=665103104435941&ev=PageView&dl=https%3A%2F%2Fclaimtmi.grip.insure&rl=&if=false&ts=1729695847257&sw=1600&sh=1200&v=2.9.173&r=stable&ec=1&o=12316&fbp=fb.1.1729695845074.105875606907016566&pm=1&hrl=d3ce33&ler=empty&cdl=API_unavailable&it=1729695844856&coo=false&cs_cc=1&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://claimtmi.grip.insure/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7428987095770730064"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 15:04:07 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: i+oQj0qjr5aViIIr8XrduudcCl/A+I/m7De9ojzljL3lGA8dsJ1XYsUrNYp11ccTuWAfdTEesB66lqPZ9prK+g==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7428987095770730064", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=8, rtx=0, c=10, mss=1297, tbw=6306, tp=-1, tpl=-1, uplat=58, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 favicon.png
claimtmi.grip.insure/ 14 KB
0 0ms
0ms Other
image/png 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://claimtmi.grip.insure/favicon.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://claimtmi.grip.insure/

Response headers

content-md5: Ar0TPDVFJdr54vfg2srnnQ==
x-ms-version: 2018-03-28
etag: "0x8DB8380DAA942C6"
x-content-type-options: nosniff
x-ms-request-id: 7c5abbc8-001e-002b-0e5c-2521a6000000
accept-ranges: bytes
content-length: 13905
date: Wed, 23 Oct 2024 15:04:06 GMT
content-type: image/png
last-modified: Thu, 13 Jul 2023 09:09:25 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0

GET
H3 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
0 1ms
0ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: myprofile.grip.insure
URL: https://myprofile.grip.insure/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://myprofile.grip.insure/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03e5f-7918"
age: 145901
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rKdwonIDSUG1WbioZzHbdpVPB5Fu3KIRWg8xV9%2FDR5iqWHRMV3ujzu2%2B2%2BDcgbyYAAdYaHR6fXsg%2Fc0ifsinY0W4N4cRohKaAwF1YYu5ivWXIF05sINc4SpVprCG7AIAf0trgIP5"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 13 Oct 2025 15:04:04 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 15:04:04 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 04 May 2020 16:10:07 GMT
vary: Accept-Encoding
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d729e153d52d271-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5631
server: cloudflare

GET
H2 200 jquery-3.5.0.slim.min.js Show response
code.jquery.com/ 71 KB
24 KB 9ms
6ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.0.slim.min.js
Requested by: Host: myprofile.grip.insure
URL: https://myprofile.grip.insure/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 325bac0cb2483f519180bace7e5510b6c8723f44f04ff4475ec235c161a7421b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://myprofile.grip.insure
Referer: https://myprofile.grip.insure/

Response headers

content-encoding: gzip
etag: W/"28feccc0-11acd"
age: 2436916
x-cache: HIT, HIT
date: Wed, 23 Oct 2024 15:04:07 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits: 7015, 4
x-served-by: cache-lga21985-LGA, cache-fra-etou8220093-FRA
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1729695847.452033,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24607
server: nginx

GET
H3 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ 19 KB
0 2ms
2ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

Requested by

Host: myprofile.grip.insure
URL: https://myprofile.grip.insure/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://myprofile.grip.insure
Referer: https://myprofile.grip.insure/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03fa9-4af4"
age: 145157
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5STPlhiR6E%2B9lPfc1dSmVQzIxJaGGf%2BN0iKxG6w2Vb8a0AHWRqWG01o2Qmr4%2B8IobdfxQ02c%2ByVhkNqc3GugiWkAVZ454zotsxZDfVnXaX7kwVOu%2BKOxkl1iAtN9IIxTtnPzjs19"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 13 Oct 2025 15:04:04 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 15:04:04 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:15:37 GMT
vary: Accept-Encoding
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d729e153ee74da1-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6157
server: cloudflare

GET
H2 200 runtime.1a826ec6acb40584.js Show response
myprofile.grip.insure/ 3 KB
3 KB 629ms
627ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://myprofile.grip.insure/runtime.1a826ec6acb40584.js

Requested by

Host: myprofile.grip.insure
URL: https://myprofile.grip.insure/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

1d26688e48a620a29a2e408518fc3879357e407376001b7f1154684079542d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://myprofile.grip.insure
Referer: https://myprofile.grip.insure/

Response headers

content-md5: xcU6kMdZef/9BkwLqWkfmA==
strict-transport-security: max-age=31536000; includeSubDomains
x-ms-version: 2018-03-28
etag: "0x8DBC4AF6F1A01EF"
x-content-type-options: nosniff
x-ms-request-id: c717e816-801e-00dc-395c-2570af000000
accept-ranges: bytes
content-length: 3346
date: Wed, 23 Oct 2024 15:04:07 GMT
content-type: application/x-javascript
last-modified: Wed, 04 Oct 2023 07:56:36 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-frame-options: SAMEORIGIN

GET
H2 200 polyfills.5fa5da3f022e5b9b.js Show response
myprofile.grip.insure/ 99 KB
99 KB 602ms
600ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://myprofile.grip.insure/polyfills.5fa5da3f022e5b9b.js

Requested by

Host: myprofile.grip.insure
URL: https://myprofile.grip.insure/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

037c0340c8bcb026e799d6163a7dfad9eee71688cc8ccc6ba6f944238fe11926

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://myprofile.grip.insure
Referer: https://myprofile.grip.insure/

Response headers

content-md5: G9oIA3EtsvPTTYO9A5+2Jg==
strict-transport-security: max-age=31536000; includeSubDomains
x-ms-version: 2018-03-28
etag: "0x8DBC4AF6F274657"
x-content-type-options: nosniff
x-ms-request-id: 3d993917-a01e-003f-445c-251252000000
accept-ranges: bytes
content-length: 101099
date: Wed, 23 Oct 2024 15:04:07 GMT
content-type: application/x-javascript
last-modified: Wed, 04 Oct 2023 07:56:36 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-frame-options: SAMEORIGIN

GET
H2 200 scripts.50e775db0ac67bb0.js Show response
myprofile.grip.insure/ 54 KB
54 KB 569ms
566ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://myprofile.grip.insure/scripts.50e775db0ac67bb0.js

Requested by

Host: myprofile.grip.insure
URL: https://myprofile.grip.insure/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

c87a0738ecc5a3608125bb9e275cb94ebdfa6f6096de2d34d4cea5db63973d7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://myprofile.grip.insure/

Response headers

content-md5: hCA76LNOioWs0j5r4STWHw==
strict-transport-security: max-age=31536000; includeSubDomains
x-ms-version: 2018-03-28
etag: "0x8DBC4AF6F21A1E3"
x-content-type-options: nosniff
x-ms-request-id: ad81c92d-101e-00f1-5a5c-25c3dc000000
accept-ranges: bytes
content-length: 55560
date: Wed, 23 Oct 2024 15:04:07 GMT
content-type: application/x-javascript
last-modified: Wed, 04 Oct 2023 07:56:36 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-frame-options: SAMEORIGIN

GET
H2 200 main.a7cd5fd095447656.js Show response
myprofile.grip.insure/ 713 KB
714 KB 578ms
576ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://myprofile.grip.insure/main.a7cd5fd095447656.js

Requested by

Host: myprofile.grip.insure
URL: https://myprofile.grip.insure/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

c83b18df39203e81edea42ef40083e3c2b5e4b362449e646cb21333acf205fb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://myprofile.grip.insure
Referer: https://myprofile.grip.insure/

Response headers

content-md5: txGUd2c7R/wqUMANrkrq4A==
strict-transport-security: max-age=31536000; includeSubDomains
x-ms-version: 2018-03-28
etag: "0x8DBC4AF6F40E4F5"
x-content-type-options: nosniff
x-ms-request-id: 2d1f4ee3-501e-0014-695c-25929e000000
accept-ranges: bytes
content-length: 730391
date: Wed, 23 Oct 2024 15:04:07 GMT
content-type: application/x-javascript
last-modified: Wed, 04 Oct 2023 07:56:36 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-frame-options: SAMEORIGIN

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 228 KB
0 1ms
1ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5QK9P8J

Requested by

Host: myprofile.grip.insure
URL: https://myprofile.grip.insure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4fa316fb45fbc0359d51f65eb6ed0c7ffd8b1226fbf6358b38867d938ee7c9a8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://myprofile.grip.insure/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Wed, 23 Oct 2024 15:04:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 15:04:04 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 82435
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 css
fonts.googleapis.com/ 1 KB
0 0ms
0ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Quicksand

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a2096006d15c1e1f309cee79fe03814c83baa0a754527124d49fe8e2070acb87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://myprofile.grip.insure/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 15:04:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 15:04:04 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 23 Oct 2024 14:03:34 GMT
x-frame-options: SAMEORIGIN
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 styles.792fc7c4b9a82132.css
myprofile.grip.insure/ 259 KB
259 KB 608ms
605ms Stylesheet
text/css 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://myprofile.grip.insure/styles.792fc7c4b9a82132.css

Requested by

Host: myprofile.grip.insure
URL: https://myprofile.grip.insure/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

bcc9bdb220e990e7322427780d7c20c061f0a09e173570b9b85e44491c60b196

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://myprofile.grip.insure/

Response headers

content-md5: LvsTE9EO7hFEr0BxBwFx6g==
strict-transport-security: max-age=31536000; includeSubDomains
x-ms-version: 2018-03-28
etag: "0x8DBC4AF6F4048C9"
x-content-type-options: nosniff
x-ms-request-id: 5c316bc7-901e-008d-685c-25ed23000000
accept-ranges: bytes
content-length: 264850
date: Wed, 23 Oct 2024 15:04:07 GMT
content-type: text/css
last-modified: Wed, 04 Oct 2023 07:56:36 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-frame-options: SAMEORIGIN

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
0 1ms
1ms Script
application/x-javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: myprofile.grip.insure
URL: https://myprofile.grip.insure/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CD6) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://myprofile.grip.insure/

Response headers

content-md5: HdY95yzx9wIyQkVEGES+Ew==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-lease-status: unlocked
etag: 0x8D8E461DA1A5889
age: 1009
x-ms-version: 2009-09-19
expires: Wed, 23 Oct 2024 15:34:04 GMT
x-cache: HIT
date: Wed, 23 Oct 2024 15:04:04 GMT
content-type: application/x-javascript
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
vary: Accept-Encoding
cache-control: public, max-age=1800
x-ms-meta-lastmodified: 2020-10-01 19:31:04
x-ms-request-id: 4c2c30a9-201e-0053-525a-25e3eb000000
access-control-allow-origin: *
content-length: 22495
x-ms-blob-type: BlockBlob
server: ECAcc (frc/4CD6)

GET
H3 200 6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-wg.woff2
fonts.gstatic.com/s/quicksand/v31/ 15 KB
0 2ms
2ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v31/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-wg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

73b8057c918765ed1a41c6ca23e2c0530b51d396e12ce63071297c5a04178504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://myprofile.grip.insure
Referer: https://fonts.googleapis.com/

Response headers

age: 154664
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 21 Oct 2025 20:06:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 21 Oct 2024 20:06:20 GMT
last-modified: Wed, 13 Sep 2023 23:17:53 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15788
x-xss-protection: 0
server: sffe

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
0 0ms
0ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5QK9P8J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://myprofile.grip.insure/

Response headers

content-encoding: gzip
age: 5869
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 15:26:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 13:26:15 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 1aeb8360-948e-0139-8bda-06b4c2516bae Show response
tag.simpli.fi/sifitag/ 3 KB
1 KB 16ms
15ms Script
application/javascript 35.234.162.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/1aeb8360-948e-0139-8bda-06b4c2516bae
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5QK9P8J
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.162.234.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 229bf5f7c79d6cf2e9ea5c4cc009fa09cd9365d9f396577ecaf5e7098c44f9b7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://myprofile.grip.insure/

Response headers

x-request-id: GAEdNX9BeOfPqpM6PPuC
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding: gzip
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
date: Wed, 23 Oct 2024 15:04:07 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: openresty

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 228 KB
0 0ms
0ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: claimtmi.grip.insure
URL: https://claimtmi.grip.insure/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

Resource Hash

b3cad51ca0cfdbeac9d38f7aad54e6564408f0da56a6fd56350e0d03d4f0aef9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://myprofile.grip.insure/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 15:04:04 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4427, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: gxb/EYU3nZIuXTu6jSbC1VAKfSNq7ylY7CVh+zkeH8SfkRO8WtmJorOLw1JwQ9OKqpDUF3Dsxcdo5+aieM7gYg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
content-length: 59508
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 tracker.iife.js Show response
assets.apollo.io/micro/website-tracker/ 3 KB
1 KB 27ms
26ms Script
application/javascript 2606:4700:10::6814:28d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.apollo.io/micro/website-tracker/tracker.iife.js?nocache=g2u1k
Requested by: Host: claimtmi.grip.insure
URL: https://claimtmi.grip.insure/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:28d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2039d204f18247df88a0f132f35fe67f9e52ee7268515ead1647c611f737ba07

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://myprofile.grip.insure/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: *
content-encoding: gzip
x-goog-hash: crc32c=I3tUEw==, md5=SC6zvnW2DshviOm8MzN+iA==
etag: "482eb3be75b60ec86f88e9bc33337e88"
age: 62427
cf-cache-status: HIT
x-goog-stored-content-encoding: gzip
expires: Wed, 22 Oct 2025 21:43:40 GMT
x-goog-stored-content-length: 1168
date: Wed, 23 Oct 2024 15:04:07 GMT
content-type: application/javascript
last-modified: Mon, 12 Feb 2024 19:05:14 GMT
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY0j7gnZ8DAitZvvkYirjCrTFuH4kB4ihvhS4hQUlQqwDD8LVJmBb9yimJ_cFMdRtjtD1NwaOwGRUA
cache-control: public, max-age=31473573
x-goog-storage-class: MULTI_REGIONAL
cf-ray: 8d729e26c994d285-FRA
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1707764714580510
content-length: 1168
server: cloudflare

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
26 B 15ms
14ms XHR
text/plain 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=3140640&t=pageview&_s=1&dl=https%3A%2F%2Fmyprofile.grip.insure%2F&dr=https%3A%2F%2Fclaimtmi.grip.insure%2F&ul=de-de&de=UTF-8&dt=MyProfile&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QCCACEABBAAAACAAI~&jid=&gjid=&cid=1995971874.1729695845&tid=UA-103807592-3&_gid=434348472.1729695845&_slc=1&gtm=45He4ah0n815QK9P8Jv813136209za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533421~101686685~101823848&npa=1&z=1484282041

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://myprofile.grip.insure/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 15:04:07 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://myprofile.grip.insure
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

GET
H3 200 665103104435941 Show response
connect.facebook.net/signals/config/ 65 KB
13 KB 189ms
188ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/665103104435941?v=2.9.173&r=stable&domain=myprofile.grip.insure&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

146.133.107.34.bc.googleusercontent.com

Software

Resource Hash

c8faaff1f28ec6623e09ea7f6300e1c9a1aa7a5fad9e474f331c7a0ab2132775

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://myprofile.grip.insure/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 15:04:07 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=86, mss=1232, tbw=81767, tp=79, tpl=0, uplat=180, ullat=0
pragma: public
x-fb-debug: nH3Br++aZWHx/Yiq15IaWkXbT1XgDJzFCV2FDRsp1hvtx3NjA8RvouMWh/4nOcFXvM2MoPN6NsCvx/shTzfT9A==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

OPTIONS
H3 200 track_request
aplo-evnt.com/api/v1/intent_pixel/ 0
0 123ms
123ms Preflight 34.107.133.146
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://aplo-evnt.com/api/v1/intent_pixel/track_request?app_id=6675a5725e36ca068669ea74
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.133.146 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 146.133.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://myprofile.grip.insure
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: *
access-control-max-age: 7200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache
content-length: 0
date: Wed, 23 Oct 2024 15:04:07 GMT
server: nginx
status: 200 OK
via: 1.1 google

POST
H3 400 track_request Show response
aplo-evnt.com/api/v1/intent_pixel/ 70 B
98 B 137ms
136ms Fetch
application/json 34.107.133.146
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://aplo-evnt.com/api/v1/intent_pixel/track_request?app_id=6675a5725e36ca068669ea74

Requested by

Host: assets.apollo.io
URL: https://assets.apollo.io/micro/website-tracker/tracker.iife.js?nocache=g2u1k

Protocol

Security

QUIC, , AES_128_GCM

Server

34.107.133.146 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

nginx /

Resource Hash

66ab313425a2decf5dc3a3d996b996135be977af874195d6c3f5723b29593f58

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' chrome-extension://alhgpfoeiimagjlnfekdhkjlkiomcapa chrome-extension://ececkagaccnfmkopaiemklekhoimmgpn .salesforce.com .lightning.force.com
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://myprofile.grip.insure/

Response headers

x-transaction-id: 49c53fa4b2c3d926cf320cb300ba5eff
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
x-content-type-options: nosniff
status: 400 Bad Request
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 15:04:07 GMT
content-type: application/json; charset=utf-8
vary: Origin
x-frame-options: ALLOWALL
strict-transport-security: max-age=3600
content-security-policy: frame-ancestors 'self' chrome-extension://alhgpfoeiimagjlnfekdhkjlkiomcapa chrome-extension://ececkagaccnfmkopaiemklekhoimmgpn *.salesforce.com *.lightning.force.com
cache-control: no-cache
via: 1.1 google
access-control-allow-origin: *
server: nginx

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 9ms
8ms Image
text/plain 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=665103104435941&ev=PageView&dl=https%3A%2F%2Fmyprofile.grip.insure&rl=https%3A%2F%2Fclaimtmi.grip.insure&if=false&ts=1729695847696&sw=1600&sh=1200&v=2.9.173&r=stable&ec=0&o=12316&fbp=fb.1.1729695845074.105875606907016566&pm=1&hrl=02c257&ler=other&cdl=API_unavailable&it=1729695847494&coo=false&cs_cc=1&rqm=GET

Requested by

Host: myprofile.grip.insure
URL: https://myprofile.grip.insure/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://myprofile.grip.insure/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=9, rtx=0, c=23, mss=1232, tbw=4792, tp=12, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 23 Oct 2024 15:04:07 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
197 B 178ms
178ms Image
image/png 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=665103104435941&ev=PageView&dl=https%3A%2F%2Fmyprofile.grip.insure&rl=https%3A%2F%2Fclaimtmi.grip.insure&if=false&ts=1729695847696&sw=1600&sh=1200&v=2.9.173&r=stable&ec=0&o=12316&fbp=fb.1.1729695845074.105875606907016566&pm=1&hrl=02c257&ler=other&cdl=API_unavailable&it=1729695847494&coo=false&cs_cc=1&rqm=FGET

Requested by

Host: myprofile.grip.insure
URL: https://myprofile.grip.insure/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://myprofile.grip.insure/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7428987096740311195"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 15:04:07 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: 4R4UuJZtyol0Hw8hG45MedEDSt4td1K/c+lUAtme+Tx0VNZlfb/iO9mNabYUIxmWACYSJv5XxJkl/MaY3gPunA==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7428987096740311195", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=8, rtx=0, c=24, mss=1232, tbw=5160, tp=15, tpl=0, uplat=169, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 app-config.json Show response
myprofile.grip.insure/assets/ 2 KB
2 KB 563ms
563ms XHR
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://myprofile.grip.insure/assets/app-config.json

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

20557babebfcc75d6e6988aaa72a3d58d4d536d861b302ca3fb79ced921fb861

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Request-Id: |JiZ1M.VS4PK
Referer: https://myprofile.grip.insure/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*

Response headers

content-md5: EsYJyIvaSN7kj8kfqyOolw==
strict-transport-security: max-age=31536000; includeSubDomains
x-ms-version: 2018-03-28
etag: "0x8DBC4AF84426927"
x-content-type-options: nosniff
x-ms-request-id: f6669eec-b01e-00b5-7f5c-2549e3000000
accept-ranges: bytes
content-length: 1594
date: Wed, 23 Oct 2024 15:04:08 GMT
content-type: application/json
last-modified: Wed, 04 Oct 2023 07:57:12 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-frame-options: SAMEORIGIN

GET
H2 200 p Show response
i.simpli.fi/ 43 B
294 B 17ms
17ms Script
application/javascript 35.234.162.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.simpli.fi/p?cid=293949&cb=sifi_att_64784892723170._hp
Requested by: Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/1aeb8360-948e-0139-8bda-06b4c2516bae
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.162.234.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 3653222a2defcc158d0afb3ffe6d57b739eaa6b6d9d6de9326b8c0a993694438

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://myprofile.grip.insure/

Response headers

cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding: gzip
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
date: Wed, 23 Oct 2024 15:04:08 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: openresty

POST
H2 400 track Show response
dc.services.visualstudio.com/v2/ 268 B
326 B 17ms
16ms XHR
application/json 20.50.88.242
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.242 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

a775f1294d8a58106a1069eb9f34dfeb4c1fcdd1fc29deb0bd15bee35596b4e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://myprofile.grip.insure/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/json
Sdk-Context: appId

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: *
date: Wed, 23 Oct 2024 15:04:08 GMT
content-type: application/json; charset=utf-8
server: Microsoft-HTTPAPI/2.0
x-content-type-options: nosniff

OPTIONS
H2 204 track
dc.services.visualstudio.com/v2/ 0
0 15ms
15ms Preflight 20.50.88.242
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.242 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://myprofile.grip.insure
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
date: Wed, 23 Oct 2024 15:04:08 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

GET
H2 200 favicon.png
myprofile.grip.insure/ 14 KB
14 KB 589ms
589ms Other
image/png 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://myprofile.grip.insure/favicon.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

88c9c35d65c8547c4693f7f0e2f2989418c5bac3d05aa55012c6800368987526

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://myprofile.grip.insure/

Response headers

content-md5: Ar0TPDVFJdr54vfg2srnnQ==
strict-transport-security: max-age=31536000; includeSubDomains
x-ms-version: 2018-03-28
etag: "0x8DBC4AF6F09FECD"
x-content-type-options: nosniff
x-ms-request-id: bde0fbdb-f01e-00b4-635c-25163f000000
accept-ranges: bytes
content-length: 13905
date: Wed, 23 Oct 2024 15:04:09 GMT
content-type: image/png
last-modified: Wed, 04 Oct 2023 07:56:36 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-frame-options: SAMEORIGIN

GET
H2 200 368.847584dadcd8dfa8.js Show response
myprofile.grip.insure/ 9 KB
9 KB 576ms
576ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://myprofile.grip.insure/368.847584dadcd8dfa8.js

Requested by

Host: myprofile.grip.insure
URL: https://myprofile.grip.insure/runtime.1a826ec6acb40584.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

7ad249d273bbbde3add2f9d5f9c9fad8ead4c7369423b52e8ff0475fabc3bac3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://myprofile.grip.insure
Referer: https://myprofile.grip.insure/

Response headers

content-md5: HQzCX7Y2sXifS267YUYCZg==
strict-transport-security: max-age=31536000; includeSubDomains
x-ms-version: 2018-03-28
etag: "0x8DBC4AF6F0B371F"
x-content-type-options: nosniff
x-ms-request-id: dd8e487e-701e-003c-3c5c-25f336000000
accept-ranges: bytes
content-length: 9365
date: Wed, 23 Oct 2024 15:04:09 GMT
content-type: application/x-javascript
last-modified: Wed, 04 Oct 2023 07:56:36 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-frame-options: SAMEORIGIN

GET
H2 200 common.584f13cc743c6f96.js Show response
myprofile.grip.insure/ 2 KB
2 KB 574ms
573ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://myprofile.grip.insure/common.584f13cc743c6f96.js

Requested by

Host: myprofile.grip.insure
URL: https://myprofile.grip.insure/runtime.1a826ec6acb40584.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

916d329f40418841a7f6329c98c94b63a457eef74208b9376e95afe7be7e61e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://myprofile.grip.insure
Referer: https://myprofile.grip.insure/

Response headers

content-md5: 03/6vbOr5lzt/0a/XRNgeA==
strict-transport-security: max-age=31536000; includeSubDomains
x-ms-version: 2018-03-28
etag: "0x8DBC4AF6F0AE90D"
x-content-type-options: nosniff
x-ms-request-id: 5ba5c261-d01e-00a3-085c-25bf34000000
accept-ranges: bytes
content-length: 2450
date: Wed, 23 Oct 2024 15:04:09 GMT
content-type: application/x-javascript
last-modified: Wed, 04 Oct 2023 07:56:36 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-frame-options: SAMEORIGIN

GET
H2 200 543.98539e528327f8d9.js Show response
myprofile.grip.insure/ 25 KB
25 KB 585ms
584ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://myprofile.grip.insure/543.98539e528327f8d9.js

Requested by

Host: myprofile.grip.insure
URL: https://myprofile.grip.insure/runtime.1a826ec6acb40584.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

b56cd5495eb724d3ae76d41dc3887f1ea817a015eca0d79a760b08f0c90f44a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://myprofile.grip.insure
Referer: https://myprofile.grip.insure/

Response headers

content-md5: PghZHLREx1GCurvYmsIveg==
strict-transport-security: max-age=31536000; includeSubDomains
x-ms-version: 2018-03-28
etag: "0x8DBC4AF6F13734B"
x-content-type-options: nosniff
x-ms-request-id: 61194998-301e-0002-0b5c-256449000000
accept-ranges: bytes
content-length: 25862
date: Wed, 23 Oct 2024 15:04:09 GMT
content-type: application/x-javascript
last-modified: Wed, 04 Oct 2023 07:56:36 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-frame-options: SAMEORIGIN

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 9ms
8ms Image
text/plain 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=665103104435941&ev=PageView&dl=https%3A%2F%2Fmyprofile.grip.insure&rl=https%3A%2F%2Fclaimtmi.grip.insure&if=false&ts=1729695850195&sw=1600&sh=1200&v=2.9.173&r=stable&ec=1&o=12316&fbp=fb.1.1729695845074.105875606907016566&pm=1&hrl=c97fc9&ler=other&cdl=API_unavailable&it=1729695847494&coo=false&cs_cc=1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://myprofile.grip.insure/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=26, mss=1232, tbw=8184, tp=22, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 23 Oct 2024 15:04:10 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
194 B 123ms
122ms Image
image/png 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=665103104435941&ev=PageView&dl=https%3A%2F%2Fmyprofile.grip.insure&rl=https%3A%2F%2Fclaimtmi.grip.insure&if=false&ts=1729695850195&sw=1600&sh=1200&v=2.9.173&r=stable&ec=1&o=12316&fbp=fb.1.1729695845074.105875606907016566&pm=1&hrl=c97fc9&ler=other&cdl=API_unavailable&it=1729695847494&coo=false&cs_cc=1&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS