now.insuredsaving.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://now.insuredsaving.com/
Submission: On May 12 via automatic, source certstream-suspicious (May 12th 2023, 6:23:47 pm UTC) — Scanned from NL

Summary HTTP 55 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 13 domains to perform 55 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is now.insuredsaving.com.
TLS certificate: Issued by GTS CA 1P5 on March 18th 2023. Valid for: 3 months.

This is the only time now.insuredsaving.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2	54.200.204.230 54.200.204.230	16509 (AMAZON-02) (AMAZON-02)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (STACKPATH...) (STACKPATH-CDN)
1	2600:9000:249... 2600:9000:2490:5200:4:1957:6500:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
13	13.32.23.105 13.32.23.105	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:27b6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 7	34.198.72.47 34.198.72.47	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:223... 2600:9000:223d:9600:1c:7f1a:6680:93a1	16509 (AMAZON-02) (AMAZON-02)
7	52.201.16.241 52.201.16.241	14618 (AMAZON-AES) (AMAZON-AES)
1	13.32.23.225 13.32.23.225	16509 (AMAZON-02) (AMAZON-02)
1	52.70.67.143 52.70.67.143	14618 (AMAZON-AES) (AMAZON-AES)
55	17

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

now.insuredsaving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

impressure-c630.kxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.200.204.230 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-200-204-230.us-west-2.compute.amazonaws.com

events.impressure.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2490:5200:4:1957:6500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-js.ringba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 13.32.23.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-105.fra56.r.cloudfront.net

djk97zng6lbya.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:27b6 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.198.72.47 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-72-47.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223d:9600:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.201.16.241 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-16-241.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.23.225 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-225.fra56.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.70.67.143 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-67-143.compute-1.amazonaws.com

deviceid.trueleadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	cloudfront.net djk97zng6lbya.cloudfront.net d2m2wsoho8qq12.cloudfront.net	638 KB
10	kxcdn.com impressure-c630.kxcdn.com	139 KB
9	trustedform.com 1 redirects api.trustedform.com — Cisco Umbrella Rank: 26896 cdn.trustedform.com — Cisco Umbrella Rank: 30358	42 KB
7	leadid.com create.leadid.com — Cisco Umbrella Rank: 14444	4 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 385 fonts.googleapis.com — Cisco Umbrella Rank: 50	8 KB
3	gstatic.com fonts.gstatic.com	38 KB
2	impressure.io events.impressure.io	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39	21 KB
1	trueleadid.com deviceid.trueleadid.com — Cisco Umbrella Rank: 16423	2 KB
1	lidstatic.com create.lidstatic.com — Cisco Umbrella Rank: 22336	39 KB
1	ringba.com b-js.ringba.com — Cisco Umbrella Rank: 224015
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 775	30 KB
1	insuredsaving.com now.insuredsaving.com	43 KB
55	13

	Domain	Requested by
13	djk97zng6lbya.cloudfront.net	now.insuredsaving.com cdn.trustedform.com
10	impressure-c630.kxcdn.com	now.insuredsaving.com impressure-c630.kxcdn.com
7	create.leadid.com	create.lidstatic.com deviceid.trueleadid.com
7	api.trustedform.com	1 redirects api.trustedform.com cdn.trustedform.com
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	ajax.googleapis.com
2	cdn.trustedform.com	now.insuredsaving.com api.trustedform.com
2	events.impressure.io	now.insuredsaving.com impressure-c630.kxcdn.com
2	www.google-analytics.com	now.insuredsaving.com www.google-analytics.com
1	deviceid.trueleadid.com	d2m2wsoho8qq12.cloudfront.net
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	create.lidstatic.com	now.insuredsaving.com
1	ajax.googleapis.com	impressure-c630.kxcdn.com
1	b-js.ringba.com	impressure-c630.kxcdn.com
1	code.jquery.com	impressure-c630.kxcdn.com
1	now.insuredsaving.com
55	16

This site contains links to these domains. Also see Links.

Domain
preview.impressure.io
legal.featuredform.com

Subject Issuer	Validity	Valid
*.insuredsaving.com GTS CA 1P5	`2023-03-18` - `2023-06-16`	3 months	crt.sh
*.kxcdn.com Thawte RSA CA 2018	`2022-07-28` - `2023-07-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
impressure.io Amazon RSA 2048 M02	`2023-02-10` - `2023-08-24`	6 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
*.ringba.com Amazon RSA 2048 M01	`2023-02-28` - `2024-01-08`	10 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
lidstatic.com Cloudflare Inc ECC CA-3	`2023-02-28` - `2024-02-28`	a year	crt.sh
create.leadid.com Amazon RSA 2048 M02	`2023-02-23` - `2023-10-19`	8 months	crt.sh
*.trustedform.com Amazon RSA 2048 M02	`2023-02-22` - `2023-10-09`	8 months	crt.sh
deviceid.trueleadid.com Amazon RSA 2048 M02	`2023-02-24` - `2024-01-06`	10 months	crt.sh
cdn.trustedform.com Amazon RSA 2048 M02	`2023-03-15` - `2024-04-12`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://now.insuredsaving.com/
Frame ID: 54D1B18797465D886EFC8950B1D759FB
Requests: 55 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=5C3077C9-EBB1-FEAB-B632-EC14771FB9CB&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=47B3EBF1-F568-05AC-6674-6BA34499F7ED&lac=532AA58C-3478-CE87-E6BF-9CE3DCA7C530
Frame ID: 7F0346120AC9BDD77AE7AAA20A8A65A0
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=5C3077C9-EBB1-FEAB-B632-EC14771FB9CB&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=47B3EBF1-F568-05AC-6674-6BA34499F7ED&lac=532AA58C-3478-CE87-E6BF-9CE3DCA7C530
Frame ID: 0CB7E1C9C72F01F564433071CF657017
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

(The) Best Deals on Insurance - Health, Life and Auto

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

55
Requests

98 %
HTTPS

63 %
IPv6

13
Domains

16
Subdomains

17
IPs

4
Countries

1016 kB
Transfer

1846 kB
Size

8
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://preview.impressure.io/embed/path.shareyourfreebies.com
Title: Privacy Policy,

Search URL Search Domain Scan URL

URL: https://legal.featuredform.com/privacy?path_name=Insured%20Savings
Title: Terms of Use

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://api.trustedform.com/trustedform.js?provide_referrer=true&field=xxTrustedFormCertUrl&l=16839158215320.6502179064361484 HTTP 301
https://cdn.trustedform.com/bootstrap.js?provide_referrer=true&field=xxTrustedFormCertUrl&l=16839158215320.6502179064361484

55 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
now.insuredsaving.com/ 224 KB
43 KB 462ms
381ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://now.insuredsaving.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0272b765af3b951c47e318a184208f3f72d0eaf175bd6019607e7a8cf16c0c3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7c64b1abbac31ead-AMS
content-encoding: br
content-type: text/html
date: Fri, 12 May 2023 18:23:39 GMT
last-modified: Mon, 29 Aug 2022 17:08:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mnAibKFWxfy1JiDHlSh2WJl9hK%2FxQpQOEJ%2FiqgqNAFTgpMN2JKupU0iVJyXEOXB6FZztU6kiHRYoWQw59aCVFD4tVgzL2O2U4NmA3HE%2BnhaLQ9MxE1lbTz5zkoBTxA7FfSTgXlKxn%2BfD5dTJVfMDgSykaA8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-amz-version-id: jogYbljMMSdxNlIKIN9LE1aE_vd2wJ3c
x-cache: MISS
x-cache-status: HIT
x-edge-location: nlam

GET
H2 200 presenter.ae7ecc5.css
impressure-c630.kxcdn.com/ 18 KB
5 KB 116ms
31ms Stylesheet
text/css 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://impressure-c630.kxcdn.com/presenter.ae7ecc5.css
Requested by: Host: now.insuredsaving.com
URL: https://now.insuredsaving.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: cc6bdd862d3e45c2403d529930215fb4c217f10e1a1b4517d34a8dd92a4988b7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://now.insuredsaving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:23:39 GMT
content-encoding: br
x-amz-request-id: NKFD23432RMNPH9W
x-edge-location: defr
x-cache: HIT
content-length: 4919
x-amz-id-2: KhwxQROuKdtATy5E3PP4dk/aGG/7mdW8lCQgGh2X7kOpEFtImfDS5d9t0IVxvRcdVWuL+GJsV8I=
last-modified: Tue, 23 Aug 2022 19:45:30 GMT
server: keycdn-engine
etag: "c8ba4cfb85a21500b78f527fec541e40"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Fri, 19 May 2023 18:23:39 GMT

GET
H2 200 presenter.b560e4b.js Show response
impressure-c630.kxcdn.com/ 408 KB
105 KB 771ms
686ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://impressure-c630.kxcdn.com/presenter.b560e4b.js
Requested by: Host: now.insuredsaving.com
URL: https://now.insuredsaving.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: bec322bf769b34cca7f860e1355c9815064026cda0b220dee6805774eff7fc79

Request headers

Referer: https://now.insuredsaving.com/
Origin: https://now.insuredsaving.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:23:39 GMT
content-encoding: br
x-amz-request-id: 2HZANSKVN6B7SP40
x-edge-location: defr
x-cache: MISS
content-length: 106481
x-amz-id-2: PNGrSx6G5XRiDJBrS4EIM/hK1ez9aQwoy+vq9nn8ibq5FxGjfIq9qrgLavw5IGoE7H4h7sjrFvyTdzcbZ6wRig==
last-modified: Wed, 24 Aug 2022 04:30:46 GMT
server: keycdn-engine
etag: "df2d56e5987f8f60fa7f787189197ce2"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Fri, 19 May 2023 18:23:39 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 136ms
59ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: now.insuredsaving.com
URL: https://now.insuredsaving.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://now.insuredsaving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 12 May 2023 16:35:39 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 6480
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 12 May 2023 18:35:39 GMT

GET
H2 200 info Show response
events.impressure.io/ 898 B
960 B 605ms
177ms XHR
application/json 54.200.204.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://events.impressure.io/info?v=2&nonce=10881467605337626&userId=

Requested by

Host: now.insuredsaving.com
URL: https://now.insuredsaving.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.200.204.230 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-200-204-230.us-west-2.compute.amazonaws.com

Software

nginx / Express

Resource Hash

70162b9e3bf6c1bd2dbb89229ff2db1dcfd5595f7f2bef7d576c776ff89e0d55

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://now.insuredsaving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:23:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-powered-by: Express
etag: W/"382-vUfUcYHEczCooWwQLiFXpNhtMMc"
vary: Accept-Encoding, Origin
p3p: CP="Impressure does not have a P3P policy."
access-control-allow-origin: https://now.insuredsaving.com
content-type: application/json; charset=utf-8
access-control-allow-credentials: true

GET
DATA 200
OK truncated
/ 24 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 866a16ed24f1fa83115a250c8ef38f561e0850e499604cb8210d813de56708dc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 95ms
31ms Script
application/javascript 2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.b560e4b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://now.insuredsaving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:23:40 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-1538f"
vary: Accept-Encoding
x-hw: 1683915820.dop256.am5.t,1683915820.cds219.am5.hn,1683915820.cds273.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30288

GET
H2 200 loading.d78985d5a90c42d31aaaf9203cddb569.gif
impressure-c630.kxcdn.com/ 2 KB
2 KB 31ms
31ms Image
image/gif 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://impressure-c630.kxcdn.com/loading.d78985d5a90c42d31aaaf9203cddb569.gif
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.ae7ecc5.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 7b3572d713ffa9ca614384c802e8a73bf4a4420a754d20dcf60adc728f5ebd09

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://impressure-c630.kxcdn.com/presenter.ae7ecc5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:23:40 GMT
content-encoding: gzip
last-modified: Tue, 21 Aug 2018 14:21:48 GMT
server: keycdn-engine
x-amz-request-id: NPJGYC03YXDJJRQ1
x-edge-location: defr
etag: W/"d78985d5a90c42d31aaaf9203cddb569"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/plain
access-control-allow-origin: *
x-cache: HIT
cache-control: max-age=604800
x-amz-id-2: MmCYy0sabVmsBNTc9guKadcZ57QJ1XDuxI2uFBgvuAEjaoSf6koMxm4hpIBoqxZWtf/dF9DVn1M=
expires: Fri, 19 May 2023 18:23:40 GMT

GET
H2 404 CA2c9e8e10441a43e1a508400ad96680b4
b-js.ringba.com/ 0
0 335ms
234ms Script
text/html 2600:9000:2490:5200:4:1957:6500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-js.ringba.com/CA2c9e8e10441a43e1a508400ad96680b4
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.b560e4b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:5200:4:1957:6500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://now.insuredsaving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H2 200 chunk.7.b6c5ab6.css
impressure-c630.kxcdn.com/ 1 KB
962 B 32ms
32ms Stylesheet
text/css 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://impressure-c630.kxcdn.com/chunk.7.b6c5ab6.css
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.b560e4b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 1238e9e850bf28665fe81529e39af4a4751988b6954cfc341bb027fb8ad1a94d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://now.insuredsaving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:23:40 GMT
content-encoding: br
x-amz-request-id: DFS3S5CF3MP8X8TF
x-edge-location: defr
x-cache: HIT
content-length: 537
x-amz-id-2: 3PXmkorG4lBhJZzGmOVoAkH7qqpfIdYStIIAATjKrFBp4dJjDyvTmXZTv7CD5jr+zazYa3l7pH4=
last-modified: Tue, 23 Aug 2022 19:45:30 GMT
server: keycdn-engine
etag: "1f2e32f2ccbe4956bd43b676c6acbdc8"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Fri, 19 May 2023 18:23:40 GMT

GET
H2 200 chunk.7.9b4f67e.js Show response
impressure-c630.kxcdn.com/ 11 KB
4 KB 434ms
434ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://impressure-c630.kxcdn.com/chunk.7.9b4f67e.js
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.b560e4b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: faef7e5b106e32b318fa40bf26d7da80874ef9bde24adecb65e8742b34f16d39

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://now.insuredsaving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:23:40 GMT
content-encoding: br
x-amz-request-id: BJWVWYVB9TMEFRZM
x-edge-location: defr
x-cache: MISS
content-length: 3350
x-amz-id-2: n10Vx0ym5oF+4j9x/sMk6NEA9+LbpG2p7WmX8RolKWArlZ3SWWX3FTXrc8JUZFG36tHIQroHjAA=
last-modified: Tue, 23 Aug 2022 19:45:33 GMT
server: keycdn-engine
etag: "aab16c3901aa85bf6cbd3d12fb635424"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Fri, 19 May 2023 18:23:40 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 134ms
60ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.b560e4b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://now.insuredsaving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 12:54:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 May 2024 12:54:31 GMT

GET
H2 200 chunk.4.e1ba812.css
impressure-c630.kxcdn.com/ 2 KB
1 KB 32ms
32ms Stylesheet
text/css 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://impressure-c630.kxcdn.com/chunk.4.e1ba812.css
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.b560e4b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 80b65cdd0e35bff154e418ec0ca90a0f4df24d772109ead25167f283680480a6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://now.insuredsaving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:23:40 GMT
content-encoding: br
x-amz-request-id: X31AZ8RAYB9G41J3
x-edge-location: defr
x-cache: HIT
content-length: 784
x-amz-id-2: AfTGObIhfpjNUQcHtSvNKr3eTyFO6RnkIU90yt4SDelXwmXdsvvw+ZjW5EwdOdjsA1TQXa1VYjg=
last-modified: Tue, 23 Aug 2022 19:45:27 GMT
server: keycdn-engine
etag: "1d4504cd8eb1a924fa3877af155e3acb"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Fri, 19 May 2023 18:23:40 GMT

GET
H2 200 chunk.4.632257f.js Show response
impressure-c630.kxcdn.com/ 58 KB
14 KB 439ms
439ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://impressure-c630.kxcdn.com/chunk.4.632257f.js
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.b560e4b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 6306705e8627af2d57b6dd5fe6e3322a573e24fd6cc7aa5e1e51e49f06d2a199

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://now.insuredsaving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:23:40 GMT
content-encoding: br
x-amz-request-id: BJWHHRWVTHFNR38Q
x-edge-location: defr
x-cache: MISS
content-length: 13564
x-amz-id-2: NsCHyfq05VjOYnGR6OGvj5AZU4iZsXSVs4I1U01bPsyjAtCNZ0PtFhoTH9Cprl4OLogU6JFf2nW6Vu4+g7Qwgg==
last-modified: Tue, 23 Aug 2022 19:45:33 GMT
server: keycdn-engine
etag: "b1ded3ed49dd625cfd1196fd4bf192df"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Fri, 19 May 2023 18:23:40 GMT

GET
H2 200 chunk.13.7a5258a.js Show response
impressure-c630.kxcdn.com/ 17 KB
5 KB 394ms
394ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://impressure-c630.kxcdn.com/chunk.13.7a5258a.js
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.b560e4b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: e24b5a9a61c6d79dedce99ff0212b340f188019946ffeaed32cf88cfca329982

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://now.insuredsaving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:23:40 GMT
content-encoding: br
x-amz-request-id: BJWQ5V8R4VRVMKJB
x-edge-location: defr
x-cache: MISS
content-length: 5065
x-amz-id-2: HdKFUqj2+u1bf9gjqSgBqd58oyZHyvwewWi3UqpfV1KoL9oVrI/j9CHiTFJEufFAJqqQhZD7zo8=
last-modified: Tue, 23 Aug 2022 19:45:26 GMT
server: keycdn-engine
etag: "04b6f9c350e90de6b9711301bf2c2b72"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Fri, 19 May 2023 18:23:40 GMT

GET
H2 403 ae61cf6c-1f65-40e5-8e25-135418325250.png
djk97zng6lbya.cloudfront.net/2019/01/04/22/22/51/ 0
0 705ms
614ms Image
application/xml 13.32.23.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://djk97zng6lbya.cloudfront.net/2019/01/04/22/22/51/ae61cf6c-1f65-40e5-8e25-135418325250.png
Requested by: Host: now.insuredsaving.com
URL: https://now.insuredsaving.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-105.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://now.insuredsaving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H2 200 80c94b17-2cdd-4971-88a6-133f1deb650a.png
djk97zng6lbya.cloudfront.net/2019/02/08/21/35/28/ 15 KB
15 KB 793ms
704ms Image
image/png 13.32.23.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://djk97zng6lbya.cloudfront.net/2019/02/08/21/35/28/80c94b17-2cdd-4971-88a6-133f1deb650a.png
Requested by: Host: now.insuredsaving.com
URL: https://now.insuredsaving.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-105.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c8c076ddbb55285965b5233a91009ad7f53ca98e50811f1a0dc3d2e1aa43027a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://now.insuredsaving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:23:42 GMT
via: 1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront)
last-modified: Fri, 08 Feb 2019 21:35:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: "c969983cba4e3b3401605c39ec0ddd2b"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-meta-json
accept-ranges: bytes
content-length: 15083
x-amz-cf-id: X48Brj4FWwhg4QR_UosvlSye_FM1XU9QY2sMwMGkPSxIaWEPujZfvg==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
212 B 67ms
66ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1629377181&t=pageview&_s=1&dl=https%3A%2F%2Fnow.insuredsaving.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=q%20-&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAEABAAAAACACI~&jid=1413334748&gjid=1585760187&cid=1593537534.1683915819&tid=UA-135266453-1&_gid=1896009949.1683915819&_r=1&_slc=1&z=587143780

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://now.insuredsaving.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 May 2023 18:23:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://now.insuredsaving.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 events Show response
events.impressure.io/ 72 B
362 B 216ms
215ms Fetch
application/json 54.200.204.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://events.impressure.io/events

Requested by

Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.b560e4b.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.200.204.230 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-200-204-230.us-west-2.compute.amazonaws.com

Software

nginx / Express

Resource Hash

b32da17b3d038edda9d26c18e3849c2a6d2322379cb39247b79589df3a53fba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://now.insuredsaving.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 12 May 2023 18:23:40 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: Express
etag: W/"48-vcZLZz3hLM6Lad9aec33C3y23sI"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://now.insuredsaving.com
p3p: CP="Impressure does not have a P3P policy."
access-control-allow-credentials: true
content-length: 72

GET
H2 200 06e345a2-0205-4bf5-8dce-5812e6e79941.png
djk97zng6lbya.cloudfront.net/2019/02/14/15/07/42/ 296 KB
297 KB 732ms
688ms Image
image/png 13.32.23.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://djk97zng6lbya.cloudfront.net/2019/02/14/15/07/42/06e345a2-0205-4bf5-8dce-5812e6e79941.png
Requested by: Host: now.insuredsaving.com
URL: https://now.insuredsaving.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-105.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6a5759107120c7e0b1c04c99f59104755c88a1079cf4815816be612c6888674d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://now.insuredsaving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:23:42 GMT
via: 1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront)
last-modified: Thu, 14 Feb 2019 15:07:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: "52585e4f2aca07219ff866e9afd46e2c"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-meta-json
accept-ranges: bytes
content-length: 303104
x-amz-cf-id: kIqhPZ7NvLIMyNo0NDb1IVmni6AwupuwBc12xS1hGV4PxNEPaa2YZg==

GET
H2 200 css
fonts.googleapis.com/ 775 B
467 B 137ms
66ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d5bdd3a33e0fe62fc5c5aa2ef6415e03708c4d06e5b7671bdb630212f360191b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://now.insuredsaving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 May 2023 18:23:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 May 2023 17:19:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 May 2023 18:23:40 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1006 B 112ms
42ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1b15fca8e3ebb7860833e3ea31ee844fd7f5b392b25f8cddb8c10bca6b32cf5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://now.insuredsaving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 May 2023 18:23:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 May 2023 16:34:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 May 2023 18:23:40 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 133ms
39ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://now.insuredsaving.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 04:00:36 GMT
x-content-type-options: nosniff
age: 51784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 May 2024 04:00:36 GMT

GET
H2 200 NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
fonts.gstatic.com/s/titilliumweb/v15/ 12 KB
13 KB 104ms
32ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v15/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Titillium+Web

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://now.insuredsaving.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 05:53:30 GMT
x-content-type-options: nosniff
age: 45010
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12372
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:19:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 May 2024 05:53:30 GMT

GET
H2 200 47b3ebf1-f568-05ac-6674-6ba34499f7ed.js Show response
create.lidstatic.com/campaign/ 123 KB
39 KB 799ms
726ms Script
text/javascript 2606:4700:10::6816:27b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/47b3ebf1-f568-05ac-6674-6ba34499f7ed.js?snippet_version=2
Requested by: Host: now.insuredsaving.com
URL: https://now.insuredsaving.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:27b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2acdaa40907447660101c09baace45f000d9ed95b75216495aa98382df26add6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://now.insuredsaving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:23:41 GMT
x-amz-version-id: 5JI6_9mQEcY4dxyGZejKF2h_R9yx04Bh
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 12 Nov 2021 00:58:09 GMT
server: cloudflare
x-amz-request-id: 6YD7F14CMN9BB1EP
etag: W/"20fae4d7e0d2d0c42436760c62228a02"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1800
x-amz-replication-status: COMPLETED
cf-ray: 7c64b1b97c840eab-AMS
x-amz-id-2: sdb+3mL2jh40913t5UIp29v2yN2k8LxLjrwlPye+U/IwKjIQGoi+1UCpOMvf/DA3ShV441WuJmU=

GET
H2 200 cb36d196-16c9-478d-93aa-a37cdbceb811.png
djk97zng6lbya.cloudfront.net/2018/11/06/09/51/56/ 4 KB
5 KB 659ms
658ms Image
image/png 13.32.23.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://djk97zng6lbya.cloudfront.net/2018/11/06/09/51/56/cb36d196-16c9-478d-93aa-a37cdbceb811.png
Requested by: Host: now.insuredsaving.com
URL: https://now.insuredsaving.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-105.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d66beb4dce0d00c1c9c8b1d44656e0816204d030865ac1174709eb182e1b2fb2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://now.insuredsaving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:23:42 GMT
via: 1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront)
last-modified: Tue, 06 Nov 2018 09:51:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: "445f88fe0dec2a964519b239e74eab62"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-meta-json
accept-ranges: bytes
content-length: 4301
x-amz-cf-id: prUOgQQGDFpWfb8qNIZV1C_TgrGhXRuvlShffuOxCoW_hdcIDiVipg==

GET
H2 200 6b5d2f6a-dd94-43b1-a1e8-99a384384cd3.png
djk97zng6lbya.cloudfront.net/2018/11/06/09/54/11/ 3 KB
4 KB 660ms
659ms Image
image/png 13.32.23.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://djk97zng6lbya.cloudfront.net/2018/11/06/09/54/11/6b5d2f6a-dd94-43b1-a1e8-99a384384cd3.png
Requested by: Host: now.insuredsaving.com
URL: https://now.insuredsaving.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-105.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9a8f235f2109ab3e8e21f4ccc1d96aa7e4ed173c15b21a85d86865b78a3ef3c4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://now.insuredsaving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:23:42 GMT
via: 1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront)
last-modified: Tue, 06 Nov 2018 09:54:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: "e9f31a7b561679ce8056b94f998a1136"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-meta-json
accept-ranges: bytes
content-length: 3376
x-amz-cf-id: T4nE67lX869aIy98XLbF9QzdB8LHNBAgI1RriTC8CD6LZh97-0846A==

GET
H2 200 9a53d975-4876-4fbd-8b1e-2472483d3ac1.png
djk97zng6lbya.cloudfront.net/2018/11/06/09/55/12/ 3 KB
3 KB 710ms
709ms Image
image/png 13.32.23.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://djk97zng6lbya.cloudfront.net/2018/11/06/09/55/12/9a53d975-4876-4fbd-8b1e-2472483d3ac1.png
Requested by: Host: now.insuredsaving.com
URL: https://now.insuredsaving.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-105.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7443dd7eb7eceb9b03528533f51751c75e6f35db023af5ee4141311c0a9042dd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://now.insuredsaving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:23:42 GMT
via: 1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront)
last-modified: Tue, 06 Nov 2018 09:55:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: "baeead5722545cf3f2565a521559f24a"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-meta-json
accept-ranges: bytes
content-length: 2693
x-amz-cf-id: VQis7dmL5YW5ZbZaDRYkJkZt5v1cB5jxM90vXTGnhokK_yGKhrTTBw==

GET
H2 200 8d097ca8-7caa-4116-8b15-44df98f3321e.png
djk97zng6lbya.cloudfront.net/2018/11/06/09/56/00/ 2 KB
3 KB 666ms
665ms Image
image/png 13.32.23.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://djk97zng6lbya.cloudfront.net/2018/11/06/09/56/00/8d097ca8-7caa-4116-8b15-44df98f3321e.png
Requested by: Host: now.insuredsaving.com
URL: https://now.insuredsaving.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-105.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3e7ae12b7970bb74b8c52b138e67ddfb938bb800e90c28a1b701d4c1303ed392

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://now.insuredsaving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:23:42 GMT
via: 1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront)
last-modified: Tue, 06 Nov 2018 09:56:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: "a2632c95001cb848676412cd9041a166"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-meta-json
accept-ranges: bytes
content-length: 2424
x-amz-cf-id: z9KHWMzDG68J4_H_W1jp7vrz1hng1BZh7rLy4qUk3j5qd9jeqI3nzw==

GET
H2 200 chunk.12.4476a10.js Show response
impressure-c630.kxcdn.com/ 5 KB
2 KB 395ms
395ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://impressure-c630.kxcdn.com/chunk.12.4476a10.js
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.b560e4b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 02ee819778a1bd220523c999dac5a4bd09ac8d254c5b2f0f0b957f9deba70fa1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://now.insuredsaving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:23:41 GMT
content-encoding: br
x-amz-request-id: 6YDCS7EKE3TQW38E
x-edge-location: defr
x-cache: MISS
content-length: 1691
x-amz-id-2: sqbX/uEvoza98gu7jTh/tYKGfcVPO+4mWHRMIX2Fpmxv+M7wO+x9ws/FPBWTzmAOvQil7E0jMIQ=
last-modified: Tue, 23 Aug 2022 19:45:33 GMT
server: keycdn-engine
etag: "b3549b5c75fd5d72654ca0107db411bd"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Fri, 19 May 2023 18:23:41 GMT

GET
H2 200 chunk.15.d44ea61.js Show response
impressure-c630.kxcdn.com/ 1 KB
896 B 423ms
423ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://impressure-c630.kxcdn.com/chunk.15.d44ea61.js
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.b560e4b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 2410ed76bab2930d473ed00294256a24b191a35f14ae6560478ae8da68811464

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://now.insuredsaving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:23:41 GMT
content-encoding: br
x-amz-request-id: 6YD96CVJ8X6DE66P
x-edge-location: defr
x-cache: MISS
content-length: 462
x-amz-id-2: uHemRy1CFbYw/gBLSYrlPXuRLR1radeKw31PX3rDmAcN6jfhYbNj7J4AzOxUn4kSJbIt6lGoKcA=
last-modified: Tue, 23 Aug 2022 19:45:29 GMT
server: keycdn-engine
etag: "177cbe0c08381557dbead1c6707ce73c"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Fri, 19 May 2023 18:23:41 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
655 B 41ms
41ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d243481a66bdffbe09bc2f74f8f1b57714dcd20963e8703c1372716d3fe689a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://now.insuredsaving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 May 2023 18:23:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 May 2023 16:40:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 May 2023 18:23:41 GMT

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ 12 KB
13 KB 33ms
33ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://now.insuredsaving.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:20:05 GMT
x-content-type-options: nosniff
age: 57816
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12708
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 May 2024 02:20:05 GMT

GET
DATA 200
OK truncated
/ 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b193cca67a1a3485f0418f26f67cfcd728df50e8f5b71c4fb477c918651d0ba7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

bootstrap.js Show response
cdn.trustedform.com/
Redirect Chain

https://api.trustedform.com/trustedform.js?provide_referrer=true&field=xxTrustedFormCertUrl&l=16839158215320.6502179064361484
https://cdn.trustedform.com/bootstrap.js?provide_referrer=true&field=xxTrustedFormCertUrl&l=16839158215320.6502179064361484

7 KB
3 KB

240ms
143ms

Script
application/javascript

2600:9000:223d:9600:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/bootstrap.js?provide_referrer=true&field=xxTrustedFormCertUrl&l=16839158215320.6502179064361484
Requested by: Host: now.insuredsaving.com
URL: https://now.insuredsaving.com/
Protocol: H2
Server: 2600:9000:223d:9600:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d95166940395c50be562fe538c85311002d62b83da8f68a8500be092f4bf98fd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://now.insuredsaving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:23:43 GMT
x-amz-version-id: 3_b23spJZawDo2DonqGySoPkWa3Umuag
content-encoding: gzip
last-modified: Fri, 12 May 2023 16:55:50 GMT
server: AmazonS3
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
etag: W/"88ddf717f635b54023edd7480431e1d1"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: SlMWM46IuWpq-tM__KeVr9OZnMHdT9-xB78EPH9D-XXP4YOFcA3_bQ==

Redirect headers

location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=true&field=xxTrustedFormCertUrl&l=16839158215320.6502179064361484
date: Fri, 12 May 2023 18:23:41 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

POST
H2 200 GenerateToken Show response
create.leadid.com/2.11.9/ 36 B
661 B 369ms
148ms XHR
text/plain 52.201.16.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/GenerateToken?msn=1&pid=2d002b9c-186c-4244-8232-a0f9d96b2a51&_=831378242

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/47b3ebf1-f568-05ac-6674-6ba34499f7ed.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.201.16.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-201-16-241.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f18f1c8d6144e14185733d9bd5bad8ddcf9115c53e49b90583ab0af14b462093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://now.insuredsaving.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 12 May 2023 18:23:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 201 certs Show response
api.trustedform.com/ 475 B
686 B 321ms
117ms XHR
application/json 34.198.72.47
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=true&field=xxTrustedFormCertUrl&l=16839158215320.6502179064361484
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.198.72.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-198-72-47.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: a440e27f675ad42093e81934b7fbe57136e60fe2bd873b14d3917b41e469a1c6

Request headers

Referer: https://now.insuredsaving.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 May 2023 18:23:42 GMT
server: Cowboy
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 475

GET
H/1.1 200
OK iframe.html Show response
d2m2wsoho8qq12.cloudfront.net/ Frame 7F03 3 KB
2 KB 117ms
32ms Document
text/html 13.32.23.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=5C3077C9-EBB1-FEAB-B632-EC14771FB9CB&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=47B3EBF1-F568-05AC-6674-6BA34499F7ED&lac=532AA58C-3478-CE87-E6BF-9CE3DCA7C530

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/47b3ebf1-f568-05ac-6674-6ba34499f7ed.js?snippet_version=2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.32.23.225 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-23-225.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://now.insuredsaving.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Age: 60325
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Fri, 12 May 2023 03:10:01 GMT
ETag: W/"643ec1f4-dbb"
Last-Modified: Tue, 18 Apr 2023 16:14:44 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Via: 1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 0moGbF7je56Wq0IeRSCOaGaz7ohBqhITU6Hh-ucOByjUVNSHg8GAhQ==
X-Amz-Cf-Pop: FRA56-C2
X-Cache: Hit from cloudfront

POST
H2 200 SaveDom Show response
create.leadid.com/2.11.9/ 0
622 B 109ms
108ms XHR
text/plain 52.201.16.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/SaveDom?msn=2&pid=2d002b9c-186c-4244-8232-a0f9d96b2a51&token=5C3077C9-EBB1-FEAB-B632-EC14771FB9CB&_=831378243

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/47b3ebf1-f568-05ac-6674-6ba34499f7ed.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.201.16.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-201-16-241.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://now.insuredsaving.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 12 May 2023 18:23:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.9/ 0
623 B 107ms
107ms XHR
text/plain 52.201.16.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/InitFormData?msn=3&pid=2d002b9c-186c-4244-8232-a0f9d96b2a51&token=5C3077C9-EBB1-FEAB-B632-EC14771FB9CB&_=831378244

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/47b3ebf1-f568-05ac-6674-6ba34499f7ed.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.201.16.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-201-16-241.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://now.insuredsaving.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 12 May 2023 18:23:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 iframe.html Show response
deviceid.trueleadid.com/ Frame 0CB7 4 KB
2 KB 331ms
102ms Document
text/html 52.70.67.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://deviceid.trueleadid.com/iframe.html?token=5C3077C9-EBB1-FEAB-B632-EC14771FB9CB&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=47B3EBF1-F568-05AC-6674-6BA34499F7ED&lac=532AA58C-3478-CE87-E6BF-9CE3DCA7C530
Requested by: Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=5C3077C9-EBB1-FEAB-B632-EC14771FB9CB&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=47B3EBF1-F568-05AC-6674-6BA34499F7ED&lac=532AA58C-3478-CE87-E6BF-9CE3DCA7C530
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.67.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-67-143.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

Referer: https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: max-age=86400 public
content-encoding: gzip
content-type: text/html
date: Fri, 12 May 2023 18:23:42 GMT
etag: W/"6425e809-1049"
expires: Sat, 13 May 2023 18:23:42 GMT
last-modified: Thu, 30 Mar 2023 19:50:33 GMT
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
server: nginx

GET
H2 200 trustedform-1.8.39.js Show response
cdn.trustedform.com/ 102 KB
37 KB 41ms
41ms Script
application/javascript 2600:9000:223d:9600:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/trustedform-1.8.39.js
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=true&field=xxTrustedFormCertUrl&l=16839158215320.6502179064361484
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:9600:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fe63c3d6c4d4486e0a2323e205377a04c96e054f37f4d87a7b8bab0091c19c14

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://now.insuredsaving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: OadgesbszW_FbzYEqgjtb7SPpT8rHyZy
content-encoding: gzip
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
date: Fri, 12 May 2023 18:23:40 GMT
last-modified: Fri, 12 May 2023 16:55:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 3
etag: W/"9c2830f2c2e5b9cb27e0e7f151317cbe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: ia4tqQ9o36Ya6rqzPRjIW8iT7WaB56KDQjfqnCB6q9owTdOfqA82vw==

POST
H2 204 snapshot Show response
api.trustedform.com/certs/17c6ae0fa3910da0075a43efb8334c092adb10ef/ 0
159 B 206ms
206ms XHR
text/plain 34.198.72.47
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/17c6ae0fa3910da0075a43efb8334c092adb10ef/snapshot
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.39.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.198.72.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-198-72-47.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://now.insuredsaving.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 12 May 2023 18:23:42 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

GET
H2 200 cb36d196-16c9-478d-93aa-a37cdbceb811.png
djk97zng6lbya.cloudfront.net/2018/11/06/09/51/56/ 4 KB
5 KB 37ms
36ms Image
image/png 13.32.23.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://djk97zng6lbya.cloudfront.net/2018/11/06/09/51/56/cb36d196-16c9-478d-93aa-a37cdbceb811.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.39.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-105.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d66beb4dce0d00c1c9c8b1d44656e0816204d030865ac1174709eb182e1b2fb2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://now.insuredsaving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:23:42 GMT
via: 1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront)
last-modified: Tue, 06 Nov 2018 09:51:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 1
etag: "445f88fe0dec2a964519b239e74eab62"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-meta-json
accept-ranges: bytes
content-length: 4301
x-amz-cf-id: O6m1gyCRxVMH0Ez9DmrMt7nIE39b6mAAN0DrIHElOHaEeqfudeHjlg==

GET
H2 200 6b5d2f6a-dd94-43b1-a1e8-99a384384cd3.png
djk97zng6lbya.cloudfront.net/2018/11/06/09/54/11/ 3 KB
4 KB 36ms
35ms Image
image/png 13.32.23.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://djk97zng6lbya.cloudfront.net/2018/11/06/09/54/11/6b5d2f6a-dd94-43b1-a1e8-99a384384cd3.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.39.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-105.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9a8f235f2109ab3e8e21f4ccc1d96aa7e4ed173c15b21a85d86865b78a3ef3c4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://now.insuredsaving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:23:42 GMT
via: 1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront)
last-modified: Tue, 06 Nov 2018 09:54:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 1
etag: "e9f31a7b561679ce8056b94f998a1136"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-meta-json
accept-ranges: bytes
content-length: 3376
x-amz-cf-id: 01uaeq6QQvC7EC0NNZo8g1ovrTPedduULJpRvTEz5xUAMms4VK8orQ==

GET
H2 200 9a53d975-4876-4fbd-8b1e-2472483d3ac1.png
djk97zng6lbya.cloudfront.net/2018/11/06/09/55/12/ 3 KB
3 KB 68ms
68ms Image
image/png 13.32.23.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://djk97zng6lbya.cloudfront.net/2018/11/06/09/55/12/9a53d975-4876-4fbd-8b1e-2472483d3ac1.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.39.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-105.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7443dd7eb7eceb9b03528533f51751c75e6f35db023af5ee4141311c0a9042dd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://now.insuredsaving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:23:42 GMT
via: 1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront)
last-modified: Tue, 06 Nov 2018 09:55:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 1
etag: "baeead5722545cf3f2565a521559f24a"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-meta-json
accept-ranges: bytes
content-length: 2693
x-amz-cf-id: MMO6XjEBxDZh5M2qrKkmqB9seXDXBBOoXXQu2uwSZJ2lF8Q9HRiqwA==

GET
H2 200 8d097ca8-7caa-4116-8b15-44df98f3321e.png
djk97zng6lbya.cloudfront.net/2018/11/06/09/56/00/ 2 KB
3 KB 68ms
67ms Image
image/png 13.32.23.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://djk97zng6lbya.cloudfront.net/2018/11/06/09/56/00/8d097ca8-7caa-4116-8b15-44df98f3321e.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.39.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-105.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3e7ae12b7970bb74b8c52b138e67ddfb938bb800e90c28a1b701d4c1303ed392

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://now.insuredsaving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:23:42 GMT
via: 1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront)
last-modified: Tue, 06 Nov 2018 09:56:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 1
etag: "a2632c95001cb848676412cd9041a166"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-meta-json
accept-ranges: bytes
content-length: 2424
x-amz-cf-id: sPdsXG_GCNqXKWp4cD4pz4-PHA2Fy_sbjq7Fx33vLuP7eHaMiz5uVw==

GET
H2 200 06e345a2-0205-4bf5-8dce-5812e6e79941.png
djk97zng6lbya.cloudfront.net/2019/02/14/15/07/42/ 296 KB
297 KB 37ms
36ms Image
image/png 13.32.23.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://djk97zng6lbya.cloudfront.net/2019/02/14/15/07/42/06e345a2-0205-4bf5-8dce-5812e6e79941.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.39.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-105.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6a5759107120c7e0b1c04c99f59104755c88a1079cf4815816be612c6888674d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://now.insuredsaving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:23:42 GMT
via: 1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront)
last-modified: Thu, 14 Feb 2019 15:07:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 1
etag: "52585e4f2aca07219ff866e9afd46e2c"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-meta-json
accept-ranges: bytes
content-length: 303104
x-amz-cf-id: BdJSOQRVTb48UAMbzDU2uf00er4QrZAHuJpJTiXFuRQletVifheNWg==

POST
H2 204 fingerprints Show response
api.trustedform.com/certs/17c6ae0fa3910da0075a43efb8334c092adb10ef/ 0
159 B 194ms
194ms XHR
text/plain 34.198.72.47
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/17c6ae0fa3910da0075a43efb8334c092adb10ef/fingerprints
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.39.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.198.72.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-198-72-47.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://now.insuredsaving.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 12 May 2023 18:23:42 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

GET
H2 403 ae61cf6c-1f65-40e5-8e25-135418325250.png
djk97zng6lbya.cloudfront.net/2019/01/04/22/22/51/ 0
0 632ms
632ms Image
application/xml 13.32.23.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://djk97zng6lbya.cloudfront.net/2019/01/04/22/22/51/ae61cf6c-1f65-40e5-8e25-135418325250.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-105.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://now.insuredsaving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ 10 KB
10 KB Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 200 SaveDeviceId.js Show response
create.leadid.com/2.11.9/ Frame 0CB7 0
627 B 310ms
106ms Script
text/javascript 52.201.16.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/SaveDeviceId.js?lac=532AA58C-3478-CE87-E6BF-9CE3DCA7C530&lck=47B3EBF1-F568-05AC-6674-6BA34499F7ED&methods=48&token=5C3077C9-EBB1-FEAB-B632-EC14771FB9CB&uuid=d00320e265834987b3264be6a56a89a4

Requested by

Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=5C3077C9-EBB1-FEAB-B632-EC14771FB9CB&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=47B3EBF1-F568-05AC-6674-6BA34499F7ED&lac=532AA58C-3478-CE87-E6BF-9CE3DCA7C530

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.201.16.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-201-16-241.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://deviceid.trueleadid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:23:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.9/ 0
623 B 106ms
106ms XHR
text/plain 52.201.16.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/InitFormData?msn=4&pid=2d002b9c-186c-4244-8232-a0f9d96b2a51&token=5C3077C9-EBB1-FEAB-B632-EC14771FB9CB&_=831378245

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/47b3ebf1-f568-05ac-6674-6ba34499f7ed.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.201.16.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-201-16-241.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://now.insuredsaving.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 12 May 2023 18:23:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 events Show response
api.trustedform.com/certs/17c6ae0fa3910da0075a43efb8334c092adb10ef/ 0
159 B 103ms
103ms XHR
text/plain 34.198.72.47
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/17c6ae0fa3910da0075a43efb8334c092adb10ef/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.39.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.198.72.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-198-72-47.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://now.insuredsaving.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 12 May 2023 18:23:43 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

POST
H2 204 events
api.trustedform.com/certs/17c6ae0fa3910da0075a43efb8334c092adb10ef/ 0
159 B 103ms
103ms Ping
text/plain 34.198.72.47
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/17c6ae0fa3910da0075a43efb8334c092adb10ef/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.39.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.198.72.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-198-72-47.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://now.insuredsaving.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 12 May 2023 18:23:43 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

POST
H2 204 events Show response
api.trustedform.com/certs/17c6ae0fa3910da0075a43efb8334c092adb10ef/ 0
159 B 104ms
103ms XHR
text/plain 34.198.72.47
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/17c6ae0fa3910da0075a43efb8334c092adb10ef/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.39.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.198.72.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-198-72-47.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://now.insuredsaving.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 12 May 2023 18:23:44 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

POST
H2 200 Snap Show response
create.leadid.com/2.11.9/ 0
623 B 635ms
227ms XHR
text/plain 52.201.16.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/Snap?msn=5&pid=2d002b9c-186c-4244-8232-a0f9d96b2a51&token=5C3077C9-EBB1-FEAB-B632-EC14771FB9CB&_=831378246

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/47b3ebf1-f568-05ac-6674-6ba34499f7ed.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.201.16.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-201-16-241.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://now.insuredsaving.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 12 May 2023 18:23:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 Snap Show response
create.leadid.com/2.11.9/ 0
624 B 366ms
214ms XHR
text/plain 52.201.16.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/Snap?msn=6&pid=2d002b9c-186c-4244-8232-a0f9d96b2a51&token=5C3077C9-EBB1-FEAB-B632-EC14771FB9CB&_=831378247

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/47b3ebf1-f568-05ac-6674-6ba34499f7ed.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.201.16.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-201-16-241.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://now.insuredsaving.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 12 May 2023 18:23:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.insuredsaving.com/	1970-01-20 21:21:15	Name: _ga Value: GA1.2.1593537534.1683915819
.insuredsaving.com/	1970-01-20 11:46:42	Name: _gid Value: GA1.2.1896009949.1683915819
.insuredsaving.com/	1970-01-20 21:21:15	Name: _user_time Value: 1683915820305\|1683915820305
.insuredsaving.com/	1970-01-20 21:21:15	Name: _user_id Value: bb5b8ca0-e110-4e82-bc28-c8e29b5c99f1-ionxh2idUjk+Qkc7M0tOegalZgcV8YBECDaKvemrozA
now.insuredsaving.com/	1970-01-20 21:21:15	Name: _user_random Value: 0.10329928245340048
.insuredsaving.com/	1970-01-20 11:45:15	Name: _gat Value: 1
now.insuredsaving.com/	1970-01-20 11:45:16	Name: leadid_token-532AA58C-3478-CE87-E6BF-9CE3DCA7C530-47B3EBF1-F568-05AC-6674-6BA34499F7ED Value: 5C3077C9-EBB1-FEAB-B632-EC14771FB9CB
.deviceid.trueleadid.com/	1970-01-20 21:21:15	Name: uuid Value: d00320e265834987b3264be6a56a89a4

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://b-js.ringba.com/CA2c9e8e10441a43e1a508400ad96680b4 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://djk97zng6lbya.cloudfront.net/2019/01/04/22/22/51/ae61cf6c-1f65-40e5-8e25-135418325250.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://djk97zng6lbya.cloudfront.net/2019/01/04/22/22/51/ae61cf6c-1f65-40e5-8e25-135418325250.png Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.trustedform.com
b-js.ringba.com
cdn.trustedform.com
code.jquery.com
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
djk97zng6lbya.cloudfront.net
events.impressure.io
fonts.googleapis.com
fonts.gstatic.com
impressure-c630.kxcdn.com
now.insuredsaving.com
www.google-analytics.com
13.32.23.105
13.32.23.225
2001:4de0:ac18::1:a:2a
2600:9000:223d:9600:1c:7f1a:6680:93a1
2600:9000:2490:5200:4:1957:6500:93a1
2606:4700:10::6816:27b6
2a00:1450:4001:801::200a
2a00:1450:4001:827::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82f::200e
2a06:98c1:3121::3
2a0b:4d07:101::1
34.198.72.47
52.201.16.241
52.70.67.143
54.200.204.230
02ee819778a1bd220523c999dac5a4bd09ac8d254c5b2f0f0b957f9deba70fa1
1238e9e850bf28665fe81529e39af4a4751988b6954cfc341bb027fb8ad1a94d
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1b15fca8e3ebb7860833e3ea31ee844fd7f5b392b25f8cddb8c10bca6b32cf5d
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2410ed76bab2930d473ed00294256a24b191a35f14ae6560478ae8da68811464
2acdaa40907447660101c09baace45f000d9ed95b75216495aa98382df26add6
3e7ae12b7970bb74b8c52b138e67ddfb938bb800e90c28a1b701d4c1303ed392
557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
6306705e8627af2d57b6dd5fe6e3322a573e24fd6cc7aa5e1e51e49f06d2a199
6a5759107120c7e0b1c04c99f59104755c88a1079cf4815816be612c6888674d
70162b9e3bf6c1bd2dbb89229ff2db1dcfd5595f7f2bef7d576c776ff89e0d55
7443dd7eb7eceb9b03528533f51751c75e6f35db023af5ee4141311c0a9042dd
7b3572d713ffa9ca614384c802e8a73bf4a4420a754d20dcf60adc728f5ebd09
80b65cdd0e35bff154e418ec0ca90a0f4df24d772109ead25167f283680480a6
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
866a16ed24f1fa83115a250c8ef38f561e0850e499604cb8210d813de56708dc
9a8f235f2109ab3e8e21f4ccc1d96aa7e4ed173c15b21a85d86865b78a3ef3c4
a440e27f675ad42093e81934b7fbe57136e60fe2bd873b14d3917b41e469a1c6
b193cca67a1a3485f0418f26f67cfcd728df50e8f5b71c4fb477c918651d0ba7
b32da17b3d038edda9d26c18e3849c2a6d2322379cb39247b79589df3a53fba0
bec322bf769b34cca7f860e1355c9815064026cda0b220dee6805774eff7fc79
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c8c076ddbb55285965b5233a91009ad7f53ca98e50811f1a0dc3d2e1aa43027a
cc6bdd862d3e45c2403d529930215fb4c217f10e1a1b4517d34a8dd92a4988b7
d243481a66bdffbe09bc2f74f8f1b57714dcd20963e8703c1372716d3fe689a5
d5bdd3a33e0fe62fc5c5aa2ef6415e03708c4d06e5b7671bdb630212f360191b
d66beb4dce0d00c1c9c8b1d44656e0816204d030865ac1174709eb182e1b2fb2
d95166940395c50be562fe538c85311002d62b83da8f68a8500be092f4bf98fd
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
e24b5a9a61c6d79dedce99ff0212b340f188019946ffeaed32cf88cfca329982
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
f0272b765af3b951c47e318a184208f3f72d0eaf175bd6019607e7a8cf16c0c3
f18f1c8d6144e14185733d9bd5bad8ddcf9115c53e49b90583ab0af14b462093
faef7e5b106e32b318fa40bf26d7da80874ef9bde24adecb65e8742b34f16d39
fe63c3d6c4d4486e0a2323e205377a04c96e054f37f4d87a7b8bab0091c19c14

now.insuredsaving.com Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

55 Requests

98 %HTTPS

63 %IPv6

13 Domains

16 Subdomains

17 IPs

4 Countries

1016 kBTransfer

1846 kBSize

8 Cookies

2 Outgoing links

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

now.insuredsaving.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

98 %
HTTPS

63 %
IPv6

13
Domains

16
Subdomains

17
IPs

4
Countries

1016 kB
Transfer

1846 kB
Size

8
Cookies

55 HTTP transactions
3 data transactions