auto.insuredsaving.com Open in urlscan Pro
2a0b:4d07:101::1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://auto.insuredsaving.com/
Submission: On September 17 via automatic, source certstream-suspicious (September 17th 2020, 8:49:24 pm UTC)

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 4 countries across 9 domains to perform 24 HTTP transactions. The main IP is 2a0b:4d07:101::1, located in Switzerland and belongs to PROINITY PROINITY, DE. The main domain is auto.insuredsaving.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 17th 2020. Valid for: 3 months.

This is the only time auto.insuredsaving.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
2	52.42.194.64 52.42.194.64	16509 (AMAZON-02) (AMAZON-02)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	52.24.226.54 52.24.226.54	16509 (AMAZON-02) (AMAZON-02)
3	143.204.208.60 143.204.208.60	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81a::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:29e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	34.227.130.110 34.227.130.110	14618 (AMAZON-AES) (AMAZON-AES)
24	10

10 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, DE)

auto.insuredsaving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
impressure-c630.kxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.42.194.64 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-42-194-64.us-west-2.compute.amazonaws.com

events.impressure.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.24.226.54 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-24-226-54.us-west-2.compute.amazonaws.com

dashboard.clickstoconvert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.208.60 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-208-60.fra53.r.cloudfront.net

djk97zng6lbya.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:29e5 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.227.130.110 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-227-130-110.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	kxcdn.com impressure-c630.kxcdn.com	137 KB
4	leadid.com create.leadid.com	1 KB
3	cloudfront.net djk97zng6lbya.cloudfront.net d2m2wsoho8qq12.cloudfront.net	28 KB
2	impressure.io events.impressure.io	2 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	insuredsaving.com auto.insuredsaving.com	43 KB
1	lidstatic.com create.lidstatic.com	39 KB
1	clickstoconvert.com dashboard.clickstoconvert.com	3 KB
1	jquery.com code.jquery.com	30 KB
24	9

	Domain	Requested by
8	impressure-c630.kxcdn.com	auto.insuredsaving.com impressure-c630.kxcdn.com
4	create.leadid.com	create.lidstatic.com
2	djk97zng6lbya.cloudfront.net	auto.insuredsaving.com
2	events.impressure.io	auto.insuredsaving.com impressure-c630.kxcdn.com
2	www.google-analytics.com	auto.insuredsaving.com www.google-analytics.com
2	auto.insuredsaving.com	impressure-c630.kxcdn.com
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	create.lidstatic.com	auto.insuredsaving.com
1	dashboard.clickstoconvert.com	impressure-c630.kxcdn.com
1	code.jquery.com	impressure-c630.kxcdn.com
24	10

This site contains no links.

Subject Issuer	Validity	Valid
auto.insuredsaving.com Let's Encrypt Authority X3	`2020-09-17` - `2020-12-16`	3 months	crt.sh
*.kxcdn.com Thawte RSA CA 2018	`2019-07-04` - `2021-09-01`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
impressure.io Amazon	`2020-07-10` - `2021-08-10`	a year	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
api.clickstoconvert.com Let's Encrypt Authority X3	`2020-08-30` - `2020-11-28`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
lidstatic.com Cloudflare Inc ECC CA-3	`2020-05-31` - `2021-05-31`	a year	crt.sh
create.leadid.com Amazon	`2020-05-22` - `2021-06-22`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://auto.insuredsaving.com/
Frame ID: ACB2CD5BF39F9CE1B3E15894F2DDC764
Requests: 24 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=05345C5B-A5C6-9396-5FDD-B4174390F51F&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.7.0&lck=47B3EBF1-F568-05AC-6674-6BA34499F7ED&lac=532AA58C-3478-CE87-E6BF-9CE3DCA7C530
Frame ID: 6040C275C125457FA23E9ABA73900721
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

KeyCDN (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^keycdn-engine$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

24
Requests

100 %
HTTPS

56 %
IPv6

9
Domains

10
Subdomains

10
IPs

4
Countries

301 kB
Transfer

1056 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
auto.insuredsaving.com/ 222 KB
39 KB 658ms
512ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://auto.insuredsaving.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 0823b15664e6fe986f574ff6d25ee27d729984018bca3d30ad3c76fb8ac54147

Request headers

:method: GET
:authority: auto.insuredsaving.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
server: keycdn-engine
date: Thu, 17 Sep 2020 20:49:07 GMT
content-type: text/html
content-length: 39290
cache-control: no-cache, must-revalidate, max-age=0
content-encoding: br
etag: "09b0a4c0a10a66b468542e593433b3e2"
last-modified: Thu, 17 Sep 2020 20:48:21 GMT
x-amz-version-id: zvlYhT4vPn_jawxp1CS70g8wUe1HpA7N
x-cache-status: MISS
x-cache: MISS
x-edge-location: defr
access-control-allow-origin: *
accept-ranges: bytes

GET
H2 200 presenter.4717d24.css
impressure-c630.kxcdn.com/ 19 KB
5 KB 50ms
10ms Stylesheet
text/css 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://impressure-c630.kxcdn.com/presenter.4717d24.css
Requested by: Host: auto.insuredsaving.com
URL: https://auto.insuredsaving.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: baacbac8ea102fe556f4d7d75f0ed28614f1c6712ef7c124df6ad7cfbc4cf744

Request headers

Referer: https://auto.insuredsaving.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Sep 2020 20:49:07 GMT
content-encoding: br
x-amz-request-id: FS4GAR5Q6XAQDK9W
x-edge-location: defr
x-cache: HIT
status: 200
content-length: 4928
x-amz-id-2: A67rarFxsuKQIS6ahKvm4wohz7rkiAQURrUy12pYubuG+wHc4EADaolkajSPl5jJnAApPLWlplM=
last-modified: Wed, 09 Oct 2019 17:37:18 GMT
server: keycdn-engine
etag: "e39087b2545506688b40e35efb46751b"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Thu, 24 Sep 2020 20:49:07 GMT

GET
H2 200 presenter.b9b74d1.js Show response
impressure-c630.kxcdn.com/ 394 KB
105 KB 49ms
10ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://impressure-c630.kxcdn.com/presenter.b9b74d1.js
Requested by: Host: auto.insuredsaving.com
URL: https://auto.insuredsaving.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: ae20ccd08eba066bfe4c50a7c2db342d3db15cd9ff203965a5261fd677962b11

Request headers

Origin: https://auto.insuredsaving.com
Referer: https://auto.insuredsaving.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Sep 2020 20:49:07 GMT
content-encoding: br
x-amz-request-id: A5B31750AE62161A
x-edge-location: defr
x-cache: HIT
status: 200
content-length: 106713
x-amz-id-2: Zh0U0wamBwlgus0qU2ROh57dVfeSShleUvYM3FpFiRDDxBvS7AkY8InXc4yLsiwwEzWG07iEdVs=
last-modified: Fri, 25 Oct 2019 12:49:24 GMT
server: keycdn-engine
etag: "d7a4b07ca15173e5e6105a4e09a5195a"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Thu, 24 Sep 2020 20:49:07 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: auto.insuredsaving.com
URL: https://auto.insuredsaving.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://auto.insuredsaving.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 926
date: Thu, 17 Sep 2020 20:33:41 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Thu, 17 Sep 2020 22:33:41 GMT

GET
H/1.1 200
OK info Show response
events.impressure.io/ 1 KB
1 KB 820ms
202ms XHR
application/json 52.42.194.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://events.impressure.io/info?v=2&nonce=10418129294968910&userId=

Requested by

Host: auto.insuredsaving.com
URL: https://auto.insuredsaving.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.42.194.64 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-42-194-64.us-west-2.compute.amazonaws.com

Software

nginx / Express

Resource Hash

2ce48a1c77d6a3b5fce594620469b8ab763bf185317c2f9ec1222cc4d71ed384

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://auto.insuredsaving.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 17 Sep 2020 20:49:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Powered-By: Express
Vary: Accept-Encoding, Origin
P3P: CP="Impressure does not have a P3P policy."
Access-Control-Allow-Origin: https://auto.insuredsaving.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 719
ETag: W/"416-YHECoS1I+ggAegxSexPEjOzY0IA"

GET
DATA 200
OK truncated
/ 24 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 866a16ed24f1fa83115a250c8ef38f561e0850e499604cb8210d813de56708dc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 24ms
8ms Script
application/javascript 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.b9b74d1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer: https://auto.insuredsaving.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Sep 2020 20:49:07 GMT
content-encoding: gzip
last-modified: Sat, 20 Jan 2018 17:26:44 GMT
server: nginx
status: 200
etag: W/"5a637bd4-1538f"
vary: Accept-Encoding
x-hw: 1600375747.dop245.fr8.t,1600375747.cds269.fr8.hn,1600375747.cds057.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30288

GET
H2 200 loading.d78985d5a90c42d31aaaf9203cddb569.gif
impressure-c630.kxcdn.com/ 2 KB
2 KB 17ms
16ms Image
image/gif 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://impressure-c630.kxcdn.com/loading.d78985d5a90c42d31aaaf9203cddb569.gif
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.4717d24.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 7b3572d713ffa9ca614384c802e8a73bf4a4420a754d20dcf60adc728f5ebd09

Request headers

Referer: https://impressure-c630.kxcdn.com/presenter.4717d24.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Sep 2020 20:49:07 GMT
content-encoding: gzip
x-amz-request-id: 8JFK3TAS4J8V0K0R
x-edge-location: defr
x-cache: HIT
status: 200
content-length: 1315
x-amz-id-2: r0IbLjhFvBO9lXzxG3XF1SZLerZmCJDXk3zD7L9G4q+VZh8xxdzOt9fGoC7zQNGkHcyz/J/aieM=
last-modified: Tue, 21 Aug 2018 14:21:48 GMT
server: keycdn-engine
etag: W/"d78985d5a90c42d31aaaf9203cddb569"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Thu, 24 Sep 2020 20:49:07 GMT

GET
H/1.1 200
OK showListing.js Show response
dashboard.clickstoconvert.com/js/publisher/ 6 KB
3 KB 643ms
204ms Script
application/javascript 52.24.226.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dashboard.clickstoconvert.com/js/publisher/showListing.js
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.b9b74d1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.24.226.54 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-24-226-54.us-west-2.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 87747d8193ef254a0f6cd4755c44f2fae26c31de7f923f62d0f58f42f3520aa6

Request headers

Referer: https://auto.insuredsaving.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 17 Sep 2020 20:49:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Jul 2020 08:10:35 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "170e-5ab176417215b-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2299

GET
H2 200 chunk.7.6caa6e6.css
impressure-c630.kxcdn.com/ 1 KB
961 B 6ms
5ms Stylesheet
text/css 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://impressure-c630.kxcdn.com/chunk.7.6caa6e6.css
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.b9b74d1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 340d633e2738fe02c289dc44662122655656ba9d48c268a61f9c761f6a8252ba

Request headers

Referer: https://auto.insuredsaving.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Sep 2020 20:49:08 GMT
content-encoding: br
x-amz-request-id: 6318C0850E36FB88
x-edge-location: defr
x-cache: HIT
status: 200
content-length: 538
x-amz-id-2: MHmxLtROoEN5I9Q1fWypYPCP6PV+tHHHe8vC5sho0+Thya/BDda2N8LpEKJmLYy6mp0dd/gZVDA=
last-modified: Wed, 09 Oct 2019 17:37:11 GMT
server: keycdn-engine
etag: "e73681ade786069d4cb8563abe3a911e"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Thu, 24 Sep 2020 20:49:08 GMT

GET
H2 200 chunk.7.030faae.js Show response
impressure-c630.kxcdn.com/ 11 KB
4 KB 6ms
6ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://impressure-c630.kxcdn.com/chunk.7.030faae.js
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.b9b74d1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 2e12f21010c1d5c9104af7445b1e2fac2571f255b74d0cc4dfff59241b18b3db

Request headers

Referer: https://auto.insuredsaving.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Sep 2020 20:49:08 GMT
content-encoding: br
x-amz-request-id: 21A709F70861C696
x-edge-location: defr
x-cache: HIT
status: 200
content-length: 3552
x-amz-id-2: RYB8GvvUE6JbtCHkeKJLfBrJJkIHdE7arUcrf8BuFADMAU3HxprYAm1rjFP6+L0SKkqHYHlsy1s=
last-modified: Fri, 25 Oct 2019 12:49:27 GMT
server: keycdn-engine
etag: "9fad6d7ace09a47f8956a0f770d74c34"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Thu, 24 Sep 2020 20:49:08 GMT

GET
H2 200 chunk.4.14607f3.css
impressure-c630.kxcdn.com/ 2 KB
1 KB 8ms
7ms Stylesheet
text/css 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://impressure-c630.kxcdn.com/chunk.4.14607f3.css
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.b9b74d1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: af4184fcac0beab4133f96dad725c066cddedb9db58107af8928c9486d140d2b

Request headers

Referer: https://auto.insuredsaving.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Sep 2020 20:49:08 GMT
content-encoding: br
x-amz-request-id: 0X8MDQ4V6Y0GEX4Y
x-edge-location: defr
x-cache: HIT
status: 200
content-length: 794
x-amz-id-2: FY7jY210FV9oBoOCs+FE1KQqEFRVFtVCNKzmISiFefA/BdFyzLOmULajKGeNfdm0rQ9ZLW+jFEE=
last-modified: Wed, 09 Oct 2019 17:37:10 GMT
server: keycdn-engine
etag: "92cf1ed8bfc5123b1b1c5ae4a995d8d6"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Thu, 24 Sep 2020 20:49:08 GMT

GET
H2 200 chunk.4.a561d22.js Show response
impressure-c630.kxcdn.com/ 61 KB
14 KB 8ms
8ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://impressure-c630.kxcdn.com/chunk.4.a561d22.js
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.b9b74d1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 6631798fd0436183a70e8fabf3aa27a00e6ee1dfbec13b305c34d13057708e62

Request headers

Referer: https://auto.insuredsaving.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Sep 2020 20:49:08 GMT
content-encoding: br
x-amz-request-id: 92C34074F3FCF3F9
x-edge-location: defr
x-cache: HIT
status: 200
content-length: 14054
x-amz-id-2: buNDhBwcGYKkpnKb57BSKNmQrAdrDoYsHyamkGCxxZlIxy3y772f13JwY88PcXEie20xPt9mGRA=
last-modified: Fri, 25 Oct 2019 12:49:23 GMT
server: keycdn-engine
etag: "4d79647f26430a8dfcef22e4c9cc28f5"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Thu, 24 Sep 2020 20:49:08 GMT

GET
H2 200 ae61cf6c-1f65-40e5-8e25-135418325250.png
djk97zng6lbya.cloudfront.net/2019/01/04/22/22/51/ 12 KB
13 KB 803ms
713ms Image
image/png 143.204.208.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://djk97zng6lbya.cloudfront.net/2019/01/04/22/22/51/ae61cf6c-1f65-40e5-8e25-135418325250.png
Requested by: Host: auto.insuredsaving.com
URL: https://auto.insuredsaving.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.208.60 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-208-60.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 57a1a3d7aa5ed64562e53a6d2317cae2af00004c76a0fc7161d269f97ac391d0

Request headers

Referer: https://auto.insuredsaving.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Sep 2020 20:49:10 GMT
via: 1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront)
last-modified: Fri, 04 Jan 2019 22:22:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "9a3a1e7201d4639bdfbceec9e093d137"
x-cache: Miss from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
x-amz-meta-json
accept-ranges: bytes
content-length: 12740
x-amz-cf-id: ABS7UcVfyEVZzWJ3evurGLmagQ7iusASkkzUvdkbhgVN8mkdOWw8gA==

GET
H2 200 80c94b17-2cdd-4971-88a6-133f1deb650a.png
djk97zng6lbya.cloudfront.net/2019/02/08/21/35/28/ 15 KB
15 KB 829ms
740ms Image
image/png 143.204.208.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://djk97zng6lbya.cloudfront.net/2019/02/08/21/35/28/80c94b17-2cdd-4971-88a6-133f1deb650a.png
Requested by: Host: auto.insuredsaving.com
URL: https://auto.insuredsaving.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.208.60 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-208-60.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c8c076ddbb55285965b5233a91009ad7f53ca98e50811f1a0dc3d2e1aa43027a

Request headers

Referer: https://auto.insuredsaving.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Sep 2020 20:49:10 GMT
via: 1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront)
last-modified: Fri, 08 Feb 2019 21:35:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "c969983cba4e3b3401605c39ec0ddd2b"
x-cache: Miss from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
x-amz-meta-json
accept-ranges: bytes
content-length: 15083
x-amz-cf-id: W1em5MiKSi4DTumE07a4bPlykdH2waMfKgSljnQLOCf5SFOV8Wh1sw==

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
69 B 13ms
13ms XHR
text/plain 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=116872511&t=pageview&_s=1&dl=https%3A%2F%2Fauto.insuredsaving.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Q-%20Car%20Insurance&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAEABAAAAAC~&jid=409739393&gjid=1218358903&cid=1661001494.1600375748&tid=UA-135266453-1&_gid=2052661422.1600375748&_r=1&_slc=1&z=1738752370

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://auto.insuredsaving.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 17 Sep 2020 20:49:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://auto.insuredsaving.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK events Show response
events.impressure.io/ 72 B
497 B 224ms
224ms Fetch
application/json 52.42.194.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://events.impressure.io/events

Requested by

Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.b9b74d1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.42.194.64 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-42-194-64.us-west-2.compute.amazonaws.com

Software

nginx / Express

Resource Hash

1b65090d7987de278775faebfc7eb7701a886b8b830bddc9edaeeac1fa2a745d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://auto.insuredsaving.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: text/plain

Response headers

Date: Thu, 17 Sep 2020 20:49:08 GMT
X-Content-Type-Options: nosniff
Server: nginx
X-Powered-By: Express
Vary: Origin
P3P: CP="Impressure does not have a P3P policy."
Access-Control-Allow-Origin: https://auto.insuredsaving.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 72
ETag: W/"48-HaFYJOQRauJv2udy6cCP/y5k0kk"

GET
H2 200 chunk.13.5f3a945.js Show response
impressure-c630.kxcdn.com/ 17 KB
5 KB 10ms
9ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://impressure-c630.kxcdn.com/chunk.13.5f3a945.js
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.b9b74d1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: ecb5f9a97229a42a05d070bf1fb26ccf785e89c4dd8aeda12f820923cdeffc42

Request headers

Referer: https://auto.insuredsaving.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Sep 2020 20:49:08 GMT
content-encoding: br
x-amz-request-id: 6YDX2RDRCJ8Q3Y1P
x-edge-location: defr
x-cache: HIT
status: 200
content-length: 5062
x-amz-id-2: coJDhvYevJrjvwQT27BxLvC+zi8a/WpJJtQX1TfgXSzOnN+GDpypW/Yov45rMVXU4aOhb58E7N8=
last-modified: Wed, 09 Oct 2019 17:37:16 GMT
server: keycdn-engine
etag: "99d0c075b044b783e3f3e92fdf9ab9cc"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Thu, 24 Sep 2020 20:49:08 GMT

GET
H2 200 47b3ebf1-f568-05ac-6674-6ba34499f7ed.js Show response
create.lidstatic.com/campaign/ 123 KB
39 KB 517ms
494ms Script
text/javascript 2606:4700:10::ac43:29e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/47b3ebf1-f568-05ac-6674-6ba34499f7ed.js?snippet_version=2
Requested by: Host: auto.insuredsaving.com
URL: https://auto.insuredsaving.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:29e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7aabc45841f726bbba2d87ebcc94cb251f59b66c6d915a71673e5a05b982d9b2

Request headers

Referer: https://auto.insuredsaving.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Sep 2020 20:49:08 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-amz-request-id: 92A9213C813712A1
cf-ray: 5d45b12bde091f21-FRA
status: 200
x-amz-replication-status: COMPLETED
x-amz-id-2: fLjC5ao+AMxbaTPR5fuAJTiGw7pmdgIZTGqzoteK+KYAGb7XXuZiEJil9y0M4xEWghMnE82o3PI=
last-modified: Tue, 21 Apr 2020 14:54:55 GMT
server: cloudflare
etag: W/"a0094c18922d7bb48e9bd9c0dd366f0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: eJ2ZkYiM65vE2Jb2Uhid_5Vnx6YhssrO
cache-control: max-age=1800
cf-request-id: 053f6d0f6700001f214ab01200000001
content-type: text/javascript

POST
H2 200 GenerateToken Show response
create.leadid.com/2.7.0/ 36 B
334 B 463ms
181ms XHR
text/plain 34.227.130.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.7.0/GenerateToken?msn=1&pid=ad21d7dd-e907-4c9e-a028-bf73db665880&_=714103184
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/47b3ebf1-f568-05ac-6674-6ba34499f7ed.js?snippet_version=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.130.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-130-110.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: ee184725749768e9c64840caf6f982b1b99db3029539f021f52ddafa0c9d5bde

Request headers

Referer: https://auto.insuredsaving.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 17 Sep 2020 20:49:09 GMT
content-encoding: gzip
server: nginx/1.17.6
status: 200
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 6040 0
0 50ms
41ms Document
text/html 143.204.208.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=05345C5B-A5C6-9396-5FDD-B4174390F51F&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.7.0&lck=47B3EBF1-F568-05AC-6674-6BA34499F7ED&lac=532AA58C-3478-CE87-E6BF-9CE3DCA7C530
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/47b3ebf1-f568-05ac-6674-6ba34499f7ed.js?snippet_version=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.208.60 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-208-60.fra53.r.cloudfront.net
Software: nginx/1.17.6 /
Resource Hash

Request headers

:method: GET
:authority: d2m2wsoho8qq12.cloudfront.net
:scheme: https
:path: /iframe.html?token=05345C5B-A5C6-9396-5FDD-B4174390F51F&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.7.0&lck=47B3EBF1-F568-05AC-6674-6BA34499F7ED&lac=532AA58C-3478-CE87-E6BF-9CE3DCA7C530
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://auto.insuredsaving.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://auto.insuredsaving.com/

Response headers

status: 200
content-type: text/html
date: Thu, 17 Sep 2020 01:14:39 GMT
server: nginx/1.17.6
last-modified: Wed, 16 Sep 2020 12:17:33 GMT
etag: W/"5f62025d-dbc"
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: QckJUH2WgQX0gV0-5D7P-jOBBrTZGpVlgWPrTJNlVaXg_6gjaCyKgg==
age: 70469

POST
H2 200 SaveDom Show response
create.leadid.com/2.7.0/ 0
298 B 140ms
138ms XHR
text/plain 34.227.130.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.7.0/SaveDom?msn=2&pid=ad21d7dd-e907-4c9e-a028-bf73db665880&token=05345C5B-A5C6-9396-5FDD-B4174390F51F&_=714103185
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/47b3ebf1-f568-05ac-6674-6ba34499f7ed.js?snippet_version=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.130.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-130-110.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://auto.insuredsaving.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 17 Sep 2020 20:49:09 GMT
content-encoding: gzip
server: nginx/1.17.6
status: 200
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.7.0/ 0
298 B 139ms
139ms XHR
text/plain 34.227.130.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.7.0/InitFormData?msn=3&pid=ad21d7dd-e907-4c9e-a028-bf73db665880&token=05345C5B-A5C6-9396-5FDD-B4174390F51F&_=714103186
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/47b3ebf1-f568-05ac-6674-6ba34499f7ed.js?snippet_version=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.130.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-130-110.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://auto.insuredsaving.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 17 Sep 2020 20:49:09 GMT
content-encoding: gzip
server: nginx/1.17.6
status: 200
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 dcd5aaa7-2609-46c8-9229-9112293b265e.js Show response
auto.insuredsaving.com/chunk/93675/ 16 KB
5 KB 341ms
340ms Script
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://auto.insuredsaving.com/chunk/93675/dcd5aaa7-2609-46c8-9229-9112293b265e.js
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.b9b74d1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 76e0487e398f1495e3f141e21b92337c1d7da8d5a7f522417b9e1e435f4c46b4

Request headers

Referer: https://auto.insuredsaving.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Sep 2020 20:49:10 GMT
content-encoding: br
last-modified: Thu, 17 Sep 2020 20:48:19 GMT
server: keycdn-engine
access-control-allow-origin: *
x-edge-location: defr
etag: "1e2f86357e5dd030630235fc811d43ca"
x-cache-status: MISS
x-cache: MISS
x-amz-version-id: 9OktGWCP751RGM4H2brW16jT967BrjEA
status: 200
cache-control: no-cache, must-revalidate, max-age=0
accept-ranges: bytes
content-type: text/html
content-length: 4415

POST
H2 200 Snap Show response
create.leadid.com/2.7.0/ 0
298 B 420ms
283ms XHR
text/plain 34.227.130.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.7.0/Snap?msn=4&pid=ad21d7dd-e907-4c9e-a028-bf73db665880&token=05345C5B-A5C6-9396-5FDD-B4174390F51F&_=714103187
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/47b3ebf1-f568-05ac-6674-6ba34499f7ed.js?snippet_version=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.130.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-130-110.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://auto.insuredsaving.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 17 Sep 2020 20:49:10 GMT
content-encoding: gzip
server: nginx/1.17.6
status: 200
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.insuredsaving.com/	1978-01-11 21:31:40	Name: _user_id Value: 9fbe0d2d-2fee-4aba-ba8b-7a71d1231251-Lejgkl9+RXamAkMGKQbrCez60KV2PISIVb1cWRAT44
auto.insuredsaving.com/	1978-01-11 21:31:40	Name: _user_random Value: 0.37573188027786397
.insuredsaving.com/	1970-01-19 12:32:55	Name: _gat Value: 1
.insuredsaving.com/	1978-01-11 21:31:40	Name: _user_time Value: 1600375747562\|1600375747562
.insuredsaving.com/	1970-01-19 12:34:22	Name: _gid Value: GA1.2.2052661422.1600375748
.insuredsaving.com/	1970-01-20 06:04:07	Name: _ga Value: GA1.2.1661001494.1600375748

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://impressure-c630.kxcdn.com/presenter.b9b74d1.js(Line 1) Message: 🗂 [object Object]
console-api	log	URL: https://impressure-c630.kxcdn.com/presenter.b9b74d1.js(Line 28) Message: 🗓 %c2019-10-25 12:48:13.533 font-weight: bold
console-api	warning	URL: https://impressure-c630.kxcdn.com/presenter.b9b74d1.js(Line 28) Message: Could not parse date from null.
console-api	error	URL: https://impressure-c630.kxcdn.com/presenter.b9b74d1.js(Line 1) Message: There was an error executing your script. In the <head> tag: TypeError: Cannot read property 'track' of undefined at <entry> (4:53 var isLive=true; if (isLive) { var _at = {}; window._at.track = window._at.track \|\| function(){(window._at.track.q = window._at.track.q \|\| []).push(arguments);}; _at.domain = 'now.insuredsaving.com';_at.owner = '041e2bdba891';_at.idSite = '16265';_at.attributes = {};_at.worker = '/push-worker.js';_at.webpushid = 'web.61.apple.com';(function() { var u='//s3.amazonaws.com/trackpush/'; var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0]; g.type='text/javascript'; g.async=true; g.defer=true; g.src=u+'trackpush.min.js'; s.parentNode.insertBefore(g,s); })(); ^
console-api	log	(Line 12) Message: create_progress_ring defined
console-api	log	(Line 3) Message: leadidscript
console-api	log	(Line 4) Message: leadid

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auto.insuredsaving.com
code.jquery.com
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
dashboard.clickstoconvert.com
djk97zng6lbya.cloudfront.net
events.impressure.io
impressure-c630.kxcdn.com
www.google-analytics.com
143.204.208.60
2001:4de0:ac19::1:b:2a
2606:4700:10::ac43:29e5
2a00:1450:4001:803::200e
2a00:1450:4001:81a::200e
2a0b:4d07:101::1
34.227.130.110
52.24.226.54
52.42.194.64
0823b15664e6fe986f574ff6d25ee27d729984018bca3d30ad3c76fb8ac54147
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1b65090d7987de278775faebfc7eb7701a886b8b830bddc9edaeeac1fa2a745d
2ce48a1c77d6a3b5fce594620469b8ab763bf185317c2f9ec1222cc4d71ed384
2e12f21010c1d5c9104af7445b1e2fac2571f255b74d0cc4dfff59241b18b3db
340d633e2738fe02c289dc44662122655656ba9d48c268a61f9c761f6a8252ba
57a1a3d7aa5ed64562e53a6d2317cae2af00004c76a0fc7161d269f97ac391d0
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
6631798fd0436183a70e8fabf3aa27a00e6ee1dfbec13b305c34d13057708e62
76e0487e398f1495e3f141e21b92337c1d7da8d5a7f522417b9e1e435f4c46b4
7aabc45841f726bbba2d87ebcc94cb251f59b66c6d915a71673e5a05b982d9b2
7b3572d713ffa9ca614384c802e8a73bf4a4420a754d20dcf60adc728f5ebd09
866a16ed24f1fa83115a250c8ef38f561e0850e499604cb8210d813de56708dc
87747d8193ef254a0f6cd4755c44f2fae26c31de7f923f62d0f58f42f3520aa6
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
ae20ccd08eba066bfe4c50a7c2db342d3db15cd9ff203965a5261fd677962b11
af4184fcac0beab4133f96dad725c066cddedb9db58107af8928c9486d140d2b
baacbac8ea102fe556f4d7d75f0ed28614f1c6712ef7c124df6ad7cfbc4cf744
c8c076ddbb55285965b5233a91009ad7f53ca98e50811f1a0dc3d2e1aa43027a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecb5f9a97229a42a05d070bf1fb26ccf785e89c4dd8aeda12f820923cdeffc42
ee184725749768e9c64840caf6f982b1b99db3029539f021f52ddafa0c9d5bde

auto.insuredsaving.com Open in urlscan Pro 2a0b:4d07:101::1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

24 Requests

100 %HTTPS

56 %IPv6

9 Domains

10 Subdomains

10 IPs

4 Countries

301 kBTransfer

1056 kBSize

6 Cookies

0 Outgoing links

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

6 Cookies

7 Console Messages

Indicators

auto.insuredsaving.com Open in urlscan Pro
2a0b:4d07:101::1 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

100 %
HTTPS

56 %
IPv6

9
Domains

10
Subdomains

10
IPs

4
Countries

301 kB
Transfer

1056 kB
Size

6
Cookies

24 HTTP transactions
1 data transactions