accounts.bestrates.com Open in urlscan Pro
2606:4700:4400::6812:222e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://accounts.bestrates.com/
Effective URL:
https://accounts.bestrates.com/savings-and-money-market-accounts
Submission: On August 12 via api (August 12th 2024, 11:00:31 pm UTC) from US — Scanned from US

Summary HTTP 83 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 15 IPs in 1 countries across 12 domains to perform 83 HTTP transactions. The main IP is 2606:4700:4400::6812:222e, located in United States and belongs to CLOUDFLARENET, US. The main domain is accounts.bestrates.com.
TLS certificate: Issued by WE1 on July 7th 2024. Valid for: 3 months.

This is the only time accounts.bestrates.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 21	2606:4700:440... 2606:4700:4400::6812:222e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:400d:c01::5e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c0b::5f	15169 (GOOGLE) (GOOGLE)
42	172.64.151.42 172.64.151.42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4004:c0b::61	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	23.45.193.200 23.45.193.200	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a04:4e42:600... 2a04:4e42:600::300	54113 (FASTLY) (FASTLY)
1	2607:f8b0:400... 2607:f8b0:400d:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c01::68	15169 (GOOGLE) (GOOGLE)
2	64.202.112.191 64.202.112.191	23352 (SERVERCEN...) (SERVERCENTRAL)
1 2	142.251.163.149 142.251.163.149	15169 (GOOGLE) (GOOGLE)
83	15

21 2606:4700:4400::6812:222e (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

accounts.bestrates.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:400d:c01::5e (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0b::5f (Morganton, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 172.64.151.42 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

www.nextinsure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.nextinsure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c0b::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.45.193.200 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-193-200.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wave.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c00::9a (Morganton, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c01::68 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.191 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.163.149 (Farmingdale, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: wv-in-f149.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	nextinsure.com www.nextinsure.com — Cisco Umbrella Rank: 93221 cdn.nextinsure.com — Cisco Umbrella Rank: 185850	145 KB
21	bestrates.com 2 redirects accounts.bestrates.com	48 KB
5	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 4363 tr.outbrain.com — Cisco Umbrella Rank: 4248 wave.outbrain.com — Cisco Umbrella Rank: 4246	10 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 77 ad.doubleclick.net — Cisco Umbrella Rank: 210	13 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 534	15 KB
3	gstatic.com fonts.gstatic.com	88 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	174 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 410	49 KB
1	google.com www.google.com — Cisco Umbrella Rank: 10	64 B
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 1123	716 B
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 641	31 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1223	7 KB
83	12

	Domain	Requested by
39	www.nextinsure.com	accounts.bestrates.com www.nextinsure.com
21	accounts.bestrates.com	2 redirects accounts.bestrates.com static.cloudflareinsights.com
3	cdn.nextinsure.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com
3	fonts.gstatic.com	accounts.bestrates.com
2	ad.doubleclick.net	1 redirects
2	tr.outbrain.com	amplify.outbrain.com
2	amplify.outbrain.com	accounts.bestrates.com amplify.outbrain.com
2	www.googletagmanager.com	accounts.bestrates.com www.googletagmanager.com
2	cdn.jsdelivr.net	accounts.bestrates.com
1	wave.outbrain.com	amplify.outbrain.com
1	www.google.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	trc.taboola.com
1	ajax.googleapis.com	accounts.bestrates.com
1	static.cloudflareinsights.com	accounts.bestrates.com
83	16

This site contains links to these domains. Also see Links.

Domain
www.sofi.com
o1.qnsr.com
www.bestrates.com
www.quinstreet.com

Subject Issuer	Validity	Valid
accounts.bestrates.com WE1	`2024-07-07` - `2024-10-05`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
cloudflareinsights.com WE1	`2024-07-06` - `2024-10-04`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
nextinsure.com E6	`2024-06-24` - `2024-09-22`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2024-12-31`	5 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://accounts.bestrates.com/savings-and-money-market-accounts
Frame ID: 8EE3CB34E37E22EF15C76FE15E24B342
Requests: 74 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

High Interest Savings and Money Market Accounts Online

Page URL History Show full URLs

http://accounts.bestrates.com/ HTTP 307
https://accounts.bestrates.com/ HTTP 302
https://accounts.bestrates.com/savings-and-money-market-accounts/ HTTP 301
https://accounts.bestrates.com/savings-and-money-market-accounts Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

83
Requests

98 %
HTTPS

71 %
IPv6

12
Domains

16
Subdomains

15
IPs

1
Countries

580 kB
Transfer

1721 kB
Size

16
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.sofi.com/banking/
Title: sofi.com/banking

Search URL Search Domain Scan URL

URL: http://www.sofi.com/legal/banking-rate-sheet
Title: http://www.sofi.com/legal/banking-rate-sheet

Search URL Search Domain Scan URL

URL: https://o1.qnsr.com/cgi/r?WT.qs_dlk=Y-8sKEdjCBt6ZWZU9YxRRQAAAAI;;n=203;c=1640585;s=3086;x=7936;f=201706031656190;u=j;z=TIMESTAMP;src=574298
Title: 6 Tips For Finding the Best Savings Accounts

Search URL Search Domain Scan URL

URL: https://o1.qnsr.com/cgi/r?WT.qs_dlk=Y-8sKEdjCBt6ZWZU9YxRRQAAAAI;;n=203;c=1640586;s=3086;x=7936;f=201706031656460;u=j;z=TIMESTAMP;src=574298
Title: 10 Painless Tips to Building a Nest Egg

Search URL Search Domain Scan URL

URL: https://o1.qnsr.com/cgi/r?WT.qs_dlk=Y-8sKEdjCBt6ZWZU9YxRRQAAAAI;;n=203;c=1640587;s=3086;x=7936;f=201706031657090;u=j;z=TIMESTAMP;src=574298
Title: Compare Savings Rates From All the Top Banks

Search URL Search Domain Scan URL

URL: http://www.bestrates.com/sitemap.html?WT.srch=1&WT.qs_src=ppc_br
Title: Sitemap

Search URL Search Domain Scan URL

URL: http://www.bestrates.com/contact-us?WT.srch=1&WT.qs_src=ppc_br
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.quinstreet.com/privacy-notice/?WT.srch=1&WT.qs_src=ppc_br
Title: Privacy Notice

Search URL Search Domain Scan URL

URL: https://www.quinstreet.com/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.quinstreet.com/personal_information
Title: Do Not Sell or Share My Personal Information

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://accounts.bestrates.com/ HTTP 307
https://accounts.bestrates.com/ HTTP 302
https://accounts.bestrates.com/savings-and-money-market-accounts/ HTTP 301
https://accounts.bestrates.com/savings-and-money-market-accounts Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79

https://ad.doubleclick.net/ddm/trackimpj/N553.amex/B22113503.236413603;dc_trk_aid=433913379;dc_trk_cid=110088570;u=QS5110014;ord=638590824255604232;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
https://ad.doubleclick.net/ddm/trackimpj/N553.amex/B22113503.236413603;dc_pre=CMfCqqvH8IcDFSkHaAgds5wRxg;dc_trk_aid=433913379;dc_trk_cid=110088570;u=QS5110014;ord=638590824255604232;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=

83 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request savings-and-money-market-accounts Show response
accounts.bestrates.com/
Redirect Chain

http://accounts.bestrates.com/
https://accounts.bestrates.com/
https://accounts.bestrates.com/savings-and-money-market-accounts/
https://accounts.bestrates.com/savings-and-money-market-accounts

54 KB
13 KB

215ms
214ms

Document
text/html

2606:4700:4400::6812:222e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.bestrates.com/savings-and-money-market-accounts

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:222e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25e3f17d45f2b96827946a154293223e775eeb9db116b5b61d93a7efee475367

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8b2414d899424390-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 12 Aug 2024 23:00:25 GMT
expect-ct: max-age=86400, enforce
link: <https://accounts.bestrates.com/wp-json/>; rel="https://api.w.org/" <https://accounts.bestrates.com/wp-json/wp/v2/pages/12>; rel="alternate"; type="application/json" <https://accounts.bestrates.com/?p=12>; rel=shortlink
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 13
x-cache-group: normal
x-cacheable: SHORT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8b2414d71f9e4390-EWR
content-type: text/html; charset=UTF-8
date: Mon, 12 Aug 2024 23:00:25 GMT
expect-ct: max-age=86400, enforce
location: https://accounts.bestrates.com/savings-and-money-market-accounts
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-cache: HIT: 1
x-cache-group: normal
x-cacheable: non200
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-redirect-by: WordPress
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ 152 KB
25 KB 32ms
8ms Stylesheet
text/css 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css

Requested by

Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/savings-and-money-market-accounts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://accounts.bestrates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 12 Aug 2024 23:00:25 GMT
x-content-type-options: nosniff
content-encoding: br
age: 3445825
x-jsd-version: 5.0.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25360
x-served-by: cache-fra-eddf8230097-FRA, cache-lga21941-LGA
x-jsd-version-type: version
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 main.css
accounts.bestrates.com/css/ 15 KB
5 KB 33ms
31ms Stylesheet
text/css 2606:4700:4400::6812:222e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.bestrates.com/css/main.css

Requested by

Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/savings-and-money-market-accounts

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:222e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f4237ebaa83bba947a269821b7789968d07d945591b18a95cda9ad6bec7f0c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.bestrates.com/savings-and-money-market-accounts
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 23:00:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 398502
cf-polished: origSize=19999
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: minify
last-modified: Thu, 25 Jul 2024 06:52:49 GMT
server: cloudflare
etag: W/"66a1f641-4e1f"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2414da0af74390-EWR
expires: Tue, 12 Aug 2025 23:00:25 GMT

GET
H3 200 fonts.css
accounts.bestrates.com/css/ 2 KB
715 B 75ms
73ms Stylesheet
text/css 2606:4700:4400::6812:222e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.bestrates.com/css/fonts.css

Requested by

Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/savings-and-money-market-accounts

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:222e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db51dd1ca5d2bf657f3c4ebcd1bd00ac6c485abf9a9d9bdf32f451db73b0abab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.bestrates.com/savings-and-money-market-accounts
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 23:00:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 398502
cf-polished: origSize=3413
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: minify
last-modified: Fri, 02 Jun 2023 06:46:03 GMT
server: cloudflare
etag: W/"6479902b-d55"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2414da0af84390-EWR
expires: Tue, 12 Aug 2025 23:00:25 GMT

GET
H3 200 footer.css
accounts.bestrates.com/css/ 747 B
652 B 30ms
28ms Stylesheet
text/css 2606:4700:4400::6812:222e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.bestrates.com/css/footer.css

Requested by

Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/savings-and-money-market-accounts

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:222e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

332bb1f9170df5a66bbd26409c839f29ff9d093c152fe14edd9e4213090fe9fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.bestrates.com/savings-and-money-market-accounts
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 23:00:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 400191
cf-polished: origSize=1132
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: minify
last-modified: Fri, 02 Jun 2023 05:47:30 GMT
server: cloudflare
etag: W/"64798272-46c"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2414da0af94390-EWR
expires: Tue, 12 Aug 2025 23:00:25 GMT

GET
H3 200 article_resources_samma.css
accounts.bestrates.com/css/ 673 B
701 B 31ms
29ms Stylesheet
text/css 2606:4700:4400::6812:222e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.bestrates.com/css/article_resources_samma.css

Requested by

Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/savings-and-money-market-accounts

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:222e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54973f7bbb6641fbd60efa3375ad8bf54cb57199caf74cb684750bd8f61e69d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.bestrates.com/savings-and-money-market-accounts
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 23:00:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 398502
cf-polished: origSize=858
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: minify
last-modified: Fri, 02 Jun 2023 10:50:04 GMT
server: cloudflare
etag: W/"6479c95c-35a"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2414da0afa4390-EWR
expires: Tue, 12 Aug 2025 23:00:25 GMT

GET
H3 200 content.css
accounts.bestrates.com/css/ 2 KB
980 B 32ms
31ms Stylesheet
text/css 2606:4700:4400::6812:222e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.bestrates.com/css/content.css

Requested by

Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/savings-and-money-market-accounts

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:222e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26053b9c33a6fd794f9dfef5ff2f91f15d29b6fe1e97468d601254f9bcd6405b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.bestrates.com/savings-and-money-market-accounts
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 23:00:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 398502
cf-polished: origSize=2913
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: minify
last-modified: Fri, 02 Jun 2023 05:47:30 GMT
server: cloudflare
etag: W/"64798272-b61"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2414da0afc4390-EWR
expires: Tue, 12 Aug 2025 23:00:25 GMT

GET
H3 200 logo_BestRates.svg
accounts.bestrates.com/images/ 5 KB
2 KB 27ms
26ms Image
image/svg+xml 2606:4700:4400::6812:222e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://accounts.bestrates.com/images/logo_BestRates.svg

Requested by

Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/savings-and-money-market-accounts

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:222e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27bb3ffecdefcef2ca4d5a171de8321a8c9d100d14c0dba286723c6143b95d33

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.bestrates.com/savings-and-money-market-accounts
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 23:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 398502
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 02 Jun 2023 06:46:03 GMT
server: cloudflare
etag: W/"6479902b-1416"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2414da2b2d4390-EWR
expires: Tue, 12 Aug 2025 23:00:25 GMT

GET
H3 200 close.png
accounts.bestrates.com/images/ 291 B
623 B 27ms
26ms Image
image/png 2606:4700:4400::6812:222e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://accounts.bestrates.com/images/close.png

Requested by

Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/savings-and-money-market-accounts

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:222e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa023eec1dca02880b3d392bb45cade3aaca67c36c5183eb53d6da7705bb87cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.bestrates.com/savings-and-money-market-accounts
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 23:00:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 378624
cf-polished: origSize=329
alt-svc: h3=":443"; ma=86400
content-length: 291
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:100,h2pri
last-modified: Fri, 02 Jun 2023 06:46:03 GMT
server: cloudflare
etag: "6479902b-149"
expect-ct: max-age=86400, enforce
vary: Accept, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b2414da2b2e4390-EWR
expires: Tue, 12 Aug 2025 23:00:25 GMT

GET
H3 200 cd_sec.svg
accounts.bestrates.com/images/ 2 KB
1 KB 33ms
32ms Image
image/svg+xml 2606:4700:4400::6812:222e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://accounts.bestrates.com/images/cd_sec.svg

Requested by

Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/savings-and-money-market-accounts

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:222e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6779aadd03ff0da77f3f52ce85c7c59f471a2adbdff02ae4977e86bd43a7645

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.bestrates.com/savings-and-money-market-accounts
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 23:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 398502
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 25 Jul 2024 06:52:49 GMT
server: cloudflare
etag: W/"66a1f641-6b0"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2414da0afe4390-EWR
expires: Tue, 12 Aug 2025 23:00:25 GMT

GET
H3 200 check_sec.svg
accounts.bestrates.com/images/ 1 KB
977 B 38ms
37ms Image
image/svg+xml 2606:4700:4400::6812:222e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://accounts.bestrates.com/images/check_sec.svg

Requested by

Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/savings-and-money-market-accounts

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:222e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7930faed30f9e60c8cdc2ecbbf1937f6e066d85c190789edfb3568a79dfb190e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.bestrates.com/savings-and-money-market-accounts
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 23:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 399095
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 25 Jul 2024 06:52:49 GMT
server: cloudflare
etag: W/"66a1f641-5fa"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2414da0aff4390-EWR
expires: Tue, 12 Aug 2025 23:00:25 GMT

GET
H3 200 rocket-loader.min.js Show response
accounts.bestrates.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 12ms
12ms Script
application/javascript 2606:4700:4400::6812:222e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.bestrates.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/savings-and-money-market-accounts

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:222e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://accounts.bestrates.com/savings-and-money-market-accounts
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 23:00:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 07 Aug 2024 09:35:25 GMT
server: cloudflare
content-encoding: gzip
etag: W/"66b33fdd-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 8b2414da2b314390-EWR
expires: Wed, 14 Aug 2024 23:00:25 GMT

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 124ms
56ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/savings-and-money-market-accounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

Referer
Origin: https://accounts.bestrates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 23:00:25 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
server: cloudflare
etag: W/"2024.6.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8b2414da99814363-EWR

GET
H3 200 leader_background.svg
accounts.bestrates.com/images/ 2 KB
1 KB 37ms
36ms Image
image/svg+xml 2606:4700:4400::6812:222e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://accounts.bestrates.com/images/leader_background.svg

Requested by

Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/css/content.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:222e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

229da6a94b00e61915267cd9baefe74dfa5ea45fbc9ee8a1e8eb49fb937fabf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.bestrates.com/css/content.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 23:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 398501
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 02 Jun 2023 06:46:03 GMT
server: cloudflare
etag: W/"6479902b-7d7"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2414da8baf4390-EWR
expires: Tue, 12 Aug 2025 23:00:25 GMT

GET
H3 200 image_savings_desktop.svg
accounts.bestrates.com/images/ 24 KB
7 KB 36ms
35ms Image
image/svg+xml 2606:4700:4400::6812:222e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://accounts.bestrates.com/images/image_savings_desktop.svg

Requested by

Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/css/content.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:222e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fae9285252d41944165bb2d1c16a0c56a409cda79460077b5485ca4f90313bec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.bestrates.com/css/content.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 23:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 397349
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 02 Jun 2023 06:46:03 GMT
server: cloudflare
etag: W/"6479902b-61f1"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2414da8bb04390-EWR
expires: Tue, 12 Aug 2025 23:00:25 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 16 KB
16 KB 102ms
56ms Font
font/woff2 2607:f8b0:400d:c01::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/css/fonts.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c01::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://accounts.bestrates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 03:07:03 GMT
x-content-type-options: nosniff
age: 590002
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Aug 2025 03:07:03 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
16 KB 109ms
64ms Font
font/woff2 2607:f8b0:400d:c01::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/css/fonts.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c01::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://accounts.bestrates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 02:54:35 GMT
x-content-type-options: nosniff
age: 590750
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Aug 2025 02:54:35 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 56 KB
56 KB 68ms
23ms Font
font/woff2 2607:f8b0:400d:c01::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/css/fonts.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c01::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1287b4c6427119cabf899a5ea898f81e831a2742614813a3302f671690b399c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://accounts.bestrates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 02:44:42 GMT
x-content-type-options: nosniff
age: 591343
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57116
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 23:13:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Aug 2025 02:44:42 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.3/ 88 KB
31 KB 68ms
21ms Script
text/javascript 2607:f8b0:400d:c0b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js

Requested by

Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0b::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 21:40:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 436801
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31191
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Aug 2025 21:40:24 GMT

GET
H3 200 sh Show response
www.nextinsure.com/listingdisplay/loader/ 112 KB
34 KB 97ms
37ms Script
application/javascript 172.64.151.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nextinsure.com/listingdisplay/loader/sh

Requested by

Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.151.42 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

734f6c3b2061d4a6cd4db6f990538f8721b21095bb25d5f60180e8f77e4661a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 23:00:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 14878
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 09 Aug 2024 20:26:44 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: X-Akamai-Device-Characteristics, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=691200
timing-allow-origin: *
cf-ray: 8b2414db1ceb43a4-EWR
expires: Tue, 20 Aug 2024 23:00:25 GMT

GET
H3 200 frontend.js Show response
accounts.bestrates.com/wp-content/plugins/stop-user-enumeration/frontend/js/ 486 B
573 B 39ms
38ms Script
application/javascript 2606:4700:4400::6812:222e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.bestrates.com/wp-content/plugins/stop-user-enumeration/frontend/js/frontend.js?ver=1.4.7

Requested by

Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:222e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bbc0a7737643dd7c2344ba961592632153cb5353c92c5127339627e14b09143

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.bestrates.com/savings-and-money-market-accounts
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 23:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 398501
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 13 Jun 2023 07:49:48 GMT
server: cloudflare
etag: W/"64881f9c-1e6"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2414dabbd74390-EWR

GET
H3 200 qscookie.js Show response
accounts.bestrates.com/js/ 3 KB
2 KB 31ms
30ms Script
application/javascript 2606:4700:4400::6812:222e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.bestrates.com/js/qscookie.js

Requested by

Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:222e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3412b8c5cf77bac478079e46548d2b58cabd7bfac5a282d780a3555c6f248e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.bestrates.com/savings-and-money-market-accounts
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 23:00:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 398501
cf-polished: origSize=6716
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: minify
last-modified: Thu, 18 Apr 2024 04:59:40 GMT
server: cloudflare
etag: W/"6620a8bc-1a3c"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2414dabbd94390-EWR
expires: Tue, 12 Aug 2025 23:00:25 GMT

GET
H3 200 main.js Show response
accounts.bestrates.com/js/ 1 KB
1 KB 30ms
29ms Script
application/javascript 2606:4700:4400::6812:222e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.bestrates.com/js/main.js

Requested by

Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:222e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c90e3b29634cfa32b6060362b02ec86ba0d5e7f0c92a7a9a90a19b6dd0628d24

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.bestrates.com/savings-and-money-market-accounts
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 23:00:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 398501
cf-polished: origSize=2238
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: minify
last-modified: Thu, 30 May 2024 04:55:38 GMT
server: cloudflare
etag: W/"665806ca-8be"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2414dabbda4390-EWR
expires: Tue, 12 Aug 2025 23:00:25 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 248 KB
89 KB 68ms
33ms Script
application/javascript 2607:f8b0:4004:c0b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-THH685

Requested by

Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/savings-and-money-market-accounts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8979adab16b61ac9edd2894b7cae35b39d598279b4640de176dae7a62858608a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 23:00:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90756
x-xss-protection: 0
last-modified: Mon, 12 Aug 2024 22:14:34 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Aug 2024 23:00:25 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/ 77 KB
24 KB 10ms
8ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js

Requested by

Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://accounts.bestrates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 12 Aug 2024 23:00:25 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1719428
x-jsd-version: 5.0.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23943
x-served-by: cache-fra-eddf8230080-FRA, cache-lga21941-LGA
x-jsd-version-type: version
etag: W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 favicon.ico
accounts.bestrates.com/ 0
289 B 29ms
29ms Other
image/x-icon 2606:4700:4400::6812:222e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.bestrates.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:222e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.bestrates.com/savings-and-money-market-accounts
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 23:00:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 398501
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 08 Aug 2024 06:20:10 GMT
server: cloudflare
etag: "66b4639a-0"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b2414db9ca14390-EWR
expires: Tue, 12 Aug 2025 23:00:25 GMT

GET
BLOB 200
OK 01dd2438-1cb1-4f49-9e2f-1872062e2462
https://accounts.bestrates.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://accounts.bestrates.com/01dd2438-1cb1-4f49-9e2f-1872062e2462
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Referer: https://accounts.bestrates.com/savings-and-money-market-accounts
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 1185
Content-Type: text/javascript

GET
H3 200 widget Show response
www.nextinsure.com/ListingDisplay/ 103 KB
13 KB 436ms
436ms Script
application/javascript 172.64.151.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nextinsure.com/ListingDisplay/widget?src=574298&idx=0&it=banking_br_featuredclient_promo-ppc-standalone&wp=top

Requested by

Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.151.42 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0105e039f62a338cec506ef4fe4be85cdcbe5ee29d7066375cd87395f6f0eb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 23:00:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
x-widgetcachehit: 0
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 06 Jan 2022 18:18:49 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=691200
timing-allow-origin: *
cf-ray: 8b2414dbcd9543a4-EWR
expires: Tue, 20 Aug 2024 23:00:25 GMT

GET
H3 200 widget Show response
www.nextinsure.com/ListingDisplay/ 103 KB
13 KB 429ms
428ms Script
application/javascript 172.64.151.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nextinsure.com/ListingDisplay/widget?src=574298&idx=1&it=banking_br_featuredclient_promo-ppc-standalone

Requested by

Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.151.42 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76574f05ed83067e641de6c3c13b6a274a277722ea7c46ebd21e1ded55377c09

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 23:00:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
x-widgetcachehit: 0
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 06 Jan 2022 18:18:49 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=691200
timing-allow-origin: *
cf-ray: 8b2414dbcd9643a4-EWR
expires: Tue, 20 Aug 2024 23:00:25 GMT

GET
H3 200 widget Show response
www.nextinsure.com/ListingDisplay/ 86 KB
12 KB 418ms
418ms Script
application/javascript 172.64.151.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nextinsure.com/ListingDisplay/widget?src=574298&idx=2&it=banking_br_investments_promo-ppc-standalone

Requested by

Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.151.42 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95a1b284c60bd6639a25b74a080b7cf88473057cff98cf7009807ffa16ed20c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 23:00:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
x-widgetcachehit: 0
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 22 Jul 2024 22:55:26 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=691200
timing-allow-origin: *
cf-ray: 8b2414dbcd9843a4-EWR
expires: Tue, 20 Aug 2024 23:00:25 GMT

GET
H3 200 widget Show response
www.nextinsure.com/ListingDisplay/ 103 KB
13 KB 454ms
453ms Script
application/javascript 172.64.151.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nextinsure.com/ListingDisplay/widget?src=574298&idx=3&it=banking_br_featuredclient_promo-ppc-standalone

Requested by

Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.151.42 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d359c9051739cd6c940635fe75f7d1734bb9eddd80fb68fd4cbd1821635fbf3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 23:00:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
x-widgetcachehit: 0
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 06 Jan 2022 18:18:49 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=691200
timing-allow-origin: *
cf-ray: 8b2414dbcd9a43a4-EWR
expires: Tue, 20 Aug 2024 23:00:25 GMT

POST
H3 204 rum Show response
accounts.bestrates.com/cdn-cgi/ 0
145 B 19ms
17ms XHR
text/plain 2606:4700:4400::6812:222e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.bestrates.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:222e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://accounts.bestrates.com/savings-and-money-market-accounts
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Mon, 12 Aug 2024 23:00:25 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://accounts.bestrates.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8b2414dbdce74390-EWR

GET
H3 200 wp-emoji-release.min.js Show response
accounts.bestrates.com/wp-includes/js/ 18 KB
5 KB 31ms
29ms Script
application/javascript 2606:4700:4400::6812:222e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.bestrates.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.5

Requested by

Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/savings-and-money-market-accounts

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:222e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.bestrates.com/savings-and-money-market-accounts
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 23:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 398501
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 13 Feb 2024 14:36:07 GMT
server: cloudflare
etag: W/"65cb7e57-4926"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2414dbfd074390-EWR
expires: Tue, 12 Aug 2025 23:00:25 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 241 KB
85 KB 35ms
31ms Script
application/javascript 2607:f8b0:4004:c0b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-1055505811&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THH685

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ede0bf178abf711737b6aa9e8a223287be4f0e802ec11b90c6a1a933bf473c38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 23:00:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87329
x-xss-protection: 0
last-modified: Mon, 12 Aug 2024 22:14:34 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Aug 2024 23:00:25 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
14 KB 59ms
21ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THH685

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 12 Aug 2024 23:00:25 GMT
last-modified: Sat, 13 Jul 2024 20:42:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F554A64D3561480191732240F4CAEFF3 Ref B: EWR30EDGE0908 Ref C: 2024-08-12T23:00:25Z
etag: "044982565d5da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 14183

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 28 KB
9 KB 184ms
11ms Script
application/x-javascript 23.45.193.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: accounts.bestrates.com
URL: https://accounts.bestrates.com/savings-and-money-market-accounts
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.193.200 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-193-200.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8489534bde4ad3c3cedebecd11b9babe653de6b413922ec2b877c5bfcb33ee3e

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Mon, 12 Aug 2024 23:00:25 GMT
Content-Encoding: gzip
Last-Modified: Mon, 22 Jul 2024 07:46:05 GMT
Server: AkamaiNetStorage
ETag: "7437febf15b08e005ac33eb9fc2707ae:1721634584.416148"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: NA
Cache-Control: max-age=1200
X-CC: US
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8614
Expires: Mon, 12 Aug 2024 23:20:25 GMT

GET
H2 204 unip
trc.taboola.com/1010576/log/3/ 0
716 B 56ms
28ms Image
image/gif 2a04:4e42:600::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/1010576/log/3/unip?en=retarget
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-vcl-time-ms: 21
date: Mon, 12 Aug 2024 23:00:25 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 19613
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lga21950-LGA
pragma: no-cache
server: nginx
x-timer: S1723503626.667641,VS0,VE21
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 16003851.js Show response
bat.bing.com/p/action/ 334 B
407 B 23ms
22ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/16003851.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0170197caffee3d73fe659b2b65d4c50b88310d98752d7dba0e7988e7dfe4376

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Mon, 12 Aug 2024 23:00:25 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 81E2946A57C949A9B40C47BD8ED7CEBF Ref B: EWR30EDGE0908 Ref C: 2024-08-12T23:00:25Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=1800

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1055505811/ 2 KB
1 KB 80ms
34ms Script
text/javascript 2607:f8b0:400d:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1055505811/?random=1723503625722&cv=11&fst=1723503625722&bg=ffffff&guid=ON&async=1&gtm=45be4880v9130089605z86772502za201zb6772502&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Faccounts.bestrates.com%2Fsavings-and-money-market-accounts&hn=www.googleadservices.com&frm=0&tiba=High%20Interest%20Savings%20and%20Money%20Market%20Accounts%20Online&npa=0&pscdl=noapi&auid=1691778676.1723503626&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-1055505811&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c00::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5823e6c845dbb09f519971182ca879f55a6790bd3a53dcb99b6f7c45d7e75f21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Aug 2024 23:00:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1389
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
361 B 22ms
22ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=16003851&tm=gtm002&Ver=2&mid=8db8645e-9c90-4514-a5ad-9bb626636df2&sid=a951110058fe11efb1d3935edae5edfd&vid=a9512fa058fe11efa1ae3b1b842c5ad9&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1600&sh=1200&sc=24&tl=High%20Interest%20Savings%20and%20Money%20Market%20Accounts%20Online&kw=saving,%20savings%20account,%20money%20market,%20money%20markets,%20accounts,%20interest,%20yield,%20yields,%20yielding,%20high,%20highest,%20rate,%20rates,%20best,%20top,%20online,%20open,%20compare,%20apply,%20earn,%20earning,%20personal,%20joint,%20jumbo,%20custodial,%20baby,%20infant,%20kid,%20kids,%20child,%20children,%20grandchild,%20grandchildren,%20teen,%20teenager&p=https%3A%2F%2Faccounts.bestrates.com%2Fsavings-and-money-market-accounts&r=&lt=1330&evt=pageLoad&sv=1&cdb=AQAQ&rn=948492

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 12 Aug 2024 23:00:25 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 72036F40EF8C45F399578A52E83BD783 Ref B: EWR30EDGE0908 Ref C: 2024-08-12T23:00:25Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1055505811/ 42 B
64 B 71ms
26ms Image
image/gif 2607:f8b0:400d:c01::68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1055505811/?random=1723503625722&cv=11&fst=1723503600000&bg=ffffff&guid=ON&async=1&gtm=45be4880v9130089605z86772502za201zb6772502&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Faccounts.bestrates.com%2Fsavings-and-money-market-accounts&hn=www.googleadservices.com&frm=0&tiba=High%20Interest%20Savings%20and%20Money%20Market%20Accounts%20Online&npa=0&pscdl=noapi&auid=1691778676.1723503626&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfFgPUYCcO8U9tZHyRt6uwvTpiI_iRxg&random=3323498071&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c01::68 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Aug 2024 23:00:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK unifiedPixel Show response
tr.outbrain.com/ 53 B
321 B 32ms
9ms Fetch
image/gif 64.202.112.191
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/unifiedPixel?au=false&bust=01725337085905081&referrer=&cht=gtm&marketerId=00e3c6461d93e85f1f5ebab35ed4e601ae&name=PAGE_VIEW&dl=https%3A%2F%2Faccounts.bestrates.com%2Fsavings-and-money-market-accounts&g=1&obApiVersion=1.1&obtpVersion=2.0.5

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.202.112.191 , United States, ASN23352 (SERVERCENTRAL, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 23:00:25 GMT
cache-control: no-cache
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-traceid: 10ec065064e43859686fae3d6bb49644
content-length: 54
content-type: image/gif;

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
293 B 34ms
10ms Script
application/javascript 64.202.112.191
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/cachedClickId?marketerId=00e3c6461d93e85f1f5ebab35ed4e601ae

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.202.112.191 , United States, ASN23352 (SERVERCENTRAL, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 23:00:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-traceid: 8da66dc91e84e4e9d2d6a7f64b821ed8
content-length: 39
content-type: application/javascript

GET
H/1.1 200
OK 00e3c6461d93e85f1f5ebab35ed4e601ae Show response
wave.outbrain.com/mtWavesBundler/handler/ 2 B
516 B 107ms
11ms Script
text/html 23.45.193.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wave.outbrain.com/mtWavesBundler/handler/00e3c6461d93e85f1f5ebab35ed4e601ae

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.45.193.200 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-45-193-200.deploy.static.akamaitechnologies.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Date: Mon, 12 Aug 2024 23:00:25 GMT
ob-sent-time: 1723438018464
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-RG: NA
Cache-Control: max-age=60
X-CC: US
Connection: keep-alive
x-traceid: ff80840a1c6d4e02553d4e4e24454b1a
Content-Length: 22
Expires: Mon, 12 Aug 2024 23:01:25 GMT

GET
H/1.1 200
OK topics Show response
amplify.outbrain.com/ 26 B
301 B 32ms
11ms Fetch
text/html 23.45.193.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/topics
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.193.200 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-193-200.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Mon, 12 Aug 2024 23:00:25 GMT
Observe-Browsing-Topics: ?1
Content-Type: text/html
Access-Control-Allow-Origin: *
X-RG: NA
Cache-Control: max-age=1200
X-CC: US
Connection: keep-alive
Content-Length: 26
Expires: Mon, 12 Aug 2024 23:20:25 GMT

OPTIONS
H3 200 ev.ashx
www.nextinsure.com/ListingDisplay/handlers/ 0
0 120ms
107ms Preflight
application/json 172.64.151.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nextinsure.com/ListingDisplay/handlers/ev.ashx

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.151.42 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://accounts.bestrates.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Cache-Control
access-control-allow-methods: GET, POST
access-control-allow-origin: https://accounts.bestrates.com
access-control-max-age: 2592000
alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 8b2414dea86442f4-EWR
content-length: 2
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx; script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=5lvT3eQGK.EBNLErLv_PkTHtOwH9NGX1PbFzbArx3z0-1723503626-1.0.1.1-ax8F9WtlHvaeWsLZmMbVOQy_sT_McM5Fv0beR9F_CAn6Jp5XiOShXtcynVwFFn6biqEGgnMqo6xyq4Vz9mJM.RfPmJof8wvF4Rh2WF1Lk4UJTsZFUo38cKuOZSvSR3uDt9t8jfE5_dqrdfjxDpsjHugZbn0k10uq5JKWZINZhNk; report-to cf-csp-endpoint
content-type: application/json; charset=utf-8
date: Mon, 12 Aug 2024 23:00:26 GMT
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=5lvT3eQGK.EBNLErLv_PkTHtOwH9NGX1PbFzbArx3z0-1723503626-1.0.1.1-ax8F9WtlHvaeWsLZmMbVOQy_sT_McM5Fv0beR9F_CAn6Jp5XiOShXtcynVwFFn6biqEGgnMqo6xyq4Vz9mJM.RfPmJof8wvF4Rh2WF1Lk4UJTsZFUo38cKuOZSvSR3uDt9t8jfE5_dqrdfjxDpsjHugZbn0k10uq5JKWZINZhNk"}],"group":"cf-csp-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
timing-allow-origin: *
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

OPTIONS
H3 200 telemetry.ashx
www.nextinsure.com/ListingDisplay/handlers/ 0
0 114ms
102ms Preflight 172.64.151.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nextinsure.com/ListingDisplay/handlers/telemetry.ashx

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.151.42 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://accounts.bestrates.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Cache-Control
access-control-allow-methods: GET, POST
access-control-allow-origin: https://accounts.bestrates.com
access-control-max-age: 2592000
alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 8b2414dea86242f4-EWR
content-length: 0
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
date: Mon, 12 Aug 2024 23:00:26 GMT
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
timing-allow-origin: *
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H3 200 / Show response
www.nextinsure.com/ListingDisplay/display/ 2 KB
2 KB 251ms
250ms XHR
application/json 172.64.151.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nextinsure.com/ListingDisplay/display/

Requested by

Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.151.42 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb8d448f4eee29aa1c4221b38efca7dde2e8ed2b05025e7c7cf60121f2cc4928

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 12 Aug 2024 23:00:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
server-timing: retImp;dur=28, sl;dur=27
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://accounts.bestrates.com
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
cf-ray: 8b2414de882243a4-EWR

POST
H3 200 ev.ashx Show response
www.nextinsure.com/ListingDisplay/handlers/ 2 B
812 B 147ms
146ms XHR
application/json 172.64.151.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nextinsure.com/ListingDisplay/handlers/ev.ashx

Requested by

Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.151.42 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Mon, 12 Aug 2024 23:00:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
alt-svc: h3=":443"; ma=86400
content-length: 2
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://accounts.bestrates.com
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
cf-ray: 8b2414df58e243a4-EWR

OPTIONS
H3 200 telemetry.ashx
www.nextinsure.com/ListingDisplay/handlers/ 0
0 114ms
102ms Preflight 172.64.151.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nextinsure.com/ListingDisplay/handlers/telemetry.ashx

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.151.42 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://accounts.bestrates.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Cache-Control
access-control-allow-methods: GET, POST
access-control-allow-origin: https://accounts.bestrates.com
access-control-max-age: 2592000
alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 8b2414dea85f42f4-EWR
content-length: 0
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
date: Mon, 12 Aug 2024 23:00:26 GMT
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
timing-allow-origin: *
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H3 200 telemetry.ashx Show response
www.nextinsure.com/ListingDisplay/handlers/ 2 B
724 B 111ms
109ms XHR
application/json 172.64.151.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nextinsure.com/ListingDisplay/handlers/telemetry.ashx

Requested by

Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.151.42 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Mon, 12 Aug 2024 23:00:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
alt-svc: h3=":443"; ma=86400
content-length: 2
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://accounts.bestrates.com
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
cf-ray: 8b2414df48d543a4-EWR

POST
H3 200 telemetry.ashx Show response
www.nextinsure.com/ListingDisplay/handlers/ 2 B
724 B 103ms
101ms XHR
application/json 172.64.151.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nextinsure.com/ListingDisplay/handlers/telemetry.ashx

Requested by

Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.151.42 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Mon, 12 Aug 2024 23:00:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
alt-svc: h3=":443"; ma=86400
content-length: 2
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://accounts.bestrates.com
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
cf-ray: 8b2414df48d943a4-EWR

OPTIONS
H3 200 ev.ashx
www.nextinsure.com/ListingDisplay/handlers/ 0
0 103ms
103ms Preflight
application/json 172.64.151.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nextinsure.com/ListingDisplay/handlers/ev.ashx

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.151.42 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://accounts.bestrates.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Cache-Control
access-control-allow-methods: GET, POST
access-control-allow-origin: https://accounts.bestrates.com
access-control-max-age: 2592000
alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 8b2414dea87042f4-EWR
content-length: 2
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
content-type: application/json; charset=utf-8
date: Mon, 12 Aug 2024 23:00:26 GMT
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
timing-allow-origin: *
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

OPTIONS
H3 200 telemetry.ashx
www.nextinsure.com/ListingDisplay/handlers/ 0
0 97ms
96ms Preflight 172.64.151.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nextinsure.com/ListingDisplay/handlers/telemetry.ashx

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.151.42 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://accounts.bestrates.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Cache-Control
access-control-allow-methods: GET, POST
access-control-allow-origin: https://accounts.bestrates.com
access-control-max-age: 2592000
alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 8b2414dea87242f4-EWR
content-length: 0
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
date: Mon, 12 Aug 2024 23:00:26 GMT
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
timing-allow-origin: *
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H3 200 / Show response
www.nextinsure.com/ListingDisplay/display/ 19 KB
6 KB 262ms
261ms XHR
application/json 172.64.151.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nextinsure.com/ListingDisplay/display/

Requested by

Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.151.42 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d326dc51911a26d8e5722c49e6dbb0795d2b39680cfef462e4f2f170565235f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 12 Aug 2024 23:00:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
server-timing: retImp;dur=54, sl;dur=28, alg;dur=0
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://accounts.bestrates.com
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
cf-ray: 8b2414dea83e43a4-EWR

POST
H3 200 ev.ashx Show response
www.nextinsure.com/ListingDisplay/handlers/ 2 B
812 B 106ms
105ms XHR
application/json 172.64.151.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nextinsure.com/ListingDisplay/handlers/ev.ashx

Requested by

Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.151.42 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Mon, 12 Aug 2024 23:00:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
alt-svc: h3=":443"; ma=86400
content-length: 2
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://accounts.bestrates.com
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
cf-ray: 8b2414df58e943a4-EWR

POST
H3 200 telemetry.ashx Show response
www.nextinsure.com/ListingDisplay/handlers/ 2 B
724 B 107ms
106ms XHR
application/json 172.64.151.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nextinsure.com/ListingDisplay/handlers/telemetry.ashx

Requested by

Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.151.42 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Mon, 12 Aug 2024 23:00:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
alt-svc: h3=":443"; ma=86400
content-length: 2
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://accounts.bestrates.com
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
cf-ray: 8b2414df48da43a4-EWR

OPTIONS
H3 200 ev.ashx
www.nextinsure.com/ListingDisplay/handlers/ 0
0 105ms
104ms Preflight
application/json 172.64.151.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nextinsure.com/ListingDisplay/handlers/ev.ashx

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.151.42 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://accounts.bestrates.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Cache-Control
access-control-allow-methods: GET, POST
access-control-allow-origin: https://accounts.bestrates.com
access-control-max-age: 2592000
alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 8b2414dec88342f4-EWR
content-length: 2
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
content-type: application/json; charset=utf-8
date: Mon, 12 Aug 2024 23:00:26 GMT
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
timing-allow-origin: *
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

OPTIONS
H3 200 telemetry.ashx
www.nextinsure.com/ListingDisplay/handlers/ 0
0 126ms
125ms Preflight 172.64.151.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nextinsure.com/ListingDisplay/handlers/telemetry.ashx

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.151.42 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://accounts.bestrates.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Cache-Control
access-control-allow-methods: GET, POST
access-control-allow-origin: https://accounts.bestrates.com
access-control-max-age: 2592000
alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 8b2414dec88742f4-EWR
content-length: 0
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
date: Mon, 12 Aug 2024 23:00:26 GMT
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
timing-allow-origin: *
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H3 200 / Show response
www.nextinsure.com/ListingDisplay/display/ 9 KB
4 KB 238ms
237ms XHR
application/json 172.64.151.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nextinsure.com/ListingDisplay/display/

Requested by

Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.151.42 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c36e5bc3ab18bd3a5d0eef8685b64c2bc01fc08e4070c674cc1b43ae73a5622

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 12 Aug 2024 23:00:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
server-timing: retImp;dur=31, sl;dur=19, alg;dur=0
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://accounts.bestrates.com
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
cf-ray: 8b2414dec85743a4-EWR

POST
H3 200 ev.ashx Show response
www.nextinsure.com/ListingDisplay/handlers/ 2 B
1 KB 127ms
126ms XHR
application/json 172.64.151.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nextinsure.com/ListingDisplay/handlers/ev.ashx

Requested by

Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.151.42 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Mon, 12 Aug 2024 23:00:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;, script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=Y9cDpgDFC1VB7azZeYg1GE545gDBqmgJjgt7ECGdcBk-1723503626-1.0.1.1-EzB8OgH0qxJ_x7CK8nX_2531g4xmjwRafMZkP9s6PsWAj9LGdoSkeFYoLx1RdkQ7vV1Nk6h2g9HBOsGLVnMwVn9m9jBwlrPJkJY8P9XQuPxobIt1wVEDdGQkhJwLo_F0ipki.7__tLSITLmkmBBSKJqq5C8B6zRQdNPROKg.TWI; report-to cf-csp-endpoint
alt-svc: h3=":443"; ma=86400
content-length: 2
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=Y9cDpgDFC1VB7azZeYg1GE545gDBqmgJjgt7ECGdcBk-1723503626-1.0.1.1-EzB8OgH0qxJ_x7CK8nX_2531g4xmjwRafMZkP9s6PsWAj9LGdoSkeFYoLx1RdkQ7vV1Nk6h2g9HBOsGLVnMwVn9m9jBwlrPJkJY8P9XQuPxobIt1wVEDdGQkhJwLo_F0ipki.7__tLSITLmkmBBSKJqq5C8B6zRQdNPROKg.TWI"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://accounts.bestrates.com
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
cf-ray: 8b2414df790043a4-EWR

POST
H3 200 telemetry.ashx Show response
www.nextinsure.com/ListingDisplay/handlers/ 2 B
724 B 121ms
120ms XHR
application/json 172.64.151.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nextinsure.com/ListingDisplay/handlers/telemetry.ashx

Requested by

Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.151.42 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Mon, 12 Aug 2024 23:00:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
alt-svc: h3=":443"; ma=86400
content-length: 2
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://accounts.bestrates.com
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
cf-ray: 8b2414df991a43a4-EWR

OPTIONS
H3 200 ev.ashx
www.nextinsure.com/ListingDisplay/handlers/ 0
0 103ms
102ms Preflight
application/json 172.64.151.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nextinsure.com/ListingDisplay/handlers/ev.ashx

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.151.42 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://accounts.bestrates.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Cache-Control
access-control-allow-methods: GET, POST
access-control-allow-origin: https://accounts.bestrates.com
access-control-max-age: 2592000
alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 8b2414ded8a042f4-EWR
content-length: 2
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
content-type: application/json; charset=utf-8
date: Mon, 12 Aug 2024 23:00:26 GMT
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
timing-allow-origin: *
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

OPTIONS
H3 200 telemetry.ashx
www.nextinsure.com/ListingDisplay/handlers/ 0
0 107ms
106ms Preflight 172.64.151.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nextinsure.com/ListingDisplay/handlers/telemetry.ashx

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.151.42 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://accounts.bestrates.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Cache-Control
access-control-allow-methods: GET, POST
access-control-allow-origin: https://accounts.bestrates.com
access-control-max-age: 2592000
alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 8b2414ded8a342f4-EWR
content-length: 0
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx; script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=Kp6VYrOT0uG9ogXjSAnLlCi15TMQ7KDyahiCJWRCiZc-1723503626-1.0.1.1-Nds3B.a1PNviGYXLjEtuzWkhwFOE_IN_lqiSAzZJUjTnJeYq3BPxlUJgGAWe5qICythVDEHmh2rFv.t10FH6H_JTAx3zFb.TszWJuWaCFPyDqknSEqruood9h_UUt8KnKiPQ2sF5yjA_LmTl_zExQddHetIoPGApGfTGIUFJmGo; report-to cf-csp-endpoint
date: Mon, 12 Aug 2024 23:00:26 GMT
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=Kp6VYrOT0uG9ogXjSAnLlCi15TMQ7KDyahiCJWRCiZc-1723503626-1.0.1.1-Nds3B.a1PNviGYXLjEtuzWkhwFOE_IN_lqiSAzZJUjTnJeYq3BPxlUJgGAWe5qICythVDEHmh2rFv.t10FH6H_JTAx3zFb.TszWJuWaCFPyDqknSEqruood9h_UUt8KnKiPQ2sF5yjA_LmTl_zExQddHetIoPGApGfTGIUFJmGo"}],"group":"cf-csp-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
timing-allow-origin: *
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H3 200 / Show response
www.nextinsure.com/ListingDisplay/display/ 2 KB
2 KB 263ms
262ms XHR
application/json 172.64.151.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nextinsure.com/ListingDisplay/display/

Requested by

Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.151.42 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

313fc02c5e21ddde2f074f12c261f288af313c53162ab5218add0627655b54e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 12 Aug 2024 23:00:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
server-timing: retImp;dur=29, sl;dur=25
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://accounts.bestrates.com
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
cf-ray: 8b2414ded86d43a4-EWR

POST
H3 200 ev.ashx Show response
www.nextinsure.com/ListingDisplay/handlers/ 2 B
812 B 165ms
164ms XHR
application/json 172.64.151.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nextinsure.com/ListingDisplay/handlers/ev.ashx

Requested by

Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.151.42 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Mon, 12 Aug 2024 23:00:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
alt-svc: h3=":443"; ma=86400
content-length: 2
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://accounts.bestrates.com
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
cf-ray: 8b2414df790743a4-EWR

POST
H3 200 telemetry.ashx Show response
www.nextinsure.com/ListingDisplay/handlers/ 2 B
724 B 110ms
109ms XHR
application/json 172.64.151.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nextinsure.com/ListingDisplay/handlers/telemetry.ashx

Requested by

Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.151.42 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Mon, 12 Aug 2024 23:00:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
alt-svc: h3=":443"; ma=86400
content-length: 2
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://accounts.bestrates.com
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
cf-ray: 8b2414df890f43a4-EWR

POST
H3 200 / Show response
www.nextinsure.com/ListingDisplay/display/ 2 KB
2 KB 227ms
226ms XHR
application/json 172.64.151.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nextinsure.com/ListingDisplay/display/

Requested by

Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.151.42 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a042f90bfeb0975793440acce5e5ed0435587beac275e5690b6dc791a707910

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 12 Aug 2024 23:00:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;, script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=SDR1yl4zT2FrH9SW1BmquPXMlLWqxFnwk0oQ4fUAkNM-1723503626-1.0.1.1-F5eJ7RfSi5lvg2kSOO.AvqwJm8j4AJK0Q8sga38txAW653uPK0IFC.t7rGUuzlX8ljlGrsyOK0mMUbpbBBQ9pQmKkOuFQkXbzwbugAyW4w1RIuOuVhgFw7eIXcwHb02ddqpFwUHhpsKMFsf2210dOn0OyQ5JobbC74MJlA.kL94; report-to cf-csp-endpoint
server-timing: retImp;dur=26, sl;dur=25
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=SDR1yl4zT2FrH9SW1BmquPXMlLWqxFnwk0oQ4fUAkNM-1723503626-1.0.1.1-F5eJ7RfSi5lvg2kSOO.AvqwJm8j4AJK0Q8sga38txAW653uPK0IFC.t7rGUuzlX8ljlGrsyOK0mMUbpbBBQ9pQmKkOuFQkXbzwbugAyW4w1RIuOuVhgFw7eIXcwHb02ddqpFwUHhpsKMFsf2210dOn0OyQ5JobbC74MJlA.kL94"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://accounts.bestrates.com
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
cf-ray: 8b2414e029e243a4-EWR

OPTIONS
H3 200 imp_px.ashx
www.nextinsure.com/ListingDisplay/handlers/ 0
0 135ms
135ms Preflight 172.64.151.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nextinsure.com/ListingDisplay/handlers/imp_px.ashx

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.151.42 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://accounts.bestrates.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Cache-Control
access-control-allow-methods: GET, POST
access-control-allow-origin: https://accounts.bestrates.com
access-control-max-age: 2592000
alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 8b2414e05a2442f4-EWR
content-length: 0
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
date: Mon, 12 Aug 2024 23:00:26 GMT
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
timing-allow-origin: *
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H3 200 imp_px.ashx Show response
www.nextinsure.com/ListingDisplay/handlers/ 49 B
748 B 112ms
110ms XHR
image/gif 172.64.151.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nextinsure.com/ListingDisplay/handlers/imp_px.ashx

Requested by

Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.151.42 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93db6ff0af01c1416a4cf5643fa970e6facf75aa2c38a66404085039c2314e33

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Mon, 12 Aug 2024 23:00:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
alt-svc: h3=":443"; ma=86400
content-length: 49
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
content-type: image/gif
access-control-allow-origin: https://accounts.bestrates.com
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
cf-ray: 8b2414e12ab343a4-EWR

POST
H3 200 telemetry.ashx Show response
www.nextinsure.com/ListingDisplay/handlers/ 2 B
724 B 147ms
145ms XHR
application/json 172.64.151.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nextinsure.com/ListingDisplay/handlers/telemetry.ashx

Requested by

Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.151.42 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Mon, 12 Aug 2024 23:00:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
alt-svc: h3=":443"; ma=86400
content-length: 2
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://accounts.bestrates.com
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
cf-ray: 8b2414e05a0343a4-EWR

POST
H3 200 telemetry.ashx Show response
www.nextinsure.com/ListingDisplay/handlers/ 2 B
724 B 120ms
118ms XHR
application/json 172.64.151.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nextinsure.com/ListingDisplay/handlers/telemetry.ashx

Requested by

Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.151.42 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Mon, 12 Aug 2024 23:00:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
alt-svc: h3=":443"; ma=86400
content-length: 2
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://accounts.bestrates.com
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
cf-ray: 8b2414e05a0543a4-EWR

GET
H3 200 opt
cdn.nextinsure.com/imaging/ 6 KB
6 KB 57ms
52ms Image
image/jpeg 172.64.151.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nextinsure.com/imaging/opt?u=aHR0cHM6Ly9pbWFnZXNlcnZlci5xdWluc3RyZWV0LmNvbS9jb250ZW50L29uZS81NDc3LzQ5ZWFjYzczLWI1YTUtNDRhZi1hOGVhLWZmODMzN2EyOTBiOC5qcGc%3d&w=150

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.151.42 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58fb6f60872f1d6b4ce9e97b3928bdce223d7e9a799794d2ae51fb5cc3cbe32e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 23:00:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
age: 365801
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: h2pri
last-modified: Thu, 08 Aug 2024 17:22:10 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-origin-s: A1
cache-control: public, max-age=31536000
cf-ray: 8b2414e05a0a43a4-EWR
expires: Tue, 12 Aug 2025 23:00:26 GMT

GET
DATA 200
OK truncated
/ 444 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 55940aebfb92d6b34636e41c2f8ca1523bd3461ffd29576e0ca59aba0884c492

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 519 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f50b412a99d1ad4e34c80f4e4529ec7b8cbe371d5d01492ae9fcfc3c9d4b1fb

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS
H3 200 imp_px.ashx
www.nextinsure.com/ListingDisplay/handlers/ 0
0 125ms
125ms Preflight 172.64.151.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nextinsure.com/ListingDisplay/handlers/imp_px.ashx

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.151.42 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://accounts.bestrates.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Cache-Control
access-control-allow-methods: GET, POST
access-control-allow-origin: https://accounts.bestrates.com
access-control-max-age: 2592000
alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 8b2414e06a3042f4-EWR
content-length: 0
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
date: Mon, 12 Aug 2024 23:00:26 GMT
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
timing-allow-origin: *
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H3 200 imp_px.ashx Show response
www.nextinsure.com/ListingDisplay/handlers/ 49 B
748 B 124ms
123ms XHR
image/gif 172.64.151.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nextinsure.com/ListingDisplay/handlers/imp_px.ashx

Requested by

Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.151.42 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93db6ff0af01c1416a4cf5643fa970e6facf75aa2c38a66404085039c2314e33

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Mon, 12 Aug 2024 23:00:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
alt-svc: h3=":443"; ma=86400
content-length: 49
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
content-type: image/gif
access-control-allow-origin: https://accounts.bestrates.com
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
cf-ray: 8b2414e12ab643a4-EWR

POST
H3 200 telemetry.ashx Show response
www.nextinsure.com/ListingDisplay/handlers/ 2 B
724 B 106ms
105ms XHR
application/json 172.64.151.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nextinsure.com/ListingDisplay/handlers/telemetry.ashx

Requested by

Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.151.42 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Mon, 12 Aug 2024 23:00:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
alt-svc: h3=":443"; ma=86400
content-length: 2
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://accounts.bestrates.com
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
cf-ray: 8b2414e06a1243a4-EWR

GET
H3 200 opt
cdn.nextinsure.com/imaging/ 11 KB
12 KB 39ms
37ms Image
image/jpeg 172.64.151.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nextinsure.com/imaging/opt?u=aHR0cHM6Ly9pbWFnZXNlcnZlci5xdWluc3RyZWV0LmNvbS9jb250ZW50L29uZS83Nzc5L1NvRmlfTG9nb19Eb3dubG9hZF8xMC4yMDIzLmpwZw%3d%3d&w=150

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.151.42 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd7931c36437d5a9f863f1bf645d50e10259f0115dd7839ca269062c163e898d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 23:00:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
age: 365858
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: h2pri
last-modified: Thu, 08 Aug 2024 17:22:48 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-origin-s: A1
cache-control: public, max-age=31536000
cf-ray: 8b2414e06a1343a4-EWR
expires: Tue, 12 Aug 2025 23:00:26 GMT

GET
H3 200 opt
cdn.nextinsure.com/imaging/ 10 KB
10 KB 38ms
37ms Image
image/jpeg 172.64.151.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nextinsure.com/imaging/opt?u=aHR0cHM6Ly9pbWFnZXNlcnZlci5xdWluc3RyZWV0LmNvbS9jb250ZW50L29uZS81Mzk1L0FtZXhfTWF5MjAyMl9Mb2dvXzQ5NngyODAuanBn&w=150

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.151.42 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2d9cd75c14f31ed384db34183dda9a1cb1302df05b9789f97a2aa09e23aabed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 23:00:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
age: 365794
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: h2pri
last-modified: Thu, 08 Aug 2024 17:22:29 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-origin-s: H3
cache-control: public, max-age=31536000
cf-ray: 8b2414e06a1443a4-EWR
expires: Tue, 12 Aug 2025 23:00:26 GMT

GET
H3

200

B22113503.236413603;dc_pre=CMfCqqvH8IcDFSkHaAgds5wRxg;dc_trk_aid=433913379;dc_trk_cid=110088570;u=QS5110014;ord=638590824255604232;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimpj/N553.amex/
Redirect Chain

https://ad.doubleclick.net/ddm/trackimpj/N553.amex/B22113503.236413603;dc_trk_aid=433913379;dc_trk_cid=110088570;u=QS5110014;ord=638590824255604232;dc_lat=;dc_rdid=;tag_for_child_directed_treatment...
https://ad.doubleclick.net/ddm/trackimpj/N553.amex/B22113503.236413603;dc_pre=CMfCqqvH8IcDFSkHaAgds5wRxg;dc_trk_aid=433913379;dc_trk_cid=110088570;u=QS5110014;ord=638590824255604232;dc_lat=;dc_rdid...

12 KB
12 KB

45ms
45ms

Image
text/javascript

142.251.163.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimpj/N553.amex/B22113503.236413603;dc_pre=CMfCqqvH8IcDFSkHaAgds5wRxg;dc_trk_aid=433913379;dc_trk_cid=110088570;u=QS5110014;ord=638590824255604232;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Protocol

Server

142.251.163.149 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f149.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Aug 2024 23:00:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15139
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 12 Aug 2024 23:00:26 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimpj/N553.amex/B22113503.236413603;dc_pre=CMfCqqvH8IcDFSkHaAgds5wRxg;dc_trk_aid=433913379;dc_trk_cid=110088570;u=QS5110014;ord=638590824255604232;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
www.nextinsure.com/ListingDisplay/display/ 2 KB
2 KB 205ms
203ms XHR
application/json 172.64.151.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nextinsure.com/ListingDisplay/display/

Requested by

Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.151.42 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44e34c16f9dab7b3ade9502bd3470da40db9c21f5e339f4183b16995940003e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 12 Aug 2024 23:00:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
server-timing: retImp;dur=30, sl;dur=17
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://accounts.bestrates.com
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
cf-ray: 8b2414e08a3243a4-EWR

POST
H3 200 / Show response
www.nextinsure.com/ListingDisplay/display/ 2 KB
2 KB 207ms
206ms XHR
application/json 172.64.151.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nextinsure.com/ListingDisplay/display/

Requested by

Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.151.42 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd5c3dab422fb7080868334f025ccc6c438ea5a139f8abdbfe3e1bf4dac22a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 12 Aug 2024 23:00:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
server-timing: retImp;dur=45, sl;dur=23
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://accounts.bestrates.com
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
cf-ray: 8b2414e19b5443a4-EWR

POST
H3 200 telemetry.ashx Show response
www.nextinsure.com/ListingDisplay/handlers/ 2 B
724 B 102ms
101ms XHR
application/json 172.64.151.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nextinsure.com/ListingDisplay/handlers/telemetry.ashx

Requested by

Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.151.42 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Mon, 12 Aug 2024 23:00:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;
alt-svc: h3=":443"; ma=86400
content-length: 2
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://accounts.bestrates.com
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
cf-ray: 8b2414e1db9a43a4-EWR

POST
H3 200 telemetry.ashx Show response
www.nextinsure.com/ListingDisplay/handlers/ 2 B
1 KB 102ms
101ms XHR
application/json 172.64.151.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nextinsure.com/ListingDisplay/handlers/telemetry.ashx

Requested by

Host: www.nextinsure.com
URL: https://www.nextinsure.com/listingdisplay/loader/sh

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.151.42 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Mon, 12 Aug 2024 23:00:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.nextinsure.com *.anura.io; font-src 'self' *.nextinsure.com *.gstatic.com *.bootstrapcdn.com assets.intuitcdn.net i.pretected.com; style-src 'self' *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.anura.io nextinsure.com *.nextinsure.com *.googleapis.com *.bootstrapcdn.com code.jquery.com *.linksynergy.com i.pretected.com *.cloudflareinsights.com; img-src * data:; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; object-src 'none'; report-to /ListingDisplay/handlers/csp.ashx;, script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=lPiI0nl5NNvD902EZCPJIM4BoGrW.z1IQz0t6REpqtQ-1723503626-1.0.1.1-9yoW8lBvOr1SMn.JLewfKy35Ye_JSNDmuBrysvbIRzXOkQUNktHmAK6Mk1bMAxUxqpowBBKRrWQ1X7EYRdUzVN.zSuS.a2eHhKhN.B6OJx13.Jvqow84yC425kj0BxmYyiA0JgnJ_Htj08xvOSw7aPBWnYZ3RveDSmdkpR0Lqyo; report-to cf-csp-endpoint
alt-svc: h3=":443"; ma=86400
content-length: 2
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=lPiI0nl5NNvD902EZCPJIM4BoGrW.z1IQz0t6REpqtQ-1723503626-1.0.1.1-9yoW8lBvOr1SMn.JLewfKy35Ye_JSNDmuBrysvbIRzXOkQUNktHmAK6Mk1bMAxUxqpowBBKRrWQ1X7EYRdUzVN.zSuS.a2eHhKhN.B6OJx13.Jvqow84yC425kj0BxmYyiA0JgnJ_Htj08xvOSw7aPBWnYZ3RveDSmdkpR0Lqyo"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://accounts.bestrates.com
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
cf-ray: 8b2414e1db9d43a4-EWR

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bestrates.com/	1970-01-20 22:45:05	Name: __cf_bm Value: QXCwasMd47iu482giqqZkLWDP_j4zCAn3WcTQZ73sFk-1723503624-1.0.1.1-wEB3Bdf570EdfGHFRmPskZ2tTHQglJ9F4QLjNWXO.w5H7vLqmN8KhNxDqc9URVmwujPqytchFM0X0fPmhJfuSw
.nextinsure.com/	1970-01-20 22:45:05	Name: __cf_bm Value: MY2e77lxn0XFM_W3x7lGa4xgynMJhASiAdudITBoF0k-1723503625-1.0.1.1-KcciTwGOR5H9mQf8H6J4QlbF37_0mcfdj2ZP96ySSDoC1NRTSmk2euaQtgU4me30NoJqxlZ1bjjOqsR2FUscEw
accounts.bestrates.com/	1970-01-20 22:45:46	Name: ni_lp_url Value: https%3A%2F%2Faccounts.bestrates.com%2Fsavings-and-money-market-accounts
.bestrates.com/	1970-01-21 00:54:39	Name: _gcl_au Value: 1.1.1691778676.1723503626
.taboola.com/	1970-01-21 07:30:39	Name: t_gid Value: 7114c71a-7492-4eb9-baae-5d5bdbd19ca7-tuctdb41989
.taboola.com/	1970-01-21 07:30:39	Name: t_pt_gid Value: 7114c71a-7492-4eb9-baae-5d5bdbd19ca7-tuctdb41989
.taboola.com/	1970-01-21 07:30:39	Name: receive-cookie-deprecation Value: 1
.bestrates.com/	1970-01-20 22:46:30	Name: _uetsid Value: a951110058fe11efb1d3935edae5edfd
.bestrates.com/	1970-01-21 08:06:39	Name: _uetvid Value: a9512fa058fe11efa1ae3b1b842c5ad9
.bing.com/	1970-01-21 08:06:39	Name: MUID Value: 0B96F5F4FB9068783B5DE12DFAF26939
.bat.bing.com/	1970-01-20 22:55:08	Name: MR Value: 0
accounts.bestrates.com/	1970-01-20 22:45:03	Name: dicbo_id Value: %7B%22dicbo_fetch%22%3A1723503625865%7D
www.nextinsure.com/	1970-01-21 08:21:03	Name: uid Value: 303b0b9133bebb85a5b7913d8ad02a5a
.doubleclick.net/	1970-01-21 03:04:15	Name: APC Value: AfxxVi55GrY0ZYn85Xj0bcj4EmWtHHcHe870HjYQAeHu7uoD3C6uqA
.doubleclick.net/	1970-01-21 03:04:15	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-21 08:21:03	Name: IDE Value: AHWqTUkbnHJQ6248wUV8FVz0opJ33UktZNyV8AI4BB_JWdiEycL9c66YakqK71eWmVY

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.bestrates.com
ad.doubleclick.net
ajax.googleapis.com
amplify.outbrain.com
bat.bing.com
cdn.jsdelivr.net
cdn.nextinsure.com
fonts.gstatic.com
googleads.g.doubleclick.net
static.cloudflareinsights.com
tr.outbrain.com
trc.taboola.com
wave.outbrain.com
www.google.com
www.googletagmanager.com
www.nextinsure.com
142.251.163.149
172.64.151.42
23.45.193.200
2606:4700:4400::6812:222e
2606:4700::6810:4f49
2607:f8b0:4004:c0b::61
2607:f8b0:400d:c00::9a
2607:f8b0:400d:c01::5e
2607:f8b0:400d:c01::68
2607:f8b0:400d:c0b::5f
2620:1ec:c11::237
2a04:4e42:400::485
2a04:4e42:600::300
64.202.112.191
0170197caffee3d73fe659b2b65d4c50b88310d98752d7dba0e7988e7dfe4376
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1287b4c6427119cabf899a5ea898f81e831a2742614813a3302f671690b399c2
1a042f90bfeb0975793440acce5e5ed0435587beac275e5690b6dc791a707910
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
229da6a94b00e61915267cd9baefe74dfa5ea45fbc9ee8a1e8eb49fb937fabf3
25e3f17d45f2b96827946a154293223e775eeb9db116b5b61d93a7efee475367
26053b9c33a6fd794f9dfef5ff2f91f15d29b6fe1e97468d601254f9bcd6405b
27bb3ffecdefcef2ca4d5a171de8321a8c9d100d14c0dba286723c6143b95d33
2c36e5bc3ab18bd3a5d0eef8685b64c2bc01fc08e4070c674cc1b43ae73a5622
313fc02c5e21ddde2f074f12c261f288af313c53162ab5218add0627655b54e0
332bb1f9170df5a66bbd26409c839f29ff9d093c152fe14edd9e4213090fe9fb
3f4237ebaa83bba947a269821b7789968d07d945591b18a95cda9ad6bec7f0c8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44e34c16f9dab7b3ade9502bd3470da40db9c21f5e339f4183b16995940003e2
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
54973f7bbb6641fbd60efa3375ad8bf54cb57199caf74cb684750bd8f61e69d8
55940aebfb92d6b34636e41c2f8ca1523bd3461ffd29576e0ca59aba0884c492
5823e6c845dbb09f519971182ca879f55a6790bd3a53dcb99b6f7c45d7e75f21
58fb6f60872f1d6b4ce9e97b3928bdce223d7e9a799794d2ae51fb5cc3cbe32e
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
5f50b412a99d1ad4e34c80f4e4529ec7b8cbe371d5d01492ae9fcfc3c9d4b1fb
6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552
734f6c3b2061d4a6cd4db6f990538f8721b21095bb25d5f60180e8f77e4661a8
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
76574f05ed83067e641de6c3c13b6a274a277722ea7c46ebd21e1ded55377c09
7930faed30f9e60c8cdc2ecbbf1937f6e066d85c190789edfb3568a79dfb190e
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
8489534bde4ad3c3cedebecd11b9babe653de6b413922ec2b877c5bfcb33ee3e
8979adab16b61ac9edd2894b7cae35b39d598279b4640de176dae7a62858608a
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8bbc0a7737643dd7c2344ba961592632153cb5353c92c5127339627e14b09143
93db6ff0af01c1416a4cf5643fa970e6facf75aa2c38a66404085039c2314e33
95a1b284c60bd6639a25b74a080b7cf88473057cff98cf7009807ffa16ed20c7
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bd5c3dab422fb7080868334f025ccc6c438ea5a139f8abdbfe3e1bf4dac22a95
c90e3b29634cfa32b6060362b02ec86ba0d5e7f0c92a7a9a90a19b6dd0628d24
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d326dc51911a26d8e5722c49e6dbb0795d2b39680cfef462e4f2f170565235f1
d359c9051739cd6c940635fe75f7d1734bb9eddd80fb68fd4cbd1821635fbf3e
d6779aadd03ff0da77f3f52ce85c7c59f471a2adbdff02ae4977e86bd43a7645
db51dd1ca5d2bf657f3c4ebcd1bd00ac6c485abf9a9d9bdf32f451db73b0abab
e0105e039f62a338cec506ef4fe4be85cdcbe5ee29d7066375cd87395f6f0eb2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ede0bf178abf711737b6aa9e8a223287be4f0e802ec11b90c6a1a933bf473c38
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2d9cd75c14f31ed384db34183dda9a1cb1302df05b9789f97a2aa09e23aabed
f3412b8c5cf77bac478079e46548d2b58cabd7bfac5a282d780a3555c6f248e6
fa023eec1dca02880b3d392bb45cade3aaca67c36c5183eb53d6da7705bb87cc
fae9285252d41944165bb2d1c16a0c56a409cda79460077b5485ca4f90313bec
fb8d448f4eee29aa1c4221b38efca7dde2e8ed2b05025e7c7cf60121f2cc4928
fd7931c36437d5a9f863f1bf645d50e10259f0115dd7839ca269062c163e898d

accounts.bestrates.com Open in urlscan Pro 2606:4700:4400::6812:222e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

83 Requests

98 %HTTPS

71 %IPv6

12 Domains

16 Subdomains

15 IPs

1 Countries

580 kBTransfer

1721 kBSize

16 Cookies

10 Outgoing links

Page URL History

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

accounts.bestrates.com Open in urlscan Pro
2606:4700:4400::6812:222e Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

98 %
HTTPS

71 %
IPv6

12
Domains

16
Subdomains

15
IPs

1
Countries

580 kB
Transfer

1721 kB
Size

16
Cookies

83 HTTP transactions
2 data transactions