www.carcogroup.com Open in urlscan Pro
2606:4700::6812:5b1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.carcogroup.com//fraud/-prevention
Effective URL:
https://www.carcogroup.com//fraud/-prevention
Submission: On September 14 via api (September 14th 2024, 12:56:01 am UTC) from US — Scanned from US

Summary HTTP 49 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 12 IPs in 1 countries across 9 domains to perform 49 HTTP transactions. The main IP is 2606:4700::6812:5b1, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.carcogroup.com.
TLS certificate: Issued by WE1 on August 19th 2024. Valid for: 3 months.

This is the only time www.carcogroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
35	2606:4700::68... 2606:4700::6812:5b1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:81e::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80e::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:824::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:cfad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	157.240.241.1 157.240.241.1	32934 (FACEBOOK) (FACEBOOK)
3	2607:f8b0:400... 2607:f8b0:4006:823::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:36::181	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c19::9c	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81e::2002	15169 (GOOGLE) (GOOGLE)
49	12

35 2606:4700::6812:5b1 (United States)

ASN13335 (CLOUDFLARENET, US)

www.carcogroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::200a (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:cfad (United States)

ASN13335 (CLOUDFLARENET, US)

hello.myfonts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.241.1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-lga3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:823::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c19::9c (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::2002 (United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	carcogroup.com www.carcogroup.com	761 KB
3	gstatic.com fonts.gstatic.com	55 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 130 td.doubleclick.net — Cisco Umbrella Rank: 189	256 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 178	68 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 ajax.googleapis.com — Cisco Umbrella Rank: 407	32 KB
1	google.com analytics.google.com — Cisco Umbrella Rank: 140
1	myfonts.net hello.myfonts.net — Cisco Umbrella Rank: 10524	354 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 43	107 KB
49	9

	Domain	Requested by
35	www.carcogroup.com	www.carcogroup.com
3	fonts.gstatic.com	fonts.googleapis.com
2	www.facebook.com	www.carcogroup.com
2	connect.facebook.net	www.carcogroup.com connect.facebook.net
1	td.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	hello.myfonts.net	www.carcogroup.com
1	www.googletagmanager.com	www.carcogroup.com
1	ajax.googleapis.com	www.carcogroup.com
1	fonts.googleapis.com	www.carcogroup.com
49	11

This site contains links to these domains. Also see Links.

Domain
optis.carcogroup.com
agent.carcogroup.com
www.cisive.com
www.driveriq.com
www.aamva.org
www.nicb.org
nyia.org
www.iaati.org
njsia.memberlodge.org
nyact.org
www.insurancefraud.org
pia.org
www.niada.com
www.iadac.org
cibgny.com
ligra.com
fatiu.org
www.njvti.com

Subject Issuer	Validity	Valid
carcogroup.com WE1	`2024-08-19` - `2024-11-17`	3 months	crt.sh
upload.video.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.myfonts.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-09` - `2025-09-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-06-23` - `2024-09-21`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.doubleclick.net WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.carcogroup.com//fraud/-prevention
Frame ID: 8D87A80ED4AC1236B65D2B7A36D70876
Requests: 53 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-07RX89WL5V&gacid=1250533551.1726275357&gtm=45je4990v9104491436za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=277900167
Frame ID: 2FA523A1CB7B84A0ACDCB5E14242F10A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page not found | CARCO

Page URL History Show full URLs

http://www.carcogroup.com//fraud/-prevention HTTP 307
https://www.carcogroup.com//fraud/-prevention Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

49
Requests

100 %
HTTPS

91 %
IPv6

9
Domains

11
Subdomains

12
IPs

1
Countries

1027 kB
Transfer

1788 kB
Size

6
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://optis.carcogroup.com/?CFID=1366195&CFTOKEN=26578030&jsessionid=235B258F806F0B3FBC1946EB2DBC09B5.CFINSPECTION2&action=login&adid=&gclid=
Title: OPTIS Client Login

Search URL Search Domain Scan URL

URL: https://agent.carcogroup.com/login/ctLogin_form.cfm?CFID=1366190&CFTOKEN=19284435
Title: Vehicle Inspections Client Login

Search URL Search Domain Scan URL

URL: https://agent.carcogroup.com/status-report.html
Title: Check Your Inspection Report Status

Search URL Search Domain Scan URL

URL: http://www.cisive.com/
Title: Click here

Search URL Search Domain Scan URL

URL: http://www.driveriq.com/
Title: Click here

Search URL Search Domain Scan URL

URL: http://www.aamva.org/

Search URL Search Domain Scan URL

URL: https://www.nicb.org/

Search URL Search Domain Scan URL

URL: https://nyia.org/

Search URL Search Domain Scan URL

URL: https://www.iaati.org/

Search URL Search Domain Scan URL

URL: http://njsia.memberlodge.org/

Search URL Search Domain Scan URL

URL: http://nyact.org/

Search URL Search Domain Scan URL

URL: http://www.insurancefraud.org/index.htm

Search URL Search Domain Scan URL

URL: https://pia.org/

Search URL Search Domain Scan URL

URL: http://www.niada.com/

Search URL Search Domain Scan URL

URL: http://www.iadac.org/

Search URL Search Domain Scan URL

URL: http://cibgny.com/

Search URL Search Domain Scan URL

URL: https://ligra.com/

Search URL Search Domain Scan URL

URL: http://fatiu.org/

Search URL Search Domain Scan URL

URL: http://www.njvti.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.carcogroup.com//fraud/-prevention HTTP 307
https://www.carcogroup.com//fraud/-prevention Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request -prevention Show response
www.carcogroup.com//fraud/
Redirect Chain

http://www.carcogroup.com//fraud/-prevention
https://www.carcogroup.com//fraud/-prevention

23 KB
7 KB

630ms
450ms

Document
text/html

2606:4700::6812:5b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carcogroup.com//fraud/-prevention

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.3.33

Resource Hash

c9a5cae3e2b13fde612fb7e6675202d7807f060d16a1b4d364cb809f6cc7781d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control: public, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8c2c6a0c680bdbc6-LAX
content-encoding: gzip
content-language: en
content-type: text/html; charset=utf-8
date: Sat, 14 Sep 2024 00:55:55 GMT
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Sat, 14 Sep 2024 00:55:55 GMT
link: <https://www.carcogroup.com/>; rel="canonical",<https://www.carcogroup.com/>; rel="shortlink"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Cookie,Accept-Encoding
x-content-type-options: nosniff
x-drupal-cache: MISS
x-frame-options: SAMEORIGIN
x-generator: Drupal 7 (http://drupal.org)
x-powered-by: PHP/7.3.33

Redirect headers

Location: https://www.carcogroup.com//fraud/-prevention
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 css_kShW4RPmRstZ3SpIC-ZvVGNFVAi0WEMuCnI0ZkYIaFw.css
www.carcogroup.com/sites/carco.com/files/css/ 6 KB
2 KB 93ms
88ms Stylesheet
text/css 2606:4700::6812:5b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carcogroup.com/sites/carco.com/files/css/css_kShW4RPmRstZ3SpIC-ZvVGNFVAi0WEMuCnI0ZkYIaFw.css

Requested by

Host: www.carcogroup.com
URL: https://www.carcogroup.com//fraud/-prevention

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

912856e113e646cb59dd2a480be66f5463455408b458432e0a7234664608685c

Security Headers

Name	Value
Content-Security-Policy	child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.carcogroup.com//fraud/-prevention
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 00:55:56 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-security-policy: child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
cf-cache-status: HIT
age: 430008
content-length: 1907
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 20 Nov 2023 16:39:14 GMT
server: cloudflare
etag: "773-60a98205d3010"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8c2c6a0f8b9edbc6-LAX
expires: Sat, 21 Sep 2024 00:55:56 GMT

GET
H2 200 css_AvIQtCh4Kh8RAzoCb_NlqH9gXFP-OUoCOjPTPCVmiAM.css
www.carcogroup.com/sites/carco.com/files/css/ 4 KB
1 KB 95ms
91ms Stylesheet
text/css 2606:4700::6812:5b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carcogroup.com/sites/carco.com/files/css/css_AvIQtCh4Kh8RAzoCb_NlqH9gXFP-OUoCOjPTPCVmiAM.css

Requested by

Host: www.carcogroup.com
URL: https://www.carcogroup.com//fraud/-prevention

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02f210b428782a1f11033a026ff365a87f605c53fe394a023a33d33c25668803

Security Headers

Name	Value
Content-Security-Policy	child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.carcogroup.com//fraud/-prevention
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 00:55:56 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-security-policy: child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
cf-cache-status: HIT
age: 430008
content-length: 1201
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 20 Nov 2023 16:39:14 GMT
server: cloudflare
etag: "4b1-60a98205d4f51"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8c2c6a0f8b9fdbc6-LAX
expires: Sat, 21 Sep 2024 00:55:56 GMT

GET
H2 200 css_IgqtoaPvpiK9WQfJNzFcb527lvR_qfsARD5fk_SPP2M.css
www.carcogroup.com/sites/carco.com/files/css/ 7 KB
2 KB 91ms
87ms Stylesheet
text/css 2606:4700::6812:5b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carcogroup.com/sites/carco.com/files/css/css_IgqtoaPvpiK9WQfJNzFcb527lvR_qfsARD5fk_SPP2M.css

Requested by

Host: www.carcogroup.com
URL: https://www.carcogroup.com//fraud/-prevention

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

220aada1a3efa622bd5907c937315c6f9dbb96f47fa9fb00443e5f93f48f3f63

Security Headers

Name	Value
Content-Security-Policy	child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.carcogroup.com//fraud/-prevention
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 00:55:56 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-security-policy: child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
cf-cache-status: HIT
age: 28110
content-length: 1550
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 20 Nov 2023 16:39:14 GMT
server: cloudflare
etag: "60e-60a98205d8601"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8c2c6a0f8ba0dbc6-LAX
expires: Sat, 21 Sep 2024 00:55:56 GMT

GET
H2 200 css_jb4PAPCscxb8gE2mDNC1Ts3i244KMoDkeHJoF9DcnwA.css
www.carcogroup.com/sites/carco.com/files/css/ 83 KB
12 KB 94ms
90ms Stylesheet
text/css 2606:4700::6812:5b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carcogroup.com/sites/carco.com/files/css/css_jb4PAPCscxb8gE2mDNC1Ts3i244KMoDkeHJoF9DcnwA.css

Requested by

Host: www.carcogroup.com
URL: https://www.carcogroup.com//fraud/-prevention

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8dbe0f00f0ac7316fc804da60cd0b54ecde2db8e0a3280e478726817d0dc9f00

Security Headers

Name	Value
Content-Security-Policy	child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.carcogroup.com//fraud/-prevention
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 00:55:56 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-security-policy: child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
cf-cache-status: HIT
age: 294718
content-length: 12175
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 20 Nov 2023 16:39:14 GMT
server: cloudflare
etag: "2f8f-60a98205df361"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8c2c6a0f8ba2dbc6-LAX
expires: Sat, 21 Sep 2024 00:55:56 GMT

GET
H2 200 css
fonts.googleapis.com/ 17 KB
1 KB 452ms
159ms Stylesheet
text/css 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i,900,900i

Requested by

Host: www.carcogroup.com
URL: https://www.carcogroup.com//fraud/-prevention

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dbdf680d90fa8eea3b6e395303c913be8b8f392b5e75dd02d362c1715b07b7fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.carcogroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 14 Sep 2024 00:55:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 14 Sep 2024 00:55:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 14 Sep 2024 00:55:56 GMT

GET
H2 200 modernizr.js Show response
www.carcogroup.com/sites/all/themes/master/dist/scripts/ 12 KB
5 KB 322ms
319ms Script
application/javascript 2606:4700::6812:5b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carcogroup.com/sites/all/themes/master/dist/scripts/modernizr.js

Requested by

Host: www.carcogroup.com
URL: https://www.carcogroup.com//fraud/-prevention

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e90f3cba20aaeeb74b433a3baa41ee839ec756cae5c89783e4390698e799a4ec

Security Headers

Name	Value
Content-Security-Policy	child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.carcogroup.com//fraud/-prevention
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 00:55:56 GMT
content-security-policy: child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 11 Aug 2018 05:57:50 GMT
server: cloudflare
cf-cache-status: MISS
content-encoding: gzip
etag: W/"5b6e7ade-2e49"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 8c2c6a0f8ba3dbc6-LAX
x-xss-protection: 1; mode=block
expires: Sat, 21 Sep 2024 00:55:56 GMT

GET
H2 200 svg4everybody.js Show response
www.carcogroup.com/sites/all/themes/master/dist/scripts/ 6 KB
2 KB 279ms
276ms Script
application/javascript 2606:4700::6812:5b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carcogroup.com/sites/all/themes/master/dist/scripts/svg4everybody.js

Requested by

Host: www.carcogroup.com
URL: https://www.carcogroup.com//fraud/-prevention

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9af5cde81d761ce43ad1cfc957acc0dfe3b801bf98efb51053a2d99704d0b5e4

Security Headers

Name	Value
Content-Security-Policy	child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.carcogroup.com//fraud/-prevention
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 00:55:56 GMT
content-security-policy: child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 11 Aug 2018 05:57:50 GMT
server: cloudflare
cf-cache-status: MISS
content-encoding: gzip
etag: W/"5b6e7ade-1830"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 8c2c6a0f8ba6dbc6-LAX
x-xss-protection: 1; mode=block
expires: Sat, 21 Sep 2024 00:55:56 GMT

GET
H2 200 legacy.bundle.js Show response
www.carcogroup.com/sites/all/themes/master/dist/scripts/ 429 B
523 B 258ms
256ms Script
application/javascript 2606:4700::6812:5b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carcogroup.com/sites/all/themes/master/dist/scripts/legacy.bundle.js

Requested by

Host: www.carcogroup.com
URL: https://www.carcogroup.com//fraud/-prevention

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbeee716edbf9606e592e5251bd16271fc189281e3901c7ae4a7de5242625e7a

Security Headers

Name	Value
Content-Security-Policy	child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.carcogroup.com//fraud/-prevention
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 00:55:56 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-security-policy: child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
cf-cache-status: MISS
content-length: 373
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 11 Aug 2018 05:57:50 GMT
x-accel-version: 0.01
server: cloudflare
etag: "1ad-573228a4df380-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8c2c6a0f8ba9dbc6-LAX
expires: Sat, 21 Sep 2024 00:55:56 GMT

GET
H2 200 CARCO_a%20Cisive%20company2021.svg
www.carcogroup.com/sites/carco.com/themes/carco/ 6 KB
2 KB 249ms
247ms Image
image/svg+xml 2606:4700::6812:5b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carcogroup.com/sites/carco.com/themes/carco/CARCO_a%20Cisive%20company2021.svg

Requested by

Host: www.carcogroup.com
URL: https://www.carcogroup.com//fraud/-prevention

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e13c15a66ffe3dc7058fe1ad59fed8b2888b98efde28c3498ae2d66c9ff0825

Security Headers

Name	Value
Content-Security-Policy	child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.carcogroup.com//fraud/-prevention
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 00:55:56 GMT
content-security-policy: child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 28 Jan 2021 14:38:45 GMT
server: cloudflare
cf-cache-status: REVALIDATED
content-encoding: gzip
etag: W/"6012cc75-1665"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 8c2c6a0f8baadbc6-LAX
x-xss-protection: 1; mode=block
expires: Sat, 14 Sep 2024 04:55:56 GMT

GET
H2 200 CIS-CAR-membership-logos_AAMVA.jpg
www.carcogroup.com/sites/carco.com/files/ 15 KB
15 KB 94ms
89ms Image
image/jpeg 2606:4700::6812:5b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carcogroup.com/sites/carco.com/files/CIS-CAR-membership-logos_AAMVA.jpg

Requested by

Host: www.carcogroup.com
URL: https://www.carcogroup.com//fraud/-prevention

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cc03e6c83eae9699688d5a98e03e053b6ef8f5bb58b4de14c27cc61ef66f1ed

Security Headers

Name	Value
Content-Security-Policy	child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.carcogroup.com//fraud/-prevention
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 00:55:56 GMT
content-security-policy: child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1665059
content-length: 14889
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: h2pri
last-modified: Sat, 11 Aug 2018 05:57:51 GMT
server: cloudflare
etag: "5b6e7adf-3a29"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8c2c6a126faadbc6-LAX
expires: Mon, 14 Oct 2024 00:55:56 GMT

GET
H2 200 CIS-CARCO-membership%20logos_NICB.png
www.carcogroup.com/sites/carco.com/files/ 46 KB
46 KB 176ms
171ms Image
image/png 2606:4700::6812:5b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carcogroup.com/sites/carco.com/files/CIS-CARCO-membership%20logos_NICB.png

Requested by

Host: www.carcogroup.com
URL: https://www.carcogroup.com//fraud/-prevention

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d21546c8ca8b5e8f6d52ad4dbc9536553bd358e36b166d7687e216985d2d2f1f

Security Headers

Name	Value
Content-Security-Policy	child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.carcogroup.com//fraud/-prevention
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 00:55:56 GMT
content-security-policy: child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1665059
content-length: 47314
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 11 Aug 2018 05:57:51 GMT
server: cloudflare
etag: "5b6e7adf-b8d2"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8c2c6a126faddbc6-LAX
expires: Mon, 14 Oct 2024 00:55:56 GMT

GET
H2 200 CIS-CARCO-membership%20logos_NYIA-02.png
www.carcogroup.com/sites/carco.com/files/ 9 KB
9 KB 99ms
93ms Image
image/png 2606:4700::6812:5b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carcogroup.com/sites/carco.com/files/CIS-CARCO-membership%20logos_NYIA-02.png

Requested by

Host: www.carcogroup.com
URL: https://www.carcogroup.com//fraud/-prevention

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6a8a213306ca4241d77529b1d8b613baa830432a6af82021b6b73946f3efeca

Security Headers

Name	Value
Content-Security-Policy	child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.carcogroup.com//fraud/-prevention
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 00:55:56 GMT
content-security-policy: child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1659148
content-length: 9236
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 11 Aug 2018 05:57:51 GMT
server: cloudflare
etag: "5b6e7adf-2414"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8c2c6a126fb1dbc6-LAX
expires: Mon, 14 Oct 2024 00:55:56 GMT

GET
H2 200 CIS-CARCO-membership%20logos_IAATI.png
www.carcogroup.com/sites/carco.com/files/ 58 KB
58 KB 166ms
161ms Image
image/png 2606:4700::6812:5b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carcogroup.com/sites/carco.com/files/CIS-CARCO-membership%20logos_IAATI.png

Requested by

Host: www.carcogroup.com
URL: https://www.carcogroup.com//fraud/-prevention

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66ac29d4393e5f521214053ce890e4a99c29f6ec6f8e2a8a4c09ec72f04be077

Security Headers

Name	Value
Content-Security-Policy	child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.carcogroup.com//fraud/-prevention
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 00:55:56 GMT
content-security-policy: child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1665059
content-length: 59661
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 11 Aug 2018 05:57:51 GMT
server: cloudflare
etag: "5b6e7adf-e90d"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8c2c6a126fb7dbc6-LAX
expires: Mon, 14 Oct 2024 00:55:56 GMT

GET
H2 200 CIS-CARCO-membership%20logos_NewJerseySIA.png
www.carcogroup.com/sites/carco.com/files/ 46 KB
47 KB 171ms
166ms Image
image/png 2606:4700::6812:5b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carcogroup.com/sites/carco.com/files/CIS-CARCO-membership%20logos_NewJerseySIA.png

Requested by

Host: www.carcogroup.com
URL: https://www.carcogroup.com//fraud/-prevention

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e845c2f11cf8d72e53ab38ee3d459857ae954218fd918b99b751278531bcbf7

Security Headers

Name	Value
Content-Security-Policy	child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.carcogroup.com//fraud/-prevention
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 00:55:56 GMT
content-security-policy: child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1055461
content-length: 47544
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 11 Aug 2018 05:57:51 GMT
server: cloudflare
etag: "5b6e7adf-b9b8"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8c2c6a126fb9dbc6-LAX
expires: Mon, 14 Oct 2024 00:55:56 GMT

GET
H2 200 CIS-CARCO-membership%20logos_NYACT.png
www.carcogroup.com/sites/carco.com/files/ 17 KB
18 KB 171ms
166ms Image
image/png 2606:4700::6812:5b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carcogroup.com/sites/carco.com/files/CIS-CARCO-membership%20logos_NYACT.png

Requested by

Host: www.carcogroup.com
URL: https://www.carcogroup.com//fraud/-prevention

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

261eff45bc4c802814e95a84a562a4c1d8a5a58c195fff46350b9a6f397ada4b

Security Headers

Name	Value
Content-Security-Policy	child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.carcogroup.com//fraud/-prevention
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 00:55:56 GMT
content-security-policy: child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1659148
content-length: 17846
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 11 Aug 2018 05:57:51 GMT
server: cloudflare
etag: "5b6e7adf-45b6"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8c2c6a126fbbdbc6-LAX
expires: Mon, 14 Oct 2024 00:55:56 GMT

GET
H2 200 CIS-CARCO-membership%20logos_CAIF.png
www.carcogroup.com/sites/carco.com/files/ 32 KB
32 KB 100ms
95ms Image
image/png 2606:4700::6812:5b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carcogroup.com/sites/carco.com/files/CIS-CARCO-membership%20logos_CAIF.png

Requested by

Host: www.carcogroup.com
URL: https://www.carcogroup.com//fraud/-prevention

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

555515a2953ddcd7a5ec9e4f9e21e60431db03104cd04972b3282d64030ef541

Security Headers

Name	Value
Content-Security-Policy	child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.carcogroup.com//fraud/-prevention
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 00:55:56 GMT
content-security-policy: child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2506232
content-length: 32328
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 11 Aug 2018 05:57:51 GMT
server: cloudflare
etag: "5b6e7adf-7e48"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8c2c6a126fbcdbc6-LAX
expires: Mon, 14 Oct 2024 00:55:56 GMT

GET
H2 200 CIS-CARCO-membership%20logos_PIA.png
www.carcogroup.com/sites/carco.com/files/ 6 KB
7 KB 172ms
168ms Image
image/png 2606:4700::6812:5b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carcogroup.com/sites/carco.com/files/CIS-CARCO-membership%20logos_PIA.png

Requested by

Host: www.carcogroup.com
URL: https://www.carcogroup.com//fraud/-prevention

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c372d49c0dbe28fcc4f5bb07f6663b6ee92c63ecc2c3295a45487227cb86239

Security Headers

Name	Value
Content-Security-Policy	child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.carcogroup.com//fraud/-prevention
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 00:55:56 GMT
content-security-policy: child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 736263
content-length: 6642
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 11 Aug 2018 05:57:51 GMT
server: cloudflare
etag: "5b6e7adf-19f2"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8c2c6a127fbddbc6-LAX
expires: Mon, 14 Oct 2024 00:55:56 GMT

GET
H2 200 CIS-CARCO-membership%20logos_NIADA.png
www.carcogroup.com/sites/carco.com/files/ 38 KB
39 KB 175ms
171ms Image
image/png 2606:4700::6812:5b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carcogroup.com/sites/carco.com/files/CIS-CARCO-membership%20logos_NIADA.png

Requested by

Host: www.carcogroup.com
URL: https://www.carcogroup.com//fraud/-prevention

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1da1aa011d72662d39cd601cfb84c666ac9a1c697151c54891f93cf9d0b580ed

Security Headers

Name	Value
Content-Security-Policy	child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.carcogroup.com//fraud/-prevention
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 00:55:56 GMT
content-security-policy: child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1665058
content-length: 39410
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 11 Aug 2018 05:57:51 GMT
server: cloudflare
etag: "5b6e7adf-99f2"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8c2c6a127fc2dbc6-LAX
expires: Mon, 14 Oct 2024 00:55:56 GMT

GET
H2 200 CIS-CARCO-membership%20logos_iadac.png
www.carcogroup.com/sites/carco.com/files/ 47 KB
47 KB 175ms
170ms Image
image/png 2606:4700::6812:5b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carcogroup.com/sites/carco.com/files/CIS-CARCO-membership%20logos_iadac.png

Requested by

Host: www.carcogroup.com
URL: https://www.carcogroup.com//fraud/-prevention

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

503d749439d371a337b91d66cf47f3ed4c1be075e57b36af4494c865d0cb20ad

Security Headers

Name	Value
Content-Security-Policy	child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.carcogroup.com//fraud/-prevention
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 00:55:56 GMT
content-security-policy: child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 117307
content-length: 47811
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 11 Aug 2018 05:57:51 GMT
server: cloudflare
etag: "5b6e7adf-bac3"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8c2c6a127fc4dbc6-LAX
expires: Mon, 14 Oct 2024 00:55:56 GMT

GET
H2 200 CIS-CARCO-membership%20logos_CIB.png
www.carcogroup.com/sites/carco.com/files/ 47 KB
47 KB 173ms
169ms Image
image/png 2606:4700::6812:5b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carcogroup.com/sites/carco.com/files/CIS-CARCO-membership%20logos_CIB.png

Requested by

Host: www.carcogroup.com
URL: https://www.carcogroup.com//fraud/-prevention

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f6a27fa13bc3322397caeb10569b01caec8f07a9f8548841df7b71f85df4e51

Security Headers

Name	Value
Content-Security-Policy	child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.carcogroup.com//fraud/-prevention
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 00:55:56 GMT
content-security-policy: child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1659147
content-length: 48432
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 11 Aug 2018 05:57:51 GMT
server: cloudflare
etag: "5b6e7adf-bd30"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8c2c6a127fc6dbc6-LAX
expires: Mon, 14 Oct 2024 00:55:56 GMT

GET
H2 200 CIS-CARCO-membership%20logos_LIGRA.png
www.carcogroup.com/sites/carco.com/files/ 18 KB
19 KB 180ms
177ms Image
image/png 2606:4700::6812:5b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carcogroup.com/sites/carco.com/files/CIS-CARCO-membership%20logos_LIGRA.png

Requested by

Host: www.carcogroup.com
URL: https://www.carcogroup.com//fraud/-prevention

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

137d96168245bd2dd02b962144040a3e05957e697bb1a4ef06dc553437195341

Security Headers

Name	Value
Content-Security-Policy	child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.carcogroup.com//fraud/-prevention
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 00:55:56 GMT
content-security-policy: child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2506232
content-length: 18878
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 11 Aug 2018 05:57:51 GMT
server: cloudflare
etag: "5b6e7adf-49be"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8c2c6a12d869dbc6-LAX
expires: Mon, 14 Oct 2024 00:55:56 GMT

GET
H2 200 CIS-CARCO-membership%20logos_FloridaAutotheftIU.png
www.carcogroup.com/sites/carco.com/files/ 67 KB
67 KB 176ms
172ms Image
image/png 2606:4700::6812:5b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carcogroup.com/sites/carco.com/files/CIS-CARCO-membership%20logos_FloridaAutotheftIU.png

Requested by

Host: www.carcogroup.com
URL: https://www.carcogroup.com//fraud/-prevention

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cff74d60b526abbfcf788363fdc77e7b90ef55bba00ef980e7bb01c96177c851

Security Headers

Name	Value
Content-Security-Policy	child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.carcogroup.com//fraud/-prevention
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 00:55:56 GMT
content-security-policy: child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1665058
content-length: 68600
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 11 Aug 2018 05:57:51 GMT
server: cloudflare
etag: "5b6e7adf-10bf8"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8c2c6a12d86bdbc6-LAX
expires: Mon, 14 Oct 2024 00:55:56 GMT

GET
H2 200 CIS-CARCO-membership%20logos_NJVTI.png
www.carcogroup.com/sites/carco.com/files/ 14 KB
14 KB 176ms
173ms Image
image/png 2606:4700::6812:5b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carcogroup.com/sites/carco.com/files/CIS-CARCO-membership%20logos_NJVTI.png

Requested by

Host: www.carcogroup.com
URL: https://www.carcogroup.com//fraud/-prevention

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03063d0376f6d24b2a97f569cfa8650a4d9b13bfc5c855457f1e50f20b822e54

Security Headers

Name	Value
Content-Security-Policy	child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.carcogroup.com//fraud/-prevention
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 00:55:56 GMT
content-security-policy: child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1659147
content-length: 14404
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 11 Aug 2018 05:57:51 GMT
server: cloudflare
etag: "5b6e7adf-3844"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8c2c6a12d86edbc6-LAX
expires: Mon, 14 Oct 2024 00:55:56 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.7.1/ 85 KB
30 KB 433ms
141ms Script
text/javascript 2607:f8b0:4006:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js

Requested by

Host: www.carcogroup.com
URL: https://www.carcogroup.com//fraud/-prevention

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.carcogroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 11 Sep 2024 16:00:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 204933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30462
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 02:38:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Sep 2025 16:00:23 GMT

GET
H2 200 js_GOikDsJOX04Aww72M-XK1hkq4qiL_1XgGsRdkL0XlDo.js Show response
www.carcogroup.com/sites/carco.com/files/js/ 39 KB
13 KB 99ms
99ms Script
text/javascript 2606:4700::6812:5b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carcogroup.com/sites/carco.com/files/js/js_GOikDsJOX04Aww72M-XK1hkq4qiL_1XgGsRdkL0XlDo.js

Requested by

Host: www.carcogroup.com
URL: https://www.carcogroup.com//fraud/-prevention

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18e8a40ec24e5f4e00c30ef633e5cad6192ae2a88bff55e01ac45d90bd17943a

Security Headers

Name	Value
Content-Security-Policy	child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.carcogroup.com//fraud/-prevention
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 00:55:56 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-security-policy: child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
cf-cache-status: HIT
age: 430008
content-length: 13026
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 24 Oct 2023 13:11:46 GMT
server: cloudflare
etag: "32e2-6087614af4ca9"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8c2c6a111dd4dbc6-LAX
expires: Sat, 21 Sep 2024 00:55:56 GMT

GET
H2 200 js_RulCPHj8aUtatsXPqRSFtJIhBjBSAzFXZzADEVD4CHY.js Show response
www.carcogroup.com/sites/carco.com/files/js/ 4 KB
2 KB 89ms
89ms Script
text/javascript 2606:4700::6812:5b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carcogroup.com/sites/carco.com/files/js/js_RulCPHj8aUtatsXPqRSFtJIhBjBSAzFXZzADEVD4CHY.js

Requested by

Host: www.carcogroup.com
URL: https://www.carcogroup.com//fraud/-prevention

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46e9423c78fc694b5ab6c5cfa91485b492210630520331576730031150f80876

Security Headers

Name	Value
Content-Security-Policy	child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.carcogroup.com//fraud/-prevention
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 00:55:56 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-security-policy: child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
cf-cache-status: HIT
age: 430008
content-length: 1853
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 20 Nov 2023 16:39:14 GMT
server: cloudflare
etag: "73d-60a98205e2629"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8c2c6a11bededbc6-LAX
expires: Sat, 21 Sep 2024 00:55:56 GMT

GET
H2 200 js_gHk2gWJ_Qw_jU2qRiUmSl7d8oly1Cx7lQFrqcp3RXcI.js Show response
www.carcogroup.com/sites/carco.com/files/js/ 853 B
449 B 89ms
88ms Script
text/javascript 2606:4700::6812:5b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carcogroup.com/sites/carco.com/files/js/js_gHk2gWJ_Qw_jU2qRiUmSl7d8oly1Cx7lQFrqcp3RXcI.js

Requested by

Host: www.carcogroup.com
URL: https://www.carcogroup.com//fraud/-prevention

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80793681627f430fe3536a9189499297b77ca25cb50b1ee5405aea729dd15dc2

Security Headers

Name	Value
Content-Security-Policy	child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.carcogroup.com//fraud/-prevention
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 00:55:56 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-security-policy: child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
cf-cache-status: HIT
age: 430008
content-length: 353
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 20 Nov 2023 16:39:14 GMT
server: cloudflare
etag: "161-60a98205e4951"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8c2c6a124f7bdbc6-LAX
expires: Sat, 21 Sep 2024 00:55:56 GMT

GET
H2 200 js_ljgaFvoWTW8-3c2hVsQ60xEXhS8ssLwS1K9YbuNnnNo.js Show response
www.carcogroup.com/sites/carco.com/files/js/ 9 KB
3 KB 179ms
172ms Script
text/javascript 2606:4700::6812:5b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carcogroup.com/sites/carco.com/files/js/js_ljgaFvoWTW8-3c2hVsQ60xEXhS8ssLwS1K9YbuNnnNo.js

Requested by

Host: www.carcogroup.com
URL: https://www.carcogroup.com//fraud/-prevention

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96381a16fa164d6f3eddcda156c43ad31117852f2cb0bc12d4af586ee3679cda

Security Headers

Name	Value
Content-Security-Policy	child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.carcogroup.com//fraud/-prevention
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 00:55:56 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-security-policy: child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
cf-cache-status: HIT
content-length: 2705
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 20 Nov 2023 16:39:14 GMT
server: cloudflare
etag: "a91-60a98205e6891"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8c2c6a126fa0dbc6-LAX
expires: Sat, 21 Sep 2024 00:55:56 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 327 KB
107 KB 468ms
179ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-07RX89WL5V

Requested by

Host: www.carcogroup.com
URL: https://www.carcogroup.com//fraud/-prevention

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ebd55a53b41e6d9944401fb5e4cd37eba2ff242e8cdfbb0464d593f6ba2176ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.carcogroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 00:55:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 109480
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 14 Sep 2024 00:55:56 GMT

GET
H2 200 js_-oEDdwe4XpUqUj4W0KJs96ENaXIrGvjBvIP-WYYBi54.js Show response
www.carcogroup.com/sites/carco.com/files/js/ 8 KB
3 KB 174ms
168ms Script
text/javascript 2606:4700::6812:5b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carcogroup.com/sites/carco.com/files/js/js_-oEDdwe4XpUqUj4W0KJs96ENaXIrGvjBvIP-WYYBi54.js

Requested by

Host: www.carcogroup.com
URL: https://www.carcogroup.com//fraud/-prevention

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa81037707b85e952a523e16d0a26cf7a10d69722b1af8c1bc83fe5986018b9e

Security Headers

Name	Value
Content-Security-Policy	child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.carcogroup.com//fraud/-prevention
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 00:55:56 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-security-policy: child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
cf-cache-status: HIT
age: 430008
content-length: 2469
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 20 Nov 2023 16:39:14 GMT
server: cloudflare
etag: "9a5-60a98205e87d1"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8c2c6a126fa1dbc6-LAX
expires: Sat, 21 Sep 2024 00:55:56 GMT

GET
H2 200 js_5EA_PclZ-LgEMbVyJIR5HUZIvTWWG-7ur2kECIxWMDw.js Show response
www.carcogroup.com/sites/carco.com/files/js/ 91 KB
21 KB 100ms
94ms Script
text/javascript 2606:4700::6812:5b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carcogroup.com/sites/carco.com/files/js/js_5EA_PclZ-LgEMbVyJIR5HUZIvTWWG-7ur2kECIxWMDw.js

Requested by

Host: www.carcogroup.com
URL: https://www.carcogroup.com//fraud/-prevention

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4403f3dc959f8b80431b5722484791d4648bd35961beeeeaf6904088c56303c

Security Headers

Name	Value
Content-Security-Policy	child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.carcogroup.com//fraud/-prevention
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 00:55:56 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-security-policy: child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
cf-cache-status: HIT
age: 177662
content-length: 21072
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 20 Nov 2023 16:50:35 GMT
server: cloudflare
etag: "5250-60a9848ee0e37"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8c2c6a126fa4dbc6-LAX
expires: Sat, 21 Sep 2024 00:55:56 GMT

GET
H2 200 js_b5uBqrfPrs_UEmgBeVFSOcXgjdijNE3mS-ZnwQ0jdnU.js Show response
www.carcogroup.com/sites/carco.com/files/js/ 35 KB
6 KB 96ms
90ms Script
text/javascript 2606:4700::6812:5b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carcogroup.com/sites/carco.com/files/js/js_b5uBqrfPrs_UEmgBeVFSOcXgjdijNE3mS-ZnwQ0jdnU.js

Requested by

Host: www.carcogroup.com
URL: https://www.carcogroup.com//fraud/-prevention

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f9b81aab7cfaecfd412680179515239c5e08dd8a3344de64be667c10d237675

Security Headers

Name	Value
Content-Security-Policy	child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.carcogroup.com//fraud/-prevention
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 00:55:56 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-security-policy: child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
cf-cache-status: HIT
age: 430008
content-length: 5349
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 20 Nov 2023 16:39:14 GMT
server: cloudflare
etag: "14e5-60a98205d0900"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8c2c6a126fa7dbc6-LAX
expires: Sat, 21 Sep 2024 00:55:56 GMT

GET
H2 200 34637f
hello.myfonts.net/count/ 0
354 B 251ms
88ms Stylesheet
text/css 2606:4700::6812:cfad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.myfonts.net/count/34637f
Requested by: Host: www.carcogroup.com
URL: https://www.carcogroup.com/sites/carco.com/files/css/css_jb4PAPCscxb8gE2mDNC1Ts3i244KMoDkeHJoF9DcnwA.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:cfad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.carcogroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 00:55:56 GMT
server: cloudflare
age: 1
expect-ct: null
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 8c2c6a11197d7c4a-LAX
content-length: 0
expires: Sun, 14 Sep 2025 00:55:56 GMT

GET
H2 200 sprite.svg
www.carcogroup.com/sites/all/themes/master/dist/images/ 9 KB
3 KB 451ms
448ms Other
image/svg+xml 2606:4700::6812:5b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carcogroup.com/sites/all/themes/master/dist/images/sprite.svg

Requested by

Host: www.carcogroup.com
URL: https://www.carcogroup.com//fraud/-prevention

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a43c7b0246ac8d01893f2e74573f4d8cc598f19ea463a3de8eaab41076401a09

Security Headers

Name	Value
Content-Security-Policy	child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.carcogroup.com//fraud/-prevention
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 00:55:56 GMT
content-security-policy: child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 11 Aug 2018 05:57:50 GMT
server: cloudflare
cf-cache-status: REVALIDATED
content-encoding: gzip
etag: W/"5b6e7ade-2304"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 8c2c6a12d871dbc6-LAX
x-xss-protection: 1; mode=block
expires: Sat, 14 Sep 2024 04:55:56 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
58 KB 286ms
137ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.carcogroup.com
URL: https://www.carcogroup.com//fraud/-prevention

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.carcogroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Sep 2024 00:55:56 GMT
document-policy: force-load-at-top
x-fb-server-load: 20
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58953
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=134, rtx=0, c=24, mss=1232, tbw=8171, tp=13, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: RMbD6+NoxTzw8ru1pL4l3xE1h4A7H2fjP/KwKxyudhiQGU77Cb09M5KzkBSEOKpy3Z+CeMJRtCIEnGo3z1rPQA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ 231 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3bf277724558217f2551fe06b080b80fb2c241c25c301e36f45b443e6dc9d026

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 179 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd2f712543564762672925c86a15410ca04b3f0735e4516f624fecd19794c8a2

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 179 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52b52c22eb399e054ef9c7ec0d68bcda880008790fd99b13cefb6b7806dad94c

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 188 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d632beeb03a888a0050103468d3bea2951c5ecbb9ebe72f9ad5cd8ed01e50cf1

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 179 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1684245d0f4b95f15a2776b8cc406eb97d4f4c85fb1f1448040d44c8e835fa8

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
19 KB 422ms
139ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.carcogroup.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 20:46:30 GMT
x-content-type-options: nosniff
age: 101366
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18536
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Sep 2025 20:46:30 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 463ms
181ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.carcogroup.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 20:46:33 GMT
x-content-type-options: nosniff
age: 101363
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18596
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Sep 2025 20:46:33 GMT

GET
H2 200 34637F_6_0.woff2
www.carcogroup.com/sites/all/themes/master/src/fonts/sofia-pro/ 68 KB
68 KB 374ms
373ms Font
font/woff2 2606:4700::6812:5b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carcogroup.com/sites/all/themes/master/src/fonts/sofia-pro/34637F_6_0.woff2

Requested by

Host: www.carcogroup.com
URL: https://www.carcogroup.com/sites/carco.com/files/css/css_jb4PAPCscxb8gE2mDNC1Ts3i244KMoDkeHJoF9DcnwA.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0515608cde1a80d27deb515e7c1cbca95f89c0450b5157cfcd9dea9fa37cb2bd

Security Headers

Name	Value
Content-Security-Policy	child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.carcogroup.com/sites/carco.com/files/css/css_jb4PAPCscxb8gE2mDNC1Ts3i244KMoDkeHJoF9DcnwA.css
Origin: https://www.carcogroup.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 00:55:56 GMT
content-security-policy: child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-length: 69906
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 11 Aug 2018 05:57:50 GMT
server: cloudflare
etag: "5b6e7ade-11112"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8c2c6a12d875dbc6-LAX
expires: Sat, 14 Sep 2024 04:55:56 GMT

GET
H2 200 34637F_5_0.woff2
www.carcogroup.com/sites/all/themes/master/src/fonts/sofia-pro/ 71 KB
71 KB 365ms
364ms Font
font/woff2 2606:4700::6812:5b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carcogroup.com/sites/all/themes/master/src/fonts/sofia-pro/34637F_5_0.woff2

Requested by

Host: www.carcogroup.com
URL: https://www.carcogroup.com/sites/carco.com/files/css/css_jb4PAPCscxb8gE2mDNC1Ts3i244KMoDkeHJoF9DcnwA.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a6b51b57412eaa632bf67cabbf95991f5bd616346791bd598d1650e4875e97e

Security Headers

Name	Value
Content-Security-Policy	child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.carcogroup.com/sites/carco.com/files/css/css_jb4PAPCscxb8gE2mDNC1Ts3i244KMoDkeHJoF9DcnwA.css
Origin: https://www.carcogroup.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 00:55:56 GMT
content-security-policy: child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-length: 72277
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 11 Aug 2018 05:57:51 GMT
server: cloudflare
etag: "5b6e7adf-11a55"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8c2c6a12d876dbc6-LAX
expires: Sat, 14 Sep 2024 04:55:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 600ms
319ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.carcogroup.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 20:49:19 GMT
x-content-type-options: nosniff
age: 101197
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18492
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Sep 2025 20:49:19 GMT

GET
H2 200 34637F_A_0.woff2
www.carcogroup.com/sites/all/themes/master/src/fonts/sofia-pro/ 71 KB
71 KB 308ms
307ms Font
font/woff2 2606:4700::6812:5b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carcogroup.com/sites/all/themes/master/src/fonts/sofia-pro/34637F_A_0.woff2

Requested by

Host: www.carcogroup.com
URL: https://www.carcogroup.com/sites/carco.com/files/css/css_jb4PAPCscxb8gE2mDNC1Ts3i244KMoDkeHJoF9DcnwA.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f81a8daba36ef5245b8f1ac8674d1d64b670854ddc25e0b407367c42cd2818dc

Security Headers

Name	Value
Content-Security-Policy	child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.carcogroup.com/sites/carco.com/files/css/css_jb4PAPCscxb8gE2mDNC1Ts3i244KMoDkeHJoF9DcnwA.css
Origin: https://www.carcogroup.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 00:55:56 GMT
content-security-policy: child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-length: 72312
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 11 Aug 2018 05:57:51 GMT
server: cloudflare
etag: "5b6e7adf-11a78"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8c2c6a12d879dbc6-LAX
expires: Sat, 14 Sep 2024 04:55:56 GMT

GET
H3 200 205350379906605 Show response
connect.facebook.net/signals/config/ 49 KB
10 KB 182ms
181ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/205350379906605?v=2.9.167&r=stable&domain=www.carcogroup.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

7d0e8988224585b5c157b88e6edd3d6ca5562b96db9e8e639f30daebe3d9cba6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.carcogroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Sep 2024 00:55:57 GMT
document-policy: force-load-at-top
x-fb-server-load: 29
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=135, rtx=0, c=77, mss=1232, tbw=70895, tp=68, tpl=0, uplat=45, ullat=1
pragma: public
x-fb-debug: uxP/TI3I+Lx/2YdttOIjQC96muhExiB4Ss/zrloVLg2LUPUfQ+IkpV8I+XSRtrnQa6HJukho4uZzzJYFLACqPA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
270 B 415ms
137ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=205350379906605&ev=PageView&dl=https%3A%2F%2Fwww.carcogroup.com%2F%2Ffraud%2F-prevention&rl=&if=false&ts=1726275357171&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4124&fbp=fb.1.1726275357169.467186761116761700&ler=empty&cdl=API_unavailable&it=1726275356959&coo=false&rqm=GET

Requested by

Host: www.carcogroup.com
URL: https://www.carcogroup.com//fraud/-prevention

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.carcogroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=134, rtx=0, c=10, mss=1297, tbw=2781, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Sep 2024 00:55:57 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 494ms
218ms Image
image/png 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=205350379906605&ev=PageView&dl=https%3A%2F%2Fwww.carcogroup.com%2F%2Ffraud%2F-prevention&rl=&if=false&ts=1726275357171&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4124&fbp=fb.1.1726275357169.467186761116761700&ler=empty&cdl=API_unavailable&it=1726275356959&coo=false&rqm=FGET

Requested by

Host: www.carcogroup.com
URL: https://www.carcogroup.com//fraud/-prevention

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.carcogroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Sat, 14 Sep 2024 00:55:57 GMT
document-policy: force-load-at-top
x-fb-server-load: 36
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7414296203227718816", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=134, rtx=0, c=10, mss=1297, tbw=3095, tp=-1, tpl=-1, uplat=80, ullat=0
pragma: no-cache
x-fb-debug: w72BEPv3YRD79x6YWctymsflLsqRtvB+JTxHK9LjRQGAydoCNxZEnxm75KXyasm4BpH93fJPGftBk3A8ZLAKcg==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7414296203227718816"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
0 262ms
98ms Fetch
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-07RX89WL5V&gtm=45je4990v9104491436za200&_p=1726275357328&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&gdid=dMDhkMT&cid=1250533551.1726275357&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&dp=%2F404.html%3Fpage%3D%2F%2Ffraud%2F-prevention%26from%3D&sid=1726275357&sct=1&seg=0&dl=https%3A%2F%2Fwww.carcogroup.com%2F%2Ffraud%2F-prevention&dt=Page%20not%20found%20%7C%20CARCO&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.anonymize_ip=true&tfd=1991
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-07RX89WL5V
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.carcogroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Sep 2024 00:55:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.carcogroup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
256 B 408ms
140ms Ping
text/plain 2607:f8b0:4004:c19::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-07RX89WL5V&cid=1250533551.1726275357&gtm=45je4990v9104491436za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-07RX89WL5V
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c19::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.carcogroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Sep 2024 00:55:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.carcogroup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 2FA5 0
0 437ms
156ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-07RX89WL5V&gacid=1250533551.1726275357&gtm=45je4990v9104491436za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=277900167

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-07RX89WL5V

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.carcogroup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Sep 2024 00:55:57 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 favicon.ico
www.carcogroup.com/sites/carco.com/themes/carco/favicons/ 15 KB
2 KB 91ms
90ms Other
image/vnd.microsoft.icon 2606:4700::6812:5b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carcogroup.com/sites/carco.com/themes/carco/favicons/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a79b63b291af3bd563d7a2867e86f054bdd799d3ee58b1c144c90f58ffd09c23

Security Headers

Name	Value
Content-Security-Policy	child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.carcogroup.com//fraud/-prevention
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 00:55:57 GMT
content-security-policy: child-src insurance.carcogroup.com; connect-src 'self' stats.g.doubleclick.net www.google-analytics.com analytics.google.com; default-src 'self'; font-src 'self' fonts.gstatic.com themes.googleusercontent.com; form-action 'self' https://sitelocator.carcogroup.com; frame-ancestors 'self'; frame-src 'self' insurance.carcogroup.com agent.carcogroup.com player.vimeo.com engage.newmode.net; img-src 'self' https://www.facebook.com shield.sitelock.com stats.g.doubleclick.net www.google-analytics.com www.google.com www.googletagmanager.com cdn.ckeditor.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://player.vimeo.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com analytics.google.com cdn.ckeditor.com engage.newmode.net blog.apps.npr.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.ckeditor.com hello.myfonts.net; report-uri https://cisive.report-uri.com/r/d/csp/enforce;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 387903
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 11 Aug 2018 05:58:02 GMT
server: cloudflare
etag: W/"5b6e7aea-3aee"
vary: Accept-Encoding
content-type: image/vnd.microsoft.icon
cache-control: public, max-age=2592000
cf-ray: 8c2c6a1a9a98dbc6-LAX
expires: Mon, 14 Oct 2024 00:55:57 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.myfonts.net/	1970-01-20 23:31:17	Name: __cf_bm Value: CX3GyoFcLdbpmUuT3W.XEpYYBcv6LHb3.BVCQB.ZcHg-1726275356-1.0.1.1-EiCjWvV0GvFgdlLk1vscm8l5u9_2tvpd6Qim8d9nnPA6hLgii1yV8bJGQZ4HLjLEdUJS0V6pduZ3qn2dNP9ZDA
.carcogroup.com/	1970-01-21 01:40:51	Name: _fbp Value: fb.1.1726275357169.467186761116761700
.carcogroup.com/	1970-01-21 09:07:15	Name: _ga Value: GA1.1.1250533551.1726275357
.carcogroup.com/	1970-01-21 09:07:15	Name: _ga_07RX89WL5V Value: GS1.1.1726275357.1.0.1726275357.60.0.0
www.carcogroup.com/	1970-01-21 01:55:15	Name: cookie-agreed-version Value: 1.0.0
.doubleclick.net/	1970-01-20 23:31:16	Name: test_cookie Value: CheckForPermission

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.carcogroup.com//fraud/-prevention Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.google.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
hello.myfonts.net
stats.g.doubleclick.net
td.doubleclick.net
www.carcogroup.com
www.facebook.com
www.googletagmanager.com
157.240.241.1
2001:4860:4802:36::181
2606:4700::6812:5b1
2606:4700::6812:cfad
2607:f8b0:4004:c19::9c
2607:f8b0:4006:80e::200a
2607:f8b0:4006:81e::2002
2607:f8b0:4006:81e::200a
2607:f8b0:4006:823::2003
2607:f8b0:4006:824::2008
2a03:2880:f112:83:face:b00c:0:25de
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
02f210b428782a1f11033a026ff365a87f605c53fe394a023a33d33c25668803
03063d0376f6d24b2a97f569cfa8650a4d9b13bfc5c855457f1e50f20b822e54
0515608cde1a80d27deb515e7c1cbca95f89c0450b5157cfcd9dea9fa37cb2bd
0a6b51b57412eaa632bf67cabbf95991f5bd616346791bd598d1650e4875e97e
137d96168245bd2dd02b962144040a3e05957e697bb1a4ef06dc553437195341
18e8a40ec24e5f4e00c30ef633e5cad6192ae2a88bff55e01ac45d90bd17943a
1da1aa011d72662d39cd601cfb84c666ac9a1c697151c54891f93cf9d0b580ed
1e13c15a66ffe3dc7058fe1ad59fed8b2888b98efde28c3498ae2d66c9ff0825
220aada1a3efa622bd5907c937315c6f9dbb96f47fa9fb00443e5f93f48f3f63
261eff45bc4c802814e95a84a562a4c1d8a5a58c195fff46350b9a6f397ada4b
2e845c2f11cf8d72e53ab38ee3d459857ae954218fd918b99b751278531bcbf7
3bf277724558217f2551fe06b080b80fb2c241c25c301e36f45b443e6dc9d026
46e9423c78fc694b5ab6c5cfa91485b492210630520331576730031150f80876
4c372d49c0dbe28fcc4f5bb07f6663b6ee92c63ecc2c3295a45487227cb86239
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
503d749439d371a337b91d66cf47f3ed4c1be075e57b36af4494c865d0cb20ad
52b52c22eb399e054ef9c7ec0d68bcda880008790fd99b13cefb6b7806dad94c
555515a2953ddcd7a5ec9e4f9e21e60431db03104cd04972b3282d64030ef541
66ac29d4393e5f521214053ce890e4a99c29f6ec6f8e2a8a4c09ec72f04be077
6f9b81aab7cfaecfd412680179515239c5e08dd8a3344de64be667c10d237675
7cc03e6c83eae9699688d5a98e03e053b6ef8f5bb58b4de14c27cc61ef66f1ed
7d0e8988224585b5c157b88e6edd3d6ca5562b96db9e8e639f30daebe3d9cba6
80793681627f430fe3536a9189499297b77ca25cb50b1ee5405aea729dd15dc2
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8dbe0f00f0ac7316fc804da60cd0b54ecde2db8e0a3280e478726817d0dc9f00
8f6a27fa13bc3322397caeb10569b01caec8f07a9f8548841df7b71f85df4e51
912856e113e646cb59dd2a480be66f5463455408b458432e0a7234664608685c
96381a16fa164d6f3eddcda156c43ad31117852f2cb0bc12d4af586ee3679cda
9af5cde81d761ce43ad1cfc957acc0dfe3b801bf98efb51053a2d99704d0b5e4
a43c7b0246ac8d01893f2e74573f4d8cc598f19ea463a3de8eaab41076401a09
a79b63b291af3bd563d7a2867e86f054bdd799d3ee58b1c144c90f58ffd09c23
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b6a8a213306ca4241d77529b1d8b613baa830432a6af82021b6b73946f3efeca
c9a5cae3e2b13fde612fb7e6675202d7807f060d16a1b4d364cb809f6cc7781d
cff74d60b526abbfcf788363fdc77e7b90ef55bba00ef980e7bb01c96177c851
d1684245d0f4b95f15a2776b8cc406eb97d4f4c85fb1f1448040d44c8e835fa8
d21546c8ca8b5e8f6d52ad4dbc9536553bd358e36b166d7687e216985d2d2f1f
d632beeb03a888a0050103468d3bea2951c5ecbb9ebe72f9ad5cd8ed01e50cf1
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
dbdf680d90fa8eea3b6e395303c913be8b8f392b5e75dd02d362c1715b07b7fd
dd2f712543564762672925c86a15410ca04b3f0735e4516f624fecd19794c8a2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4403f3dc959f8b80431b5722484791d4648bd35961beeeeaf6904088c56303c
e90f3cba20aaeeb74b433a3baa41ee839ec756cae5c89783e4390698e799a4ec
ebd55a53b41e6d9944401fb5e4cd37eba2ff242e8cdfbb0464d593f6ba2176ff
f81a8daba36ef5245b8f1ac8674d1d64b670854ddc25e0b407367c42cd2818dc
fa81037707b85e952a523e16d0a26cf7a10d69722b1af8c1bc83fe5986018b9e
fbeee716edbf9606e592e5251bd16271fc189281e3901c7ae4a7de5242625e7a
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

www.carcogroup.com Open in urlscan Pro 2606:4700::6812:5b1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

100 %HTTPS

91 %IPv6

9 Domains

11 Subdomains

12 IPs

1 Countries

1027 kBTransfer

1788 kBSize

6 Cookies

19 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.carcogroup.com Open in urlscan Pro
2606:4700::6812:5b1 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

100 %
HTTPS

91 %
IPv6

9
Domains

11
Subdomains

12
IPs

1
Countries

1027 kB
Transfer

1788 kB
Size

6
Cookies

49 HTTP transactions
5 data transactions