urlscan.io logo urlscan.io
SecurityTrails logo

www.geico.com Open in urlscan Pro
104.109.59.86  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://c.gowinterauto.com/campaigns/vy373ghvzlab4/track-url/pm276jkqc71e3/956dd1baab46d61e955cb76f2c66575c6d5ccd28
Effective URL: https://www.geico.com/
Submission: On December 12 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 8 countries across 20 domains to perform 72 HTTP transactions. The main IP is 104.109.59.86, located in Netherlands and belongs to AKAMAI-ASN1, EU. The main domain is www.geico.com.
TLS certificate: Issued by Trustwave Organization Validation SHA... on September 4th 2019. Valid for: 2 years.
This is the only time www.geico.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 162.252.172.65 9009 (M247)
2 23.250.22.58 55286 (SERVER-MANIA)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:214... 16509 (AMAZON-02)
23 104.109.59.86 20940 (AKAMAI-ASN1)
6 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 3 54.171.45.51 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.208.225.81 16509 (AMAZON-02)
2 15.237.76.117 16509 (AMAZON-02)
1 1 34.253.145.149 16509 (AMAZON-02)
1 52.18.150.20 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 172.217.23.102 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 143.204.90.80 16509 (AMAZON-02)
9 104.17.208.240 13335 (CLOUDFLAR...)
6 35.188.210.33 15169 (GOOGLE)
1 35.223.68.91 15169 (GOOGLE)
1 2600:9000:210... 16509 (AMAZON-02)
2 2600:9000:210... 16509 (AMAZON-02)
72 27
1    2606:4700:3035::ac43:aa10 (United States)

ASN13335 (CLOUDFLARENET, US)
c.gowinterauto.com
1    162.252.172.65 (United States)

ASN9009 (M247, GB)
PTR: 65.172.252.162.in-addr.arpa
www.limorsin.com
2    23.250.22.58 (Stoney Creek, Canada)

ASN55286 (SERVER-MANIA, CA)
sunflowerfresh.com
1    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:214f:ba00:10:b308:84c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.bouncepilot.com
23    104.109.59.86 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a104-109-59-86.deploy.static.akamaitechnologies.com
www.geico.com
6    2a02:26f0:6c00:299::1e80 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
assets.adobedtm.com
2    2a02:26f0:6c00:291::11a6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
s.go-mpulse.net
6852bd0e.akstat.io
3    54.171.45.51 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-45-51.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    2606:4700:10::6816:34fc (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.quantummetric.com
2    2a00:1450:4001:820::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    52.208.225.81 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-225-81.eu-west-1.compute.amazonaws.com
geico.demdex.net
2    15.237.76.117 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-76-117.eu-west-3.compute.amazonaws.com
sadobeanalytics.geico.com
1    34.253.145.149 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-145-149.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    52.18.150.20 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-150-20.eu-west-1.compute.amazonaws.com
geico.tt.omtrdc.net
1    2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a02:26f0:6c00:19a::11a6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
c.go-mpulse.net
1    2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    172.217.23.102 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f6.1e100.net
2992003.fls.doubleclick.net
1    2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    143.204.90.80 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-90-80.fra50.r.cloudfront.net
cdn.branch.io
9    104.17.208.240 (United States)

ASN13335 (CLOUDFLARENET, US)
zn0thecsujsizknzd-geico.siteintercept.qualtrics.com
6    35.188.210.33 (United States)

ASN15169 (GOOGLE, US)
PTR: 33.210.188.35.bc.googleusercontent.com
geico-app.quantummetric.com
1    35.223.68.91 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 91.68.223.35.bc.googleusercontent.com
geico-sync.quantummetric.com
1    2600:9000:2104:4e00:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)
app.link
2    2600:9000:2104:9a00:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)
api2.branch.io
Domain Requested by
23 www.geico.com sunflowerfresh.com
www.geico.com
9 zn0thecsujsizknzd-geico.siteintercept.qualtrics.com cdn.quantummetric.com
6 geico-app.quantummetric.com cdn.quantummetric.com
6 assets.adobedtm.com assets.adobedtm.com
3 dpm.demdex.net 1 redirects www.geico.com
3 www.googletagmanager.com sunflowerfresh.com
assets.adobedtm.com
www.googletagmanager.com
2 api2.branch.io cdn.quantummetric.com
2 2992003.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
cdn.quantummetric.com
2 sadobeanalytics.geico.com cdn.quantummetric.com
www.geico.com
2 sunflowerfresh.com www.limorsin.com
sunflowerfresh.com
1 6852bd0e.akstat.io s.go-mpulse.net
1 app.link cdn.branch.io
1 geico-sync.quantummetric.com cdn.quantummetric.com
1 cdn.branch.io www.limorsin.com
1 www.google.de www.geico.com
1 www.google.com www.geico.com
1 stats.g.doubleclick.net cdn.quantummetric.com
1 c.go-mpulse.net s.go-mpulse.net
1 geico.tt.omtrdc.net cdn.quantummetric.com
1 cm.everesttech.net 1 redirects
1 geico.demdex.net assets.adobedtm.com
1 cdn.quantummetric.com assets.adobedtm.com
1 s.go-mpulse.net www.geico.com
1 static.bouncepilot.com www.limorsin.com
1 www.limorsin.com
1 c.gowinterauto.com 1 redirects
72 27
Subject Issuer Validity Valid
www.limorsin.com
Let's Encrypt Authority X3		 2020-11-01 -
2021-01-30		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
*.bouncepilot.com
Amazon		 2020-07-21 -
2021-08-21		 a year crt.sh
*.geico.com
Trustwave Organization Validation SHA256 CA, Level 1		 2019-09-04 -
2021-09-03		 2 years crt.sh
assets.adobedtm.com
DigiCert SHA2 High Assurance Server CA		 2019-10-22 -
2021-10-01		 2 years crt.sh
akstat.io
DigiCert Secure Site ECC CA-1		 2020-05-06 -
2021-08-05		 a year crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA		 2018-01-09 -
2021-02-12		 3 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-17 -
2021-08-17		 a year crt.sh
sadobeanalytics.geico.com
DigiCert SHA2 High Assurance Server CA		 2020-04-13 -
2021-07-16		 a year crt.sh
*.tt.omtrdc.net
DigiCert SHA2 Secure Server CA		 2020-11-02 -
2021-11-09		 a year crt.sh
*.doubleclick.net
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
*.branch.io
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-25		 a year crt.sh
*.qualtrics.com
DigiCert SHA2 Secure Server CA		 2020-10-26 -
2021-11-26		 a year crt.sh
*.quantummetric.com
Sectigo RSA Domain Validation Secure Server CA		 2019-01-28 -
2021-02-13		 2 years crt.sh
appipv4.link
Amazon		 2020-07-22 -
2021-08-22		 a year crt.sh

This page contains 5 frames:

Primary Page: https://www.geico.com/
Frame ID: 8F0A72053D26AE08F6A810DCAE9B2307
Requests: 62 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/LBAJ4-7RCLK-J6VHB-MN55E-J4AYH
Frame ID: 7D0B0F4F8314AE0630BD86A9D2C65EE8
Requests: 2 HTTP requests in this frame

Frame: https://geico.demdex.net/dest5.html?d_nsid=0
Frame ID: 65F9B980072D61C26DEBE1FE8562F071
Requests: 1 HTTP requests in this frame

Frame: https://2992003.fls.doubleclick.net/activityi;dc_pre=CKeBobSbyO0CFZqIdwodKBAI9w;src=2992003;type=retar660;cat=homep837;ord=1;num=3852397136469;gtm=2odbu0;auiddc=95696744.1607768235;u1=u1;u2=u2;u15=u15;u16=Static%3AHomePage%3ADefault;u17=u17;u18=u18;~oref=https%3A%2F%2Fwww.geico.com%2F
Frame ID: 27B4AF9C5E26396890A495FD2DFC772E
Requests: 1 HTTP requests in this frame

Frame: https://geico-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww.geico.com%2F&t=1607768235655&v=1607768235759&z=1&S=0&N=0&P=0
Frame ID: 601119AE0CE658EE7DC0D5FA51111A4B
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://c.gowinterauto.com/campaigns/vy373ghvzlab4/track-url/pm276jkqc71e3/956dd1baab46d61e955cb76f2c66... HTTP 301
    https://www.limorsin.com/nzSky7tafbvGLsj1DA4biCkzPUodmtDPxB3YTKNyatqfBSP-hRBtrBYx5Bmwp084ACbCoMCPs5Ls... Page URL
  2. http://sunflowerfresh.com/ae9071967246c0cfd96c1094e9f3bd6fc/?sid1=162076&sid2=576856578&sid3=1209r1g&l... Page URL
  3. https://www.geico.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

72
Requests

97 %
HTTPS

54 %
IPv6

20
Domains

27
Subdomains

27
IPs

8
Countries

830 kB
Transfer

2766 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://c.gowinterauto.com/campaigns/vy373ghvzlab4/track-url/pm276jkqc71e3/956dd1baab46d61e955cb76f2c66575c6d5ccd28 HTTP 301
    https://www.limorsin.com/nzSky7tafbvGLsj1DA4biCkzPUodmtDPxB3YTKNyatqfBSP-hRBtrBYx5Bmwp084ACbCoMCPs5LshPhgYOa0ig~~/1209r1g/pm276jkqc71e3/ Page URL
  2. http://sunflowerfresh.com/ae9071967246c0cfd96c1094e9f3bd6fc/?sid1=162076&sid2=576856578&sid3=1209r1g&lp=7441 Page URL
  3. https://www.geico.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://c.gowinterauto.com/campaigns/vy373ghvzlab4/track-url/pm276jkqc71e3/956dd1baab46d61e955cb76f2c66575c6d5ccd28 HTTP 301
  • https://www.limorsin.com/nzSky7tafbvGLsj1DA4biCkzPUodmtDPxB3YTKNyatqfBSP-hRBtrBYx5Bmwp084ACbCoMCPs5LshPhgYOa0ig~~/1209r1g/pm276jkqc71e3/
Request Chain 24
  • https://dpm.demdex.net/id?d_visid_ver=4.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=71FF20B3534568190A490D45%40AdobeOrg&d_nsid=0&ts=1607768234680 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=4.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=71FF20B3534568190A490D45%40AdobeOrg&d_nsid=0&ts=1607768234680
Request Chain 35
  • https://cm.everesttech.net/cm/dd?d_uuid=47173295929572898070525734923839593004 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=X9SYqwAAAG1v2R9n
Request Chain 41
  • https://2992003.fls.doubleclick.net/activityi;src=2992003;type=retar660;cat=homep837;ord=1;num=3852397136469;gtm=2odbu0;auiddc=95696744.1607768235;u1=u1;u2=u2;u15=u15;u16=Static%3AHomePage%3ADefault;u17=u17;u18=u18;~oref=https%3A%2F%2Fwww.geico.com%2F HTTP 302
  • https://2992003.fls.doubleclick.net/activityi;dc_pre=CKeBobSbyO0CFZqIdwodKBAI9w;src=2992003;type=retar660;cat=homep837;ord=1;num=3852397136469;gtm=2odbu0;auiddc=95696744.1607768235;u1=u1;u2=u2;u15=u15;u16=Static%3AHomePage%3ADefault;u17=u17;u18=u18;~oref=https%3A%2F%2Fwww.geico.com%2F

72 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set /
www.limorsin.com/nzSky7tafbvGLsj1DA4biCkzPUodmtDPxB3YTKNyatqfBSP-hRBtrBYx5Bmwp084ACbCoMCPs5LshPhgYOa0ig~~/1209r1g/pm276jkqc71e3/
Redirect Chain
  • https://c.gowinterauto.com/campaigns/vy373ghvzlab4/track-url/pm276jkqc71e3/956dd1baab46d61e955cb76f2c66575c6d5ccd28
  • https://www.limorsin.com/nzSky7tafbvGLsj1DA4biCkzPUodmtDPxB3YTKNyatqfBSP-hRBtrBYx5Bmwp084ACbCoMCPs5LshPhgYOa0ig~~/1209r1g/pm276jkqc71e3/
171 B
475 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.limorsin.com/nzSky7tafbvGLsj1DA4biCkzPUodmtDPxB3YTKNyatqfBSP-hRBtrBYx5Bmwp084ACbCoMCPs5LshPhgYOa0ig~~/1209r1g/pm276jkqc71e3/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.252.172.65 , United States, ASN9009 (M247, GB),
Reverse DNS
65.172.252.162.in-addr.arpa
Software
Apache /
Resource Hash
cd79338f54722aff83b35fc1589c5ccd54d8b037cf3a52745e8c879b08b0417a

Request headers

Host
www.limorsin.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Dec 2020 10:17:12 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
171
Server
Apache
Set-Cookie
uid5366=576856578-20201212051712-44d3def81b7f81f69bf8adb622ccebdf-; domain=limorsin.com; expires=Mon, 11-Jan-2021 10:17:12 GMT; path=/; SameSite=None; Secure

Redirect headers

date
Sat, 12 Dec 2020 10:17:12 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d48302ff0909a85a676b373f16375f98b1607768232; expires=Mon, 11-Jan-21 10:17:12 GMT; path=/; domain=.gowinterauto.com; HttpOnly; SameSite=Lax
x-xss-protection
1; mode=block
expires
Mon, 26 Jul 1997 05:00:00 GMT
cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma
no-cache
location
https://www.limorsin.com/nzSky7tafbvGLsj1DA4biCkzPUodmtDPxB3YTKNyatqfBSP-hRBtrBYx5Bmwp084ACbCoMCPs5LshPhgYOa0ig~~/1209r1g/pm276jkqc71e3/
cf-cache-status
DYNAMIC
cf-request-id
06f80d68720000c29fac97e000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XpXHsYU%2F%2FLkZtoYzikIlkZ9p3DCvcgj8HIDESws61sFgKDo8G1ntSoEb0WD61PlLN7flwOWFA9qzKHZeuW34mxhZXL3DJX9%2Bt0QvTI7U4n%2FYHxZfwZT5ogzP%2F573k0g%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6006b1ba490cc29f-FRA
/
sunflowerfresh.com/ae9071967246c0cfd96c1094e9f3bd6fc/ 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://sunflowerfresh.com/ae9071967246c0cfd96c1094e9f3bd6fc/?sid1=162076&sid2=576856578&sid3=1209r1g&lp=7441
Requested by
Host: www.limorsin.com
URL: https://www.limorsin.com/nzSky7tafbvGLsj1DA4biCkzPUodmtDPxB3YTKNyatqfBSP-hRBtrBYx5Bmwp084ACbCoMCPs5LshPhgYOa0ig~~/1209r1g/pm276jkqc71e3/
Protocol
HTTP/1.1
Server
23.250.22.58 Stoney Creek, Canada, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software
nginx /
Resource Hash
42f0bc8365dea3dad95f3686803b5c99821427df0c66f251c08d5ce54c804176

Request headers

Host
sunflowerfresh.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx
Date
Sat, 12 Dec 2020 10:22:46 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
gtm.js
www.googletagmanager.com/ 		74 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NXNQ2LW
Requested by
Host: sunflowerfresh.com
URL: http://sunflowerfresh.com/ae9071967246c0cfd96c1094e9f3bd6fc/?sid1=162076&sid2=576856578&sid3=1209r1g&lp=7441
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9695256235404bf15d5c622ac377b7b2144b23d887e66bf12a8d3e817b0d557f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://sunflowerfresh.com/ae9071967246c0cfd96c1094e9f3bd6fc/?sid1=162076&sid2=576856578&sid3=1209r1g&lp=7441
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 10:17:13 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29897
x-xss-protection
0
last-modified
Sat, 12 Dec 2020 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 12 Dec 2020 10:17:13 GMT
index.php
sunflowerfresh.com/ 		145 B
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://sunflowerfresh.com/index.php
Requested by
Host: sunflowerfresh.com
URL: http://sunflowerfresh.com/ae9071967246c0cfd96c1094e9f3bd6fc/?sid1=162076&sid2=576856578&sid3=1209r1g&lp=7441
Protocol
HTTP/1.1
Server
23.250.22.58 Stoney Creek, Canada, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
http://sunflowerfresh.com/ae9071967246c0cfd96c1094e9f3bd6fc/?sid1=162076&sid2=576856578&sid3=1209r1g&lp=7441
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Sat, 12 Dec 2020 10:22:46 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
29a38865-21e1-485f-8a85-c343bbbe30fb.js
static.bouncepilot.com/ 		25 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.bouncepilot.com/29a38865-21e1-485f-8a85-c343bbbe30fb.js
Requested by
Host: www.limorsin.com
URL: https://www.limorsin.com/nzSky7tafbvGLsj1DA4biCkzPUodmtDPxB3YTKNyatqfBSP-hRBtrBYx5Bmwp084ACbCoMCPs5LshPhgYOa0ig~~/1209r1g/pm276jkqc71e3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ba00:10:b308:84c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef787f0ad882aa0b40e1fb1fe791e592b51184df78718ea68fb8a86997cbbd24

Request headers

Referer
http://sunflowerfresh.com/ae9071967246c0cfd96c1094e9f3bd6fc/?sid1=162076&sid2=576856578&sid3=1209r1g&lp=7441
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 10:17:14 GMT
via
1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
last-modified
Thu, 01 Nov 2018 14:13:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
"307a47bfa3aae90cdc37c505abb7abe3"
x-cache
Error from cloudfront
content-type
application/javascript
cache-control
No-Cache
accept-ranges
bytes
content-length
25606
x-amz-cf-id
PS857BPz20UFywibVFPzrkyU7wwK5xclHk9NiUIEyt2YdPOCNI6piw==
Primary Request /
www.geico.com/ 		91 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.geico.com/
Requested by
Host: sunflowerfresh.com
URL: http://sunflowerfresh.com/ae9071967246c0cfd96c1094e9f3bd6fc/?sid1=162076&sid2=576856578&sid3=1209r1g&lp=7441
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.59.86 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-59-86.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2afc7fff05806e257cab734db9ddf508c63ca667cdacfaa50a0916ef770ef4f0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.geico.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://sunflowerfresh.com/ae9071967246c0cfd96c1094e9f3bd6fc/?sid1=162076&sid2=576856578&sid3=1209r1g&lp=7441
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://sunflowerfresh.com/ae9071967246c0cfd96c1094e9f3bd6fc/?sid1=162076&sid2=576856578&sid3=1209r1g&lp=7441

Response headers

server
Apache
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-frame-options
sameorigin
content-security-policy
frame-ancestors 'self'
link
<https://assets.adobedtm.com>; rel=preconnect <https://www.googletagmanager.com>; rel=preconnect <https://dpm.demdex.net>; rel=preconnect <https://vt.myvisualiq.net>; rel=preconnect <https://t.myvisualiq.net>; rel=preconnect <https://p.tvpixel.com>; rel=preconnect <https://d.turn.com>; rel=preconnect <https://assets.adobedtm.com/launch-EN3ae031ef230c4a8191a4ab119cb86733.min.js>; rel=preload; as=script
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-cdn
Incapsula
x-iinfo
10-32222543-32234819 NNNN CT(88 92 0) RT(1607768147962 85159) q(0 0 2 14) r(3 3) U5
x-akamai-transformed
9 - 0 pmb=mRUM,2
expires
Sat, 12 Dec 2020 10:17:14 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Sat, 12 Dec 2020 10:17:14 GMT
content-length
18632
set-cookie
visid_incap_1684653=ogn5/rTqRHW79SzCZNcD+6mY1F8AAAAAQUIPAAAAAAC6XKg2a/UhfFEpZfz6FLsz; expires=Sat, 11 Dec 2021 17:45:03 GMT; HttpOnly; path=/; Domain=.geico.com; Secure; SameSite=None incap_ses_8077_1684653=henjGp3+F2W8wbYjt0QXcKmY1F8AAAAAsrX/PKb6luGh1HJPTvDuzw==; path=/; Domain=.geico.com; Secure; SameSite=None
server-timing
edge; dur=188 origin; dur=623 cdn-cache; desc=MISS
launch-EN3ae031ef230c4a8191a4ab119cb86733.min.js
assets.adobedtm.com/ 		334 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/launch-EN3ae031ef230c4a8191a4ab119cb86733.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:299::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
356ef106971aac0df2848e0456279474d9b08843dad753e5499dd65786e0be0f

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 10:17:14 GMT
content-encoding
gzip
last-modified
Mon, 30 Nov 2020 21:32:21 GMT
server
AkamaiNetStorage
etag
"324d55607fa73d2c9ba4da398664cf93:1606771941.947866"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.geico.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
94537
expires
Sat, 12 Dec 2020 11:17:14 GMT
cache-base-css.php
www.geico.com/public/css/design6/ 		259 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.geico.com/public/css/design6/cache-base-css.php
Requested by
Host: www.geico.com
URL: https://www.geico.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.59.86 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-59-86.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e4fdcd5d16238be04e8b0b72a6fb93a52466bbd0205bf1aa7694520e0810bc9a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
date
Sat, 12 Dec 2020 10:17:14 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css;charset=UTF-8
x-iinfo
10-4268431-4268437 NNNN CT(123 124 0) RT(1607697233583 71) q(0 0 3 1) r(4 4) U5
x-xss-protection
1; mode=block
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
vary
Accept-Encoding
content-length
35490
x-cdn
Incapsula
geico.com.css
www.geico.com/public/css/design6/ 		28 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.geico.com/public/css/design6/geico.com.css
Requested by
Host: www.geico.com
URL: https://www.geico.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.59.86 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-59-86.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
a0f4f16a6cb3418386e3ed8ad1cf5ba2fe23e830be25c02cc35fe043f36c83de
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
content-encoding
br
x-content-type-options
nosniff
x-cdn
Incapsula
x-iinfo
6-24299571-24299572 NNNN CT(30 67 0) RT(1607697232706 6) q(0 0 1 0) r(1 1) U5
server-timing
cdn-cache; desc=HIT, edge; dur=1
vary
Accept-Encoding
content-length
4985
x-xss-protection
1; mode=block
last-modified
Fri, 11 Dec 2020 16:49:40 GMT
server
Akamai Resource Optimizer
x-frame-options
sameorigin
date
Sat, 12 Dec 2020 10:17:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
cache-control
max-age=3600
accept-ranges
bytes
main.css
www.geico.com/public/css/homepage/design6/ 		41 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.geico.com/public/css/homepage/design6/main.css
Requested by
Host: www.geico.com
URL: https://www.geico.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.59.86 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-59-86.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
7588b039773ca02b25950f7ea9166e61062c2270ee2a83a8c3d26b839c53766e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
content-encoding
br
x-content-type-options
nosniff
x-cdn
Incapsula
x-iinfo
10-27200600-27200602 NNNN CT(71 73 0) RT(1607697233159 2) q(0 0 2 3) r(2 2) U5
server-timing
cdn-cache; desc=HIT, edge; dur=1
vary
Accept-Encoding
content-length
6447
x-xss-protection
1; mode=block
last-modified
Fri, 11 Dec 2020 17:36:26 GMT
server
Akamai Resource Optimizer
x-frame-options
sameorigin
date
Sat, 12 Dec 2020 10:17:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
cache-control
max-age=3600
accept-ranges
bytes
gecko-side.jpg
www.geico.com/public/layout_images/homepage/design6/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.geico.com/public/layout_images/homepage/design6/gecko-side.jpg
Requested by
Host: www.geico.com
URL: https://www.geico.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.59.86 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-59-86.deploy.static.akamaitechnologies.com
Software
Akamai Image Server /
Resource Hash
e132a6fa42a04e17b952a155520660e26c6e7277c309dee420a5797ae66866c2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
x-image-server-store-time
1607697265
x-content-type-options
nosniff
x-im-result-width
250
x-image-server-response
request-19193519-03589982-31b4162c
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
11444
x-xss-protection
1; mode=block
x-image-server-product
AIC
last-modified
Fri, 11 Dec 2020 13:37:28 GMT
server
Akamai Image Server
x-image-server-cpu-real
49
date
Sat, 12 Dec 2020 10:17:14 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-im-original-width
250
cache-control
no-transform, max-age=3600
content-type
image/jpeg
x-image-server-original-size
11797
ranked-1.png
www.geico.com/public/layout_images/homepage/design6/jdpower/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.geico.com/public/layout_images/homepage/design6/jdpower/ranked-1.png
Requested by
Host: www.geico.com
URL: https://www.geico.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.59.86 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-59-86.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
02515ee3f986616cc4c0002e575e48e18590e77869a3a3d2d60136bb45a49c6b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Fri, 11 Dec 2020 13:37:28 GMT
server
Apache
date
Sat, 12 Dec 2020 10:17:14 GMT
x-frame-options
sameorigin
content-type
image/png
x-iinfo
13-6752773-6753321 SNNN RT(1607697235228 29345) q(0 0 0 0) r(2 2) U5
x-xss-protection
1; mode=block
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
2538
x-cdn
Incapsula
jdpower.png
www.geico.com/public/layout_images/homepage/design6/jdpower/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.geico.com/public/layout_images/homepage/design6/jdpower/jdpower.png
Requested by
Host: www.geico.com
URL: https://www.geico.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.59.86 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-59-86.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3f2c447994284b8fceb218aea1be93ed8640335ce15eb100188a5cb52179970
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Fri, 11 Dec 2020 13:37:28 GMT
server
Apache
date
Sat, 12 Dec 2020 10:17:14 GMT
x-frame-options
sameorigin
content-type
image/png
x-iinfo
11-7043769-7044085 SNNN RT(1607697237260 27031) q(0 0 0 0) r(2 2) U5
x-xss-protection
1; mode=block
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
43523
x-cdn
Incapsula
geicoApp-AppStoreDL.jpg
www.geico.com/public/images/aboutgeico/mobile/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.geico.com/public/images/aboutgeico/mobile/geicoApp-AppStoreDL.jpg
Requested by
Host: www.geico.com
URL: https://www.geico.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.59.86 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-59-86.deploy.static.akamaitechnologies.com
Software
Akamai Image Server /
Resource Hash
e25f1fb24df6a8cf310cf146936214d02d130ed110577628e852acd23788cd36
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
x-image-server-store-time
1607697243
x-content-type-options
nosniff
x-im-result-width
101
x-image-server-response
request-58025-85179318-52b61390
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
1986
x-xss-protection
1; mode=block
x-image-server-product
AIC
last-modified
Fri, 11 Dec 2020 11:57:32 GMT
server
Akamai Image Server
x-image-server-cpu-real
14
date
Sat, 12 Dec 2020 10:17:14 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-im-original-width
101
cache-control
no-transform, max-age=3600
content-type
image/jpeg
x-image-server-original-size
3100
geicoApp-GooglePlayDL.jpg
www.geico.com/public/images/aboutgeico/mobile/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.geico.com/public/images/aboutgeico/mobile/geicoApp-GooglePlayDL.jpg
Requested by
Host: www.geico.com
URL: https://www.geico.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.59.86 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-59-86.deploy.static.akamaitechnologies.com
Software
Akamai Image Server /
Resource Hash
20aaf4433987094f3d257559504456b82217e1711aaabe8ee1ea47037bd1c3a4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
x-image-server-store-time
1607697243
x-content-type-options
nosniff
x-im-result-width
99
x-image-server-cpu-estimate
53
x-image-server-response
request-47738-67298100-257d1d8b
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
2018
x-xss-protection
1; mode=block
x-image-server-product
AIC
last-modified
Fri, 11 Dec 2020 11:57:32 GMT
server
Akamai Image Server
x-image-server-cpu-real
27
date
Sat, 12 Dec 2020 10:17:14 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-im-original-width
99
cache-control
no-transform, max-age=3600
content-type
image/jpeg
x-image-server-original-size
2878
cache-base-js.php
www.geico.com/public/scripts/design6/ 		361 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.geico.com/public/scripts/design6/cache-base-js.php
Requested by
Host: www.geico.com
URL: https://www.geico.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.59.86 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-59-86.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
10f861eb3fafd16707d71efb088592278927130d13d77656757d0490ecbf2b40
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
date
Sat, 12 Dec 2020 10:17:14 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
x-iinfo
9-3874620-3874626 NNNN CT(123 125 0) RT(1607697233079 81) q(0 0 3 0) r(4 4) U5
x-xss-protection
1; mode=block
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
vary
Accept-Encoding
content-length
73990
x-cdn
Incapsula
jquery.cookie.js
www.geico.com/public/scripts/jquery/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.geico.com/public/scripts/jquery/jquery.cookie.js
Requested by
Host: www.geico.com
URL: https://www.geico.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.59.86 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-59-86.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
4f6a9c99d36c51fabdd3e290c6a7fafb8252e6f34627d37d133ee9381a7880e5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
content-encoding
br
x-content-type-options
nosniff
x-cdn
Incapsula
x-iinfo
7-20911747-20911749 NNNN CT(5 15 0) RT(1607697232626 6) q(0 0 0 0) r(0 0) U5
server-timing
cdn-cache; desc=HIT, edge; dur=1
vary
Accept-Encoding
content-length
1174
x-xss-protection
1; mode=block
last-modified
Fri, 11 Dec 2020 18:36:59 GMT
server
Akamai Resource Optimizer
x-frame-options
sameorigin
date
Sat, 12 Dec 2020 10:17:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
global.js
www.geico.com/public/scripts/design6/ 		44 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.geico.com/public/scripts/design6/global.js
Requested by
Host: www.geico.com
URL: https://www.geico.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.59.86 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-59-86.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
99792e7625a1f8a83f2606c4d90febd7b3b150de3b3f353f2210435d43bba472
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
content-encoding
br
x-content-type-options
nosniff
x-cdn
Incapsula
x-iinfo
4-25221406-25221410 NNNN CT(30 36 0) RT(1607697232586 13) q(0 1 1 9) r(2 2) U5
server-timing
cdn-cache; desc=HIT, edge; dur=1
vary
Accept-Encoding
content-length
8651
x-xss-protection
1; mode=block
last-modified
Fri, 11 Dec 2020 16:52:06 GMT
server
Akamai Resource Optimizer
x-frame-options
sameorigin
date
Sat, 12 Dec 2020 10:17:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
homepage.js
www.geico.com/public/scripts/design6/ 		41 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.geico.com/public/scripts/design6/homepage.js
Requested by
Host: www.geico.com
URL: https://www.geico.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.59.86 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-59-86.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
7008c3dc52ea498845c174e45fc0904a5ef389ff57bacb416f8b51dbd75345f0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
content-encoding
br
x-content-type-options
nosniff
x-cdn
Incapsula
x-iinfo
14-42963764-42960488 PNNN RT(1607697273920 13129) q(0 0 0 1) r(3 3) U5
server-timing
cdn-cache; desc=HIT, edge; dur=3
vary
Accept-Encoding
content-length
7011
x-xss-protection
1; mode=block
last-modified
Fri, 11 Dec 2020 15:35:18 GMT
server
Akamai Resource Optimizer
x-frame-options
sameorigin
date
Sat, 12 Dec 2020 10:17:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
_Incapsula_Resource
www.geico.com/ 		128 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.geico.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1059923072
Requested by
Host: www.geico.com
URL: https://www.geico.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.59.86 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-59-86.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
284ba4729f1f9916168ec2cd3710ef915d15ef13cbf9c3fa25df549a2b29e3c6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 12 Dec 2020 10:17:14 GMT
x-frame-options
sameorigin
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
content-security-policy
frame-ancestors 'self'
server-timing
edge; dur=1, origin; dur=46, cdn-cache; desc=MISS
x-robots-tag
noindex
vary
Accept-Encoding
content-length
18561
x-xss-protection
1; mode=block
expires
Sat, 12 Dec 2020 10:17:14 GMT
LBAJ4-7RCLK-J6VHB-MN55E-J4AYH
s.go-mpulse.net/boomerang/ Frame 7D0B 		202 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/LBAJ4-7RCLK-J6VHB-MN55E-J4AYH
Requested by
Host: www.geico.com
URL: https://www.geico.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:291::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 10:17:14 GMT
content-encoding
br
last-modified
Tue, 03 Nov 2020 17:58:29 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
51580
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif
lato-normal-400-latin.woff2
www.geico.com/public/design-kit/4.0/fonts/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.geico.com/public/design-kit/4.0/fonts/lato-normal-400-latin.woff2
Requested by
Host: www.geico.com
URL: https://www.geico.com/public/css/design6/cache-base-css.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.59.86 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-59-86.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
47a3e3b64cffe3ff820ebe554ac4df940da5ed469eaddbbc13bdd3b0b1eb4479
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Origin
https://www.geico.com
Referer
https://www.geico.com/public/css/design6/cache-base-css.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
Incapsula
x-iinfo
7-8494522-8494533 SNNN RT(1607697235471 10727) q(0 1 1 0) r(2 2) U5
server-timing
cdn-cache; desc=HIT, edge; dur=1
vary
Accept-Encoding
content-length
25670
x-xss-protection
1; mode=block
last-modified
Fri, 11 Dec 2020 13:37:28 GMT
server
Apache
x-frame-options
sameorigin
date
Sat, 12 Dec 2020 10:17:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
lato-normal-700-latin.woff2
www.geico.com/public/design-kit/4.0/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.geico.com/public/design-kit/4.0/fonts/lato-normal-700-latin.woff2
Requested by
Host: www.geico.com
URL: https://www.geico.com/public/css/design6/cache-base-css.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.59.86 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-59-86.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
63413259cbaefb160e5ade88d65669a85beb447007edb1eb6f58daeba865822e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Origin
https://www.geico.com
Referer
https://www.geico.com/public/css/design6/cache-base-css.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
Incapsula
x-iinfo
7-10120548-10122127 PNNN RT(1607697237168 46399) q(0 0 0 0) r(2 2) U5
server-timing
cdn-cache; desc=HIT, edge; dur=1
vary
Accept-Encoding
content-length
25025
x-xss-protection
1; mode=block
last-modified
Fri, 11 Dec 2020 13:37:28 GMT
server
Apache
x-frame-options
sameorigin
date
Sat, 12 Dec 2020 10:17:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
geico.ttf
www.geico.com/public/design-kit/4.0/fonts/ 		77 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.geico.com/public/design-kit/4.0/fonts/geico.ttf?r5709x
Requested by
Host: www.geico.com
URL: https://www.geico.com/public/css/design6/cache-base-css.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.59.86 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-59-86.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
be4f6510e32d5d97b25f8e66e037794d4c725ffb939a9c2d35d80f436aef03d6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Origin
https://www.geico.com
Referer
https://www.geico.com/public/css/design6/cache-base-css.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
Incapsula
x-iinfo
5-16760612-16762797 NNNN CT(122 124 0) RT(1607697251111 33108) q(0 0 2 0) r(4 4) U5
server-timing
cdn-cache; desc=HIT, edge; dur=1
vary
Accept-Encoding
content-length
44039
x-xss-protection
1; mode=block
last-modified
Fri, 11 Dec 2020 13:37:28 GMT
server
Apache
x-frame-options
sameorigin
date
Sat, 12 Dec 2020 10:17:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/ttf
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=4.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=71FF20B3534568190A490D45%40AdobeOrg&d_nsid=0&ts=1607768234680
  • https://dpm.demdex.net/id/rd?d_visid_ver=4.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=71FF20B3534568190A490D45%40AdobeOrg&d_nsid=0&ts=1607768234680
364 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=4.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=71FF20B3534568190A490D45%40AdobeOrg&d_nsid=0&ts=1607768234680
Requested by
Host: www.geico.com
URL: https://www.geico.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.45.51 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-45-51.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2752ff5595e4deddc05e9bfea06efefc9db346223d33054afb70f5622584ea97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v086-0dbb80368.edge-irl1.demdex.com 5.80.1.20201111130852 2ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-TID
sZJXKmoZQio=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.geico.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
300
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Origin
https://www.geico.com
X-TID
Ppnw/IKySvg=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=4.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=71FF20B3534568190A490D45%40AdobeOrg&d_nsid=0&ts=1607768234680
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
AppMeasurement.min.js
assets.adobedtm.com/extensions/EP7b1fa4581fb94dd0961a981af9997765/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EP7b1fa4581fb94dd0961a981af9997765/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3ae031ef230c4a8191a4ab119cb86733.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:299::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
9cc56307a599f98aca4e3fedeba9b46a424244e8257a64f0e9700f7d90cf2834

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 10:17:14 GMT
content-encoding
gzip
last-modified
Tue, 02 Jun 2020 21:30:12 GMT
server
AkamaiNetStorage
etag
"41f1b46329a6056c0f2c993498eda989:1591133412.019903"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.geico.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12161
expires
Sat, 12 Dec 2020 11:17:14 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EP7b1fa4581fb94dd0961a981af9997765/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EP7b1fa4581fb94dd0961a981af9997765/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3ae031ef230c4a8191a4ab119cb86733.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:299::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c92295bd1bd22a2460a97272741c3ef8753884a1a370ad862753cc16e6d94e85

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 10:17:14 GMT
content-encoding
gzip
last-modified
Tue, 02 Jun 2020 21:30:12 GMT
server
AkamaiNetStorage
etag
"e9aa55ef8b40a205f86b54789b37de5c:1591133412.323749"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.geico.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1607
expires
Sat, 12 Dec 2020 11:17:14 GMT
quantum-geico.js
cdn.quantummetric.com/qscripts/ 		313 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.quantummetric.com/qscripts/quantum-geico.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3ae031ef230c4a8191a4ab119cb86733.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:34fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ca68bdf243aacaa1e2a9063fa2f412089b36f2dcd25a72f7b019d8fa01e93c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 10:17:14 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
62
etag
W/"160773860170316076363843041607763606799"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600
strict-transport-security
max-age=31536000
cf-ray
6006b1cb0f6a3250-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
06f80d72e500003250ed9ae000000001
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-34118221-1&l=dataLayer
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3ae031ef230c4a8191a4ab119cb86733.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6f5ce023967c16cce2664550ee576f61543c3d21de266b2edcfe6d1d62229944
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 10:17:14 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38974
x-xss-protection
0
last-modified
Sat, 12 Dec 2020 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 12 Dec 2020 10:17:14 GMT
RCcb1d9b17fbea43bbad531bff6fbcd228-source.min.js
assets.adobedtm.com/c118acf613a5/f856228fd8b7/9ca18cb9a1f2/ 		414 B
516 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/c118acf613a5/f856228fd8b7/9ca18cb9a1f2/RCcb1d9b17fbea43bbad531bff6fbcd228-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3ae031ef230c4a8191a4ab119cb86733.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:299::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
cea39f2ebeb4f572a693606eecff32c1bf5457ef5e22faefe060f0bc1330c241

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 10:17:14 GMT
content-encoding
gzip
last-modified
Mon, 30 Nov 2020 21:32:22 GMT
server
AkamaiNetStorage
etag
"eeb5c1a5b58d4d6a8260874672d067b5:1606771942.740595"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.geico.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
252
expires
Sat, 12 Dec 2020 11:17:14 GMT
geolocation.js
www.geico.com/public/scripts/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.geico.com/public/scripts/geolocation.js
Requested by
Host: www.geico.com
URL: https://www.geico.com/public/scripts/design6/cache-base-js.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.59.86 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-59-86.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
15599a3af2dbebca8c47fd27216370057bc0f3d10bcf3160949d1a114147cc50
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.geico.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
content-encoding
br
x-content-type-options
nosniff
x-cdn
Incapsula
x-iinfo
6-24685819-24685820 NNNN CT(29 39 0) RT(1607707021923 3) q(0 0 0 0) r(1 1) U5
server-timing
cdn-cache; desc=HIT, edge; dur=1
vary
Accept-Encoding
content-length
936
x-xss-protection
1; mode=block
last-modified
Fri, 11 Dec 2020 17:17:33 GMT
server
Akamai Resource Optimizer
x-frame-options
sameorigin
date
Sat, 12 Dec 2020 10:17:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
_Incapsula_Resource
www.geico.com/ 		1 B
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.geico.com/_Incapsula_Resource?SWKMTFSR=1&e=0.2709485064427457
Requested by
Host: www.geico.com
URL: https://www.geico.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.59.86 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-59-86.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
date
Sat, 12 Dec 2020 10:17:15 GMT
x-frame-options
sameorigin
content-type
text/plain
cache-control
max-age=0, no-cache, no-store
content-security-policy
frame-ancestors 'self'
server-timing
edge; dur=1, origin; dur=138, cdn-cache; desc=MISS
x-robots-tag
noindex
content-length
1
x-xss-protection
1; mode=block
expires
Sat, 12 Dec 2020 10:17:15 GMT
RC7f9bf6cb4a1e49e09eb1341b06f4ac6e-source.min.js
assets.adobedtm.com/c118acf613a5/f856228fd8b7/9ca18cb9a1f2/ 		2 KB
1017 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/c118acf613a5/f856228fd8b7/9ca18cb9a1f2/RC7f9bf6cb4a1e49e09eb1341b06f4ac6e-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3ae031ef230c4a8191a4ab119cb86733.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:299::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
57204d78b1a4e799dabb2be38e4f8e8abdefd77c9c042cd7ed27793070332e41

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 10:17:14 GMT
content-encoding
gzip
last-modified
Mon, 30 Nov 2020 21:32:22 GMT
server
AkamaiNetStorage
etag
"eeb5c1a5b58d4d6a8260874672d067b5:1606771942.740595"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.geico.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
752
expires
Sat, 12 Dec 2020 11:17:14 GMT
Cookie set dest5.html
geico.demdex.net/ Frame 65F9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://geico.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3ae031ef230c4a8191a4ab119cb86733.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.225.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-225-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
geico.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.geico.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
demdex=47173295929572898070525734923839593004
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.geico.com/

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=21600
Content-Encoding
gzip
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified
Thu, 12 Nov 2020 13:37:50 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Set-Cookie
demdex=47173295929572898070525734923839593004;Path=/;Domain=.demdex.net;Expires=Thu, 10-Jun-2021 10:17:15 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding, User-Agent
X-TID
1wKitTkCTHw=
Content-Length
2785
Connection
keep-alive
id
sadobeanalytics.geico.com/ 		48 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sadobeanalytics.geico.com/id?d_visid_ver=4.6.0&d_fieldgroup=A&mcorgid=71FF20B3534568190A490D45%40AdobeOrg&mid=46883161072790372410516970357811997786&ts=1607768234919
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.237.76.117 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-237-76-117.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
4c0997a89e8ef19c817c6ec32046bfc7cf512ee53286c5c8304b1bb577a36025
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 12 Dec 2020 10:17:14 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-f7bfdfcfd-mks48
vary
Origin
x-c
master-1404.I1e61f9.M0-468
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.geico.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=X9SYqwAAAG1v2R9n
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=47173295929572898070525734923839593004
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=X9SYqwAAAG1v2R9n
42 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=X9SYqwAAAG1v2R9n
Requested by
Host: www.geico.com
URL: https://www.geico.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.45.51 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-45-51.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v086-039fd5fd3.edge-irl1.demdex.com 5.80.1.20201111130852 0ms (+2ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
SKfufh1jS7Q=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=X9SYqwAAAG1v2R9n
Date
Sat, 12 Dec 2020 10:17:15 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
delivery
geico.tt.omtrdc.net/rest/v1/ 		521 B
606 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geico.tt.omtrdc.net/rest/v1/delivery?client=geico&sessionId=c033bb6b1a2e4428a21907f05b776831&version=2.3.0
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.150.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-150-20.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7ecd04badfac490e68572e91f653bf29fae092b99381bd481a012994cae7159a

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.geico.com
date
Sat, 12 Dec 2020 10:17:15 GMT
content-encoding
gzip
access-control-allow-credentials
true
vary
Origin,Accept-Encoding
x-request-id
0caf54f3f4e2f03c8903b1c1a3c6d198
content-type
application/json;charset=UTF-8
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-34118221-1&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
1598
date
Sat, 12 Dec 2020 09:50:36 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Sat, 12 Dec 2020 11:50:36 GMT
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-2992003&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-34118221-1&l=dataLayer
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
18442ae5de7f0769cae99defad4b56a17ecd713ed7d434eb1d3f0c695881ee59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 10:17:14 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38979
x-xss-protection
0
last-modified
Sat, 12 Dec 2020 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 12 Dec 2020 10:17:14 GMT
config.json
c.go-mpulse.net/api/ Frame 7D0B 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=LBAJ4-7RCLK-J6VHB-MN55E-J4AYH&d=www.geico.com&t=5359227&v=1.632.0&if=&sl=0&si=w214wf61f3j-ql81wr&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=294026
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/LBAJ4-7RCLK-J6VHB-MN55E-J4AYH
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:19a::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
7fbd37047ff1d112be0dcd5b59353a3cdcbb20e1332a1e78a2be3e5d4ac9a8b0

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Dec 2020 10:17:14 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
751
collect
www.google-analytics.com/j/ 		2 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1003373403&t=pageview&_s=1&dl=https%3A%2F%2Fwww.geico.com%2F&dr=http%3A%2F%2Fsunflowerfresh.com%2Fae9071967246c0cfd96c1094e9f3bd6fc%2F%3Fsid1%3D162076%26sid2%3D576856578%26sid3%3D1209r1g%26lp%3D7441&ul=en-us&de=UTF-8&dt=An%20Insurance%20Company%20For%20Your%20Car%20And%20More%20%7C%20GEICO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=oGDAAUABAAAAAC~&jid=255109286&gjid=209288561&cid=2142980152.1607768235&tid=UA-34118221-1&_gid=1770111454.1607768235&_r=1&cd1=ga%20pageview%20-%20page%20view&cd2=Static%3AHomePage%3ADefault&cd3=http%3A%2F%2Fsunflowerfresh.com%2Fae9071967246c0cfd96c1094e9f3bd6fc%2F%3Fsid1%3D162076%26sid2%3D576856578%26sid3%3D1209r1g%26lp%3D7441&cd5=1607768234750.z6wegxt&cd7=&cd9=&cd10=&cd11=&cd12=&cd13=&cd14=static&cd16=&cd35=12%2F12%2F2020%2011%3A17%3A14&cd36=-1&cd37=&cd40=https%3A%2F%2Fwww.geico.com%2F&cd41=&cd42=&cd43=&cd44=False&cd45=&cd46=&cd49=&cd50=&cd52=&cd53=&cd54=&cd55=&cd56=&cd57=&cd58=&cd59=&cd60=&cd61=&cd62=&cd63=&cd64=&cd65=&cd67=&cd68=&cd69=&cd70=&cd71=&cd72=&cd73=&cd74=&cd75=&cd78=&cd79=no&cd80=Original&cd81=&cd24=&cm8=&cm10=&cm11=&cm12=&cd19=&gtm=2oubu0&z=1674378220
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 12 Dec 2020 10:17:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.geico.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
activityi;dc_pre=CKeBobSbyO0CFZqIdwodKBAI9w;src=2992003;type=retar660;cat=homep837;ord=1;num=3852397136469;gtm=2odbu0;auiddc=95696744.1607768235;u1=u1;u2=u2;u15=u15;u16=Static%3AHomePage%3ADefault;...
2992003.fls.doubleclick.net/ Frame 27B4
Redirect Chain
  • https://2992003.fls.doubleclick.net/activityi;src=2992003;type=retar660;cat=homep837;ord=1;num=3852397136469;gtm=2odbu0;auiddc=95696744.1607768235;u1=u1;u2=u2;u15=u15;u16=Static%3AHomePage%3ADefaul...
  • https://2992003.fls.doubleclick.net/activityi;dc_pre=CKeBobSbyO0CFZqIdwodKBAI9w;src=2992003;type=retar660;cat=homep837;ord=1;num=3852397136469;gtm=2odbu0;auiddc=95696744.1607768235;u1=u1;u2=u2;u15=...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://2992003.fls.doubleclick.net/activityi;dc_pre=CKeBobSbyO0CFZqIdwodKBAI9w;src=2992003;type=retar660;cat=homep837;ord=1;num=3852397136469;gtm=2odbu0;auiddc=95696744.1607768235;u1=u1;u2=u2;u15=u15;u16=Static%3AHomePage%3ADefault;u17=u17;u18=u18;~oref=https%3A%2F%2Fwww.geico.com%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-2992003&l=dataLayer&cx=c
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
2992003.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CKeBobSbyO0CFZqIdwodKBAI9w;src=2992003;type=retar660;cat=homep837;ord=1;num=3852397136469;gtm=2odbu0;auiddc=95696744.1607768235;u1=u1;u2=u2;u15=u15;u16=Static%3AHomePage%3ADefault;u17=u17;u18=u18;~oref=https%3A%2F%2Fwww.geico.com%2F?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.geico.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
about:blank

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sat, 12 Dec 2020 10:17:15 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
431
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 12-Dec-2020 10:32:15 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sat, 12 Dec 2020 10:17:15 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://2992003.fls.doubleclick.net/activityi;dc_pre=CKeBobSbyO0CFZqIdwodKBAI9w;src=2992003;type=retar660;cat=homep837;ord=1;num=3852397136469;gtm=2odbu0;auiddc=95696744.1607768235;u1=u1;u2=u2;u15=u15;u16=Static%3AHomePage%3ADefault;u17=u17;u18=u18;~oref=https%3A%2F%2Fwww.geico.com%2F?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
stats.g.doubleclick.net/j/ 		4 B
87 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-34118221-1&cid=2142980152.1607768235&jid=255109286&gjid=209288561&_gid=1770111454.1607768235&_u=oGDAAUAAAAAAAC~&z=235049755
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 12 Dec 2020 10:17:15 GMT
content-type
text/plain
access-control-allow-origin
https://www.geico.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-34118221-1&cid=2142980152.1607768235&jid=255109286&_u=oGDAAUAAAAAAAC~&z=1777148886
Requested by
Host: www.geico.com
URL: https://www.geico.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Dec 2020 10:17:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-34118221-1&cid=2142980152.1607768235&jid=255109286&_u=oGDAAUAAAAAAAC~&z=1777148886
Requested by
Host: www.geico.com
URL: https://www.geico.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Dec 2020 10:17:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
s79235908400857
sadobeanalytics.geico.com/b/ss/geico-prod/1/JS-2.20.0-LAWA/ 		43 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sadobeanalytics.geico.com/b/ss/geico-prod/1/JS-2.20.0-LAWA/s79235908400857?AQB=1&ndh=1&pf=1&t=12%2F11%2F2020%2011%3A17%3A15%206%20-60&sdid=48BDEA9696C6ACEF-23F1A4FED42C2F05&mid=46883161072790372410516970357811997786&aamlh=6&ce=UTF-8&ns=geico&pageName=Static%3AHomePage%3ADefault&g=https%3A%2F%2Fwww.geico.com%2F&r=http%3A%2F%2Fsunflowerfresh.com%2Fae9071967246c0cfd96c1094e9f3bd6fc%2F%3Fsid1%3D162076%26sid2%3D576856578%26sid3%3D1209r1g%26lp%3D7441&cc=USD&events=event32&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c2=https%3A%2F%2Fwww.geico.com%2F&c5=2.20.0&c14=Non-Mobile%20App%20Experience&v16=%2B1&v18=Static%3AHomePage%3ADefault&v19=5%3A00AM-Saturday&c21=spa%20update%20-%20load%20time%20not%20available&v21=Non-Mobile%20App%20Experience&c28=4.035_P&v33=spa%20update%20-%20load%20time%20not%20available&c48=dom%20ready%20page%20view&v55=https%3A%2F%2Fwww.geico.com%2F&v64=https%3A%2F%2Fgeico.quantummetric.com%2F%23%2Fusers%2Fsearch%3Fautoreplay%3Dtrue%26qmsessioncookie%3Dundefined&v74=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F83.0.4103.61%20Safari%2F537.36&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=71FF20B3534568190A490D45%40AdobeOrg&AQE=1
Requested by
Host: www.geico.com
URL: https://www.geico.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.237.76.117 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-237-76-117.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 10:17:14 GMT
x-content-type-options
nosniff
x-c
master-1404.I1e61f9.M0-468
p3p
CP="This is not a P3P policy"
vary
*
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sun, 13 Dec 2020 10:17:15 GMT
server
jag
xserver
anedge-f7bfdfcfd-trwsq
etag
3452655994521616384-4621617535601889913
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Fri, 11 Dec 2020 10:17:15 GMT
OrchestratorMain.js
www.geico.com/public/design-kit/4.0/qualtrics/ 		60 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.geico.com/public/design-kit/4.0/qualtrics/OrchestratorMain.js
Requested by
Host: www.geico.com
URL: https://www.geico.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.59.86 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-59-86.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
5795c090740f40b27406c50c000e62b79d171695fdf1f3482e3c8c445eb446f9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
content-encoding
br
x-content-type-options
nosniff
x-cdn
Incapsula
x-iinfo
3-2088735-2090535 NNNN CT(8 9 0) RT(1607697248881 60155) q(0 0 0 0) r(0 0) U5
server-timing
cdn-cache; desc=HIT, edge; dur=1
vary
Accept-Encoding
content-length
12935
x-xss-protection
1; mode=block
last-modified
Fri, 11 Dec 2020 14:35:10 GMT
server
Akamai Resource Optimizer
x-frame-options
sameorigin
date
Sat, 12 Dec 2020 10:17:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
RC2bae8f3a7c3242d7bf656de6efd5cf0e-source.min.js
assets.adobedtm.com/c118acf613a5/f856228fd8b7/9ca18cb9a1f2/ 		1 KB
905 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/c118acf613a5/f856228fd8b7/9ca18cb9a1f2/RC2bae8f3a7c3242d7bf656de6efd5cf0e-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3ae031ef230c4a8191a4ab119cb86733.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:299::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
139b88bb568fc7da180230a8f71658ad5e49f4780c64060e280c02fcf1ecbb09

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 10:17:15 GMT
content-encoding
gzip
last-modified
Mon, 30 Nov 2020 21:32:22 GMT
server
AkamaiNetStorage
etag
"eeb5c1a5b58d4d6a8260874672d067b5:1606771942.740595"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.geico.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
640
expires
Sat, 12 Dec 2020 11:17:15 GMT
branch-latest.min.js
cdn.branch.io/ 		78 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.branch.io/branch-latest.min.js
Requested by
Host: www.limorsin.com
URL: https://www.limorsin.com/nzSky7tafbvGLsj1DA4biCkzPUodmtDPxB3YTKNyatqfBSP-hRBtrBYx5Bmwp084ACbCoMCPs5LshPhgYOa0ig~~/1209r1g/pm276jkqc71e3/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.90.80 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-90-80.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3ff0169292598bec1751fce80d0024e2c9e55c406b7456ef3aefae30bf3a4efb

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
c7Vvzbb8uKgHcC4eD_pqp123QB.GvKI.
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Thu, 19 Nov 2020 17:43:28 GMT
Server
AmazonS3
Age
35
ETag
"d4ba055ba82c0baa510053e92eb83211"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
Cache-Control
max-age=300
Date
Sat, 12 Dec 2020 10:16:41 GMT
X-Amz-Cf-Pop
FRA50-C1
Content-Length
23541
X-Amz-Cf-Id
qpU8H-lGdmKiZ0n_3U1tTSHCn-UY1Z7dZmBKpslrqN_JE7tJ_yN75w==
Targeting.php
zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_0ThecsUJSizKNzD&Q_CLIENTVERSION=1.12.1&Q_CLIENTTYPE=hostedjs
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3fafcc5132800415acb9d4efc72fd9ef15517939d4f17cc2c59d2305ca181f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 12 Dec 2020 10:17:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
https://www.geico.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6006b1d1d9fa72e1-AMS
vary
Accept-Encoding
cf-request-id
06f80d7728000072e1c3125000000001
/
geico-app.quantummetric.com/ Frame 6011 		90 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geico-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww.geico.com%2F&t=1607768235655&v=1607768235759&z=1&S=0&N=0&P=0
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.188.210.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
33.210.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
ac9d351ddece50866ea064e37b1cde3209739e7772ec0b9c98b1234fc276be1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 12 Dec 2020 10:17:16 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.geico.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
/
geico-sync.quantummetric.com/ Frame 6011 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geico-sync.quantummetric.com/?T=B&u=https%3A%2F%2Fwww.geico.com%2F&t=1607768235655&v=1607768235771&z=2&Q=1&Y=1&X=6ed36d7449de415721be8c31a490994e
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.223.68.91 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
91.68.223.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.geico.com
date
Sat, 12 Dec 2020 10:17:16 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
strict-transport-security
max-age=31536000
content-type
application/json
_r
app.link/ 		90 B
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.link/_r?sdk=web2.57.1&branch_key=key_live_cdx48HLr92TSxZjby6NtdfepDDfcfxpz&callback=branch_callback__0
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:4e00:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty / Express
Resource Hash
d57ecc64245265d85e147f6b79e9140602ed22f6d69a528f456cebb227c36852
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Dec 2020 10:17:16 GMT
Via
1.1 8dfd7af0583283ff28c8cd8eea759112.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Server
openresty
X-Amz-Cf-Pop
AMS1-C1
X-Powered-By
Express
X-Cache
Miss from cloudfront
Content-Type
text/javascript; charset=utf-8
Connection
keep-alive
Content-Length
90
ETag
W/"5a-UkHB24WsqVArITDYIUC1oK9Mvr4"
X-Amz-Cf-Id
7Cx_L50FLSzguLoCRsyc3WQs4-ks6Kp9VtAe6EkoefZL10AdvBVslw==
/
geico-app.quantummetric.com/ Frame 6011 		28 B
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geico-app.quantummetric.com/?s=a841f79dd97a3f4c513e34d93f4a8000&H=929497b6c0978bba1a4a5d35&Q=3
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.188.210.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
33.210.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 10:17:16 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.geico.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
/
6852bd0e.akstat.io/ 		0
201 B 		Other
General
Check archive.org
Download Go to
Full URL
https://6852bd0e.akstat.io/
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/LBAJ4-7RCLK-J6VHB-MN55E-J4AYH
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:291::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 12 Dec 2020 10:17:16 GMT
content-type
image/gif
access-control-allow-origin
https://www.geico.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
0
expires
Sat, 12 Dec 2020 10:17:16 GMT
open
api2.branch.io/v1/ 		267 B
580 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api2.branch.io/v1/open
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:9a00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e400d34aba284f0de43dcbdadc5ec84ffab81f660f831b565954ca0b40dadd8d

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 12 Dec 2020 10:17:16 GMT
via
1.1 7f71f5258c6bbee046a26011fbbfa997.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache
x-branch-request-id
eb31e598d1064627aa7514b9b4da9d23-2020121210
content-length
267
x-amz-cf-id
zDZBh0V_5drr3yHgSGlMT-A79uMVwt4GPddAfs1INu4ReU1n8UGQfg==
/
geico-app.quantummetric.com/ Frame 6011 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geico-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww.geico.com%2F&t=1607768235655&v=1607768236270&H=929497b6c0978bba1a4a5d35&s=a841f79dd97a3f4c513e34d93f4a8000&U=d5550be49a61a59939e4c5e05f22faec&z=1&Q=2&S=0&N=0
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.188.210.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
33.210.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 12 Dec 2020 10:17:16 GMT
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.geico.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
content-length
0
CoreModule.js
www.geico.com/public/design-kit/4.0/qualtrics/ 		78 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.geico.com/public/design-kit/4.0/qualtrics/CoreModule.js?Q_CLIENTVERSION=1.12.1&Q_CLIENTTYPE=hostedjs
Requested by
Host: www.geico.com
URL: https://www.geico.com/public/design-kit/4.0/qualtrics/OrchestratorMain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.59.86 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-59-86.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
fb10a63cc1f79596994baf9c2e845744582e38be145c4d43e57897d99834b633
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
content-encoding
br
x-content-type-options
nosniff
x-cdn
Incapsula
x-iinfo
4-41393308-41422761 NNNN CT(36 48 0) RT(1607697237846 132762) q(0 0 0 -1) r(1 1) U5
server-timing
cdn-cache; desc=HIT, edge; dur=1
vary
Accept-Encoding
content-length
21485
x-xss-protection
1; mode=block
last-modified
Fri, 11 Dec 2020 18:12:16 GMT
server
Akamai Resource Optimizer
x-frame-options
sameorigin
date
Sat, 12 Dec 2020 10:17:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
Targeting.php
zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_0ThecsUJSizKNzD&Q_CLIENTVERSION=1.12.1&Q_CLIENTTYPE=hostedjs&t=1607768236324&Q_VSI=%7B%22SI_ebrThfvrduW3xsh%22%3A%22DependencyResolver%22%2C%22SI_0lne77E50rZSyl7%22%3A%22AS_9WZFaoG0wFV632t%22%7D&Q_DPR=true
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22e32bfe0f86b6230fca59672346131c714bd382395dbfc6a486426737edcfbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 12 Dec 2020 10:17:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
https://www.geico.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6006b1d51b0072e1-AMS
vary
Accept-Encoding
cf-request-id
06f80d792d000072e1ca8ad000000001
/
geico-app.quantummetric.com/ Frame 6011 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geico-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww.geico.com%2F&t=1607768235655&v=1607768236405&H=929497b6c0978bba1a4a5d35&s=a841f79dd97a3f4c513e34d93f4a8000&z=1&S=2252&N=17&P=1
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.188.210.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
33.210.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 12 Dec 2020 10:17:16 GMT
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.geico.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
content-length
0
FeedbackButtonModule.js
www.geico.com/public/design-kit/4.0/qualtrics/ 		114 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.geico.com/public/design-kit/4.0/qualtrics/FeedbackButtonModule.js?Q_CLIENTVERSION=1.12.1&Q_CLIENTTYPE=hostedjs
Requested by
Host: www.geico.com
URL: https://www.geico.com/public/design-kit/4.0/qualtrics/OrchestratorMain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.59.86 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-59-86.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
ffc50e3b06d8910b1ac8af917df38e5289fbbd58efa5465213ba57f6d6963626
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
content-encoding
br
x-content-type-options
nosniff
x-cdn
Incapsula
x-iinfo
7-7209741-7209553 PNNN RT(1607709660882 5) q(0 0 0 0) r(1 1) U5
server-timing
cdn-cache; desc=HIT, edge; dur=1
vary
Accept-Encoding
content-length
33388
x-xss-protection
1; mode=block
last-modified
Fri, 11 Dec 2020 18:04:31 GMT
server
Akamai Resource Optimizer
x-frame-options
sameorigin
date
Sat, 12 Dec 2020 10:17:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
LinkModule.js
www.geico.com/public/design-kit/4.0/qualtrics/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.geico.com/public/design-kit/4.0/qualtrics/LinkModule.js?Q_CLIENTVERSION=1.12.1&Q_CLIENTTYPE=hostedjs
Requested by
Host: www.geico.com
URL: https://www.geico.com/public/design-kit/4.0/qualtrics/OrchestratorMain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.59.86 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-59-86.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
2d24cd6ee39a330516d2e0f3abf9729e67ce15d7eeecf1adc7ce93e365c63050
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
content-encoding
br
x-content-type-options
nosniff
x-cdn
Incapsula
x-iinfo
12-36983550-37001509 NNNN CT(70 73 0) RT(1607705105707 176837) q(0 1 2 73) r(3 3) U5
server-timing
cdn-cache; desc=HIT, edge; dur=1
vary
Accept-Encoding
content-length
1000
x-xss-protection
1; mode=block
last-modified
Fri, 11 Dec 2020 16:51:09 GMT
server
Akamai Resource Optimizer
x-frame-options
sameorigin
date
Sat, 12 Dec 2020 10:17:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
Asset.php
zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_0lne77E50rZSyl7&Version=13&Q_ORIGIN=https://www.geico.com&Q_CLIENTVERSION=1.12.1&Q_CLIENTTYPE=hostedjs
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
881a60043887d804fb9ae80ea836714bf94db599cca4ca6cc3b448fc079d7a18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 10:17:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
233202
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
06f80d7a0600000bc13311c000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
https://www.geico.com
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
6006b1d668df0bc1-AMS
servershortname
expires
Sat, 07 Dec 2030 17:30:34 GMT
Asset.php
zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		222 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_bDysCase0gxgEbb&Version=1&Q_InterceptID=SI_0lne77E50rZSyl7&Q_ORIGIN=https://www.geico.com&Q_CLIENTVERSION=1.12.1&Q_CLIENTTYPE=hostedjs
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5255af40c47d3009505994f334490cfac6102425238909c52cc1c437ed096272
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 10:17:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
287308
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
06f80d7a0700000bc130a1a000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
https://www.geico.com
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
6006b1d668e20bc1-AMS
servershortname
expires
Sat, 07 Dec 2030 02:28:48 GMT
Asset.php
zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		2 KB
837 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_ebrThfvrduW3xsh&Version=14&Q_ORIGIN=https://www.geico.com&Q_CLIENTVERSION=1.12.1&Q_CLIENTTYPE=hostedjs
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
494b6506480e583b7e314ebbd7993c2da7c4bb5d74852e7e3b3bea74583b47cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 10:17:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
225929
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
06f80d7a0800000bc13789f000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
https://www.geico.com
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
6006b1d668eb0bc1-AMS
servershortname
expires
Sat, 07 Dec 2030 19:31:47 GMT
Asset.php
zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_6PeYmRlS2YFT301&Version=1&Q_InterceptID=SI_ebrThfvrduW3xsh&Q_ORIGIN=https://www.geico.com&Q_CLIENTVERSION=1.12.1&Q_CLIENTTYPE=hostedjs
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b35e5b5a026a91af332e36dc7cd923e97c06635c1f344d4b304987a51e792b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 10:17:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
116846
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
06f80d7a0800000bc183209000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
https://www.geico.com
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
6006b1d668e80bc1-AMS
servershortname
expires
Mon, 09 Dec 2030 01:49:50 GMT
pageview
api2.branch.io/v1/ 		29 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api2.branch.io/v1/pageview
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:9a00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 12 Dec 2020 10:17:16 GMT
via
1.1 7f71f5258c6bbee046a26011fbbfa997.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-powered-by
Express
etag
W/"1d-0Z1F50chJJpy5srE0HvlOYosSzw"
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-branch-request-id
942b807d3f4d4c9fb8476bf6b4527f70-2020121210
content-length
29
x-amz-cf-id
yeJX0fmR5tFuwYyXlp7Sf0jkLG5ZYn_Ep1cSW_D9WGwNvbDQrLs7AQ==
/
zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_bDysCase0gxgEbb&Q_SIID=SI_0lne77E50rZSyl7&Q_ASID=AS_9WZFaoG0wFV632t&Q_CLIENTVERSION=1.12.1&Q_CLIENTTYPE=hostedjs&r=1607768236724
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
wr-dialog-close-btn-white.png
zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/ 		254 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/wr-dialog-close-btn-white.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd5496f75a7c1029bc681f639794b83f034d5ecd884e8514ae12b13eee9eec70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 10:17:16 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
2956615
cf-polished
origSize=759
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
cf-bgj
imgq:85,h2pri
vary
Accept-Encoding
content-length
254
cf-request-id
06f80d7ac8000072e1c3140000000001
last-modified
Wed, 21 Oct 2020 04:39:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
cf-ray
6006b1d7ab6d72e1-AMS
servershortname
expires
Wed, 06 Nov 2030 05:00:21 GMT
/
zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn0thecsujsizknzd-geico.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_6PeYmRlS2YFT301&Q_SIID=SI_ebrThfvrduW3xsh&Q_ASID=AS_76884371&Q_CLIENTVERSION=1.12.1&Q_CLIENTTYPE=hostedjs&r=1607768236735
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.geico.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
/
geico-app.quantummetric.com/ Frame 6011 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geico-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww.geico.com%2F&t=1607768235655&v=1607768240772&H=929497b6c0978bba1a4a5d35&s=a841f79dd97a3f4c513e34d93f4a8000&z=1&S=2581&N=21&P=2
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.188.210.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
33.210.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 12 Dec 2020 10:17:20 GMT
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.geico.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
content-length
0
/
geico-app.quantummetric.com/ Frame 6011 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geico-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww.geico.com%2F&t=1607768235655&v=1607768240913&H=929497b6c0978bba1a4a5d35&s=a841f79dd97a3f4c513e34d93f4a8000&z=1&Q=2&S=1748&N=1
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.188.210.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
33.210.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 12 Dec 2020 10:17:20 GMT
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.geico.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
content-length
0

Verdicts & Comments Add Verdict or Comment

158 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| QSI object| geicoDtm object| BOOMR_mq string| BOOMR_API_key object| BOOMR number| BOOMR_lstart object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in function| QuantumMetricOnload object| _dataManager object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate function| initialize_modals function| bind_modal_triggers function| pad_anchor_content function| $ function| jQuery object| Modernizr object| GdkNPM function| FormValidator object| GDK function| nav_login_express function| ins_partners function| init_geo_zip function| geo_zip_success function| set_geo_cookie function| display function| get_cookie_domain function| checkZip function| submitZip function| submitZipExternal function| format_quote_form function| format_hp_actions function| format_disclaimer function| update_quote_button_text function| recallWindow function| keypressZip function| IsNumeric function| remember_me function| close_location_menu function| openFooterLink boolean| has_submitted function| geo_lookup_error number| current_page function| scroll_products number| visible_product_count function| select_product function| recallStartNew function| animateBanner function| setDayGreeting function| set_zip_required_msg function| set_product_tabindex function| updateGeneralAction undefined| products undefined| productModal object| showZIP object| hideCheckBox undefined| modalMore undefined| productIcon undefined| product_inputs string| boatInput string| petInput string| lifeInput string| jewelryInput function| selectProduct function| removeSubmit function| addBundling function| removeBundling undefined| zipValue object| catxModal undefined| checkVal function| validation function| openModalCATX number| seconds undefined| timer function| secondsTimer function| countdownClear function| consoleLog object| dataLayer function| gtag string| param_str object| param_list object| param_array undefined| isMobile object| nav_config object| external_disclaimer_manage_modal object| product-modal object| recall_modal object| catx_disclaimer_modal object| external_disclaimer_quote_modal object| property_jewelry_modal object| external_disclaimer_recall_modal string| key string| type string| geoMobileHTML function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s number| timeout_time string| geo_type function| get_geo_data function| coords_to_data function| get_distance function| QuantumMetricInstrumentationStart object| QuantumMetricAPI function| qmflate boolean| qmStorageAvail function| qmSetCookie function| qmFindObject function| qmWait function| syncDataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData number| BOOMR_configt object| ttMETA object| s_i_geico-prod number| BOOMR_onload string| keyval object| branch object| _qsie object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill

1 Cookies

Domain/Path Name / Value
.www.geico.com/ Name: RT
Value: "z=1&dm=www.geico.com&si=9f864a3a-7a92-4f0b-a1f6-df7ff230db9e&ss=kiljp0ms&sl=1&tt=1l2&bcn=%2F%2F6852bd0e.akstat.io%2F&ld=1l6"

3 Console Messages

Source Level URL
Text
console-api log (Line 7)
Message:
qm 2: https://geico.quantummetric.com/#/users/search?autoreplay=true&qmsessioncookie=undefined&ts=1607725035-1607811435
console-api log (Line 168)
Message:
data element: https://geico.quantummetric.com/#/users/search?autoreplay=true&qmsessioncookie=undefined&ts=1607725035-1607811435
console-api warning URL: https://cdn.quantummetric.com/qscripts/quantum-geico.js(Line 39)
Message:
QM: API Listener caught exception: TypeError: e[f] is not a function

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2992003.fls.doubleclick.net
6852bd0e.akstat.io
api2.branch.io
app.link
assets.adobedtm.com
c.go-mpulse.net
c.gowinterauto.com
cdn.branch.io
cdn.quantummetric.com
cm.everesttech.net
dpm.demdex.net
geico-app.quantummetric.com
geico-sync.quantummetric.com
geico.demdex.net
geico.tt.omtrdc.net
s.go-mpulse.net
sadobeanalytics.geico.com
static.bouncepilot.com
stats.g.doubleclick.net
sunflowerfresh.com
www.geico.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.limorsin.com
zn0thecsujsizknzd-geico.siteintercept.qualtrics.com
104.109.59.86
104.17.208.240
143.204.90.80
15.237.76.117
162.252.172.65
172.217.23.102
23.250.22.58
2600:9000:2104:4e00:19:9934:6a80:93a1
2600:9000:2104:9a00:11:f728:3040:93a1
2600:9000:214f:ba00:10:b308:84c0:93a1
2606:4700:10::6816:34fc
2606:4700:3035::ac43:aa10
2a00:1450:4001:806::2004
2a00:1450:4001:808::2008
2a00:1450:4001:816::2003
2a00:1450:4001:81a::200e
2a00:1450:4001:820::2008
2a00:1450:4001:820::200e
2a00:1450:400c:c0c::9b
2a02:26f0:6c00:19a::11a6
2a02:26f0:6c00:291::11a6
2a02:26f0:6c00:299::1e80
34.253.145.149
35.188.210.33
35.223.68.91
52.18.150.20
52.208.225.81
54.171.45.51
02515ee3f986616cc4c0002e575e48e18590e77869a3a3d2d60136bb45a49c6b
10f861eb3fafd16707d71efb088592278927130d13d77656757d0490ecbf2b40
12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e
139b88bb568fc7da180230a8f71658ad5e49f4780c64060e280c02fcf1ecbb09
15599a3af2dbebca8c47fd27216370057bc0f3d10bcf3160949d1a114147cc50
18442ae5de7f0769cae99defad4b56a17ecd713ed7d434eb1d3f0c695881ee59
20aaf4433987094f3d257559504456b82217e1711aaabe8ee1ea47037bd1c3a4
22e32bfe0f86b6230fca59672346131c714bd382395dbfc6a486426737edcfbc
2752ff5595e4deddc05e9bfea06efefc9db346223d33054afb70f5622584ea97
284ba4729f1f9916168ec2cd3710ef915d15ef13cbf9c3fa25df549a2b29e3c6
2afc7fff05806e257cab734db9ddf508c63ca667cdacfaa50a0916ef770ef4f0
2d24cd6ee39a330516d2e0f3abf9729e67ce15d7eeecf1adc7ce93e365c63050
356ef106971aac0df2848e0456279474d9b08843dad753e5499dd65786e0be0f
3ff0169292598bec1751fce80d0024e2c9e55c406b7456ef3aefae30bf3a4efb
42f0bc8365dea3dad95f3686803b5c99821427df0c66f251c08d5ce54c804176
47a3e3b64cffe3ff820ebe554ac4df940da5ed469eaddbbc13bdd3b0b1eb4479
494b6506480e583b7e314ebbd7993c2da7c4bb5d74852e7e3b3bea74583b47cc
4c0997a89e8ef19c817c6ec32046bfc7cf512ee53286c5c8304b1bb577a36025
4ca68bdf243aacaa1e2a9063fa2f412089b36f2dcd25a72f7b019d8fa01e93c2
4f6a9c99d36c51fabdd3e290c6a7fafb8252e6f34627d37d133ee9381a7880e5
5255af40c47d3009505994f334490cfac6102425238909c52cc1c437ed096272
57204d78b1a4e799dabb2be38e4f8e8abdefd77c9c042cd7ed27793070332e41
5795c090740f40b27406c50c000e62b79d171695fdf1f3482e3c8c445eb446f9
63413259cbaefb160e5ade88d65669a85beb447007edb1eb6f58daeba865822e
6f5ce023967c16cce2664550ee576f61543c3d21de266b2edcfe6d1d62229944
7008c3dc52ea498845c174e45fc0904a5ef389ff57bacb416f8b51dbd75345f0
7588b039773ca02b25950f7ea9166e61062c2270ee2a83a8c3d26b839c53766e
7ecd04badfac490e68572e91f653bf29fae092b99381bd481a012994cae7159a
7fbd37047ff1d112be0dcd5b59353a3cdcbb20e1332a1e78a2be3e5d4ac9a8b0
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
881a60043887d804fb9ae80ea836714bf94db599cca4ca6cc3b448fc079d7a18
8b35e5b5a026a91af332e36dc7cd923e97c06635c1f344d4b304987a51e792b3
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
9695256235404bf15d5c622ac377b7b2144b23d887e66bf12a8d3e817b0d557f
99792e7625a1f8a83f2606c4d90febd7b3b150de3b3f353f2210435d43bba472
9cc56307a599f98aca4e3fedeba9b46a424244e8257a64f0e9700f7d90cf2834
a0f4f16a6cb3418386e3ed8ad1cf5ba2fe23e830be25c02cc35fe043f36c83de
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
ac9d351ddece50866ea064e37b1cde3209739e7772ec0b9c98b1234fc276be1c
be4f6510e32d5d97b25f8e66e037794d4c725ffb939a9c2d35d80f436aef03d6
c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa
c3fafcc5132800415acb9d4efc72fd9ef15517939d4f17cc2c59d2305ca181f6
c92295bd1bd22a2460a97272741c3ef8753884a1a370ad862753cc16e6d94e85
cd5496f75a7c1029bc681f639794b83f034d5ecd884e8514ae12b13eee9eec70
cd79338f54722aff83b35fc1589c5ccd54d8b037cf3a52745e8c879b08b0417a
cea39f2ebeb4f572a693606eecff32c1bf5457ef5e22faefe060f0bc1330c241
d3f2c447994284b8fceb218aea1be93ed8640335ce15eb100188a5cb52179970
d57ecc64245265d85e147f6b79e9140602ed22f6d69a528f456cebb227c36852
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e132a6fa42a04e17b952a155520660e26c6e7277c309dee420a5797ae66866c2
e25f1fb24df6a8cf310cf146936214d02d130ed110577628e852acd23788cd36
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e400d34aba284f0de43dcbdadc5ec84ffab81f660f831b565954ca0b40dadd8d
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e4fdcd5d16238be04e8b0b72a6fb93a52466bbd0205bf1aa7694520e0810bc9a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef787f0ad882aa0b40e1fb1fe791e592b51184df78718ea68fb8a86997cbbd24
fb10a63cc1f79596994baf9c2e845744582e38be145c4d43e57897d99834b633
ffc50e3b06d8910b1ac8af917df38e5289fbbd58efa5465213ba57f6d6963626