www.blueskycoverage.com Open in urlscan Pro
72.4.112.81 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://storage.googleapis.com/oogznpseloout/qkplkhyt.aspx#file.html?cbbbbcccCCtYcvVPccdcLYckc3MwhckzFcbbbbc
Effective URL:
https://www.blueskycoverage.com/auto/quotes/?Referrer=ADI&Subreferrer=4073_2_20002_2379001&Subid=1027bdd708f36c4e5a69642d25ad38&...
Submission: On March 18 via api (March 18th 2022, 2:06:08 pm UTC) from BE — Scanned from DE

Summary HTTP 60 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 21 IPs in 5 countries across 18 domains to perform 60 HTTP transactions. The main IP is 72.4.112.81, located in United States and belongs to RACKSPACE, US. The main domain is www.blueskycoverage.com. The Cisco Umbrella rank of the primary domain is 232390.
TLS certificate: Issued by Entrust Certification Authority - L1K on July 15th 2021. Valid for: a year.

This is the only time www.blueskycoverage.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a00:1450:400... 2a00:1450:4001:82b::2010	15169 (GOOGLE) (GOOGLE)
1 1	167.88.5.10 167.88.5.10	20278 (NEXEON) (NEXEON)
1 1	34.246.25.198 34.246.25.198	16509 (AMAZON-02) (AMAZON-02)
14	72.4.112.81 72.4.112.81	27357 (RACKSPACE) (RACKSPACE)
7	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	108.157.4.105 108.157.4.105	16509 (AMAZON-02) (AMAZON-02)
1	69.20.94.14 69.20.94.14	27357 (RACKSPACE) (RACKSPACE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	208.68.39.149 208.68.39.149	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:26b6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.226.145.89 13.226.145.89	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
10	3.215.119.108 3.215.119.108	14618 (AMAZON-AES) (AMAZON-AES)
1	52.222.206.45 52.222.206.45	16509 (AMAZON-02) (AMAZON-02)
3	3.11.162.11 3.11.162.11	16509 (AMAZON-02) (AMAZON-02)
1	52.55.210.128 52.55.210.128	14618 (AMAZON-AES) (AMAZON-AES)
2	206.189.191.180 206.189.191.180	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	52.23.126.38 52.23.126.38	14618 (AMAZON-AES) (AMAZON-AES)
2	18.207.50.145 18.207.50.145	14618 (AMAZON-AES) (AMAZON-AES)
60	21

1 2a00:1450:4001:82b::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.88.5.10 (Chicago, United States) 1 redirects

ASN20278 (NEXEON, US)
PTR: burch.ripplespoll.com

saleevolution.org.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.246.25.198 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-25-198.eu-west-1.compute.amazonaws.com

track.lxyew.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 72.4.112.81 (United States)

ASN27357 (RACKSPACE, US)
PTR: www.blueskycoverage.com

www.blueskycoverage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.157.4.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-105.dus51.r.cloudfront.net

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.20.94.14 (United States)

ASN27357 (RACKSPACE, US)
PTR: secure.apolloi.com

secure.apolloi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.68.39.149 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: cdn100.acsbapp.com

acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:26b6 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.145.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-89.dus51.r.cloudfront.net

solutions.invocacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 3.215.119.108 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-119-108.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.206.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-45.fra56.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.11.162.11 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-162-11.eu-west-2.compute.amazonaws.com

script.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.55.210.128 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-210-128.compute-1.amazonaws.com

deviceid.trueleadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 206.189.191.180 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: cdn102.acsbapp.com

cdn.acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.23.126.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-126-38.compute-1.amazonaws.com

psp.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.207.50.145 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-207-50-145.compute-1.amazonaws.com

trc.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	blueskycoverage.com www.blueskycoverage.com — Cisco Umbrella Rank: 232390	439 KB
10	leadid.com create.leadid.com — Cisco Umbrella Rank: 13526	6 KB
8	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 425 fonts.googleapis.com — Cisco Umbrella Rank: 35	6 KB
6	pushnami.com api.pushnami.com — Cisco Umbrella Rank: 4232 psp.pushnami.com — Cisco Umbrella Rank: 14910 trc.pushnami.com — Cisco Umbrella Rank: 4397	63 KB
3	anura.io script.anura.io — Cisco Umbrella Rank: 45672	18 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	56 KB
3	acsbapp.com acsbapp.com — Cisco Umbrella Rank: 4689 cdn.acsbapp.com — Cisco Umbrella Rank: 5076	163 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	388 B
2	invocacdn.com solutions.invocacdn.com — Cisco Umbrella Rank: 6906	41 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 124	114 KB
1	trueleadid.com deviceid.trueleadid.com — Cisco Umbrella Rank: 1928	2 KB
1	cloudfront.net d2m2wsoho8qq12.cloudfront.net	2 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 68	445 B
1	lidstatic.com create.lidstatic.com — Cisco Umbrella Rank: 22844	39 KB
1	gstatic.com fonts.gstatic.com	44 KB
1	apolloi.com secure.apolloi.com — Cisco Umbrella Rank: 209624
1	lxyew.com 1 redirects track.lxyew.com	2 KB
1	saleevolution.org.uk 1 redirects saleevolution.org.uk	286 B
60	18

	Domain	Requested by
14	www.blueskycoverage.com	storage.googleapis.com www.blueskycoverage.com
10	create.leadid.com	create.lidstatic.com deviceid.trueleadid.com
7	fonts.googleapis.com	www.blueskycoverage.com
3	script.anura.io	www.blueskycoverage.com script.anura.io
3	www.google-analytics.com	www.blueskycoverage.com www.google-analytics.com
2	trc.pushnami.com	api.pushnami.com
2	psp.pushnami.com	api.pushnami.com
2	cdn.acsbapp.com	acsbapp.com
2	www.facebook.com	www.blueskycoverage.com
2	solutions.invocacdn.com	www.blueskycoverage.com solutions.invocacdn.com
2	connect.facebook.net	www.blueskycoverage.com connect.facebook.net
2	api.pushnami.com	www.blueskycoverage.com api.pushnami.com
1	deviceid.trueleadid.com	d2m2wsoho8qq12.cloudfront.net
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	create.lidstatic.com	www.blueskycoverage.com
1	acsbapp.com	www.blueskycoverage.com
1	fonts.gstatic.com	fonts.googleapis.com
1	secure.apolloi.com	www.blueskycoverage.com
1	track.lxyew.com	1 redirects
1	saleevolution.org.uk	1 redirects
1	storage.googleapis.com
60	22

This site contains links to these domains. Also see Links.

Domain
accessibe.com

Subject Issuer	Validity	Valid
*.storage.googleapis.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.blueskycoverage.com Entrust Certification Authority - L1K	`2021-07-15` - `2022-08-13`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.pushnami.com Amazon	`2021-04-18` - `2022-05-17`	a year	crt.sh
secure.apolloi.com Entrust Certification Authority - L1K	`2021-11-23` - `2022-11-23`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.acsbapp.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-09-23` - `2022-10-05`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-25` - `2022-03-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
lidstatic.com Cloudflare Inc ECC CA-3	`2021-04-30` - `2022-04-29`	a year	crt.sh
invocacdn.com Amazon	`2021-11-24` - `2022-12-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
create.leadid.com Amazon	`2021-10-22` - `2022-11-19`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
script.anura.io Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
deviceid.trueleadid.com Amazon	`2022-01-07` - `2023-02-05`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.blueskycoverage.com/auto/quotes/?Referrer=ADI&Subreferrer=4073_2_20002_2379001&Subid=1027bdd708f36c4e5a69642d25ad38&utm_source=adi&utm_medium=email&utm_content=homequotes&first_name={firstname}&last_name={lastname}
Frame ID: 85F8B53033C061096737AF2999F1A66A
Requests: 53 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=D484E2C0-EEDE-81F1-8E08-158B76B883B0&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=0FCB5271-691C-29B5-DE2F-93990343CDFE&lac=478B1969-F034-6785-243D-D2DE64FC7F68
Frame ID: 1860B20E709A397AF3B1699887C38E63
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=D484E2C0-EEDE-81F1-8E08-158B76B883B0&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=0FCB5271-691C-29B5-DE2F-93990343CDFE&lac=478B1969-F034-6785-243D-D2DE64FC7F68
Frame ID: 8779A76E8F8442C417D11CA7EEFCBBB6
Requests: 2 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: 846BD5CBE5E8FF99DC43E0BA6C0E2371
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Auto Insurance | Blue Sky Coverage logo-bbblogo-ssl

Page URL History Show full URLs

https://storage.googleapis.com/oogznpseloout/qkplkhyt.aspx Page URL
http://saleevolution.org.uk/anchorfile.html?cbbbbcccCCtYcvVPccdcLYckc3MwhckzFcbbbbc HTTP 302
http://track.lxyew.com/aff_c?offer_id=8884&aff_id=4073&aff_sub=2_20002_2379001&aff_sub2=2078_458681... HTTP 302
https://www.blueskycoverage.com/auto/quotes/?Referrer=ADI&Subreferrer=4073_2_20002_2379001&Subid=1027bdd708f... Page URL

Detected technologies

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Pushnami (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

api\.pushnami\.com

Page Statistics

60
Requests

98 %
HTTPS

36 %
IPv6

18
Domains

22
Subdomains

21
IPs

5
Countries

993 kB
Transfer

3054 kB
Size

11
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://accessibe.com/?utm_medium=link&utm_source=widget
Title: Web Accessibility Solution By accessiBe

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://storage.googleapis.com/oogznpseloout/qkplkhyt.aspx Page URL
http://saleevolution.org.uk/anchorfile.html?cbbbbcccCCtYcvVPccdcLYckc3MwhckzFcbbbbc HTTP 302
http://track.lxyew.com/aff_c?offer_id=8884&aff_id=4073&aff_sub=2_20002_2379001&aff_sub2=2078_4586814_3483641_7&aff_sub3=1 HTTP 302
https://www.blueskycoverage.com/auto/quotes/?Referrer=ADI&Subreferrer=4073_2_20002_2379001&Subid=1027bdd708f36c4e5a69642d25ad38&utm_source=adi&utm_medium=email&utm_content=homequotes&first_name={firstname}&last_name={lastname} Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

60 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 qkplkhyt.aspx
storage.googleapis.com/oogznpseloout/ 161 B
783 B 31ms
8ms Document
text/html 2a00:1450:4001:82b::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/oogznpseloout/qkplkhyt.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

x-guploader-uploadid: ADPycdsBukcKTaE6XHyJMzoou2dulUvaPoPi_0Y3szWO4QPtwTvHllpHthiSXHqvwpMf8zS2NMaApSo4SF8COXyWKmtt_iWOzQ
x-goog-generation: 1643296527346481
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 161
x-goog-meta-
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-hash: crc32c=2A5SWQ== md5=trwD+u1MvBAZytAZidOYAQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 161
server: UploadServer
date: Fri, 18 Mar 2022 13:48:03 GMT
expires: Fri, 18 Mar 2022 14:48:03 GMT
cache-control: public, max-age=3600
age: 1072
last-modified: Thu, 27 Jan 2022 15:15:27 GMT
etag: "b6bc03faed4cbc1019cad01989d39801"
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

Primary Request / Show response
www.blueskycoverage.com/auto/quotes/
Redirect Chain

http://saleevolution.org.uk/anchorfile.html?cbbbbcccCCtYcvVPccdcLYckc3MwhckzFcbbbbc
http://track.lxyew.com/aff_c?offer_id=8884&aff_id=4073&aff_sub=2_20002_2379001&aff_sub2=2078_4586814_3483641_7&aff_sub3=1
https://www.blueskycoverage.com/auto/quotes/?Referrer=ADI&Subreferrer=4073_2_20002_2379001&Subid=1027bdd708f36c4e5a69642d25ad38&utm_source=adi&utm_medium=email&utm_content=homequotes&first_name={fi...

55 KB
19 KB

1063ms
691ms

Document
text/html

72.4.112.81
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blueskycoverage.com/auto/quotes/?Referrer=ADI&Subreferrer=4073_2_20002_2379001&Subid=1027bdd708f36c4e5a69642d25ad38&utm_source=adi&utm_medium=email&utm_content=homequotes&first_name={firstname}&last_name={lastname}

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/oogznpseloout/qkplkhyt.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

72.4.112.81 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.blueskycoverage.com

Software

nginx /

Resource Hash

69e0b0ab01b39c00cc0268df3bd17d23f50c012d6b7bfdad6426a2062449b973

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://storage.googleapis.com/oogznpseloout/qkplkhyt.aspx#file.html?cbbbbcccCCtYcvVPccdcLYckc3MwhckzFcbbbbc

Response headers

Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate no-cache
Pragma: no-cache
Date: Fri, 18 Mar 2022 14:05:57 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

Redirect headers

Server: nginx
Date: Fri, 18 Mar 2022 14:05:57 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 438
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://www.blueskycoverage.com/auto/quotes/?Referrer=ADI&Subreferrer=4073_2_20002_2379001&Subid=1027bdd708f36c4e5a69642d25ad38&utm_source=adi&utm_medium=email&utm_content=homequotes&first_name={firstname}&last_name={lastname}
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Tracking_id: 1027bdd708f36c4e5a69642d25ad38
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Origin: *
X-Request-Id: 92e33e0da0298eab99d3d777828b7e8f
Access-Control-Allow-Headers: Tune-SDK-Version

GET
H/1.1 200
OK fontawesome.min.css
www.blueskycoverage.com/common_scripts/leadgen/fonts/fontawesome/ 34 KB
9 KB 95ms
94ms Stylesheet
text/css 72.4.112.81
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blueskycoverage.com/common_scripts/leadgen/fonts/fontawesome/fontawesome.min.css

Requested by

Host: www.blueskycoverage.com
URL: https://www.blueskycoverage.com/auto/quotes/?Referrer=ADI&Subreferrer=4073_2_20002_2379001&Subid=1027bdd708f36c4e5a69642d25ad38&utm_source=adi&utm_medium=email&utm_content=homequotes&first_name={firstname}&last_name={lastname}

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

72.4.112.81 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.blueskycoverage.com

Software

nginx /

Resource Hash

889e5b0e0831a15afbf0a7afe2916c25500b2fa6abb5f62727b0c245415a5f12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blueskycoverage.com/auto/quotes/?Referrer=ADI&Subreferrer=4073_2_20002_2379001&Subid=1027bdd708f36c4e5a69642d25ad38&utm_source=adi&utm_medium=email&utm_content=homequotes&first_name={firstname}&last_name={lastname}
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:05:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 11 Dec 2019 16:48:23 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"5df11dd7-870a"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=900, public, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Fri, 18 Mar 2022 14:20:58 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
610 B 46ms
19ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blueskycoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 12:52:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 18 Mar 2022 14:05:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Mar 2022 14:05:58 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 44ms
17ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0b72e8754f4b8ca49699c91863b662185d8b8d74178b13c7c4e38064c7a6fad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blueskycoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 12:11:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 18 Mar 2022 14:05:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Mar 2022 14:05:58 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
825 B 44ms
18ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,900

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d69c01432ebe21bfd72cba936738c1ab831ce461de00e229dea799e6f932d510

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blueskycoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 14:01:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 18 Mar 2022 14:05:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Mar 2022 14:05:58 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
645 B 45ms
18ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:400,700,900

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

867b96a122b7c56dc08163aebea78aa3bf43aa9fcc24e3f0bb4bb83cbbd3af16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blueskycoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 13:35:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 18 Mar 2022 14:05:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Mar 2022 14:05:58 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
668 B 52ms
26ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:400,500,700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aa9c88482100d1805060d1b2108afa47d82aedcb469239d5574c8990c5303c1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blueskycoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 12:52:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 18 Mar 2022 14:05:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Mar 2022 14:05:58 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
492 B 47ms
21ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oxygen:300,400,700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

675f009cbb58325aaa5a53e01ca37f4b8b1aa0fc23f5c465275110b58b2487ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blueskycoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 13:43:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 18 Mar 2022 14:05:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Mar 2022 14:05:58 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
594 B 45ms
19ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9fc929f9d307cf53bea691c3794c5ee2874ff5e1d2c7d308d71120ae3aa8c788

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blueskycoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 12:46:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 18 Mar 2022 14:05:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Mar 2022 14:05:58 GMT

GET
H/1.1 200
OK bscaut.css
www.blueskycoverage.com/common_scripts/leadgen/laravel/css/ 444 KB
87 KB 292ms
290ms Stylesheet
text/css 72.4.112.81
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blueskycoverage.com/common_scripts/leadgen/laravel/css/bscaut.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

72.4.112.81 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.blueskycoverage.com

Software

nginx /

Resource Hash

3660e90cf2be049cf7c19e81e83378ebe197ebe74610d2c55e5b168f1571ad10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blueskycoverage.com/auto/quotes/?Referrer=ADI&Subreferrer=4073_2_20002_2379001&Subid=1027bdd708f36c4e5a69642d25ad38&utm_source=adi&utm_medium=email&utm_content=homequotes&first_name={firstname}&last_name={lastname}
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:05:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 16 Mar 2022 23:36:48 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"62327490-6ef85"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=900, public, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Fri, 18 Mar 2022 14:20:58 GMT

GET
H/1.1 200
OK bscaut.js Show response
www.blueskycoverage.com/common_scripts/leadgen/laravel/js/ 557 KB
179 KB 190ms
97ms Script
application/javascript 72.4.112.81
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blueskycoverage.com/common_scripts/leadgen/laravel/js/bscaut.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

72.4.112.81 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.blueskycoverage.com

Software

nginx /

Resource Hash

86f7b9f0a8b0608174390d10e58d1bf783d238e438b2f4347bfc228cf4b2843c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blueskycoverage.com/auto/quotes/?Referrer=ADI&Subreferrer=4073_2_20002_2379001&Subid=1027bdd708f36c4e5a69642d25ad38&utm_source=adi&utm_medium=email&utm_content=homequotes&first_name={firstname}&last_name={lastname}
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:05:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Mar 2022 17:42:02 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"621fac6a-8b24f"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=900, public, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Fri, 18 Mar 2022 14:20:58 GMT

GET
H2 200 5a541203f04f355226ec4a70 Show response
api.pushnami.com/scripts/v1/push/ 243 KB
61 KB 50ms
18ms Script
application/javascript 108.157.4.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pushnami.com/scripts/v1/push/5a541203f04f355226ec4a70
Requested by: Host: www.blueskycoverage.com
URL: https://www.blueskycoverage.com/auto/quotes/?Referrer=ADI&Subreferrer=4073_2_20002_2379001&Subid=1027bdd708f36c4e5a69642d25ad38&utm_source=adi&utm_medium=email&utm_content=homequotes&first_name={firstname}&last_name={lastname}
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-105.dus51.r.cloudfront.net
Software: /
Resource Hash: 0ef3c489ecb5749b7eeb211847ac446cb88d3bf11adfa77f4f1d2dbefaf7c558

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blueskycoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:05:57 GMT
via: 1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
age: 1
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: no-cache
x-amz-cf-pop: DUS51-P2
content-encoding: gzip
x-amz-cf-id: pcqV42SDSfTmCwM8-7c651f5FkZ6i2YK359daYNNwru1nQT0ifJKog==

GET
H/1.1 200
OK logo.svg
www.blueskycoverage.com/images/ 20 KB
20 KB 93ms
93ms Image
image/svg+xml 72.4.112.81
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blueskycoverage.com/images/logo.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

72.4.112.81 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.blueskycoverage.com

Software

nginx /

Resource Hash

ef5c14ec94417c060df166710fc1cd9975427f0f9f24849a01f98d6367669217

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blueskycoverage.com/auto/quotes/?Referrer=ADI&Subreferrer=4073_2_20002_2379001&Subid=1027bdd708f36c4e5a69642d25ad38&utm_source=adi&utm_medium=email&utm_content=homequotes&first_name={firstname}&last_name={lastname}
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:05:58 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 10 Mar 2020 19:03:40 GMT
Server: nginx
ETag: "5e67e48c-4e9c"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/svg+xml
Cache-Control: max-age=900, public, no-cache, must-revalidate
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 20124
Expires: Fri, 18 Mar 2022 14:20:58 GMT

GET
H/1.1 200
OK visit.php Show response
secure.apolloi.com/leadgen/pxl/ 0
0 794ms
102ms Script
text/html 69.20.94.14
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.apolloi.com/leadgen/pxl/visit.php?visit_id=223061980
Requested by: Host: www.blueskycoverage.com
URL: https://www.blueskycoverage.com/auto/quotes/?Referrer=ADI&Subreferrer=4073_2_20002_2379001&Subid=1027bdd708f36c4e5a69642d25ad38&utm_source=adi&utm_medium=email&utm_content=homequotes&first_name={firstname}&last_name={lastname}
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 69.20.94.14 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS: secure.apolloi.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blueskycoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1 200
OK phone-icon.png
www.blueskycoverage.com/common_scripts/leadgen/laravel/images/ 937 B
1 KB 98ms
98ms Image
image/png 72.4.112.81
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blueskycoverage.com/common_scripts/leadgen/laravel/images/phone-icon.png

Requested by

Host: www.blueskycoverage.com
URL: https://www.blueskycoverage.com/common_scripts/leadgen/laravel/css/bscaut.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

72.4.112.81 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.blueskycoverage.com

Software

nginx /

Resource Hash

125095eccae0a4deffe181229850e1d19c4e026804d8670131cb5c1825e598ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blueskycoverage.com/common_scripts/leadgen/laravel/css/bscaut.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:05:58 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 11 Dec 2019 16:48:23 GMT
Server: nginx
ETag: "5df11dd7-3a9"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/png
Cache-Control: max-age=900, public, no-cache, must-revalidate
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 937
Expires: Fri, 18 Mar 2022 14:20:58 GMT

GET
H/1.1 200
OK auto-hero-ppl.jpg
www.blueskycoverage.com/images/32166/ 119 KB
119 KB 104ms
103ms Image
image/jpeg 72.4.112.81
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blueskycoverage.com/images/32166/auto-hero-ppl.jpg

Requested by

Host: www.blueskycoverage.com
URL: https://www.blueskycoverage.com/common_scripts/leadgen/laravel/css/bscaut.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

72.4.112.81 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.blueskycoverage.com

Software

nginx /

Resource Hash

3f9ab8474f88cfe58b5b6a3072ec996fbb4cd3c2960d73fffc8b8fc19754d23a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blueskycoverage.com/common_scripts/leadgen/laravel/css/bscaut.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:05:58 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 24 Jan 2018 22:39:18 GMT
Server: nginx
ETag: "5a690b16-1da14"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/jpeg
Cache-Control: max-age=900, public, no-cache, must-revalidate
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 121364
Expires: Fri, 18 Mar 2022 14:20:58 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 44 KB
44 KB 33ms
10ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.blueskycoverage.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 22:45:30 GMT
x-content-type-options: nosniff
age: 228028
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Mar 2023 22:45:30 GMT

GET
H/1.1 200
OK lp_search_ico.png
www.blueskycoverage.com/images/ 780 B
1 KB 129ms
93ms Image
image/png 72.4.112.81
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blueskycoverage.com/images/lp_search_ico.png

Requested by

Host: www.blueskycoverage.com
URL: https://www.blueskycoverage.com/common_scripts/leadgen/laravel/css/bscaut.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

72.4.112.81 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.blueskycoverage.com

Software

nginx /

Resource Hash

74a36d103d4ffda133af6d2522e5c941383cbee7b5d75be0aa5e5569e0d49833

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blueskycoverage.com/common_scripts/leadgen/laravel/css/bscaut.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:05:58 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 07 Dec 2017 23:01:26 GMT
Server: nginx
ETag: "5a29c846-30c"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/png
Cache-Control: max-age=900, public, no-cache, must-revalidate
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 780
Expires: Fri, 18 Mar 2022 14:20:58 GMT

GET
H2 200 app.js Show response
acsbapp.com/apps/app/dist/js/ 423 KB
138 KB 479ms
90ms Script
application/x-javascript 208.68.39.149
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://acsbapp.com/apps/app/dist/js/app.js
Requested by: Host: www.blueskycoverage.com
URL: https://www.blueskycoverage.com/auto/quotes/?Referrer=ADI&Subreferrer=4073_2_20002_2379001&Subid=1027bdd708f36c4e5a69642d25ad38&utm_source=adi&utm_medium=email&utm_content=homequotes&first_name={firstname}&last_name={lastname}
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 208.68.39.149 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: cdn100.acsbapp.com
Software: /
Resource Hash: d9b41f99d7f32baa88bddacdc6ba87f13d32e531b323f5cbfab8b50309e4c77c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blueskycoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:05:59 GMT
content-encoding: br
last-modified: Thu, 17 Mar 2022 13:08:09 GMT
etag: "69c37-623332b9-9f23dfa210e47d29;br"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=432000 public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 141322
expires: Sat, 19 Mar 2022 14:05:59 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 31ms
14ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blueskycoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26320
x-xss-protection: 0
pragma: public
x-fb-debug: jUucF3tttiD4emHG5g3au5ipWU0ofqAhFhcaaO/ATIE//+YWWkaPMSHirxLxW/fKw6foylfdxxSJLVh8ky2JuA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 18 Mar 2022 14:05:58 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 44ms
17ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blueskycoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 72
date: Fri, 18 Mar 2022 14:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 18 Mar 2022 16:04:46 GMT

GET
H2 200 0fcb5271-691c-29b5-de2f-93990343cdfe.js Show response
create.lidstatic.com/campaign/ 123 KB
39 KB 238ms
200ms Script
text/javascript 2606:4700:10::6816:26b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/0fcb5271-691c-29b5-de2f-93990343cdfe.js?snippet_version=2
Requested by: Host: www.blueskycoverage.com
URL: https://www.blueskycoverage.com/auto/quotes/?Referrer=ADI&Subreferrer=4073_2_20002_2379001&Subid=1027bdd708f36c4e5a69642d25ad38&utm_source=adi&utm_medium=email&utm_content=homequotes&first_name={firstname}&last_name={lastname}
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:26b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffae60377502a4bd335e69107ff59cf920206c19dc61721c6469f491c42ed53d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blueskycoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:05:58 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Fri, 12 Nov 2021 00:41:30 GMT
server: cloudflare
x-amz-request-id: 5PKG9XMWTYX6A3S3
etag: W/"84da39c8322bee8438eb82ea0fb40706"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1800
x-amz-replication-status: COMPLETED
cf-ray: 6ede86baaf039be2-FRA
x-amz-version-id: haUO6uwl7nQa0IrsUpfAiFzcMTS6Yeex
x-amz-id-2: srIXP6bFpr4aJWf+6gDFC3KpGKjZaTgLRKfPqzHlK8rpNC0Yq9WabeeO9L/NtD1uGUSsGFW+xhI=

GET
H2 200 invoca-latest.min.js Show response
solutions.invocacdn.com/js/ 122 KB
40 KB 103ms
11ms Script
text/javascript 13.226.145.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://solutions.invocacdn.com/js/invoca-latest.min.js
Requested by: Host: www.blueskycoverage.com
URL: https://www.blueskycoverage.com/auto/quotes/?Referrer=ADI&Subreferrer=4073_2_20002_2379001&Subid=1027bdd708f36c4e5a69642d25ad38&utm_source=adi&utm_medium=email&utm_content=homequotes&first_name={firstname}&last_name={lastname}
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-89.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 11d3e985311d7dd1bb6a299ed74c44e11d26a3506172aababa53c0ff13ba281c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blueskycoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: Wbi3pIC6FMb9uNJN7d71WoQ8Yo21fec3
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 23:32:23 GMT
server: AmazonS3
age: 1549
etag: W/"017fdf1662ab738398a466f4f67db5da"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 bb45d9db269295920003af6514d7e7ea.cloudfront.net (CloudFront)
cache-control: max-age=3600
date: Fri, 18 Mar 2022 13:40:25 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: Jq0xbSCqoQa2hkFEdMPN_qf7972RvFhl-CbX7sK0_kuhwykPTkakXw==

GET
H2 200 4380207988707725 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 66ms
64ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/4380207988707725?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fc5be83f91793d8b3f616d76d2fc6bbc201ef145003e4d5356230399e42436d8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blueskycoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: N8bymRtwAOWaEUlUG6l78EC/mY1C+auyQ4hNiPzrP4kgcZi8SJa1kVZ93FaaTMRZbdGpaXg9gtABcsc7obstXw==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 18 Mar 2022 14:05:58 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 90 KB
36 KB 53ms
24ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-TTT8GF7&cid=837046542.1647612359

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3290bdc5b78e602397c1186cad3abe4dadda7012fe5aead70003e8b2c3ce47f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blueskycoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:05:58 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36437
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 18 Mar 2022 14:05:58 GMT

GET
H2 200 tag-live.js Show response
solutions.invocacdn.com/js/networks/585/0419737375/ 6 KB
2 KB 37ms
37ms Script
text/javascript 13.226.145.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://solutions.invocacdn.com/js/networks/585/0419737375/tag-live.js
Requested by: Host: solutions.invocacdn.com
URL: https://solutions.invocacdn.com/js/invoca-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-89.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a592564b9b2d607aa653f3ca77adba6b405022dd91b1dfc9edf789a4eb02b953

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blueskycoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: 0Qfdvo0f_YNgaplQS3YTle3ByArvqRkM
content-encoding: gzip
last-modified: Thu, 15 Jul 2021 19:25:03 GMT
server: AmazonS3
age: 260
etag: W/"7beabea2e2cfeadff0e6ab423c2ac7fa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 bb45d9db269295920003af6514d7e7ea.cloudfront.net (CloudFront)
cache-control: max-age=300
date: Fri, 18 Mar 2022 14:05:58 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: i269kjFI0fsBnMzL8no-jjghU-xHLZO1KOrqdpfwjCaF8tpKsBs9cg==

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 109ms
39ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=4380207988707725&ev=PageView&dl=https%3A%2F%2Fwww.blueskycoverage.com%2Fauto%2Fquotes%2F%3FReferrer%3DADI%26Subreferrer%3D4073_2_20002_2379001%26Subid%3D1027bdd708f36c4e5a69642d25ad38%26utm_source%3Dadi%26utm_medium%3Demail%26utm_content%3Dhomequotes%26first_name%3D_removed_%26last_name%3D_removed_%26_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%2522last_name%2522%252C%2522first_name%2522%255D%252C%2522sensitiveParams%2522%253A%255B%255D%257D&rl=&if=false&ts=1647612358922&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1647612358921.1193353525&it=1647612358825&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blueskycoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:05:58 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 18 Mar 2022 14:05:58 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 49ms
48ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=136201945&t=pageview&_s=1&dl=https%3A%2F%2Fwww.blueskycoverage.com%2Fauto%2Fquotes%2F%3FReferrer%3DADI%26Subreferrer%3D4073_2_20002_2379001%26Subid%3D1027bdd708f36c4e5a69642d25ad38%26utm_source%3Dadi%26utm_medium%3Demail%26utm_content%3Dhomequotes%26first_name%3D%7Bfirstname%7D%26last_name%3D%7Blastname%7D&ul=en-us&de=UTF-8&dt=Auto%20Insurance%20%7C%20Blue%20Sky%20Coverage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAAEADQAAAAC~&jid=805709699&gjid=224675507&cid=837046542.1647612359&tid=UA-55713003-2&_gid=1433840060.1647612359&_r=1&_slc=1&z=62026567

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.blueskycoverage.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 14:05:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.blueskycoverage.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
445 B 142ms
68ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-55713003-2&cid=837046542.1647612359&jid=805709699&gjid=224675507&_gid=1433840060.1647612359&_u=KGBAAEACQAAAAC~&z=1483470025

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.blueskycoverage.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 18 Mar 2022 14:05:59 GMT
content-type: text/plain
access-control-allow-origin: https://www.blueskycoverage.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 GenerateToken Show response
create.leadid.com/2.11.9/ 36 B
659 B 407ms
152ms XHR
text/plain 3.215.119.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/GenerateToken?msn=1&pid=bfdcf2d3-046a-494e-9389-5c37d43f2793&_=621684737

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/0fcb5271-691c-29b5-de2f-93990343cdfe.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.215.119.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-215-119-108.compute-1.amazonaws.com

Software

nginx /

Resource Hash

d8f387a4d07257f4c511cfc78cd5b64f65bae10c8b945a3d6a82075a3a3445ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.blueskycoverage.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 18 Mar 2022 14:05:59 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 17ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=4380207988707725&ev=Microdata&dl=https%3A%2F%2Fwww.blueskycoverage.com%2Fauto%2Fquotes%2F%3FReferrer%3DADI%26Subreferrer%3D4073_2_20002_2379001%26Subid%3D1027bdd708f36c4e5a69642d25ad38%26utm_source%3Dadi%26utm_medium%3Demail%26utm_content%3Dhomequotes%26first_name%3D%7Bfirstname%7D%26last_name%3D%7Blastname%7D&rl=&if=false&ts=1647612359425&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Auto%20Insurance%20%7C%20Blue%20Sky%20Coverage%20%22%2C%22meta%3Adescription%22%3A%22Learn%20more%20about%20Auto%20Insurance%20coverage.%22%2C%22meta%3Akeywords%22%3A%22Find%20%26%20Compare%2C%20Auto%20Insurance%2C%20Quotes%2C%202022%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Auto%20Insurance%20%7C%20Blue%20Sky%20Coverage%22%2C%22og%3Adescription%22%3A%22Learn%20more%20about%20Auto%20Insurance%20coverage.%22%2C%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Asite_name%22%3A%22Blue%20Sky%20Coverage%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.blueskycoverage.com%2Fimages%2Farticle-img.jpg%22%2C%22og%3Aimage%3Aalt%22%3A%22blueskycoverage%22%2C%22og%3Aimage%3Awidth%22%3A%221020%22%2C%22og%3Aimage%3Aheight%22%3A%22512%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.blueskycoverage.com%2Fauto%2Fquotes%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1647612358921.1193353525&it=1647612358825&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blueskycoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:05:59 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Fri, 18 Mar 2022 14:05:59 GMT

GET
H/1.1 200
OK iframe.html Show response
d2m2wsoho8qq12.cloudfront.net/ Frame 1860 3 KB
2 KB 44ms
7ms Document
text/html 52.222.206.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=D484E2C0-EEDE-81F1-8E08-158B76B883B0&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=0FCB5271-691C-29B5-DE2F-93990343CDFE&lac=478B1969-F034-6785-243D-D2DE64FC7F68

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/0fcb5271-691c-29b5-de2f-93990343cdfe.js?snippet_version=2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.206.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-206-45.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.blueskycoverage.com/

Response headers

Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Mon, 07 Mar 2022 16:33:09 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Date: Thu, 17 Mar 2022 21:16:19 GMT
ETag: W/"622633c5-dbb"
X-Cache: Hit from cloudfront
Via: 1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P3
X-Amz-Cf-Id: m5IdiM7azUjuiIWJ0zGfSowYzatCozzG1l2SxydBT5WJOi49jfCR7A==
Age: 60580

POST
H2 200 SaveDom Show response
create.leadid.com/2.11.9/ 0
622 B 102ms
101ms XHR
text/plain 3.215.119.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/SaveDom?msn=2&pid=bfdcf2d3-046a-494e-9389-5c37d43f2793&token=D484E2C0-EEDE-81F1-8E08-158B76B883B0&_=621684738

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/0fcb5271-691c-29b5-de2f-93990343cdfe.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.215.119.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-215-119-108.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.blueskycoverage.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 18 Mar 2022 14:05:59 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.9/ 0
623 B 99ms
99ms XHR
text/plain 3.215.119.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/InitFormData?msn=3&pid=bfdcf2d3-046a-494e-9389-5c37d43f2793&token=D484E2C0-EEDE-81F1-8E08-158B76B883B0&_=621684739

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/0fcb5271-691c-29b5-de2f-93990343cdfe.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.215.119.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-215-119-108.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.blueskycoverage.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 18 Mar 2022 14:05:59 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 request.js Show response
script.anura.io/ 48 KB
17 KB 120ms
67ms Script
application/javascript 3.11.162.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/request.js?instance=2761973509&source=ADI&campaign=4073_2_20002_2379001-BSCAUTO&variable=AnuraResponse&527941894993

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.11.162.11 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-11-162-11.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

7c147d88b19a4c72c4cb93eb88cb2aca2a982569c6c6130ddf47267ca7a63d6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blueskycoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 14:05:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H2 200 iframe.html Show response
deviceid.trueleadid.com/ Frame 8779 4 KB
2 KB 310ms
97ms Document
text/html 52.55.210.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://deviceid.trueleadid.com/iframe.html?token=D484E2C0-EEDE-81F1-8E08-158B76B883B0&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=0FCB5271-691C-29B5-DE2F-93990343CDFE&lac=478B1969-F034-6785-243D-D2DE64FC7F68
Requested by: Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=D484E2C0-EEDE-81F1-8E08-158B76B883B0&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=0FCB5271-691C-29B5-DE2F-93990343CDFE&lac=478B1969-F034-6785-243D-D2DE64FC7F68
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.55.210.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-210-128.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d2m2wsoho8qq12.cloudfront.net/

Response headers

date: Fri, 18 Mar 2022 14:05:59 GMT
content-type: text/html
server: nginx
last-modified: Fri, 31 Dec 2021 14:51:34 GMT
etag: W/"61cf18f6-1049"
expires: Sat, 19 Mar 2022 14:05:59 GMT
cache-control: max-age=86400 public
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
content-encoding: gzip

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.9/ 0
623 B 105ms
105ms XHR
text/plain 3.215.119.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/InitFormData?msn=4&pid=bfdcf2d3-046a-494e-9389-5c37d43f2793&token=D484E2C0-EEDE-81F1-8E08-158B76B883B0&_=621684740

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/0fcb5271-691c-29b5-de2f-93990343cdfe.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.215.119.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-215-119-108.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.blueskycoverage.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 18 Mar 2022 14:05:59 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 SaveDeviceId.js Show response
create.leadid.com/2.11.9/ Frame 8779 0
626 B 283ms
97ms Script
text/javascript 3.215.119.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/SaveDeviceId.js?lac=478B1969-F034-6785-243D-D2DE64FC7F68&lck=0FCB5271-691C-29B5-DE2F-93990343CDFE&methods=48&token=D484E2C0-EEDE-81F1-8E08-158B76B883B0&uuid=224e64e0f9d04e17b0567d6036adc384

Requested by

Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=D484E2C0-EEDE-81F1-8E08-158B76B883B0&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=0FCB5271-691C-29B5-DE2F-93990343CDFE&lac=478B1969-F034-6785-243D-D2DE64FC7F68

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.215.119.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-215-119-108.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://deviceid.trueleadid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:06:00 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 response.json Show response
script.anura.io/ 51 B
404 B 285ms
234ms XHR
application/json 3.11.162.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/response.json

Requested by

Host: script.anura.io
URL: https://script.anura.io/request.js?instance=2761973509&source=ADI&campaign=4073_2_20002_2379001-BSCAUTO&variable=AnuraResponse&527941894993

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.11.162.11 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-11-162-11.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

521c7a490ad86af2fc7a57460e0824a2dff73ab20c5b1cbc947cefbdd72cf824

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.blueskycoverage.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 14:06:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H2 200 config.json Show response
cdn.acsbapp.com/cache/app/blueskycoverage.com/ 159 B
346 B 378ms
88ms Fetch
application/json 206.189.191.180
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/cache/app/blueskycoverage.com/config.json
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 206.189.191.180 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: cdn102.acsbapp.com
Software: /
Resource Hash: 3dc0e3d2b7a17e7f04371533a8babfd82b915dbaa4a7a0bfb623b78ccf2c6077

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blueskycoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:06:00 GMT
last-modified: Fri, 18 Mar 2022 14:04:17 GMT
etag: "9f-62349161-a4f28c74c9866069;;;"
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=432000 public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 159
expires: Sat, 19 Mar 2022 14:06:00 GMT

GET
H2 200 hub Show response
api.pushnami.com/scripts/v1/ Frame 846B 2 KB
1 KB 12ms
11ms Document
text/html 108.157.4.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pushnami.com/scripts/v1/hub

Requested by

Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/push/5a541203f04f355226ec4a70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-105.dus51.r.cloudfront.net

Software

Resource Hash

2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' *
X-Content-Security-Policy	default-src 'unsafe-inline' *

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.blueskycoverage.com/

Response headers

content-type: text/html; charset=utf-8
date: Fri, 18 Mar 2022 13:18:30 GMT
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: X-Requested-With
content-security-policy: default-src 'unsafe-inline' *
x-content-security-policy: default-src 'unsafe-inline' *
x-webkit-csp: default-src 'unsafe-inline' *
cache-control: no-cache
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: 7TMQMbaxvO3dHksy_2JwQgTsG8Z8YMeCpVwJejn-sjcI3i1WouxEww==
age: 2850

POST
H2 200 psp Show response
psp.pushnami.com/api/ 2 B
229 B 104ms
103ms Fetch
text/html 52.23.126.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/push/5a541203f04f355226ec4a70
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.23.126.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-23-126-38.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://www.blueskycoverage.com/
key: 5a541203f04f355226ec4a70
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.blueskycoverage.com
date: Fri, 18 Mar 2022 14:06:00 GMT
cache-control: no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: accept-encoding
content-type: text/html; charset=utf-8

OPTIONS
H2 200 psp
psp.pushnami.com/api/ Frame 0
0 327ms
102ms Preflight
application/json 52.23.126.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.23.126.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-23-126-38.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: key
Origin: https://www.blueskycoverage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 18 Mar 2022 14:06:00 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.blueskycoverage.com
access-control-allow-credentials: true
access-control-expose-headers: content-type, content-length, etag
access-control-max-age: 600
access-control-allow-headers: key
access-control-allow-methods: POST
cache-control: no-cache
vary: accept-encoding
content-encoding: gzip

POST
H2 200 result.json Show response
script.anura.io/ 27 B
384 B 38ms
38ms XHR
application/json 3.11.162.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/result.json

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.11.162.11 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-11-162-11.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

59855fb273cce24eaff91d16cdb093b5b26a2bdca96f6a5ec4d95d81d657e929

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.blueskycoverage.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 14:06:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H/1.1 200
OK fraud_status.php Show response
www.blueskycoverage.com/common_scripts/omg/ 0
486 B 120ms
119ms XHR
text/html 72.4.112.81
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blueskycoverage.com/common_scripts/omg/fraud_status.php?source=anura&response=

Requested by

Host: www.blueskycoverage.com
URL: https://www.blueskycoverage.com/common_scripts/leadgen/laravel/js/bscaut.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

72.4.112.81 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.blueskycoverage.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.blueskycoverage.com/auto/quotes/?Referrer=ADI&Subreferrer=4073_2_20002_2379001&Subid=1027bdd708f36c4e5a69642d25ad38&utm_source=adi&utm_medium=email&utm_content=homequotes&first_name={firstname}&last_name={lastname}
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Mar 2022 14:06:00 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK fraud_status.php Show response
www.blueskycoverage.com/common_scripts/omg/ 0
486 B 115ms
114ms XHR
text/html 72.4.112.81
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blueskycoverage.com/common_scripts/omg/fraud_status.php?source=anura&response={%22result%22:%22bad%22,%22mobile%22:0}

Requested by

Host: www.blueskycoverage.com
URL: https://www.blueskycoverage.com/common_scripts/leadgen/laravel/js/bscaut.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

72.4.112.81 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.blueskycoverage.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.blueskycoverage.com/auto/quotes/?Referrer=ADI&Subreferrer=4073_2_20002_2379001&Subid=1027bdd708f36c4e5a69642d25ad38&utm_source=adi&utm_medium=email&utm_content=homequotes&first_name={firstname}&last_name={lastname}
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Mar 2022 14:06:00 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK fraud_status.php Show response
www.blueskycoverage.com/common_scripts/omg/ 0
486 B 119ms
119ms XHR
text/html 72.4.112.81
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blueskycoverage.com/common_scripts/omg/fraud_status.php?source=anura&response={%22result%22:%22bad%22,%22mobile%22:0}

Requested by

Host: www.blueskycoverage.com
URL: https://www.blueskycoverage.com/common_scripts/leadgen/laravel/js/bscaut.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

72.4.112.81 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.blueskycoverage.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.blueskycoverage.com/auto/quotes/?Referrer=ADI&Subreferrer=4073_2_20002_2379001&Subid=1027bdd708f36c4e5a69642d25ad38&utm_source=adi&utm_medium=email&utm_content=homequotes&first_name={firstname}&last_name={lastname}
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Mar 2022 14:06:00 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H/1.1 200
OK check_web_user Show response
www.blueskycoverage.com/api/ 0
511 B 112ms
112ms XHR
text/html 72.4.112.81
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blueskycoverage.com/api/check_web_user

Requested by

Host: www.blueskycoverage.com
URL: https://www.blueskycoverage.com/common_scripts/leadgen/laravel/js/bscaut.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

72.4.112.81 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.blueskycoverage.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.blueskycoverage.com/auto/quotes/?Referrer=ADI&Subreferrer=4073_2_20002_2379001&Subid=1027bdd708f36c4e5a69642d25ad38&utm_source=adi&utm_medium=email&utm_content=homequotes&first_name={firstname}&last_name={lastname}
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Mar 2022 14:06:00 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, no-cache
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H/1.1 200
OK phone_imp.php Show response
www.blueskycoverage.com/common_scripts/omg/pxl/ 0
486 B 122ms
122ms XHR
text/html 72.4.112.81
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blueskycoverage.com/common_scripts/omg/pxl/phone_imp.php?pn=8882740934&url=www.blueskycoverage.com%2Fauto%2Fquotes%2F%3FReferrer%3DADI%26Subreferrer%3D4073_2_20002_2379001%26Subid%3D1027bdd708f36c4e5a69642d25ad38%26utm_source%3Dadi%26utm_medium%3Demail%26utm_content%3Dhomequotes%26first_name%3D%7Bfirstname%7D%26last_name%3D%7Blastname%7D

Requested by

Host: www.blueskycoverage.com
URL: https://www.blueskycoverage.com/common_scripts/leadgen/laravel/js/bscaut.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

72.4.112.81 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.blueskycoverage.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.blueskycoverage.com/auto/quotes/?Referrer=ADI&Subreferrer=4073_2_20002_2379001&Subid=1027bdd708f36c4e5a69642d25ad38&utm_source=adi&utm_medium=email&utm_content=homequotes&first_name={firstname}&last_name={lastname}
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Mar 2022 14:06:00 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 en.build.json Show response
cdn.acsbapp.com/cache/app/ 232 KB
25 KB 187ms
187ms Fetch
application/json 206.189.191.180
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/cache/app/en.build.json
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 206.189.191.180 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: cdn102.acsbapp.com
Software: /
Resource Hash: b686a2ce8951566102784ff4c27641d836ee66c48c73d85c0c15de4d1ed4a3ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blueskycoverage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:06:00 GMT
content-encoding: br
last-modified: Thu, 17 Mar 2022 13:10:08 GMT
etag: "3a145-62333330-8e49fd4e886fe535;br"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=432000 public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 25264
expires: Sat, 19 Mar 2022 14:06:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.9/ 0
622 B 99ms
99ms XHR
text/plain 3.215.119.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/InitFormData?msn=5&pid=bfdcf2d3-046a-494e-9389-5c37d43f2793&token=D484E2C0-EEDE-81F1-8E08-158B76B883B0&_=621684741

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/0fcb5271-691c-29b5-de2f-93990343cdfe.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.215.119.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-215-119-108.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.blueskycoverage.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 18 Mar 2022 14:06:01 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET service-worker.js
www.blueskycoverage.com/ Frame 0
0

POST
H2 200 track Show response
trc.pushnami.com/api/push/ 2 B
168 B 148ms
146ms Fetch
text/html 18.207.50.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/push/5a541203f04f355226ec4a70
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.207.50.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-207-50-145.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://www.blueskycoverage.com/
key: 5a541203f04f355226ec4a70
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Fri, 18 Mar 2022 14:06:02 GMT
cache-control: no-cache
content-type: text/html; charset=utf-8
content-length: 2
access-control-expose-headers: WWW-Authenticate,Server-Authorization

OPTIONS
H2 204 track
trc.pushnami.com/api/push/ Frame 0
0 374ms
110ms Preflight 18.207.50.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.207.50.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-207-50-145.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: key
Origin: https://www.blueskycoverage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 18 Mar 2022 14:06:02 GMT
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,key
access-control-max-age: 86400
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache

POST
H2 200 Snap Show response
create.leadid.com/2.11.9/ 0
622 B 627ms
236ms XHR
text/plain 3.215.119.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/Snap?msn=6&pid=bfdcf2d3-046a-494e-9389-5c37d43f2793&token=D484E2C0-EEDE-81F1-8E08-158B76B883B0&_=621684742

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/0fcb5271-691c-29b5-de2f-93990343cdfe.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.215.119.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-215-119-108.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.blueskycoverage.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 18 Mar 2022 14:06:03 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 Snap Show response
create.leadid.com/2.11.9/ 0
623 B 597ms
159ms XHR
text/plain 3.215.119.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/Snap?msn=7&pid=bfdcf2d3-046a-494e-9389-5c37d43f2793&token=D484E2C0-EEDE-81F1-8E08-158B76B883B0&_=621684743

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/0fcb5271-691c-29b5-de2f-93990343cdfe.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.215.119.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-215-119-108.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.blueskycoverage.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 18 Mar 2022 14:06:03 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 Snap Show response
create.leadid.com/2.11.9/ 0
624 B 549ms
215ms XHR
text/plain 3.215.119.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/Snap?msn=8&pid=bfdcf2d3-046a-494e-9389-5c37d43f2793&token=D484E2C0-EEDE-81F1-8E08-158B76B883B0&_=621684744

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/0fcb5271-691c-29b5-de2f-93990343cdfe.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.215.119.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-215-119-108.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.blueskycoverage.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 18 Mar 2022 14:06:03 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 Snap Show response
create.leadid.com/2.11.9/ 0
623 B 502ms
232ms XHR
text/plain 3.215.119.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/Snap?msn=9&pid=bfdcf2d3-046a-494e-9389-5c37d43f2793&token=D484E2C0-EEDE-81F1-8E08-158B76B883B0&_=621684745

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/0fcb5271-691c-29b5-de2f-93990343cdfe.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.215.119.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-215-119-108.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.blueskycoverage.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 18 Mar 2022 14:06:03 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK set_visit_ulid Show response
www.blueskycoverage.com/api/ 7 B
518 B 134ms
134ms XHR
text/html 72.4.112.81
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blueskycoverage.com/api/set_visit_ulid

Requested by

Host: www.blueskycoverage.com
URL: https://www.blueskycoverage.com/common_scripts/leadgen/laravel/js/bscaut.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

72.4.112.81 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

www.blueskycoverage.com

Software

nginx /

Resource Hash

c88a0b907419a70c27ab7c1f8e5fb54441a4d9c3567e4c928fa7b2091194aecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.blueskycoverage.com/auto/quotes/?Referrer=ADI&Subreferrer=4073_2_20002_2379001&Subid=1027bdd708f36c4e5a69642d25ad38&utm_source=adi&utm_medium=email&utm_content=homequotes&first_name={firstname}&last_name={lastname}
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 18 Mar 2022 14:06:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, no-cache
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expires: Thu, 19 Nov 1981 08:52:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.blueskycoverage.com
URL: https://www.blueskycoverage.com/service-worker.js

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.blueskycoverage.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: df870adcc3b49a3b96741c7dfa0ab0af
.www.blueskycoverage.com/	1970-01-20 01:41:38	Name: mobile_detection Value: a%3A0%3A%7B%7D
www.blueskycoverage.com/	1970-01-20 01:40:19	Name: XSRF-TOKEN Value: eyJpdiI6Ikh5N2RhTURweG9ZTDNKZjBZNzE3RGc9PSIsInZhbHVlIjoibDIrQ2JTMGZzSXdMRXpuc3NHWHhKMTA0QmFDenFMQ1ZlaXI3bjhrUTd2WmRvV0h3dVNydHBWWHE5ckdwUDh5b0NyWWlhTUljNG9GRVBwVEZsR2FEMVE9PSIsIm1hYyI6IjI3YzAzNmIzODc1OGRhZGVhOTFkZDMwZTU3YmViMGI4NTZiNjExNTA2YzE3YzYyZDY0NGFmNmNjMzYyMzNjODcifQ%3D%3D
www.blueskycoverage.com/	1970-01-20 01:40:19	Name: laravel_session Value: eyJpdiI6Imw4VWtSdmFCeGVEWDdmakVOdUx5N0E9PSIsInZhbHVlIjoiNkh2MHgycVEwN0h1cGFuWlFXZkJYaWZLTStvcnFPNDZrUDNoUlZjalVRRERcL0NzcnlXc1FIV012ZktISUpWV1dIQmsxR3NBVWxOMUsxck1xUkNSRkp3PT0iLCJtYWMiOiI1YTVkNTIyOWEwNWY2MDY0MDVmYTUxYWEyYWE3YjBlZGRiN2IzY2M1N2M0MjYyOTUxM2JlOTFlNDA2MTNkOWM1In0%3D
.blueskycoverage.com/	1970-01-20 19:11:24	Name: _ga Value: GA1.2.837046542.1647612359
.blueskycoverage.com/	1970-01-20 01:41:38	Name: _gid Value: GA1.2.1433840060.1647612359
.blueskycoverage.com/	1970-01-20 03:49:48	Name: _fbp Value: fb.1.1647612358921.1193353525
.blueskycoverage.com/	1970-01-20 01:40:12	Name: _gat Value: 1
.blueskycoverage.com/	1970-02-25 13:40:12	Name: invoca_session Value: %7B%22ttl%22%3A%222022-04-17T14%3A05%3A58.954Z%22%2C%22session%22%3A%7B%7D%2C%22config%22%3A%7B%22ce%22%3Atrue%2C%22fv%22%3Atrue%7D%7D
www.blueskycoverage.com/	1970-01-20 01:40:13	Name: leadid_token-478B1969-F034-6785-243D-D2DE64FC7F68-0FCB5271-691C-29B5-DE2F-93990343CDFE Value: D484E2C0-EEDE-81F1-8E08-158B76B883B0
.deviceid.trueleadid.com/	1970-01-25 20:28:19	Name: uuid Value: 224e64e0f9d04e17b0567d6036adc384

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://www.blueskycoverage.com/auto/quotes/?Referrer=ADI&Subreferrer=4073_2_20002_2379001&Subid=1027bdd708f36c4e5a69642d25ad38&utm_source=adi&utm_medium=email&utm_content=homequotes&first_name={firstname}&last_name={lastname} Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acsbapp.com
api.pushnami.com
cdn.acsbapp.com
connect.facebook.net
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
fonts.googleapis.com
fonts.gstatic.com
psp.pushnami.com
saleevolution.org.uk
script.anura.io
secure.apolloi.com
solutions.invocacdn.com
stats.g.doubleclick.net
storage.googleapis.com
track.lxyew.com
trc.pushnami.com
www.blueskycoverage.com
www.facebook.com
www.google-analytics.com
www.blueskycoverage.com
108.157.4.105
13.226.145.89
167.88.5.10
18.207.50.145
206.189.191.180
208.68.39.149
2606:4700:10::6816:26b6
2a00:1450:4001:808::200e
2a00:1450:4001:810::2003
2a00:1450:4001:82b::2010
2a00:1450:4001:830::200a
2a00:1450:400c:c08::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.11.162.11
3.215.119.108
34.246.25.198
52.222.206.45
52.23.126.38
52.55.210.128
69.20.94.14
72.4.112.81
0b72e8754f4b8ca49699c91863b662185d8b8d74178b13c7c4e38064c7a6fad0
0ef3c489ecb5749b7eeb211847ac446cb88d3bf11adfa77f4f1d2dbefaf7c558
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11d3e985311d7dd1bb6a299ed74c44e11d26a3506172aababa53c0ff13ba281c
125095eccae0a4deffe181229850e1d19c4e026804d8670131cb5c1825e598ad
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
3290bdc5b78e602397c1186cad3abe4dadda7012fe5aead70003e8b2c3ce47f0
3660e90cf2be049cf7c19e81e83378ebe197ebe74610d2c55e5b168f1571ad10
3dc0e3d2b7a17e7f04371533a8babfd82b915dbaa4a7a0bfb623b78ccf2c6077
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
3f9ab8474f88cfe58b5b6a3072ec996fbb4cd3c2960d73fffc8b8fc19754d23a
521c7a490ad86af2fc7a57460e0824a2dff73ab20c5b1cbc947cefbdd72cf824
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
59855fb273cce24eaff91d16cdb093b5b26a2bdca96f6a5ec4d95d81d657e929
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
675f009cbb58325aaa5a53e01ca37f4b8b1aa0fc23f5c465275110b58b2487ae
69e0b0ab01b39c00cc0268df3bd17d23f50c012d6b7bfdad6426a2062449b973
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
74a36d103d4ffda133af6d2522e5c941383cbee7b5d75be0aa5e5569e0d49833
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
7c147d88b19a4c72c4cb93eb88cb2aca2a982569c6c6130ddf47267ca7a63d6c
867b96a122b7c56dc08163aebea78aa3bf43aa9fcc24e3f0bb4bb83cbbd3af16
86f7b9f0a8b0608174390d10e58d1bf783d238e438b2f4347bfc228cf4b2843c
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
889e5b0e0831a15afbf0a7afe2916c25500b2fa6abb5f62727b0c245415a5f12
9fc929f9d307cf53bea691c3794c5ee2874ff5e1d2c7d308d71120ae3aa8c788
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a592564b9b2d607aa653f3ca77adba6b405022dd91b1dfc9edf789a4eb02b953
aa9c88482100d1805060d1b2108afa47d82aedcb469239d5574c8990c5303c1d
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b686a2ce8951566102784ff4c27641d836ee66c48c73d85c0c15de4d1ed4a3ed
c88a0b907419a70c27ab7c1f8e5fb54441a4d9c3567e4c928fa7b2091194aecf
d69c01432ebe21bfd72cba936738c1ab831ce461de00e229dea799e6f932d510
d8f387a4d07257f4c511cfc78cd5b64f65bae10c8b945a3d6a82075a3a3445ed
d9b41f99d7f32baa88bddacdc6ba87f13d32e531b323f5cbfab8b50309e4c77c
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef5c14ec94417c060df166710fc1cd9975427f0f9f24849a01f98d6367669217
fc5be83f91793d8b3f616d76d2fc6bbc201ef145003e4d5356230399e42436d8
ffae60377502a4bd335e69107ff59cf920206c19dc61721c6469f491c42ed53d

www.blueskycoverage.com Open in urlscan Pro 72.4.112.81 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

60 Requests

98 %HTTPS

36 %IPv6

18 Domains

22 Subdomains

21 IPs

5 Countries

993 kBTransfer

3054 kBSize

11 Cookies

1 Outgoing links

Page URL History

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.blueskycoverage.com Open in urlscan Pro
72.4.112.81 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

98 %
HTTPS

36 %
IPv6

18
Domains

22
Subdomains

21
IPs

5
Countries

993 kB
Transfer

3054 kB
Size

11
Cookies

60 HTTP transactions
0 data transactions